1 | ; $Id: bootsector2-cpu-xcpt-2-template.mac 76553 2019-01-01 01:45:53Z vboxsync $
2 | ;; @file
3 | ; Bootsector test for debug exceptions - multi mode template.
4 | ;
5 |
6 | ;
7 | ; Copyright (C) 2007-2019 Oracle Corporation
8 | ;
9 | ; This file is part of VirtualBox Open Source Edition (OSE), as
10 | ; available from http://www.alldomusa.eu.org. This file is free software;
11 | ; you can redistribute it and/or modify it under the terms of the GNU
12 | ; General Public License (GPL) as published by the Free Software
13 | ; Foundation, in version 2 as it comes in the "COPYING" file of the
14 | ; VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 | ; hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 | ;
17 | ; The contents of this file may alternatively be used under the terms
18 | ; of the Common Development and Distribution License Version 1.0
19 | ; (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 | ; VirtualBox OSE distribution, in which case the provisions of the
21 | ; CDDL are applicable instead of those of the GPL.
22 | ;
23 | ; You may elect to license modified versions of this file under the
24 | ; terms and conditions of either the GPL or the CDDL or both.
25 | ;
26 |
27 |
28 | %include "bootsector2-template-header.mac"
29 |
30 |
31 | ;*******************************************************************************
32 | ;* Defined Constants And Macros *
33 | ;*******************************************************************************
34 | ;;
35 | ; Some 32/64 macros.
36 | ;
37 | %if TMPL_BITS == 32
38 | %define bs2Idt_BP bs2Idt32bit_BP
39 | %define MY_R0_CS BS2_SEL_CS32
40 | %define MY_R1_CS BS2_SEL_R1_CS32
41 | %define MY_R2_CS BS2_SEL_R2_CS32
42 | %define MY_R3_CS BS2_SEL_R3_CS32
43 |
44 | %define MY_R0_DS BS2_SEL_DS32
45 | %define MY_R1_DS BS2_SEL_R1_DS32
46 | %define MY_R2_DS BS2_SEL_R2_DS32
47 | %define MY_R3_DS BS2_SEL_R3_DS32
48 |
49 | %define MY_R0_SS BS2_SEL_SS32
50 | %define MY_R1_SS BS2_SEL_R1_SS32
51 | %define MY_R2_SS BS2_SEL_R2_SS32
52 | %define MY_R3_SS BS2_SEL_R3_SS32
53 |
54 | %else
55 | %define bs2Idt_BP bs2Idt64bit_BP
56 | %define MY_R0_CS BS2_SEL_CS64
57 | %define MY_R1_CS BS2_SEL_R1_CS64
58 | %define MY_R2_CS BS2_SEL_R2_CS64
59 | %define MY_R3_CS BS2_SEL_R3_CS64
60 |
61 | %define MY_R0_DS BS2_SEL_DS64
62 | %define MY_R1_DS BS2_SEL_R1_DS64
63 | %define MY_R2_DS BS2_SEL_R2_DS64
64 | %define MY_R3_DS BS2_SEL_R3_DS64
65 |
66 | %define MY_R0_SS BS2_SEL_SS64
67 | %define MY_R1_SS BS2_SEL_R1_SS64
68 | %define MY_R2_SS BS2_SEL_R2_SS64
69 | %define MY_R3_SS BS2_SEL_R3_SS64
70 | %endif
71 |
72 | %ifdef TMPL_64BIT
73 | %assign MY_IS_64BIT 1
74 | %else
75 | %assign MY_IS_64BIT 0
76 | %endif
77 |
78 | ;; Uncomment this to do lots more iterations (takes time!).
79 | %define QUICK_TEST
80 |
81 |
82 | ;*******************************************************************************
83 | ;* Global Variables *
84 | ;*******************************************************************************
85 | %ifndef CPU_XCPT_1_GLOBALS
86 | %define CPU_XCPT_1_GLOBALS
87 |
88 | ;;
89 | ; Asserts a test.
90 | ;
91 | ; @param %1 First cmp operand.
92 | ; @param %2 First cmp operand.
93 | ; @param %3 Which kind of conditional jump to make
94 | ; @param %4 The message to print (format string, no arguments please).
95 | ;
96 | %macro ASSERT_SIMPLE 4
97 | cmp %1, %2
98 | %3 %%.ok
99 | cli ; raw-mode hack
100 | push dword __LINE__
101 | %ifdef TMPL_16BIT
102 | push ds
103 | %endif
104 | push %%.s_szMsg
105 | call TMPL_NM_CMN(TestFailedF)
106 | add xSP, sCB*2
107 | ;hlt
108 | sti
109 | jmp %%.ok
110 | %%.s_szMsg: db %4, " (0x%RX32)", 0
111 | %%.ok:
112 | %endmacro
113 |
114 | %endif
115 |
116 |
117 | ;;
118 | ; Disable the breakpoints as well as check RA1 bits.
119 | ;
120 | ; @changes DRx
121 | ;
122 | BEGINPROC TMPL_NM(DisableBps)
123 | push sAX
124 | push sBX
125 | sPUSHF
126 |
127 | xor eax, eax
128 | mov dr7, sAX
129 | mov dr6, sAX
130 | mov dr0, sAX
131 | mov dr1, sAX
132 | mov dr2, sAX
133 | mov dr3, sAX
134 |
135 | mov sAX, dr6
136 | mov ebx, X86_DR6_RA1_MASK
137 | ASSERT_SIMPLE sAX, xBX, je, "Wrong DR6 value (RA1)."
138 | mov sAX, dr7
139 | mov ebx, X86_DR7_RA1_MASK
140 | ASSERT_SIMPLE sAX, sBX, je, "Wrong DR7 value (RA1)."
141 |
142 | sPOPF
143 | pop sBX
144 | pop sAX
145 | ret
146 | ENDPROC TMPL_NM(DisableBps)
147 |
148 |
149 | ;;
150 | ; Checks different gate types.
151 | ;
152 | BEGINPROC TMPL_NM(TestStepping)
153 | push xBP
154 | mov xBP, xSP
155 | push sAX
156 | push xBX
157 | push xCX
158 | push xDX
159 | push xDI
160 | push xSI
161 |
162 | mov xAX, .s_szSubTestName
163 | call TMPL_NM_CMN(TestSub)
164 |
165 |
166 | ;
167 | ; Step one instruction a lot of times to catch DR6 mismanagement.
168 | ;
169 | %ifdef QUICK_TEST
170 | mov ecx, 0x1000
171 | %else
172 | mov ecx, 0x80000
173 | %endif
174 | .the_1st_loop:
175 |
176 | mov eax, X86_DR6_INIT_VAL
177 | mov dr6, sAX
178 | mov eax, 0x12345678
179 | mov ebx, 0xaabbccdd
180 | sPUSHF
181 | or word [xSP], X86_EFL_TF
182 | sPOPF
183 | xchg ebx, eax
184 | BS2_TRAP_INSTR X86_XCPT_DB, 0, nop
185 | ASSERT_SIMPLE eax, 0xaabbccdd, je, "xchg wasn't executed (eax)."
186 | ASSERT_SIMPLE ebx, 0x12345678, je, "xchg wasn't executed (ebx)."
187 | mov sAX, dr6
188 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_BS), je, "Wrong DR6 value."
189 |
190 | dec ecx
191 | jnz .the_1st_loop
192 |
193 | ;
194 | ; Check that certain bits in DR6 is preserved and others not.
195 | ;
196 | %ifdef QUICK_TEST
197 | mov ecx, 0x200
198 | %else
199 | mov ecx, 0x20000
200 | %endif
201 | .the_2nd_loop:
202 | mov eax, X86_DR6_INIT_VAL | X86_DR6_B0 | X86_DR6_B1 | X86_DR6_B2 | X86_DR6_B3 | X86_DR6_BT | X86_DR6_BD
203 | mov dr6, sAX
204 | mov eax, 0x12345678
205 | mov ebx, 0xaabbccdd
206 | sPUSHF
207 | or word [xSP], X86_EFL_TF
208 | sPOPF
209 | xchg ebx, eax
210 | BS2_TRAP_INSTR X86_XCPT_DB, 0, nop
211 | ASSERT_SIMPLE eax, 0xaabbccdd, je, "xchg wasn't executed (eax)."
212 | ASSERT_SIMPLE ebx, 0x12345678, je, "xchg wasn't executed (ebx)."
213 | mov sAX, dr6
214 | ASSERT_SIMPLE eax, (X86_DR6_BS | X86_DR6_INIT_VAL | X86_DR6_BT | X86_DR6_BD), je, "Wrong DR6 value."
215 |
216 | dec ecx
217 | jnz .the_2nd_loop
218 |
219 | ;
220 | ; Done.
221 | ;
222 | cli ; raw-mode hack
223 | call TMPL_NM_CMN(TestSubDone)
224 | sti
225 |
226 | pop xSI
227 | pop xDI
228 | pop xDX
229 | pop xCX
230 | pop xBX
231 | pop sAX
232 | leave
233 | ret
234 |
235 | .s_szSubTestName:
236 | db TMPL_MODE_STR, ', EFLAGS.TF stepping', 0
237 | ENDPROC TMPL_NM(TestGateType)
238 |
239 |
240 | ;;
241 | ; Check execution breakpoint.
242 | ;
244 | push xBP
245 | mov xBP, xSP
246 | push sAX
247 | push xBX
248 | push xCX
249 | push xDX
250 | push xDI
251 | push xSI
252 |
253 | mov xAX, .s_szSubTestName
254 | call TMPL_NM_CMN(TestSub)
255 |
256 |
257 | ;
258 | ; Arm all 4 breakpoints and check DR6 management.
259 | ;
260 | %ifdef QUICK_TEST
261 | mov ecx, 0x1000
262 | %else
263 | mov ecx, 0x80000
264 | %endif
265 | lea sAX, [.bp_dr0 xWrtRIP]
266 | mov dr0, sAX
267 | lea sAX, [.bp_dr1 xWrtRIP]
268 | mov dr1, sAX
269 | lea sAX, [.bp_dr2 xWrtRIP]
270 | mov dr2, sAX
271 | lea sAX, [.bp_dr3 xWrtRIP]
272 | mov dr3, sAX
273 | mov eax, X86_DR7_RA1_MASK | X86_DR7_G0 | X86_DR7_G1 | X86_DR7_G2 | X86_DR7_G3 | X86_DR7_GE
274 | mov dr7, sAX
275 |
276 | .the_loop:
277 | mov eax, X86_DR6_INIT_VAL | X86_DR6_BS | X86_DR6_BT | X86_DR6_BD
278 | mov dr6, sAX
279 |
280 | mov eax, 0x12345678
281 | mov ebx, 0xaabbccdd
282 | .bp_dr0:
283 | BS2_TRAP_INSTR X86_XCPT_DB, 0, xchg ebx, eax
284 | ASSERT_SIMPLE eax, 0x12345678, je, "xchg was executed (eax)."
285 | ASSERT_SIMPLE ebx, 0xaabbccdd, je, "xchg was executed (ebx)."
286 | mov sAX, dr6
287 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_BS | X86_DR6_BT | X86_DR6_BD | X86_DR6_B0), je, "Wrong DR6 value (dr0)."
288 |
289 | mov eax, 0x12345678
290 | mov ebx, 0xaabbccdd
291 | .bp_dr1:
292 | BS2_TRAP_INSTR X86_XCPT_DB, 0, xchg ebx, eax
293 | ASSERT_SIMPLE eax, 0x12345678, je, "xchg was executed (eax)."
294 | ASSERT_SIMPLE ebx, 0xaabbccdd, je, "xchg was executed (ebx)."
295 | mov sAX, dr6
296 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_BS | X86_DR6_BT | X86_DR6_BD | X86_DR6_B1), je, "Wrong DR6 value (dr1)."
297 |
298 | mov eax, 0x12345678
299 | mov ebx, 0xaabbccdd
300 | .bp_dr2:
301 | BS2_TRAP_INSTR X86_XCPT_DB, 0, xchg ebx, eax
302 | ASSERT_SIMPLE eax, 0x12345678, je, "xchg was executed (eax)."
303 | ASSERT_SIMPLE ebx, 0xaabbccdd, je, "xchg was executed (ebx)."
304 | mov sAX, dr6
305 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_BS | X86_DR6_BT | X86_DR6_BD | X86_DR6_B2), je, "Wrong DR6 value (dr2)."
306 |
307 | mov eax, 0x12345678
308 | mov ebx, 0xaabbccdd
309 | .bp_dr3:
310 | BS2_TRAP_INSTR X86_XCPT_DB, 0, xchg ebx, eax
311 | ASSERT_SIMPLE eax, 0x12345678, je, "xchg was executed (eax)."
312 | ASSERT_SIMPLE ebx, 0xaabbccdd, je, "xchg was executed (ebx)."
313 | mov sAX, dr6
314 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_BS | X86_DR6_BT | X86_DR6_BD | X86_DR6_B3), je, "Wrong DR6 value (dr3)."
315 |
316 | dec ecx
317 | jnz .the_loop
318 |
319 | ;
320 | ; Touch the code, making sure the BPs don't trigger on data access.
321 | ;
322 | mov al, [.bp_dr0 xWrtRIP]
323 | mov [.bp_dr0 xWrtRIP], al
324 | mov al, [.bp_dr1 xWrtRIP]
325 | mov [.bp_dr1 xWrtRIP], al
326 | mov al, [.bp_dr2 xWrtRIP]
327 | mov [.bp_dr2 xWrtRIP], al
328 | mov al, [.bp_dr3 xWrtRIP]
329 | mov [.bp_dr3 xWrtRIP], al
330 |
331 | ;
332 | ; Done.
333 | ;
334 | call TMPL_NM(DisableBps)
335 | cli ; raw-mode hack
336 | call TMPL_NM_CMN(TestSubDone)
337 | sti
338 |
339 | pop xSI
340 | pop xDI
341 | pop xDX
342 | pop xCX
343 | pop xBX
344 | pop sAX
345 | leave
346 | ret
347 |
348 | .s_szSubTestName:
349 | db TMPL_MODE_STR, ', Exec BP', 0
350 | ENDPROC TMPL_NM(TestBpExec)
351 |
352 |
353 | ;;
354 | ; Check I/O breakpoints.
355 | ;
357 | push xBP
358 | mov xBP, xSP
359 | push sAX
360 | push xBX
361 | push xCX
362 | push xDX
363 | push xDI
364 | push xSI
365 |
366 | mov xAX, .s_szSubTestName
367 | call TMPL_NM_CMN(TestSub)
368 |
369 |
370 | ;
371 | ; Arm all 4 breakpoints and check range handling and such.
372 | ;
373 | mov sAX, cr4
374 | or sAX, X86_CR4_DE
375 | mov cr4, sAX
376 |
377 | %ifdef QUICK_TEST
378 | mov ecx, 1000
379 | %else
380 | mov ecx, 4096
381 | %endif
382 | mov sAX, 84h
383 | mov dr0, sAX
384 | mov sAX, 85h
385 | mov dr1, sAX
386 | mov sAX, 86h
387 | mov dr2, sAX
388 | mov sAX, 8ch
389 | mov dr3, sAX
390 | mov eax, X86_DR7_RA1_MASK | X86_DR7_LE | X86_DR7_GE \
391 | | X86_DR7_L0 | X86_DR7_G0 | X86_DR7_RW(0, X86_DR7_RW_IO) | X86_DR7_LEN(0, X86_DR7_LEN_BYTE) \
392 | | X86_DR7_L1 | X86_DR7_G1 | X86_DR7_RW(1, X86_DR7_RW_IO) | X86_DR7_LEN(1, X86_DR7_LEN_WORD) \
393 | | X86_DR7_L2 | X86_DR7_G2 | X86_DR7_RW(2, X86_DR7_RW_IO) | X86_DR7_LEN(2, X86_DR7_LEN_DWORD) \
394 | | X86_DR7_L3 | X86_DR7_G3 | X86_DR7_RW(3, X86_DR7_RW_IO) | X86_DR7_LEN(3, X86_DR7_LEN_DWORD)
395 | mov dr7, sAX
396 |
397 | .the_loop:
398 | mov eax, X86_DR6_INIT_VAL
399 | mov dr6, sAX
400 |
401 | mov eax, 0x12345678
402 | in eax, 84h
403 | BS2_TRAP_INSTR X86_XCPT_DB, 0, nop
404 | ASSERT_SIMPLE eax, 0x12345678, jne, "in was not executed."
405 | mov sAX, dr6
406 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_B0), je, "Wrong DR6 value (dr0)."
407 |
408 | mov ebx, 0x12345678
409 | in eax, 85h
410 | BS2_TRAP_INSTR X86_XCPT_DB, 0, nop
411 | ASSERT_SIMPLE eax, 0x12345678, jne, "in was not executed."
412 | mov sAX, dr6
413 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_B1), je, "Wrong DR6 value (dr1)."
414 |
415 | mov eax, 0x12345678
416 | in eax, 86h
417 | BS2_TRAP_INSTR X86_XCPT_DB, 0, nop
418 | ASSERT_SIMPLE eax, 0x12345678, jne, "in was not executed."
419 | mov sAX, dr6
420 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_B2), je, "Wrong DR6 value (dr2)."
421 |
422 | mov eax, 0x12345678
423 | in eax, 8ch
424 | BS2_TRAP_INSTR X86_XCPT_DB, 0, nop
425 | ASSERT_SIMPLE eax, 0x12345678, jne, "in was not executed."
426 | mov sAX, dr6
427 | ASSERT_SIMPLE eax, (X86_DR6_INIT_VAL | X86_DR6_B3), je, "Wrong DR6 value (dr3)."
428 |
429 | dec ecx
430 | jnz .the_loop
431 |
432 | ;
433 | ; Done.
434 | ;
435 | call TMPL_NM(DisableBps)
436 | cli ; raw-mode hack
437 | call TMPL_NM_CMN(TestSubDone)
438 | sti
439 |
440 | pop xSI
441 | pop xDI
442 | pop xDX
443 | pop xCX
444 | pop xBX
445 | pop sAX
446 | leave
447 | ret
448 |
449 | .s_szSubTestName:
450 | db TMPL_MODE_STR, ', I/O BP', 0
452 |
453 |
454 | ;;
455 | ; Do the tests for this mode.
456 | ;
457 | ; @uses nothing
458 | ;
460 | BITS 16
461 | BEGINPROC TMPL_NM(DoTestsForMode_rm)
462 | push bp
463 | mov bp, sp
464 | push ax
465 |
466 | ;
467 | ; Check if the mode and NX is supported, do the switch.
468 | ;
469 | call TMPL_NM(Bs2IsModeSupported_rm)
470 | jz .done
471 | call TMPL_NM(Bs2EnterMode_rm)
473 | pushf
474 | sti ; raw-mode hacks
475 |
476 | ;
477 | ; Do the testing.
478 | ;
479 |
480 | call TMPL_NM(TestStepping)
481 | call TMPL_NM(TestBpExec)
482 | call TMPL_NM(TestBpIo)
483 |
484 | ;
485 | ; Back to real mode.
486 | ;
487 | popf
488 | call TMPL_NM(Bs2ExitMode)
489 | BITS 16
490 | call Bs2DisableNX_r86
491 |
492 | .done:
493 | pop ax
494 | leave
495 | ret
496 | ENDPROC TMPL_NM(DoTestsForMode_rm)
499 |
500 | %include "bootsector2-template-footer.mac"
501 |