cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

win_dump_defs.h (4394B)

      1/*
      2 * Windows crashdump definitions
      3 *
      4 * Copyright (c) 2018 Virtuozzo International GmbH
      5 *
      6 * This work is licensed under the terms of the GNU GPL, version 2 or later.
      7 * See the COPYING file in the top-level directory.
      8 *
      9 */
     10
     11#ifndef QEMU_WIN_DUMP_DEFS_H
     12#define QEMU_WIN_DUMP_DEFS_H
     13
     14typedef struct WinDumpPhyMemRun64 {
     15    uint64_t BasePage;
     16    uint64_t PageCount;
     17} QEMU_PACKED WinDumpPhyMemRun64;
     18
     19typedef struct WinDumpPhyMemDesc64 {
     20    uint32_t NumberOfRuns;
     21    uint32_t unused;
     22    uint64_t NumberOfPages;
     23    WinDumpPhyMemRun64 Run[43];
     24} QEMU_PACKED WinDumpPhyMemDesc64;
     25
     26typedef struct WinDumpExceptionRecord {
     27    uint32_t ExceptionCode;
     28    uint32_t ExceptionFlags;
     29    uint64_t ExceptionRecord;
     30    uint64_t ExceptionAddress;
     31    uint32_t NumberParameters;
     32    uint32_t unused;
     33    uint64_t ExceptionInformation[15];
     34} QEMU_PACKED WinDumpExceptionRecord;
     35
     36typedef struct WinDumpHeader64 {
     37    char Signature[4];
     38    char ValidDump[4];
     39    uint32_t MajorVersion;
     40    uint32_t MinorVersion;
     41    uint64_t DirectoryTableBase;
     42    uint64_t PfnDatabase;
     43    uint64_t PsLoadedModuleList;
     44    uint64_t PsActiveProcessHead;
     45    uint32_t MachineImageType;
     46    uint32_t NumberProcessors;
     47    union {
     48        struct {
     49            uint32_t BugcheckCode;
     50            uint32_t unused0;
     51            uint64_t BugcheckParameter1;
     52            uint64_t BugcheckParameter2;
     53            uint64_t BugcheckParameter3;
     54            uint64_t BugcheckParameter4;
     55        };
     56        uint8_t BugcheckData[40];
     57    };
     58    uint8_t VersionUser[32];
     59    uint64_t KdDebuggerDataBlock;
     60    union {
     61        WinDumpPhyMemDesc64 PhysicalMemoryBlock;
     62        uint8_t PhysicalMemoryBlockBuffer[704];
     63    };
     64    union {
     65        uint8_t ContextBuffer[3000];
     66    };
     67    WinDumpExceptionRecord Exception;
     68    uint32_t DumpType;
     69    uint32_t unused1;
     70    uint64_t RequiredDumpSpace;
     71    uint64_t SystemTime;
     72    char Comment[128];
     73    uint64_t SystemUpTime;
     74    uint32_t MiniDumpFields;
     75    uint32_t SecondaryDataState;
     76    uint32_t ProductType;
     77    uint32_t SuiteMask;
     78    uint32_t WriterStatus;
     79    uint8_t unused2;
     80    uint8_t KdSecondaryVersion;
     81    uint8_t reserved[4018];
     82} QEMU_PACKED WinDumpHeader64;
     83
     84#define KDBG_OWNER_TAG_OFFSET64             0x10
     85#define KDBG_MM_PFN_DATABASE_OFFSET64       0xC0
     86#define KDBG_KI_BUGCHECK_DATA_OFFSET64      0x88
     87#define KDBG_KI_PROCESSOR_BLOCK_OFFSET64    0x218
     88#define KDBG_OFFSET_PRCB_CONTEXT_OFFSET64   0x338
     89
     90#define VMCOREINFO_ELF_NOTE_HDR_SIZE    24
     91
     92#define WIN_CTX_X64 0x00100000L
     93
     94#define WIN_CTX_CTL 0x00000001L
     95#define WIN_CTX_INT 0x00000002L
     96#define WIN_CTX_SEG 0x00000004L
     97#define WIN_CTX_FP  0x00000008L
     98#define WIN_CTX_DBG 0x00000010L
     99
    100#define WIN_CTX_FULL    (WIN_CTX_X64 | WIN_CTX_CTL | WIN_CTX_INT | WIN_CTX_FP)
    101#define WIN_CTX_ALL     (WIN_CTX_FULL | WIN_CTX_SEG | WIN_CTX_DBG)
    102
    103#define LIVE_SYSTEM_DUMP    0x00000161
    104
    105typedef struct WinM128A {
    106    uint64_t low;
    107    int64_t high;
    108} QEMU_ALIGNED(16) WinM128A;
    109
    110typedef struct WinContext {
    111    uint64_t PHome[6];
    112
    113    uint32_t ContextFlags;
    114    uint32_t MxCsr;
    115
    116    uint16_t SegCs;
    117    uint16_t SegDs;
    118    uint16_t SegEs;
    119    uint16_t SegFs;
    120    uint16_t SegGs;
    121    uint16_t SegSs;
    122    uint32_t EFlags;
    123
    124    uint64_t Dr0;
    125    uint64_t Dr1;
    126    uint64_t Dr2;
    127    uint64_t Dr3;
    128    uint64_t Dr6;
    129    uint64_t Dr7;
    130
    131    uint64_t Rax;
    132    uint64_t Rcx;
    133    uint64_t Rdx;
    134    uint64_t Rbx;
    135    uint64_t Rsp;
    136    uint64_t Rbp;
    137    uint64_t Rsi;
    138    uint64_t Rdi;
    139    uint64_t R8;
    140    uint64_t R9;
    141    uint64_t R10;
    142    uint64_t R11;
    143    uint64_t R12;
    144    uint64_t R13;
    145    uint64_t R14;
    146    uint64_t R15;
    147
    148    uint64_t Rip;
    149
    150    struct {
    151        uint16_t ControlWord;
    152        uint16_t StatusWord;
    153        uint8_t TagWord;
    154        uint8_t Reserved1;
    155        uint16_t ErrorOpcode;
    156        uint32_t ErrorOffset;
    157        uint16_t ErrorSelector;
    158        uint16_t Reserved2;
    159        uint32_t DataOffset;
    160        uint16_t DataSelector;
    161        uint16_t Reserved3;
    162        uint32_t MxCsr;
    163        uint32_t MxCsr_Mask;
    164        WinM128A FloatRegisters[8];
    165        WinM128A XmmRegisters[16];
    166        uint8_t Reserved4[96];
    167    } FltSave;
    168
    169    WinM128A VectorRegister[26];
    170    uint64_t VectorControl;
    171
    172    uint64_t DebugControl;
    173    uint64_t LastBranchToRip;
    174    uint64_t LastBranchFromRip;
    175    uint64_t LastExceptionToRip;
    176    uint64_t LastExceptionFromRip;
    177} QEMU_ALIGNED(16) WinContext;
    178
    179#endif /* QEMU_WIN_DUMP_DEFS_H */