HyperDbg Debugger
Loading...
Searching...
No Matches
Lbr.h
Go to the documentation of this file.
1
11#pragma once
12
14// Constants //
16
17//
18// Legacy LBR MSRs
19//
20#ifndef MSR_LEGACY_LBR_SELECT
21# define MSR_LEGACY_LBR_SELECT 0x000001C8 // originally defined in SDK to be used by other module like HyperHV
22#endif // !MSR_LEGACY_LBR_SELECT
23#define MSR_LBR_TOS 0x000001C9
24#define MSR_LASTBRANCH_0_FROM_IP 0x00000680
25#define MSR_LASTBRANCH_0_TO_IP 0x000006C0
26#define MSR_LASTBRANCH_INFO_0 0x00000DC0
27#define LBR_SELECT_WITHOUT_FILTER 0x00000000
28
29//
30// Arch LBR MSRs
31//
32#define IA32_LBR_0_FROM_IP 0x1500
33#define IA32_LBR_0_TO_IP 0x1600
34#define IA32_LBR_0_INFO 0x1200
35
36#define CPUID_ARCH_LAST_BRANCH_RECORD_INFORMATION 0x1c
37
38//
39// This MSR could be used as an alternative to MSR_LBR_SELECT and IA32_DEBUGCTL for enabling and configuring LBR
40// For using that in hypervisor Load Guest IA32_LBR_CTL Entry Control and Clear IA32_LBR_CTL Exit Control should
41// be configured, plus host could control it over Guest IA32_LBR_CTL on VMCS
42//
43#define IA32_LBR_CTL 0x000014CE
44
46// CPUID Structures //
48
49/*
50 * @brief Intel Architectural LBR CPUID detection/enumeration details:
51 */
52typedef union _CPUID28_EAX
53{
54 struct
55 {
56 /* Supported LBR depth values */
59 /* Deep C-state Reset */
61 /* IP values contain LIP */
63 };
66
67typedef union _CPUID28_EBX
68{
69 struct
70 {
71 /* CPL Filtering Supported */
73 /* Branch Filtering Supported */
75 /* Call-stack Mode Supported */
78 };
81
82typedef union _CPUID28_ECX
83{
84 struct
85 {
86 /* Mispredict Bit Supported */
88 /* Timed LBRs Supported */
90 /* Branch Type Field Supported */
93 };
96
97/*
98 * @brief The structure to hold the CPUID leaf 0x28 details for Architectural LBRs
99 */
107
109// MSR Structures //
111
117{
118 ULONG64 AsUInt;
119
120 struct
121 {
122 ULONG64 LBREn : 1; // [0] When set, enables LBR recording
123 ULONG64 OS : 1; // [1] When set, allows LBR recording when CPL == 0
124 ULONG64 USR : 1; // [2] When set, allows LBR recording when CPL != 0
125 ULONG64 CallStack : 1; // [3] When set, records branches in call-stack mode (See Section 7.1.2.4)
126 ULONG64 Reserved0 : 12; // [15:4] Reserved (must be zero)
127 ULONG64 JCC : 1; // [16] When set, records taken conditional branches (See Section 7.1.2.3)
128 ULONG64 NearRelJmp : 1; // [17] When set, records near relative JMPs (See Section 7.1.2.3)
129 ULONG64 NearIndJmp : 1; // [18] When set, records near indirect JMPs (See Section 7.1.2.3)
130 ULONG64 NearRelCall : 1; // [19] When set, records near relative CALLs (See Section 7.1.2.3)
131 ULONG64 NearIndCall : 1; // [20] When set, records near indirect CALLs (See Section 7.1.2.3)
132 ULONG64 NearRet : 1; // [21] When set, records near RETs (See Section 7.1.2.3)
133 ULONG64 OtherBranch : 1; // [22] When set, records other branches (See Section 7.1.2.3)
134 ULONG64 Reserved1 : 41; // [63:23] Reserved (must be zero)
136
138
140// Global Variables //
142
152
158
160// Functions //
162
165
168
170LbrStart(UINT64 FilterOptions);
171
173LbrCheck();
174
175VOID
176LbrFilter(UINT64 FilterOptions);
177
178VOID
179LbrStop();
180
181VOID
182LbrFlush();
183
184VOID
185LbrSave();
186
187VOID
188LbrPrint();
CPU_LBR_MAP CPU_LBR_MAPS[]
The global variable to hold the mapping of CPU model to its LBR capacity.
Definition Lbr.c:21
struct _CPU_LBR_MAP * PCPU_LBR_MAP
VOID LbrFlush()
Flush LBR MSRs by disabling LBR and clearing all LBR entries.
Definition Lbr.c:1041
BOOLEAN LbrStart(UINT64 FilterOptions)
Start collecting LBR branches.
Definition Lbr.c:903
union _CPUID28_ECX * PCPUID28_ECX
union _IA32_LBR_CTL_REGISTER IA32_LBR_CTL_REGISTER
The structure to hold the IA32_LBR_CTL MSR, which is used to enable and configure the LBR feature.
VOID LbrSave()
Save LBR branches.
Definition Lbr.c:1091
VOID LbrStop()
Stop collecting LBR branches.
Definition Lbr.c:983
struct _CPUID28_LEAFS CPUID28_LEAFS
struct _CPUID28_LEAFS * PCPUID28_LEAFS
struct _CPU_LBR_MAP CPU_LBR_MAP
The structure to hold the mapping of CPU model to its LBR capacity.
union _CPUID28_EBX * PCPUID28_EBX
union _CPUID28_EBX CPUID28_EBX
BOOLEAN LbrCheckAndReadArchitecturalLbrDetails()
Check if the current CPU supports architectural LBR.
Definition Lbr.c:86
VOID LbrPrint()
Print collected LBR branches.
Definition Lbr.c:1194
union _IA32_LBR_CTL_REGISTER * PIA32_LBR_CTL_REGISTER
VOID LbrFilter(UINT64 FilterOptions)
Filter LBR branches based on the provided options.
Definition Lbr.c:1070
BOOLEAN LbrCheckAndReadLegacyLbrDetails()
Check if the current CPU supports LBR by examining the CPU family and model and looking up the corres...
Definition Lbr.c:177
BOOLEAN LbrCheck()
Check if LBR is enabled or not.
Definition Lbr.c:876
union _CPUID28_ECX CPUID28_ECX
union _CPUID28_EAX CPUID28_EAX
union _CPUID28_EAX * PCPUID28_EAX
UCHAR BOOLEAN
Definition BasicTypes.h:35
unsigned int UINT32
Definition BasicTypes.h:54
unsigned long ULONG
Definition BasicTypes.h:31
The structure to hold the mapping of CPU model to its LBR capacity.
Definition Lbr.h:148
ULONG LbrCapacity
Definition Lbr.h:150
ULONG Model
Definition Lbr.h:149
Definition Lbr.h:101
UINT32 Edx
Definition Lbr.h:105
CPUID28_EAX Eax
Definition Lbr.h:102
CPUID28_ECX Ecx
Definition Lbr.h:104
CPUID28_EBX Ebx
Definition Lbr.h:103
Definition Lbr.h:53
UINT32 AsUInt
Definition Lbr.h:64
UINT32 LbrLip
Definition Lbr.h:62
UINT32 LbrDeepCReset
Definition Lbr.h:60
UINT32 LbrDepthMask
Definition Lbr.h:57
UINT32 Reserved
Definition Lbr.h:58
Definition Lbr.h:68
UINT32 LbrFilter
Definition Lbr.h:74
UINT32 Reserved
Definition Lbr.h:77
UINT32 LbrCpl
Definition Lbr.h:72
UINT32 AsUInt
Definition Lbr.h:79
UINT32 LbrCallStack
Definition Lbr.h:76
Definition Lbr.h:83
UINT32 LbrMispred
Definition Lbr.h:87
UINT32 AsUInt
Definition Lbr.h:94
UINT32 LbrBrType
Definition Lbr.h:91
UINT32 Reserved
Definition Lbr.h:92
UINT32 LbrTimedLbr
Definition Lbr.h:89
The structure to hold the IA32_LBR_CTL MSR, which is used to enable and configure the LBR feature.
Definition Lbr.h:117
ULONG64 OtherBranch
Definition Lbr.h:133
ULONG64 NearRet
Definition Lbr.h:132
ULONG64 Reserved0
Definition Lbr.h:126
ULONG64 AsUInt
Definition Lbr.h:118
ULONG64 NearRelCall
Definition Lbr.h:130
ULONG64 NearIndJmp
Definition Lbr.h:129
ULONG64 NearRelJmp
Definition Lbr.h:128
struct _IA32_LBR_CTL_REGISTER::@162044327322241346347142010232260066304104061355 Bits
ULONG64 OS
Definition Lbr.h:123
ULONG64 USR
Definition Lbr.h:124
ULONG64 CallStack
Definition Lbr.h:125
ULONG64 LBREn
Definition Lbr.h:122
ULONG64 NearIndCall
Definition Lbr.h:131
ULONG64 JCC
Definition Lbr.h:127
ULONG64 Reserved1
Definition Lbr.h:134