HyperDbg Debugger
Loading...
Searching...
No Matches
LbrDefinitions.h
Go to the documentation of this file.
1
12#pragma once
13
15// Constants //
17
21#define MSR_LEGACY_LBR_SELECT 0x000001C8
22
27#define MAXIMUM_LBR_CAPACITY 0x20 // 32 entries, which is the maximum supported by modern Intel CPUs
28
29/*
30 * Intel LBR_SELECT bits
31 *
32 * Hardware branch filter (not available on all CPUs)
33 */
34#define LBR_KERNEL_BIT 0 /* do not capture at ring0 */
35#define LBR_USER_BIT 1 /* do not capture at ring > 0 */
36#define LBR_JCC_BIT 2 /* do not capture conditional branches */
37#define LBR_REL_CALL_BIT 3 /* do not capture relative calls */
38#define LBR_IND_CALL_BIT 4 /* do not capture indirect calls */
39#define LBR_RETURN_BIT 5 /* do not capture near returns */
40#define LBR_IND_JMP_BIT 6 /* do not capture indirect jumps */
41#define LBR_REL_JMP_BIT 7 /* do not capture relative jumps */
42#define LBR_FAR_BIT 8 /* do not capture far branches */
43#define LBR_CALL_STACK_BIT 9 /* enable call stack: not available on all CPUs */
44
45/*
46 * We mask it out before writing it to
47 * the actual MSR. But it helps the constraint code to understand
48 * that this is a separate configuration.
49 */
50#define LBR_KERNEL (1 << LBR_KERNEL_BIT)
51#define LBR_USER (1 << LBR_USER_BIT)
52#define LBR_JCC (1 << LBR_JCC_BIT)
53#define LBR_REL_CALL (1 << LBR_REL_CALL_BIT)
54#define LBR_IND_CALL (1 << LBR_IND_CALL_BIT)
55#define LBR_RETURN (1 << LBR_RETURN_BIT)
56#define LBR_IND_JMP (1 << LBR_IND_JMP_BIT)
57#define LBR_REL_JMP (1 << LBR_REL_JMP_BIT)
58#define LBR_FAR_OTHER_BRANCHES (1 << LBR_FAR_BIT) // It is used for OTHER BRANCHES in ARCH LBR
59#define LBR_CALL_STACK (1 << LBR_CALL_STACK_BIT)
60
65#define LBR_CALL_STACK_BASE_FLAGS (LBR_CALL_STACK | (LBR_JCC | LBR_IND_JMP | LBR_REL_JMP | LBR_FAR_OTHER_BRANCHES))
66
70#define LBR_BR_TYPE_COND 0x0
71#define LBR_BR_TYPE_JMP_INDIRECT 0x1
72#define LBR_BR_TYPE_JMP_DIRECT 0x2
73#define LBR_BR_TYPE_CALL_INDIRECT 0x3
74#define LBR_BR_TYPE_CALL_DIRECT 0x4
75#define LBR_BR_TYPE_RET 0x5
76#define LBR_BR_TYPE_RESERVED_MIN 0x6 /* 011xb */
77#define LBR_BR_TYPE_RESERVED_MAX 0x7 /* 011xb */
78#define LBR_BR_TYPE_OTHER_MIN 0x8 /* 1xxxb */
79#define LBR_BR_TYPE_OTHER_MAX 0xF /* 1xxxb */
80
81#define LBR_BR_TYPE_NAME_MAX_LEN 16 /* longest string is "CALL Indirect\0" = 14 chars, rounded up */
82
84// MSR Structures //
86
90typedef union
91{
92 struct
93 {
95 UINT64 CycleCount : 16;
96
99 UINT64 Reserved : 40;
100
113 UINT64 BrType_OnlyArchLbr : 4;
114
116 UINT64 CycCntValid_OnlyArchLbr : 1;
117
126 UINT64 TsxAbort : 1;
127
133 UINT64 InTsx : 1;
134
141 UINT64 Mispred : 1;
142 };
143 UINT64 AsUInt;
145
147// Structures //
149
154typedef struct _LBR_BRANCH_ENTRY
155{
156 ULONGLONG From;
157 ULONGLONG To;
158
160
165typedef struct _LBR_STACK_ENTRY
166{
169 UINT8 Tos;
170
unsigned char UINT8
Definition BasicTypes.h:52
struct _LBR_STACK_ENTRY PLBR_STACK_ENTRY
struct _LBR_BRANCH_ENTRY PLBR_BRANCH_ENTRY
struct _LBR_BRANCH_ENTRY LBR_BRANCH_ENTRY
The structure to hold a single LBR entry (from and to addresses).
struct _LBR_STACK_ENTRY LBR_STACK_ENTRY
The structure to hold the LBR stack for a single processor core, including the branch entries and the...
union MSR_LBR_INFO * PMSR_LBR_INFO
#define MAXIMUM_LBR_CAPACITY
Maximum LBR capacity that is supported by processors.
Definition LbrDefinitions.h:27
struct _LBR_BRANCH_ENTRY LBR_BRANCH_ENTRY
The structure to hold a single LBR entry (from and to addresses).
The structure to hold a single LBR entry (from and to addresses).
Definition LbrDefinitions.h:155
ULONGLONG From
Definition LbrDefinitions.h:156
ULONGLONG To
Definition LbrDefinitions.h:157
The structure to hold the LBR stack for a single processor core, including the branch entries and the...
Definition LbrDefinitions.h:166
MSR_LBR_INFO LastBranchInfo[MAXIMUM_LBR_CAPACITY]
Definition LbrDefinitions.h:168
UINT8 Tos
Definition LbrDefinitions.h:169
LBR_BRANCH_ENTRY BranchEntry[MAXIMUM_LBR_CAPACITY]
Definition LbrDefinitions.h:167
Definition LbrDefinitions.h:91