Port AVX512 support from TitanEngine

x64dbg/TitanEngine#22

Author: mrexodia

GleeBug/GleeBug.vcxproj

@@ -21,31 +21,32 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{B65A3680-9B6B-44E6-A046-649F94DF9F56}</ProjectGuid>
     <RootNamespace>GleeBug</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
     <ConfigurationType>StaticLibrary</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
     <ConfigurationType>StaticLibrary</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
     <ConfigurationType>StaticLibrary</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
     <ConfigurationType>StaticLibrary</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>

GleeBug/ntdll.h

@@ -2511,7 +2511,7 @@ typedef ULONG GDI_HANDLE_BUFFER32[GDI_HANDLE_BUFFER_SIZE32];
 typedef ULONG GDI_HANDLE_BUFFER64[GDI_HANDLE_BUFFER_SIZE64];
 typedef ULONG GDI_HANDLE_BUFFER[GDI_HANDLE_BUFFER_SIZE];
 
-#define FLS_MAXIMUM_AVAILABLE 128
+#define NTDLL_FLS_MAXIMUM_AVAILABLE 128
 #define TLS_MINIMUM_AVAILABLE 64
 #define TLS_EXPANSION_SLOTS 1024
 
@@ -2656,7 +2656,7 @@ typedef struct _PEB
     PVOID* FlsCallback;
     LIST_ENTRY FlsListHead;
     PVOID FlsBitmap;
-    ULONG FlsBitmapBits[FLS_MAXIMUM_AVAILABLE / (sizeof(ULONG) * 8)];
+    ULONG FlsBitmapBits[NTDLL_FLS_MAXIMUM_AVAILABLE / (sizeof(ULONG) * 8)];
     ULONG FlsHighIndex;
 
     PVOID WerRegistrationData;

MyDebugger/MyDebugger.vcxproj

@@ -21,31 +21,32 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{4083DE5A-582F-4B15-B6F0-CB866E66F8C4}</ProjectGuid>
     <RootNamespace>MyDebugger</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>

StaticEngine/StaticEngine.vcxproj

@@ -21,31 +21,32 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{8E0C7F46-89CC-4510-BC17-07513A31BC7E}</ProjectGuid>
     <RootNamespace>StaticEngine</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140_xp</PlatformToolset>
+    <PlatformToolset>v141_xp</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>MultiByte</CharacterSet>
   </PropertyGroup>

StaticEngine/TitanEngine.h

@@ -599,6 +599,12 @@ typedef struct
     XmmRegister_t High; //AVX part
 } YmmRegister_t;
 
+typedef struct
+{
+	YmmRegister_t Low; //AVX part
+	YmmRegister_t High; //AVX-512 part
+} ZmmRegister_t;
+
 typedef struct
 {
     BYTE    data[10];
@@ -664,6 +670,16 @@ typedef struct
 #endif
 } TITAN_ENGINE_CONTEXT_t;
 
+typedef struct
+{
+#ifdef _WIN64
+    ZmmRegister_t ZmmRegisters[32];
+#else // x86
+    ZmmRegister_t ZmmRegisters[8];
+#endif
+    ULONGLONG Opmask[8];
+} TITAN_ENGINE_CONTEXT_AVX512_t;
+
 #ifdef __cplusplus
 extern "C"
 {
@@ -853,6 +869,8 @@ __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD
 __declspec(dllexport) bool TITCALL SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
 __declspec(dllexport) bool TITCALL GetAVXContext(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext);
 __declspec(dllexport) bool TITCALL SetAVXContext(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext);
+__declspec(dllexport) bool TITCALL GetAVX512Context(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_AVX512_t* titcontext);
+__declspec(dllexport) bool TITCALL SetAVX512Context(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_AVX512_t* titcontext);
 __declspec(dllexport) void TITCALL ClearExceptionNumber();
 __declspec(dllexport) long TITCALL CurrentExceptionNumber();
 __declspec(dllexport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);

StaticEngine/TitanEngineEmulator.cpp

@@ -171,6 +171,16 @@ __declspec(dllexport) void TITCALL Getx87FPURegisters(x87FPURegister_t x87FPUReg
     emu.Getx87FPURegisters(x87FPURegisters, titcontext);
 }
 
+__declspec(dllexport) bool TITCALL GetAVX512Context(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_AVX512_t* titcontext)
+{
+    return false;
+}
+
+__declspec(dllexport) bool TITCALL SetAVX512Context(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_AVX512_t* titcontext)
+{
+    return false;
+}
+
 //PE
 __declspec(dllexport) bool TITCALL StaticFileLoad(const char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
 {

TitanEngineEmulator/Emulator.h

@@ -1170,18 +1170,32 @@ class Emulator : public Debugger
         return dwLastError;
     }
 
+    static DWORD GetNtBuildNumberWindows7()
+    {
+        auto p_RtlGetVersion = (NTSTATUS(WINAPI*)(PRTL_OSVERSIONINFOW))GetProcAddress(GetModuleHandleW(L"ntdll.dll"), "RtlGetVersion");
+        RTL_OSVERSIONINFOW info = { sizeof(info) };
+        if (p_RtlGetVersion && p_RtlGetVersion(&info) == 0)
+            return info.dwBuildNumber;
+        else
+            return 0;
+    }
+
+    static DWORD GetNtBuildNumber()
+    {
+        // https://www.vergiliusproject.com/kernels/x64/Windows%2010%20%7C%202016/1507%20Threshold%201/_KUSER_SHARED_DATA
+        auto NtBuildNumber = *(DWORD*)(0x7FFE0000 + 0x260);
+        if (NtBuildNumber == 0)
+        {
+            // Older versions of Windows
+            static DWORD NtBuildNumber7 = GetNtBuildNumberWindows7();
+            NtBuildNumber = NtBuildNumber7;
+        }
+        return NtBuildNumber;
+    }
+
     static bool isAtleastVista()
     {
-        static bool isAtleastVista = false;
-        static bool isSet = false;
-        if(isSet)
-            return isAtleastVista;
-        OSVERSIONINFO versionInfo = { 0 };
-        versionInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
-        GetVersionEx(&versionInfo);
-        isAtleastVista = versionInfo.dwMajorVersion >= 6;
-        isSet = true;
-        return isAtleastVista;
+        return GetNtBuildNumber() >= 6000;
     }
 
     //Quote from The Ultimate Anti-Debugging Reference by Peter Ferrie

TitanEngineEmulator/TitanEngine.h

@@ -603,6 +603,12 @@ typedef struct
     XmmRegister_t High; //AVX part
 } YmmRegister_t;
 
+typedef struct
+{
+    YmmRegister_t Low; //AVX part
+    YmmRegister_t High; //AVX-512 part
+} ZmmRegister_t;
+
 typedef struct
 {
     BYTE    data[10];
@@ -668,6 +674,16 @@ typedef struct
 #endif
 } TITAN_ENGINE_CONTEXT_t;
 
+typedef struct
+{
+#ifdef _WIN64
+    ZmmRegister_t ZmmRegisters[32];
+#else // x86
+    ZmmRegister_t ZmmRegisters[8];
+#endif
+    ULONGLONG Opmask[8];
+} TITAN_ENGINE_CONTEXT_AVX512_t;
+
 #ifdef __cplusplus
 extern "C"
 {
@@ -859,6 +875,8 @@ __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD
 __declspec(dllexport) bool TITCALL SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
 __declspec(dllexport) bool TITCALL GetAVXContext(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext);
 __declspec(dllexport) bool TITCALL SetAVXContext(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext);
+__declspec(dllexport) bool TITCALL GetAVX512Context(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_AVX512_t* titcontext);
+__declspec(dllexport) bool TITCALL SetAVX512Context(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_AVX512_t* titcontext);
 __declspec(dllexport) void TITCALL ClearExceptionNumber();
 __declspec(dllexport) long TITCALL CurrentExceptionNumber();
 __declspec(dllexport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);