source-git / libipt

Clone
Source Code
GIT

Files

  1.   b1f7ae91f3f1582bb73db4819e05f4b86cecddc3
  2.   test
  3.   src
  4.   skd007.ptt
Blob Blame History Raw 
; Copyright (c) 2015-2017, Intel Corporation
;
; Redistribution and use in source and binary forms, with or without
; modification, are permitted provided that the following conditions are met:
;
;  * Redistributions of source code must retain the above copyright notice,
;    this list of conditions and the following disclaimer.
;  * Redistributions in binary form must reproduce the above copyright notice,
;    this list of conditions and the following disclaimer in the documentation
;    and/or other materials provided with the distribution.
;  * Neither the name of Intel Corporation nor the names of its contributors
;    may be used to endorse or promote products derived from this software
;    without specific prior written permission.
;
; THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
; IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
; ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
; LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
; CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
; SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
; INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
; CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
; ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
; POSSIBILITY OF SUCH DAMAGE.

; SKD007: Intel(R) PT Buffer Overflow May Result in Incorrect Packets.
;
;         Under complex micro-architectural conditions, an Intel PT (Processor
;         Trace) OVF (Overflow) packet may be issued after the first byte of a
;         multi-byte CYC (Cycle Count) packet, instead of any remaining bytes
;         of the CYC.
;
;   cpu 6/78
;   cpu 6/94
;

org 0x1000
bits 64

; @pt p0: psb()
; @pt p1: mode.exec(64bit)
; @pt p2: fup(3: %l0)
l0: nop

; The first CYC has its 2nd byte overwritten by OVF, which appears as
; another CYC packet.  The two CYCs will have payloads of:
;
;   0x3* or 0x2* and
;   0x1e
;
; @pt p3: cyc(0x3e)
; @pt p4: cyc(0x1e)
; @pt p5: pad()
; @pt p6: fup(3: %l1)
l1: nop

; @pt p7: fup(1: %l2)
; @pt p8: tip.pgd(0: %l3)
l2: nop
l3: hlt


; @pt .exp(ptdump)
;%0p0  psb
;%0p1  mode.exec  cs.l
;%0p2  fup        3: %?l0
;%0p3  cyc        3e
;%0p4  cyc        1e
;%0p5  pad
;%0p6  fup        3: %?l1
;%0p7  fup        1: %?l2.2
;%0p8  tip.pgd    0: %?l3.0


; @pt .exp(ptxed)
;[overflow]
;%0l1 # nop
;[disabled]

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation