Changeset 41117 in vbox

Timestamp:

May 2, 2012 2:22:29 PM (13 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

77725

Message:

SUP,VBoxTpG,++: Initial implementation of generic user module tracepoints. (disabled)

Location:

trunk

Files:

: 1 added
: 13 edited

Config.kmk (modified) (2 diffs)
include/VBox/VBoxTpG.h (modified) (7 diffs)
include/VBox/err.h (modified) (1 diff)
include/VBox/sup.h (modified) (2 diffs)
src/VBox/HostDrivers/Support/Makefile.kmk (modified) (1 diff)
src/VBox/HostDrivers/Support/SUPDrv.c (modified) (3 diffs)
src/VBox/HostDrivers/Support/SUPDrvIOC.h (modified) (4 diffs)
src/VBox/HostDrivers/Support/SUPDrvInternal.h (modified) (4 diffs)
src/VBox/HostDrivers/Support/SUPDrvTracer.cpp (modified) (35 diffs)
src/VBox/HostDrivers/Support/SUPLib.cpp (modified) (7 diffs)
src/VBox/HostDrivers/Support/SUPLibTracerA.asm (added)
src/VBox/Runtime/VBox/VBoxRTDeps.cpp (modified) (1 diff)
src/VBox/VMM/VMMR3/VM.cpp (modified) (1 diff)
src/bldprogs/VBoxTpG.cpp (modified) (13 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/Config.kmk

-              r41101
+              r41117
 # Set this to enable user mode dtrace probes.
 if1of ($(KBUILD_TARGET), darwin solaris)
  VBOX_WITH_DTRACE_R3 = 1
+# VBOX_WITH_DTRACE_R3 = 1
 endif
 # Set this to enable kernel driver dtrace probes.
 if1of ($(KBUILD_TARGET), darwin solaris)
  VBOX_WITH_DTRACE_R0DRV = 1
+# VBOX_WITH_DTRACE_R0DRV = 1
 endif
 # Set this to enable dtrace probes in platform agnostic kernel code.
 …
         -Wl,--rpath-link,$(L4_LIBDIR)
 TEMPLATE_VBOXR3EXE_LDFLAGS.linux       = -Wl,-z,noexecstack $(VBOX_LD_as_needed)
-ifdef VBOX_WITH_DTRACE_R3
- TEMPLATE_VBOXR3EXE_LDFLAGS.linux     += -Wl,--verbose
-endif
  ifeq ($(KBUILD_TARGET),linux)

trunk/include/VBox/VBoxTpG.h

-              r40986
+              r41117
 RT_C_DECLS_BEGIN
+/**
+ * 32-bit probe location.
+ */
+typedef struct VTGPROBELOC32
+{
+    uint32_t    uLine    : 31;
+    uint32_t    fEnabled : 1;
+    uint32_t    idProbe;
+    uint32_t    pszFunction;
+    uint32_t    pbProbe;
+} VTGPROBELOC32;
+AssertCompileSize(VTGPROBELOC32, 16);
+/** Pointer to a 32-bit probe location. */
+typedef VTGPROBELOC32 *PVTGPROBELOC32;
+/** Pointer to a const 32-bit probe location. */
+typedef VTGPROBELOC32 const *PCVTGPROBELOC32;
+/**
+ * 64-bit probe location.
+ */
+typedef struct VTGPROBELOC64
+{
+    uint32_t    uLine    : 31;
+    uint32_t    fEnabled : 1;
+    uint32_t    idProbe;
+    uint64_t    pszFunction;
+    uint64_t    pbProbe;
+    uint64_t    uAlignment;
+} VTGPROBELOC64;
+AssertCompileSize(VTGPROBELOC64, 32);
+/** Pointer to a 64-bit probe location. */
+typedef VTGPROBELOC64 *PVTGPROBELOC64;
+/** Pointer to a const 64-bit probe location. */
+typedef VTGPROBELOC64 const *PCVTGPROBELOC64;
 /**
 …
 /** Pointer to a probe location. */
 typedef VTGPROBELOC *PVTGPROBELOC;
+/** Pointer to a const probe location. */
+typedef VTGPROBELOC const *PCVTGPROBELOC;
 /** @def VTG_OBJ_SECT
 …
 /** Pointer to an argument descriptor. */
 typedef VTGDESCARG         *PVTGDESCARG;
+/** Pointer to a const argument descriptor. */
+typedef VTGDESCARG const *PCVTGDESCARG;
 …
 /** Pointer to a VTG argument list descriptor. */
 typedef VTGDESCARGLIST     *PVTGDESCARGLIST;
+/** Pointer to a const VTG argument list descriptor. */
+typedef VTGDESCARGLIST const *PCVTGDESCARGLIST;
 …
     /** The distance from this structure to the VTG object header. */
     int32_t         offObjHdr;
-    uint32_t        u32User;
-    uint32_t        u32User2;
 } VTGDESCPROBE;
 AssertCompileSize(VTGDESCPROBE, 24);
+AssertCompileSize(VTGDESCPROBE, 16);
 /** Pointer to a VTG probe descriptor. */
 typedef VTGDESCPROBE       *PVTGDESCPROBE;
+/** Pointer to a const VTG probe descriptor. */
+typedef VTGDESCPROBE const *PCVTGDESCPROBE;
 …
 /** Pointer to a VTG provider descriptor. */
 typedef VTGDESCPROVIDER    *PVTGDESCPROVIDER;
+/** Pointer to a const VTG provider descriptor. */
+typedef VTGDESCPROVIDER const *PCVTGDESCPROVIDER;
 …
 typedef struct VTGOBJHDR
+{
+    /** Magic value (VTGOBJHDR_MAGIC). */
     char                szMagic[24];
+    /** The bitness of the structures.
+     * This only affects the probe location pointers and structures. */
     uint32_t            cBits;
+    uint32_t            u32Reserved0;
+    PVTGDESCPROVIDER    paProviders;
+    uintptr_t           cbProviders;
+    PVTGDESCPROBE       paProbes;
+    uintptr_t           cbProbes;
+    bool               *pafProbeEnabled;
+    uintptr_t           cbProbeEnabled;
+    char               *pachStrTab;
+    uintptr_t           cbStrTab;
+    PVTGDESCARGLIST     paArgLists;
+    uintptr_t           cbArgLists;
+    PVTGPROBELOC        paProbLocs;
+    PVTGPROBELOC        paProbLocsEnd;
+    uintptr_t           auReserved1[4];
+    /** The size of the VTG object. This excludes the probe locations. */
+    uint32_t            cbObj;
+    /** @name Area Descriptors
+     * @remarks The offsets are relative to the header.  The members are
+     *          ordered by ascending offset (maybe with the exception of the
+     *          probe locations).  No overlaps, though there might be zero
+     *          filled gaps between them due to alignment.
+     * @{ */
+    /* 32: */
+    /** Offset of the string table (char) relative to this header. */
+    uint32_t            offStrTab;
+    /** The size of the string table, in bytes. */
+    uint32_t            cbStrTab;
+    /** Offset of the argument lists (VTGDESCARGLIST - variable size) relative
+     * to this header. */
+    uint32_t            offArgLists;
+    /** The size of the argument lists, in bytes. */
+    uint32_t            cbArgLists;
+    /* 48: */
+    /** Offset of the probe array (VTGDESCPROBE) relative to this header. */
+    uint32_t            offProbes;
+    /** The size of the probe array, in bytes. */
+    uint32_t            cbProbes;
+    /** Offset of the provider array (VTGDESCPROVIDER) relative to this
+     * header. */
+    uint32_t            offProviders;
+    /** The size of the provider array, in bytes. */
+    uint32_t            cbProviders;
+    /* 64: */
+    /** Offset of the probe-enabled array (uint32_t) relative to this
+     * header. */
+    uint32_t            offProbeEnabled;
+    /** The size of the probe-enabled array, in bytes. */
+    uint32_t            cbProbeEnabled;
+    /** Offset of the probe location array (VTGPROBELOC) relative to this
+     * header.
+     * @remarks This is filled in by the first VTG user using uProbeLocs. */
+    int32_t             offProbeLocs;
+    /** The size of the probe location array, in bytes.
+     * @remarks This is filled in by the first VTG user using uProbeLocs. */
+    uint32_t            cbProbeLocs;
+    /** @}  */
+    /* 80: */
+    /**
+     * The probe location array is generated by C code and lives in a
+     * different section/subsection/segment than the rest of the data.
+     *
+     * The assembler cannot generate offsets across sections for most (if not
+     * all) object formats, so we have to store pointers here.  The first user
+     * of the data will convert these two members into offset and size and fill
+     * in the offProbeLocs and cbProbeLocs members above.
+     *
+     * @remarks Converting these members to offset+size and reusing the members
+     *          to store the converted values isn't possible because of
+     *          raw-mode context modules having relocations associated with the
+     *          fields.
+     */
+    union
+    {
+        PVTGPROBELOC    p;
+        uintptr_t       uPtr;
+        uint32_t        u32;
+        uint64_t        u64;
+    }
+    /** Pointer to the probe location array. */
+                        uProbeLocs,
+    /** Pointer to the end of the probe location array. */
+                        uProbeLocsEnd;
+    /** UUID for making sharing ring-0 structures for the same ring-3
+     * modules easier. */
+    RTUUID              Uuid;
+    /** Reserved / alignment. */
+    uint32_t            au32Reserved1[4];
 } VTGOBJHDR;
+AssertCompileSize(VTGOBJHDR, 128);
+AssertCompileMemberAlignment(VTGOBJHDR, uProbeLocs, 8);
+AssertCompileMemberAlignment(VTGOBJHDR, uProbeLocsEnd, 8);
 /** Pointer to a VTG data object header. */
 typedef VTGOBJHDR          *PVTGOBJHDR;
+/** Pointer to a const VTG data object header. */
+typedef VTGOBJHDR const    *PCVTGOBJHDR;
 /** The current VTGOBJHDR::szMagic value. */
 #define VTGOBJHDR_MAGIC     "VTG Object Header v1.4\0"
+#define VTGOBJHDR_MAGIC     "VTG Object Header v1.5\0"
 /** The name of the VTG data object header symbol in the object file. */

trunk/include/VBox/err.h

-              r40878
+              r41117
 /** Bad VTG bit count value.  */
 #define VERR_SUPDRV_VTG_BITS                        (-3705)
+/** Bad VTG header.  */
+#define VERR_SUPDRV_VTG_BAD_HDR                     (-3706)
+/** Bad VTG header - pointer.  */
+#define VERR_SUPDRV_VTG_BAD_HDR_PTR                 (-3707)
+/** Bad VTG header - misc.  */
+#define VERR_SUPDRV_VTG_BAD_HDR_MISC                (-3706)
+/** Bad VTG header - offset.  */
+#define VERR_SUPDRV_VTG_BAD_HDR_OFF                 (-3707)
+/** Bad VTG header - offset.  */
+#define VERR_SUPDRV_VTG_BAD_HDR_PTR                 (-3708)
 /** Bad VTG header - to low value.  */
 #define VERR_SUPDRV_VTG_BAD_HDR_TOO_FEW             (-3708)
+#define VERR_SUPDRV_VTG_BAD_HDR_TOO_FEW             (-3709)
 /** Bad VTG header - to high value.  */
 #define VERR_SUPDRV_VTG_BAD_HDR_TOO_MUCH            (-3709)
+#define VERR_SUPDRV_VTG_BAD_HDR_TOO_MUCH            (-3710)
 /** Bad VTG header - size value is not a multiple of the structure size. */
 #define VERR_SUPDRV_VTG_BAD_HDR_NOT_MULTIPLE        (-3710)
+#define VERR_SUPDRV_VTG_BAD_HDR_NOT_MULTIPLE        (-3711)
 /** Bad VTG string table offset. */
 #define VERR_SUPDRV_VTG_STRTAB_OFF                  (-3711)
+#define VERR_SUPDRV_VTG_STRTAB_OFF                  (-3712)
 /** Bad VTG string. */
 #define VERR_SUPDRV_VTG_BAD_STRING                  (-3712)
+#define VERR_SUPDRV_VTG_BAD_STRING                  (-3713)
 /** VTG string is too long. */
 #define VERR_SUPDRV_VTG_STRING_TOO_LONG             (-3713)
+#define VERR_SUPDRV_VTG_STRING_TOO_LONG             (-3714)
 /** Bad VTG attribute value. */
 #define VERR_SUPDRV_VTG_BAD_ATTR                    (-3714)
+#define VERR_SUPDRV_VTG_BAD_ATTR                    (-3715)
 /** Bad VTG provider descriptor. */
 #define VERR_SUPDRV_VTG_BAD_PROVIDER                (-3715)
+#define VERR_SUPDRV_VTG_BAD_PROVIDER                (-3716)
 /** Bad VTG probe descriptor. */
 #define VERR_SUPDRV_VTG_BAD_PROBE                   (-3716)
+#define VERR_SUPDRV_VTG_BAD_PROBE                   (-3717)
 /** Bad VTG argument list descriptor. */
 #define VERR_SUPDRV_VTG_BAD_ARGLIST                 (-3717)
+#define VERR_SUPDRV_VTG_BAD_ARGLIST                 (-3718)
 /** Bad VTG probe enabled data. */
 #define VERR_SUPDRV_VTG_BAD_PROBE_ENABLED           (-3718)
+#define VERR_SUPDRV_VTG_BAD_PROBE_ENABLED           (-3719)
 /** Bad VTG probe location record. */
 #define VERR_SUPDRV_VTG_BAD_PROBE_LOC               (-3719)
+#define VERR_SUPDRV_VTG_BAD_PROBE_LOC               (-3720)
 /** The VTG object for the session or image has already been registered. */
 #define VERR_SUPDRV_VTG_ALREADY_REGISTERED          (-3720)
+#define VERR_SUPDRV_VTG_ALREADY_REGISTERED          (-3721)
 /** A driver may only register one VTG object per session. */
 #define VERR_SUPDRV_VTG_ONLY_ONCE_PER_SESSION       (-3721)
+#define VERR_SUPDRV_VTG_ONLY_ONCE_PER_SESSION       (-3722)
 /** A tracer has already been registered. */
 #define VERR_SUPDRV_TRACER_ALREADY_REGISTERED       (-3722)
+#define VERR_SUPDRV_TRACER_ALREADY_REGISTERED       (-3723)
 /** The session has no tracer associated with it. */
 #define VERR_SUPDRV_TRACER_NOT_REGISTERED           (-3723)
+#define VERR_SUPDRV_TRACER_NOT_REGISTERED           (-3724)
 /** The tracer has already been opened in this sesssion. */
 #define VERR_SUPDRV_TRACER_ALREADY_OPENED           (-3724)
+#define VERR_SUPDRV_TRACER_ALREADY_OPENED           (-3725)
 /** The tracer has not been opened. */
 #define VERR_SUPDRV_TRACER_NOT_OPENED               (-3725)
+#define VERR_SUPDRV_TRACER_NOT_OPENED               (-3726)
 /** There is no tracer present. */
 #define VERR_SUPDRV_TRACER_NOT_PRESENT              (-3726)
+#define VERR_SUPDRV_TRACER_NOT_PRESENT              (-3727)
 /** The tracer is unloading. */
 #define VERR_SUPDRV_TRACER_UNLOADING                (-3727)
+#define VERR_SUPDRV_TRACER_UNLOADING                (-3728)
 /** Another thread in the session is talking to the tracer.  */
 #define VERR_SUPDRV_TRACER_SESSION_BUSY             (-3728)
+#define VERR_SUPDRV_TRACER_SESSION_BUSY             (-3729)
 /** The tracer cannot open it self in the same session. */
 #define VERR_SUPDRV_TRACER_CANNOT_OPEN_SELF         (-3729)
+#define VERR_SUPDRV_TRACER_CANNOT_OPEN_SELF         (-3730)
 /** Bad argument flags. */
+#define VERR_SUPDRV_TRACER_BAD_ARG_FLAGS            (-3730)
+#define VERR_SUPDRV_TRACER_BAD_ARG_FLAGS            (-3731)
+/** The session has reached the max number of (user mode) providers. */
+#define VERR_SUPDRV_TRACER_TOO_MANY_PROVIDERS       (-3732)
+/** The tracepoint provider object is too large. */
+#define VERR_SUPDRV_TRACER_TOO_LARGE                (-3733)
+/** The probe location array isn't adjacent to the probe enable array. */
+#define VERR_SUPDRV_TRACER_UMOD_NOT_ADJACENT        (-3734)
+/** The user mode tracepoint provider has too many probe locations and
+ * probes. */
+#define VERR_SUPDRV_TRACER_UMOD_TOO_MANY_PROBES     (-3735)
+/** The user mode tracepoint provider string table is too large. */
+#define VERR_SUPDRV_TRACER_UMOD_STRTAB_TOO_BIG      (-3736)
+/** The user mode tracepoint provider string table offset is bad. */
+#define VERR_SUPDRV_TRACER_UMOD_STRTAB_OFF_BAD      (-3737)
 /** @} */

trunk/include/VBox/sup.h

-              r40983
+              r41117
     SUPPAGINGMODE_AMD64_GLOBAL_NX
 } SUPPAGINGMODE;
-/**
- * The CPU state.
- */
-typedef enum SUPGIPCPUSTATE
+{
-    /** Invalid CPU state / unused CPU entry. */
-    SUPGIPCPUSTATE_INVALID = 0,
-    /** The CPU is not present. */
-    SUPGIPCPUSTATE_ABSENT,
-    /** The CPU is offline. */
-    SUPGIPCPUSTATE_OFFLINE,
-    /** The CPU is online. */
-    SUPGIPCPUSTATE_ONLINE,
-    /** Force 32-bit enum type. */
-    SUPGIPCPUSTATE_32_BIT_HACK = 0x7fffffff
-} SUPGIPCPUSTATE;
-/**
- * Per CPU data.
- */
-typedef struct SUPGIPCPU
+{
-    /** Update transaction number.
-     * This number is incremented at the start and end of each update. It follows
-     * thusly that odd numbers indicates update in progress, while even numbers
-     * indicate stable data. Use this to make sure that the data items you fetch
-     * are consistent. */
-    volatile uint32_t   u32TransactionId;
-    /** The interval in TSC ticks between two NanoTS updates.
-     * This is the average interval over the last 2, 4 or 8 updates + a little slack.
-     * The slack makes the time go a tiny tiny bit slower and extends the interval enough
-     * to avoid ending up with too many 1ns increments. */
-    volatile uint32_t   u32UpdateIntervalTSC;
-    /** Current nanosecond timestamp. */
-    volatile uint64_t   u64NanoTS;
-    /** The TSC at the time of u64NanoTS. */
-    volatile uint64_t   u64TSC;
-    /** Current CPU Frequency. */
-    volatile uint64_t   u64CpuHz;
-    /** Number of errors during updating.
-     * Typical errors are under/overflows. */
-    volatile uint32_t   cErrors;
-    /** Index of the head item in au32TSCHistory. */
-    volatile uint32_t   iTSCHistoryHead;
-    /** Array of recent TSC interval deltas.
-     * The most recent item is at index iTSCHistoryHead.
-     * This history is used to calculate u32UpdateIntervalTSC.
-     */
-    volatile uint32_t   au32TSCHistory[8];
-    /** The interval between the last two NanoTS updates. (experiment for now) */
-    volatile uint32_t   u32PrevUpdateIntervalNS;
-    /** Reserved for future per processor data. */
-    volatile uint32_t   au32Reserved[5+5];
-    /** @todo Add topology/NUMA info. */
-    /** The CPU state. */
-    SUPGIPCPUSTATE volatile enmState;
-    /** The host CPU ID of this CPU (the SUPGIPCPU is indexed by APIC ID). */
-    RTCPUID                 idCpu;
-    /** The CPU set index of this CPU. */
-    int16_t                 iCpuSet;
-    /** The APIC ID of this CPU. */
-    uint16_t                idApic;
-} SUPGIPCPU;
-AssertCompileSize(RTCPUID, 4);
-AssertCompileSize(SUPGIPCPU, 128);
-AssertCompileMemberAlignment(SUPGIPCPU, u64NanoTS, 8);
-AssertCompileMemberAlignment(SUPGIPCPU, u64TSC, 8);
-/** Pointer to per cpu data.
- * @remark there is no const version of this typedef, see g_pSUPGlobalInfoPage for details. */
-typedef SUPGIPCPU *PSUPGIPCPU;
-/**
- * Global Information Page.
+ *
- * This page contains useful information and can be mapped into any
- * process or VM. It can be accessed thru the g_pSUPGlobalInfoPage
- * pointer when a session is open.
- */
-typedef struct SUPGLOBALINFOPAGE
+{
-    /** Magic (SUPGLOBALINFOPAGE_MAGIC). */
-    uint32_t            u32Magic;
-    /** The GIP version. */
-    uint32_t            u32Version;
-    /** The GIP update mode, see SUPGIPMODE. */
-    uint32_t            u32Mode;
-    /** The number of entries in the CPU table.
-     * (This can work as RTMpGetArraySize().)  */
-    uint16_t            cCpus;
-    /** The size of the GIP in pages. */
-    uint16_t            cPages;
-    /** The update frequency of the of the NanoTS. */
-    volatile uint32_t   u32UpdateHz;
-    /** The update interval in nanoseconds. (10^9 / u32UpdateHz) */
-    volatile uint32_t   u32UpdateIntervalNS;
-    /** The timestamp of the last time we update the update frequency. */
-    volatile uint64_t   u64NanoTSLastUpdateHz;
-    /** The set of online CPUs. */
-    RTCPUSET            OnlineCpuSet;
-    /** The set of present CPUs. */
-    RTCPUSET            PresentCpuSet;
-    /** The set of possible CPUs. */
-    RTCPUSET            PossibleCpuSet;
-    /** The number of CPUs that are online. */
-    volatile uint16_t   cOnlineCpus;
-    /** The number of CPUs present in the system. */
-    volatile uint16_t   cPresentCpus;
-    /** The highest number of CPUs possible. */
-    uint16_t            cPossibleCpus;
-    /** The highest number of CPUs possible. */
-    uint16_t            u16Padding0;
-    /** The max CPU ID (RTMpGetMaxCpuId). */
-    RTCPUID             idCpuMax;
-    /** Padding / reserved space for future data. */
-    uint32_t            au32Padding1[29];
-    /** Table indexed by the CPU APIC ID to get the CPU table index. */
-    uint16_t            aiCpuFromApicId[256];
-    /** CPU set index to CPU table index. */
-    uint16_t            aiCpuFromCpuSetIdx[RTCPUSET_MAX_CPUS];
-    /** Array of per-cpu data.
-     * This is index by ApicId via the aiCpuFromApicId table.
+     *
-     * The clock and frequency information is updated for all CPUs if u32Mode
-     * is SUPGIPMODE_ASYNC_TSC, otherwise (SUPGIPMODE_SYNC_TSC) only the first
-     * entry is updated. */
-    SUPGIPCPU           aCPUs[1];
-} SUPGLOBALINFOPAGE;
-AssertCompileMemberAlignment(SUPGLOBALINFOPAGE, u64NanoTSLastUpdateHz, 8);
-#if defined(RT_ARCH_SPARC) || defined(RT_ARCH_SPARC64)
-AssertCompileMemberAlignment(SUPGLOBALINFOPAGE, aCPUs, 32);
-#else
-AssertCompileMemberAlignment(SUPGLOBALINFOPAGE, aCPUs, 256);
-#endif
-/** Pointer to the global info page.
- * @remark there is no const version of this typedef, see g_pSUPGlobalInfoPage for details. */
-typedef SUPGLOBALINFOPAGE *PSUPGLOBALINFOPAGE;
-/** The value of the SUPGLOBALINFOPAGE::u32Magic field. (Soryo Fuyumi) */
-#define SUPGLOBALINFOPAGE_MAGIC     0x19590106
-/** The GIP version.
- * Upper 16 bits is the major version. Major version is only changed with
- * incompatible changes in the GIP. */
-#define SUPGLOBALINFOPAGE_VERSION   0x00030000
-/**
- * SUPGLOBALINFOPAGE::u32Mode values.
- */
-typedef enum SUPGIPMODE
+{
-    /** The usual invalid null entry. */
-    SUPGIPMODE_INVALID = 0,
-    /** The TSC of the cores and cpus in the system is in sync. */
-    SUPGIPMODE_SYNC_TSC,
-    /** Each core has it's own TSC. */
-    SUPGIPMODE_ASYNC_TSC,
-    /** The usual 32-bit hack. */
-    SUPGIPMODE_32BIT_HACK = 0x7fffffff
-} SUPGIPMODE;
-/** Pointer to the Global Information Page.
+ *
- * This pointer is valid as long as SUPLib has a open session. Anyone using
- * the page must treat this pointer as highly volatile and not trust it beyond
- * one transaction.
+ *
- * @remark  The GIP page is read-only to everyone but the support driver and
- *          is actually mapped read only everywhere but in ring-0. However
- *          it is not marked 'const' as this might confuse compilers into
- *          thinking that values doesn't change even if members are marked
- *          as volatile. Thus, there is no PCSUPGLOBALINFOPAGE type.
- */
-#if defined(IN_SUP_R0) || defined(IN_SUP_R3) || defined(IN_SUP_RC)
-extern DECLEXPORT(PSUPGLOBALINFOPAGE)   g_pSUPGlobalInfoPage;
-#elif !defined(IN_RING0) || defined(RT_OS_WINDOWS) || defined(RT_OS_SOLARIS)
-extern DECLIMPORT(PSUPGLOBALINFOPAGE)   g_pSUPGlobalInfoPage;
-#else /* IN_RING0 && !RT_OS_WINDOWS */
-# if !defined(__GNUC__) || defined(RT_OS_DARWIN) || !defined(RT_ARCH_AMD64)
-#  define g_pSUPGlobalInfoPage          (&g_SUPGlobalInfoPage)
-# else
-#  define g_pSUPGlobalInfoPage          (SUPGetGIPHlp())
-/** Workaround for ELF+GCC problem on 64-bit hosts.
- * (GCC emits a mov with a R_X86_64_32 reloc, we need R_X86_64_64.) */
-DECLINLINE(PSUPGLOBALINFOPAGE) SUPGetGIPHlp(void)
+{
-    PSUPGLOBALINFOPAGE pGIP;
-    __asm__ __volatile__ ("movabs $g_SUPGlobalInfoPage,%0\n\t"
-                          : "=a" (pGIP));
-    return pGIP;
+}
-# endif
-/** The GIP.
- * We save a level of indirection by exporting the GIP instead of a variable
- * pointing to it. */
-extern DECLIMPORT(SUPGLOBALINFOPAGE)    g_SUPGlobalInfoPage;
-#endif
-/**
- * Gets the GIP pointer.
+ *
- * @returns Pointer to the GIP or NULL.
- */
-SUPDECL(PSUPGLOBALINFOPAGE)             SUPGetGIP(void);
-#ifdef ___iprt_asm_amd64_x86_h
-/**
- * Gets the TSC frequency of the calling CPU.
+ *
- * @returns TSC frequency, UINT64_MAX on failure.
- * @param   pGip        The GIP pointer.
- */
-DECLINLINE(uint64_t) SUPGetCpuHzFromGIP(PSUPGLOBALINFOPAGE pGip)
+{
-    unsigned iCpu;
-    if (RT_UNLIKELY(!pGip || pGip->u32Magic != SUPGLOBALINFOPAGE_MAGIC))
-        return UINT64_MAX;
-    if (pGip->u32Mode != SUPGIPMODE_ASYNC_TSC)
-        iCpu = 0;
-    else
+    {
-        iCpu = pGip->aiCpuFromApicId[ASMGetApicId()];
-        if (iCpu >= pGip->cCpus)
-            return UINT64_MAX;
+    }
-    return pGip->aCPUs[iCpu].u64CpuHz;
+}
-#endif
-/**
- * Request for generic VMMR0Entry calls.
- */
-typedef struct SUPVMMR0REQHDR
+{
-    /** The magic. (SUPVMMR0REQHDR_MAGIC) */
-    uint32_t    u32Magic;
-    /** The size of the request. */
-    uint32_t    cbReq;
-} SUPVMMR0REQHDR;
-/** Pointer to a ring-0 request header. */
-typedef SUPVMMR0REQHDR *PSUPVMMR0REQHDR;
-/** the SUPVMMR0REQHDR::u32Magic value (Ethan Iverson - The Bad Plus). */
-#define SUPVMMR0REQHDR_MAGIC        UINT32_C(0x19730211)
-/** For the fast ioctl path.
- * @{
- */
-/** @see VMMR0_DO_RAW_RUN. */
-#define SUP_VMMR0_DO_RAW_RUN    0
-/** @see VMMR0_DO_HWACC_RUN. */
-#define SUP_VMMR0_DO_HWACC_RUN  1
-/** @see VMMR0_DO_NOP */
-#define SUP_VMMR0_DO_NOP        2
-/** @} */
-/** SUPR3QueryVTCaps capability flags
- * @{
- */
-#define SUPVTCAPS_AMD_V             RT_BIT(0)
-#define SUPVTCAPS_VT_X              RT_BIT(1)
-#define SUPVTCAPS_NESTED_PAGING     RT_BIT(2)
-/** @} */
-/**
- * Request for generic FNSUPR0SERVICEREQHANDLER calls.
- */
-typedef struct SUPR0SERVICEREQHDR
+{
-    /** The magic. (SUPR0SERVICEREQHDR_MAGIC) */
-    uint32_t    u32Magic;
-    /** The size of the request. */
-    uint32_t    cbReq;
-} SUPR0SERVICEREQHDR;
-/** Pointer to a ring-0 service request header. */
-typedef SUPR0SERVICEREQHDR *PSUPR0SERVICEREQHDR;
-/** the SUPVMMR0REQHDR::u32Magic value (Esbjoern Svensson - E.S.P.).  */
-#define SUPR0SERVICEREQHDR_MAGIC    UINT32_C(0x19640416)
-/** Event semaphore handle. Ring-0 / ring-3. */
-typedef R0PTRTYPE(struct SUPSEMEVENTHANDLE *) SUPSEMEVENT;
-/** Pointer to an event semaphore handle. */
-typedef SUPSEMEVENT *PSUPSEMEVENT;
-/** Nil event semaphore handle. */
-#define NIL_SUPSEMEVENT         ((SUPSEMEVENT)0)
-/**
- * Creates a single release event semaphore.
+ *
- * @returns VBox status code.
- * @param   pSession        The session handle of the caller.
- * @param   phEvent         Where to return the handle to the event semaphore.
- */
-SUPDECL(int) SUPSemEventCreate(PSUPDRVSESSION pSession, PSUPSEMEVENT phEvent);
-/**
- * Closes a single release event semaphore handle.
+ *
- * @returns VBox status code.
- * @retval  VINF_OBJECT_DESTROYED if the semaphore was destroyed.
- * @retval  VINF_SUCCESS if the handle was successfully closed but the semaphore
- *          object remained alive because of other references.
+ *
- * @param   pSession            The session handle of the caller.
- * @param   hEvent              The handle. Nil is quietly ignored.
- */
-SUPDECL(int) SUPSemEventClose(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent);
-/**
- * Signals a single release event semaphore.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEvent              The semaphore handle.
- */
-SUPDECL(int) SUPSemEventSignal(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent);
-#ifdef IN_RING0
-/**
- * Waits on a single release event semaphore, not interruptible.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEvent              The semaphore handle.
- * @param   cMillies            The number of milliseconds to wait.
- * @remarks Not available in ring-3.
- */
-SUPDECL(int) SUPSemEventWait(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent, uint32_t cMillies);
-#endif
-/**
- * Waits on a single release event semaphore, interruptible.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEvent              The semaphore handle.
- * @param   cMillies            The number of milliseconds to wait.
- */
-SUPDECL(int) SUPSemEventWaitNoResume(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent, uint32_t cMillies);
-/**
- * Waits on a single release event semaphore, interruptible.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEvent              The semaphore handle.
- * @param   uNsTimeout          The deadline given on the RTTimeNanoTS() clock.
- */
-SUPDECL(int) SUPSemEventWaitNsAbsIntr(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent, uint64_t uNsTimeout);
-/**
- * Waits on a single release event semaphore, interruptible.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEvent              The semaphore handle.
- * @param   cNsTimeout          The number of nanoseconds to wait.
- */
-SUPDECL(int) SUPSemEventWaitNsRelIntr(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent, uint64_t cNsTimeout);
-/**
- * Gets the best timeout resolution that SUPSemEventWaitNsAbsIntr and
- * SUPSemEventWaitNsAbsIntr can do.
+ *
- * @returns The resolution in nanoseconds.
- * @param   pSession            The session handle of the caller.
- */
-SUPDECL(uint32_t) SUPSemEventGetResolution(PSUPDRVSESSION pSession);
-/** Multiple release event semaphore handle. Ring-0 / ring-3. */
-typedef R0PTRTYPE(struct SUPSEMEVENTMULTIHANDLE *)  SUPSEMEVENTMULTI;
-/** Pointer to an multiple release event semaphore handle. */
-typedef SUPSEMEVENTMULTI                           *PSUPSEMEVENTMULTI;
-/** Nil multiple release event semaphore handle. */
-#define NIL_SUPSEMEVENTMULTI                        ((SUPSEMEVENTMULTI)0)
-/**
- * Creates a multiple release event semaphore.
+ *
- * @returns VBox status code.
- * @param   pSession        The session handle of the caller.
- * @param   phEventMulti    Where to return the handle to the event semaphore.
- */
-SUPDECL(int) SUPSemEventMultiCreate(PSUPDRVSESSION pSession, PSUPSEMEVENTMULTI phEventMulti);
-/**
- * Closes a multiple release event semaphore handle.
+ *
- * @returns VBox status code.
- * @retval  VINF_OBJECT_DESTROYED if the semaphore was destroyed.
- * @retval  VINF_SUCCESS if the handle was successfully closed but the semaphore
- *          object remained alive because of other references.
+ *
- * @param   pSession            The session handle of the caller.
- * @param   hEventMulti         The handle. Nil is quietly ignored.
- */
-SUPDECL(int) SUPSemEventMultiClose(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti);
-/**
- * Signals a multiple release event semaphore.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEventMulti         The semaphore handle.
- */
-SUPDECL(int) SUPSemEventMultiSignal(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti);
-/**
- * Resets a multiple release event semaphore.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEventMulti         The semaphore handle.
- */
-SUPDECL(int) SUPSemEventMultiReset(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti);
-#ifdef IN_RING0
-/**
- * Waits on a multiple release event semaphore, not interruptible.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEventMulti         The semaphore handle.
- * @param   cMillies            The number of milliseconds to wait.
- * @remarks Not available in ring-3.
- */
-SUPDECL(int) SUPSemEventMultiWait(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti, uint32_t cMillies);
-#endif
-/**
- * Waits on a multiple release event semaphore, interruptible.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEventMulti         The semaphore handle.
- * @param   cMillies            The number of milliseconds to wait.
- */
-SUPDECL(int) SUPSemEventMultiWaitNoResume(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti, uint32_t cMillies);
-/**
- * Waits on a multiple release event semaphore, interruptible.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEventMulti         The semaphore handle.
- * @param   uNsTimeout          The deadline given on the RTTimeNanoTS() clock.
- */
-SUPDECL(int) SUPSemEventMultiWaitNsAbsIntr(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti, uint64_t uNsTimeout);
-/**
- * Waits on a multiple release event semaphore, interruptible.
+ *
- * @returns VBox status code.
- * @param   pSession            The session handle of the caller.
- * @param   hEventMulti         The semaphore handle.
- * @param   cNsTimeout          The number of nanoseconds to wait.
- */
-SUPDECL(int) SUPSemEventMultiWaitNsRelIntr(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti, uint64_t cNsTimeout);
-/**
- * Gets the best timeout resolution that SUPSemEventMultiWaitNsAbsIntr and
- * SUPSemEventMultiWaitNsRelIntr can do.
+ *
- * @returns The resolution in nanoseconds.
- * @param   pSession            The session handle of the caller.
- */
-SUPDECL(uint32_t) SUPSemEventMultiGetResolution(PSUPDRVSESSION pSession);
-#ifdef IN_RING3
-/** @defgroup   grp_sup_r3     SUP Host Context Ring-3 API
- * @ingroup grp_sup
- * @{
- */
-/**
- * Installs the support library.
+ *
- * @returns VBox status code.
- */
-SUPR3DECL(int) SUPR3Install(void);
-/**
- * Uninstalls the support library.
+ *
- * @returns VBox status code.
- */
-SUPR3DECL(int) SUPR3Uninstall(void);
-/**
- * Trusted main entry point.
+ *
- * This is exported as "TrustedMain" by the dynamic libraries which contains the
- * "real" application binary for which the hardened stub is built.  The entry
- * point is invoked upon successful initialization of the support library and
- * runtime.
+ *
- * @returns main kind of exit code.
- * @param   argc            The argument count.
- * @param   argv            The argument vector.
- * @param   envp            The environment vector.
- */
-typedef DECLCALLBACK(int) FNSUPTRUSTEDMAIN(int argc, char **argv, char **envp);
-/** Pointer to FNSUPTRUSTEDMAIN(). */
-typedef FNSUPTRUSTEDMAIN *PFNSUPTRUSTEDMAIN;
-/** Which operation failed. */
-typedef enum SUPINITOP
+{
-    /** Invalid. */
-    kSupInitOp_Invalid = 0,
-    /** Installation integrity error. */
-    kSupInitOp_Integrity,
-    /** Setuid related. */
-    kSupInitOp_RootCheck,
-    /** Driver related. */
-    kSupInitOp_Driver,
-    /** IPRT init related. */
-    kSupInitOp_IPRT,
-    /** Place holder. */
-    kSupInitOp_End
-} SUPINITOP;
-/**
- * Trusted error entry point, optional.
+ *
- * This is exported as "TrustedError" by the dynamic libraries which contains
- * the "real" application binary for which the hardened stub is built.
+ *
- * @param   pszWhere        Where the error occurred (function name).
- * @param   enmWhat         Which operation went wrong.
- * @param   rc              The status code.
- * @param   pszMsgFmt       Error message format string.
- * @param   va              The message format arguments.
- */
-typedef DECLCALLBACK(void) FNSUPTRUSTEDERROR(const char *pszWhere, SUPINITOP enmWhat, int rc, const char *pszMsgFmt, va_list va);
-/** Pointer to FNSUPTRUSTEDERROR. */
-typedef FNSUPTRUSTEDERROR *PFNSUPTRUSTEDERROR;
-/**
- * Secure main.
+ *
- * This is used for the set-user-ID-on-execute binaries on unixy systems
- * and when using the open-vboxdrv-via-root-service setup on Windows.
+ *
- * This function will perform the integrity checks of the VirtualBox
- * installation, open the support driver, open the root service (later),
- * and load the DLL corresponding to \a pszProgName and execute its main
- * function.
+ *
- * @returns Return code appropriate for main().
+ *
- * @param   pszProgName     The program name. This will be used to figure out which
- *                          DLL/SO/DYLIB to load and execute.
- * @param   fFlags          Flags.
- * @param   argc            The argument count.
- * @param   argv            The argument vector.
- * @param   envp            The environment vector.
- */
-DECLHIDDEN(int) SUPR3HardenedMain(const char *pszProgName, uint32_t fFlags, int argc, char **argv, char **envp);
-/** @name SUPR3SecureMain flags.
- * @{ */
-/** Don't open the device. (Intended for VirtualBox without -startvm.) */
-#define SUPSECMAIN_FLAGS_DONT_OPEN_DEV      RT_BIT_32(0)
-/** @} */
-/**
- * Initializes the support library.
- * Each successful call to SUPR3Init() must be countered by a
- * call to SUPR3Term(false).
+ *
- * @returns VBox status code.
- * @param   ppSession       Where to store the session handle. Defaults to NULL.
- */
-SUPR3DECL(int) SUPR3Init(PSUPDRVSESSION *ppSession);
-/**
- * Terminates the support library.
+ *
- * @returns VBox status code.
- * @param   fForced     Forced termination. This means to ignore the
- *                      init call count and just terminated.
- */
-#ifdef __cplusplus
-SUPR3DECL(int) SUPR3Term(bool fForced = false);
-#else
-SUPR3DECL(int) SUPR3Term(int fForced);
-#endif
-/**
- * Sets the ring-0 VM handle for use with fast IOCtls.
+ *
- * @returns VBox status code.
- * @param   pVMR0       The ring-0 VM handle.
- *                      NIL_RTR0PTR can be used to unset the handle when the
- *                      VM is about to be destroyed.
- */
-SUPR3DECL(int) SUPR3SetVMForFastIOCtl(PVMR0 pVMR0);
-/**
- * Calls the HC R0 VMM entry point.
- * See VMMR0Entry() for more details.
+ *
- * @returns error code specific to uFunction.
- * @param   pVMR0       Pointer to the Ring-0 (Host Context) mapping of the VM structure.
- * @param   idCpu       The virtual CPU ID.
- * @param   uOperation  Operation to execute.
- * @param   pvArg       Argument.
- */
-SUPR3DECL(int) SUPR3CallVMMR0(PVMR0 pVMR0, VMCPUID idCpu, unsigned uOperation, void *pvArg);
-/**
- * Variant of SUPR3CallVMMR0, except that this takes the fast ioclt path
- * regardsless of compile-time defaults.
+ *
- * @returns VBox status code.
- * @param   pVMR0       The ring-0 VM handle.
- * @param   uOperation  The operation; only the SUP_VMMR0_DO_* ones are valid.
- * @param   idCpu       The virtual CPU ID.
- */
-SUPR3DECL(int) SUPR3CallVMMR0Fast(PVMR0 pVMR0, unsigned uOperation, VMCPUID idCpu);
-/**
- * Calls the HC R0 VMM entry point, in a safer but slower manner than
- * SUPR3CallVMMR0. When entering using this call the R0 components can call
- * into the host kernel (i.e. use the SUPR0 and RT APIs).
+ *
- * See VMMR0Entry() for more details.
+ *
- * @returns error code specific to uFunction.
- * @param   pVMR0       Pointer to the Ring-0 (Host Context) mapping of the VM structure.
- * @param   idCpu       The virtual CPU ID.
- * @param   uOperation  Operation to execute.
- * @param   u64Arg      Constant argument.
- * @param   pReqHdr     Pointer to a request header. Optional.
- *                      This will be copied in and out of kernel space. There currently is a size
- *                      limit on this, just below 4KB.
- */
-SUPR3DECL(int) SUPR3CallVMMR0Ex(PVMR0 pVMR0, VMCPUID idCpu, unsigned uOperation, uint64_t u64Arg, PSUPVMMR0REQHDR pReqHdr);
-/**
- * Calls a ring-0 service.
+ *
- * The operation and the request packet is specific to the service.
+ *
- * @returns error code specific to uFunction.
- * @param   pszService  The service name.
- * @param   cchService  The length of the service name.
- * @param   uReq        The request number.
- * @param   u64Arg      Constant argument.
- * @param   pReqHdr     Pointer to a request header. Optional.
- *                      This will be copied in and out of kernel space. There currently is a size
- *                      limit on this, just below 4KB.
- */
-SUPR3DECL(int) SUPR3CallR0Service(const char *pszService, size_t cchService, uint32_t uOperation, uint64_t u64Arg, PSUPR0SERVICEREQHDR pReqHdr);
-/** Which logger. */
-typedef enum SUPLOGGER
+{
-    SUPLOGGER_DEBUG = 1,
-    SUPLOGGER_RELEASE
-} SUPLOGGER;
-/**
- * Changes the settings of the specified ring-0 logger.
+ *
- * @returns VBox status code.
- * @param   enmWhich    Which logger.
- * @param   pszFlags    The flags settings.
- * @param   pszGroups   The groups settings.
- * @param   pszDest     The destination specificier.
- */
-SUPR3DECL(int) SUPR3LoggerSettings(SUPLOGGER enmWhich, const char *pszFlags, const char *pszGroups, const char *pszDest);
-/**
- * Creates a ring-0 logger instance.
+ *
- * @returns VBox status code.
- * @param   enmWhich    Which logger to create.
- * @param   pszFlags    The flags settings.
- * @param   pszGroups   The groups settings.
- * @param   pszDest     The destination specificier.
- */
-SUPR3DECL(int) SUPR3LoggerCreate(SUPLOGGER enmWhich, const char *pszFlags, const char *pszGroups, const char *pszDest);
-/**
- * Destroys a ring-0 logger instance.
+ *
- * @returns VBox status code.
- * @param   enmWhich    Which logger.
- */
-SUPR3DECL(int) SUPR3LoggerDestroy(SUPLOGGER enmWhich);
-/**
- * Queries the paging mode of the host OS.
+ *
- * @returns The paging mode.
- */
-SUPR3DECL(SUPPAGINGMODE) SUPR3GetPagingMode(void);
-/**
- * Allocate zero-filled pages.
+ *
- * Use this to allocate a number of pages suitable for seeding / locking.
- * Call SUPR3PageFree() to free the pages once done with them.
+ *
- * @returns VBox status.
- * @param   cPages          Number of pages to allocate.
- * @param   ppvPages        Where to store the base pointer to the allocated pages.
- */
-SUPR3DECL(int) SUPR3PageAlloc(size_t cPages, void **ppvPages);
-/**
- * Frees pages allocated with SUPR3PageAlloc().
+ *
- * @returns VBox status.
- * @param   pvPages         Pointer returned by SUPR3PageAlloc().
- * @param   cPages          Number of pages that was allocated.
- */
-SUPR3DECL(int) SUPR3PageFree(void *pvPages, size_t cPages);
-/**
- * Allocate non-zeroed, locked, pages with user and, optionally, kernel
- * mappings.
+ *
- * Use SUPR3PageFreeEx() to free memory allocated with this function.
+ *
- * @returns VBox status code.
- * @param   cPages          The number of pages to allocate.
- * @param   fFlags          Flags, reserved. Must be zero.
- * @param   ppvPages        Where to store the address of the user mapping.
- * @param   pR0Ptr          Where to store the address of the kernel mapping.
- *                          NULL if no kernel mapping is desired.
- * @param   paPages         Where to store the physical addresses of each page.
- *                          Optional.
- */
-SUPR3DECL(int) SUPR3PageAllocEx(size_t cPages, uint32_t fFlags, void **ppvPages, PRTR0PTR pR0Ptr, PSUPPAGE paPages);
-/**
- * Maps a portion of a ring-3 only allocation into kernel space.
+ *
- * @returns VBox status code.
+ *
- * @param   pvR3            The address SUPR3PageAllocEx return.
- * @param   off             Offset to start mapping at. Must be page aligned.
- * @param   cb              Number of bytes to map. Must be page aligned.
- * @param   fFlags          Flags, must be zero.
- * @param   pR0Ptr          Where to store the address on success.
+ *
- */
-SUPR3DECL(int) SUPR3PageMapKernel(void *pvR3, uint32_t off, uint32_t cb, uint32_t fFlags, PRTR0PTR pR0Ptr);
-/**
- * Changes the protection of
+ *
- * @returns VBox status code.
- * @retval  VERR_NOT_SUPPORTED if the OS doesn't allow us to change page level
- *          protection. See also RTR0MemObjProtect.
+ *
- * @param   pvR3            The ring-3 address SUPR3PageAllocEx returned.
- * @param   R0Ptr           The ring-0 address SUPR3PageAllocEx returned if it
- *                          is desired that the corresponding ring-0 page
- *                          mappings should change protection as well. Pass
- *                          NIL_RTR0PTR if the ring-0 pages should remain
- *                          unaffected.
- * @param   off             Offset to start at which to start chagning the page
- *                          level protection. Must be page aligned.
- * @param   cb              Number of bytes to change. Must be page aligned.
- * @param   fProt           The new page level protection, either a combination
- *                          of RTMEM_PROT_READ, RTMEM_PROT_WRITE and
- *                          RTMEM_PROT_EXEC, or just RTMEM_PROT_NONE.
- */
-SUPR3DECL(int) SUPR3PageProtect(void *pvR3, RTR0PTR R0Ptr, uint32_t off, uint32_t cb, uint32_t fProt);
-/**
- * Free pages allocated by SUPR3PageAllocEx.
+ *
- * @returns VBox status code.
- * @param   pvPages         The address of the user mapping.
- * @param   cPages          The number of pages.
- */
-SUPR3DECL(int) SUPR3PageFreeEx(void *pvPages, size_t cPages);
-/**
- * Allocated memory with page aligned memory with a contiguous and locked physical
- * memory backing below 4GB.
+ *
- * @returns Pointer to the allocated memory (virtual address).
- *          *pHCPhys is set to the physical address of the memory.
- *          If ppvR0 isn't NULL, *ppvR0 is set to the ring-0 mapping.
- *          The returned memory must be freed using SUPR3ContFree().
- * @returns NULL on failure.
- * @param   cPages      Number of pages to allocate.
- * @param   pR0Ptr      Where to store the ring-0 mapping of the allocation. (optional)
- * @param   pHCPhys     Where to store the physical address of the memory block.
+ *
- * @remark  This 2nd version of this API exists because we're not able to map the
- *          ring-3 mapping executable on WIN64. This is a serious problem in regard to
- *          the world switchers.
- */
-SUPR3DECL(void *) SUPR3ContAlloc(size_t cPages, PRTR0PTR pR0Ptr, PRTHCPHYS pHCPhys);
-/**
- * Frees memory allocated with SUPR3ContAlloc().
+ *
- * @returns VBox status code.
- * @param   pv          Pointer to the memory block which should be freed.
- * @param   cPages      Number of pages to be freed.
- */
-SUPR3DECL(int) SUPR3ContFree(void *pv, size_t cPages);
-/**
- * Allocated non contiguous physical memory below 4GB.
+ *
- * The memory isn't zeroed.
+ *
- * @returns VBox status code.
- * @returns NULL on failure.
- * @param   cPages      Number of pages to allocate.
- * @param   ppvPages    Where to store the pointer to the allocated memory.
- *                      The pointer stored here on success must be passed to
- *                      SUPR3LowFree when the memory should be released.
- * @param   ppvPagesR0  Where to store the ring-0 pointer to the allocated memory. optional.
- * @param   paPages     Where to store the physical addresses of the individual pages.
- */
-SUPR3DECL(int) SUPR3LowAlloc(size_t cPages, void **ppvPages, PRTR0PTR ppvPagesR0, PSUPPAGE paPages);
-/**
- * Frees memory allocated with SUPR3LowAlloc().
+ *
- * @returns VBox status code.
- * @param   pv          Pointer to the memory block which should be freed.
- * @param   cPages      Number of pages that was allocated.
- */
-SUPR3DECL(int) SUPR3LowFree(void *pv, size_t cPages);
-/**
- * Load a module into R0 HC.
+ *
- * This will verify the file integrity in a similar manner as
- * SUPR3HardenedVerifyFile before loading it.
+ *
- * @returns VBox status code.
- * @param   pszFilename     The path to the image file.
- * @param   pszModule       The module name. Max 32 bytes.
- * @param   ppvImageBase    Where to store the image address.
- * @param   pErrInfo        Where to return extended error information.
- *                          Optional.
- */
-SUPR3DECL(int) SUPR3LoadModule(const char *pszFilename, const char *pszModule, void **ppvImageBase, PRTERRINFO pErrInfo);
-/**
- * Load a module into R0 HC.
+ *
- * This will verify the file integrity in a similar manner as
- * SUPR3HardenedVerifyFile before loading it.
+ *
- * @returns VBox status code.
- * @param   pszFilename         The path to the image file.
- * @param   pszModule           The module name. Max 32 bytes.
- * @param   pszSrvReqHandler    The name of the service request handler entry
- *                              point. See FNSUPR0SERVICEREQHANDLER.
- * @param   ppvImageBase        Where to store the image address.
- */
-SUPR3DECL(int) SUPR3LoadServiceModule(const char *pszFilename, const char *pszModule,
-                                      const char *pszSrvReqHandler, void **ppvImageBase);
-/**
- * Frees a R0 HC module.
+ *
- * @returns VBox status code.
- * @param   pszModule       The module to free.
- * @remark  This will not actually 'free' the module, there are of course usage counting.
- */
-SUPR3DECL(int) SUPR3FreeModule(void *pvImageBase);
-/**
- * Get the address of a symbol in a ring-0 module.
+ *
- * @returns VBox status code.
- * @param   pszModule       The module name.
- * @param   pszSymbol       Symbol name. If it's value is less than 64k it's treated like a
- *                          ordinal value rather than a string pointer.
- * @param   ppvValue        Where to store the symbol value.
- */
-SUPR3DECL(int) SUPR3GetSymbolR0(void *pvImageBase, const char *pszSymbol, void **ppvValue);
-/**
- * Load R0 HC VMM code.
+ *
- * @returns VBox status code.
- * @deprecated  Use SUPR3LoadModule(pszFilename, "VMMR0.r0", &pvImageBase)
- */
-SUPR3DECL(int) SUPR3LoadVMM(const char *pszFilename);
-/**
- * Unloads R0 HC VMM code.
+ *
- * @returns VBox status code.
- * @deprecated  Use SUPR3FreeModule().
- */
-SUPR3DECL(int) SUPR3UnloadVMM(void);
-/**
- * Get the physical address of the GIP.
+ *
- * @returns VBox status code.
- * @param   pHCPhys     Where to store the physical address of the GIP.
- */
-SUPR3DECL(int) SUPR3GipGetPhys(PRTHCPHYS pHCPhys);
-/**
- * Verifies the integrity of a file, and optionally opens it.
+ *
- * The integrity check is for whether the file is suitable for loading into
- * the hypervisor or VM process. The integrity check may include verifying
- * the authenticode/elfsign/whatever signature of the file, which can take
- * a little while.
+ *
- * @returns VBox status code. On failure it will have printed a LogRel message.
+ *
- * @param   pszFilename     The file.
- * @param   pszWhat         For the LogRel on failure.
- * @param   phFile          Where to store the handle to the opened file. This is optional, pass NULL
- *                          if the file should not be opened.
- * @deprecated Write a new one.
- */
-SUPR3DECL(int) SUPR3HardenedVerifyFile(const char *pszFilename, const char *pszWhat, PRTFILE phFile);
-/**
- * Verifies the integrity of a the current process, including the image
- * location and that the invocation was absolute.
+ *
- * This must currently be called after initializing the runtime.  The intended
- * audience is set-uid-to-root applications, root services and similar.
+ *
- * @returns VBox status code.  On failure
- *          message.
- * @param   pszArgv0        The first argument to main().
- * @param   fInternal       Set this to @c true if this is an internal
- *                          VirtualBox application.  Otherwise pass @c false.
- * @param   pErrInfo        Where to return extended error information.
- */
-SUPR3DECL(int) SUPR3HardenedVerifySelf(const char *pszArgv0, bool fInternal, PRTERRINFO pErrInfo);
-/**
- * Verifies the integrity of an installation directory.
+ *
- * The integrity check verifies that the directory cannot be tampered with by
- * normal users on the system.  On Unix this translates to root ownership and
- * no symbolic linking.
+ *
- * @returns VBox status code. On failure a message will be stored in @a pszErr.
+ *
- * @param   pszDirPath      The directory path.
- * @param   fRecursive      Whether the check should be recursive or
- *                          not.  When set, all sub-directores will be checked,
- *                          including files (@a fCheckFiles is ignored).
- * @param   fCheckFiles     Whether to apply the same basic integrity check to
- *                          the files in the directory as the directory itself.
- * @param   pErrInfo        Where to return extended error information.
- *                          Optional.
- */
-SUPR3DECL(int) SUPR3HardenedVerifyDir(const char *pszDirPath, bool fRecursive, bool fCheckFiles, PRTERRINFO pErrInfo);
-/**
- * Verifies the integrity of a plug-in module.
+ *
- * This is similar to SUPR3HardenedLdrLoad, except it does not load the module
- * and that the module does not have to be shipped with VirtualBox.
+ *
- * @returns VBox status code. On failure a message will be stored in @a pszErr.
+ *
- * @param   pszFilename     The filename of the plug-in module (nothing can be
- *                          omitted here).
- * @param   pErrInfo        Where to return extended error information.
- *                          Optional.
- */
-SUPR3DECL(int) SUPR3HardenedVerifyPlugIn(const char *pszFilename, PRTERRINFO pErrInfo);
-/**
- * Same as RTLdrLoad() but will verify the files it loads (hardened builds).
+ *
- * Will add dll suffix if missing and try load the file.
+ *
- * @returns iprt status code.
- * @param   pszFilename     Image filename. This must have a path.
- * @param   phLdrMod        Where to store the handle to the loaded module.
- * @param   fFlags          See RTLDRLOAD_FLAGS_XXX.
- * @param   pErrInfo        Where to return extended error information.
- *                          Optional.
- */
-SUPR3DECL(int) SUPR3HardenedLdrLoad(const char *pszFilename, PRTLDRMOD phLdrMod, uint32_t fFlags, PRTERRINFO pErrInfo);
-/**
- * Same as RTLdrLoadAppPriv() but it will verify the files it loads (hardened
- * builds).
+ *
- * Will add dll suffix to the file if missing, then look for it in the
- * architecture dependent application directory.
+ *
- * @returns iprt status code.
- * @param   pszFilename     Image filename.
- * @param   phLdrMod        Where to store the handle to the loaded module.
- * @param   fFlags          See RTLDRLOAD_FLAGS_XXX.
- * @param   pErrInfo        Where to return extended error information.
- *                          Optional.
- */
-SUPR3DECL(int) SUPR3HardenedLdrLoadAppPriv(const char *pszFilename, PRTLDRMOD phLdrMod, uint32_t fFlags, PRTERRINFO pErrInfo);
-/**
- * Same as RTLdrLoad() but will verify the files it loads (hardened builds).
+ *
- * This differs from SUPR3HardenedLdrLoad() in that it can load modules from
- * extension packs and anything else safely installed on the system, provided
- * they pass the hardening tests.
+ *
- * @returns iprt status code.
- * @param   pszFilename     The full path to the module, with extension.
- * @param   phLdrMod        Where to store the handle to the loaded module.
- * @param   pErrInfo        Where to return extended error information.
- *                          Optional.
- */
-SUPR3DECL(int) SUPR3HardenedLdrLoadPlugIn(const char *pszFilename, PRTLDRMOD phLdrMod, PRTERRINFO pErrInfo);
-/**
- * Check if the host kernel can run in VMX root mode.
+ *
- * @returns VINF_SUCCESS if supported, error code indicating why if not.
- */
-SUPR3DECL(int) SUPR3QueryVTxSupported(void);
-/**
- * Return VT-x/AMD-V capabilities.
+ *
- * @returns VINF_SUCCESS if supported, error code indicating why if not.
- * @param   pfCaps      Pointer to capability dword (out).
- * @todo Intended for main, which means we need to relax the privilege requires
- *       when accessing certain vboxdrv functions.
- */
-SUPR3DECL(int) SUPR3QueryVTCaps(uint32_t *pfCaps);
-/**
- * Open the tracer.
+ *
- * @returns VBox status code.
- * @param   uCookie         Cookie identifying the tracer we expect to talk to.
- * @param   uArg            Tracer specific open argument.
- */
-SUPR3DECL(int) SUPR3TracerOpen(uint32_t uCookie, uintptr_t uArg);
-/**
- * Closes the tracer.
+ *
- * @returns VBox status code.
- */
-SUPR3DECL(int) SUPR3TracerClose(void);
-/**
- * Perform an I/O request on the tracer.
+ *
- * @returns VBox status.
- * @param   uCmd                The tracer command.
- * @param   uArg                The argument.
- * @param   piRetVal            Where to store the tracer return value.
- */
-SUPR3DECL(int) SUPR3TracerIoCtl(uintptr_t uCmd, uintptr_t uArg, int32_t *piRetVal);
-/**
- * Registers the user module with the tracer.
+ *
- * @returns VBox status code.
- * @param   hModNative          Native module handle.  Pass ~(uintptr_t)0 if not
- *                              at hand.
- * @param   pszModule           The module name.
- * @param   pVtgHdr             The VTG header.
- * @param   fFlags              See SUP_TRACER_UMOD_FLAGS_XXX
- */
-SUPR3DECL(int) SUPR3TracerRegisterModule(uintptr_t hModNative, const char *pszModule, struct VTGOBJHDR *pVtgHdr, uint32_t fFlags);
-/**
- * Deregisters the user module.
+ *
- * @returns VBox status code.
- * @param   pVtgHdr             The VTG header.
- */
-SUPR3DECL(int) SUPR3TracerDeregisterModule(struct VTGOBJHDR *pVtgHdr);
-/**
- * Fire the probe.
+ *
- * @param   pVtgProbeLoc        The probe location record.
- * @param   uArg0               Raw probe argument 0.
- * @param   uArg1               Raw probe argument 1.
- * @param   uArg2               Raw probe argument 2.
- * @param   uArg3               Raw probe argument 3.
- * @param   uArg4               Raw probe argument 4.
- */
-SUPDECL(void)  SUPTracerFireProbe(struct VTGPROBELOC *pVtgProbeLoc, uintptr_t uArg0, uintptr_t uArg1, uintptr_t uArg2,
-                                  uintptr_t uArg3, uintptr_t uArg4);
-/** @} */
-#endif /* IN_RING3 */
-/** @name User mode module flags (SUPR3TracerRegisterModule & SUP_IOCTL_TRACER_UMOD_REG).
- * @{ */
-/** Executable image. */
-#define SUP_TRACER_UMOD_FLAGS_EXE           UINT32_C(1)
-/** Shared library (DLL, DYLIB, SO, etc). */
-#define SUP_TRACER_UMOD_FLAGS_SHARED        UINT32_C(2)
-/** Image type mask. */
-#define SUP_TRACER_UMOD_FLAGS_TYPE_MASK     UINT32_C(3)
-/** @} */
-#ifdef IN_RING0
-/** @defgroup   grp_sup_r0     SUP Host Context Ring-0 API
- * @ingroup grp_sup
- * @{
- */
-/**
- * Security objectype.
- */
-typedef enum SUPDRVOBJTYPE
+{
-    /** The usual invalid object. */
-    SUPDRVOBJTYPE_INVALID = 0,
-    /** A Virtual Machine instance. */
-    SUPDRVOBJTYPE_VM,
-    /** Internal network. */
-    SUPDRVOBJTYPE_INTERNAL_NETWORK,
-    /** Internal network interface. */
-    SUPDRVOBJTYPE_INTERNAL_NETWORK_INTERFACE,
-    /** Single release event semaphore. */
-    SUPDRVOBJTYPE_SEM_EVENT,
-    /** Multiple release event semaphore. */
-    SUPDRVOBJTYPE_SEM_EVENT_MULTI,
-    /** Raw PCI device. */
-    SUPDRVOBJTYPE_RAW_PCI_DEVICE,
-    /** The first invalid object type in this end. */
-    SUPDRVOBJTYPE_END,
-    /** The usual 32-bit type size hack. */
-    SUPDRVOBJTYPE_32_BIT_HACK = 0x7ffffff
-} SUPDRVOBJTYPE;
-/**
- * Object destructor callback.
- * This is called for reference counted objectes when the count reaches 0.
+ *
- * @param   pvObj       The object pointer.
- * @param   pvUser1     The first user argument.
- * @param   pvUser2     The second user argument.
- */
-typedef DECLCALLBACK(void) FNSUPDRVDESTRUCTOR(void *pvObj, void *pvUser1, void *pvUser2);
-/** Pointer to a FNSUPDRVDESTRUCTOR(). */
-typedef FNSUPDRVDESTRUCTOR *PFNSUPDRVDESTRUCTOR;
-SUPR0DECL(void *) SUPR0ObjRegister(PSUPDRVSESSION pSession, SUPDRVOBJTYPE enmType, PFNSUPDRVDESTRUCTOR pfnDestructor, void *pvUser1, void *pvUser2);
-SUPR0DECL(int) SUPR0ObjAddRef(void *pvObj, PSUPDRVSESSION pSession);
-SUPR0DECL(int) SUPR0ObjAddRefEx(void *pvObj, PSUPDRVSESSION pSession, bool fNoBlocking);
-SUPR0DECL(int) SUPR0ObjRelease(void *pvObj, PSUPDRVSESSION pSession);
-SUPR0DECL(int) SUPR0ObjVerifyAccess(void *pvObj, PSUPDRVSESSION pSession, const char *pszObjName);
-SUPR0DECL(int) SUPR0LockMem(PSUPDRVSESSION pSession, RTR3PTR pvR3, uint32_t cPages, PRTHCPHYS paPages);
-SUPR0DECL(int) SUPR0UnlockMem(PSUPDRVSESSION pSession, RTR3PTR pvR3);
-SUPR0DECL(int) SUPR0ContAlloc(PSUPDRVSESSION pSession, uint32_t cPages, PRTR0PTR ppvR0, PRTR3PTR ppvR3, PRTHCPHYS pHCPhys);
-SUPR0DECL(int) SUPR0ContFree(PSUPDRVSESSION pSession, RTHCUINTPTR uPtr);
-SUPR0DECL(int) SUPR0LowAlloc(PSUPDRVSESSION pSession, uint32_t cPages, PRTR0PTR ppvR0, PRTR3PTR ppvR3, PRTHCPHYS paPages);
-SUPR0DECL(int) SUPR0LowFree(PSUPDRVSESSION pSession, RTHCUINTPTR uPtr);
-SUPR0DECL(int) SUPR0MemAlloc(PSUPDRVSESSION pSession, uint32_t cb, PRTR0PTR ppvR0, PRTR3PTR ppvR3);
-SUPR0DECL(int) SUPR0MemGetPhys(PSUPDRVSESSION pSession, RTHCUINTPTR uPtr, PSUPPAGE paPages);
-SUPR0DECL(int) SUPR0MemFree(PSUPDRVSESSION pSession, RTHCUINTPTR uPtr);
-SUPR0DECL(int) SUPR0PageAllocEx(PSUPDRVSESSION pSession, uint32_t cPages, uint32_t fFlags, PRTR3PTR ppvR3, PRTR0PTR ppvR0, PRTHCPHYS paPages);
-SUPR0DECL(int) SUPR0PageMapKernel(PSUPDRVSESSION pSession, RTR3PTR pvR3, uint32_t offSub, uint32_t cbSub, uint32_t fFlags, PRTR0PTR ppvR0);
-SUPR0DECL(int) SUPR0PageProtect(PSUPDRVSESSION pSession, RTR3PTR pvR3, RTR0PTR pvR0, uint32_t offSub, uint32_t cbSub, uint32_t fProt);
-SUPR0DECL(int) SUPR0PageFree(PSUPDRVSESSION pSession, RTR3PTR pvR3);
-SUPR0DECL(int) SUPR0GipMap(PSUPDRVSESSION pSession, PRTR3PTR ppGipR3, PRTHCPHYS pHCPhysGip);
-SUPR0DECL(int) SUPR0QueryVTCaps(PSUPDRVSESSION pSession, uint32_t *pfCaps);
-SUPR0DECL(int) SUPR0GipUnmap(PSUPDRVSESSION pSession);
-SUPR0DECL(int) SUPR0Printf(const char *pszFormat, ...);
-SUPR0DECL(SUPPAGINGMODE) SUPR0GetPagingMode(void);
-SUPR0DECL(int) SUPR0EnableVTx(bool fEnable);
-/** @name Absolute symbols
- * Take the address of these, don't try call them.
- * @{ */
-SUPR0DECL(void) SUPR0AbsIs64bit(void);
-SUPR0DECL(void) SUPR0Abs64bitKernelCS(void);
-SUPR0DECL(void) SUPR0Abs64bitKernelSS(void);
-SUPR0DECL(void) SUPR0Abs64bitKernelDS(void);
-SUPR0DECL(void) SUPR0AbsKernelCS(void);
-SUPR0DECL(void) SUPR0AbsKernelSS(void);
-SUPR0DECL(void) SUPR0AbsKernelDS(void);
-SUPR0DECL(void) SUPR0AbsKernelES(void);
-SUPR0DECL(void) SUPR0AbsKernelFS(void);
-SUPR0DECL(void) SUPR0AbsKernelGS(void);
-/** @} */
-/**
- * Support driver component factory.
+ *
- * Component factories are registered by drivers that provides services
- * such as the host network interface filtering and access to the host
- * TCP/IP stack.
+ *
- * @remark Module dependencies and making sure that a component doesn't
- *         get unloaded while in use, is the sole responsibility of the
- *         driver/kext/whatever implementing the component.
- */
-typedef struct SUPDRVFACTORY
+{
-    /** The (unique) name of the component factory. */
-    char szName[56];
-    /**
-     * Queries a factory interface.
+     *
-     * The factory interface is specific to each component and will be be
-     * found in the header(s) for the component alongside its UUID.
+     *
-     * @returns Pointer to the factory interfaces on success, NULL on failure.
+     *
-     * @param   pSupDrvFactory      Pointer to this structure.
-     * @param   pSession            The SUPDRV session making the query.
-     * @param   pszInterfaceUuid    The UUID of the factory interface.
-     */
-    DECLR0CALLBACKMEMBER(void *, pfnQueryFactoryInterface,(struct SUPDRVFACTORY const *pSupDrvFactory, PSUPDRVSESSION pSession, const char *pszInterfaceUuid));
-} SUPDRVFACTORY;
-/** Pointer to a support driver factory. */
-typedef SUPDRVFACTORY *PSUPDRVFACTORY;
-/** Pointer to a const support driver factory. */
-typedef SUPDRVFACTORY const *PCSUPDRVFACTORY;
-SUPR0DECL(int) SUPR0ComponentRegisterFactory(PSUPDRVSESSION pSession, PCSUPDRVFACTORY pFactory);
-SUPR0DECL(int) SUPR0ComponentDeregisterFactory(PSUPDRVSESSION pSession, PCSUPDRVFACTORY pFactory);
-SUPR0DECL(int) SUPR0ComponentQueryFactory(PSUPDRVSESSION pSession, const char *pszName, const char *pszInterfaceUuid, void **ppvFactoryIf);
-/** @name Tracing
- * @{ */
-/**
- * Tracer data associated with a provider.
- */
-typedef union SUPDRVTRACERDATA
+{
-    /** Generic */
-    uint64_t                    au64[2];
-    /** DTrace data. */
-    struct
+    {
-        /** Provider ID. */
-        uintptr_t               idProvider;
-        /** The number of trace points provided. */
-        uint32_t volatile       cProvidedProbes;
-        /** Whether we've invalidated this bugger. */
-        bool                    fZombie;
-    } DTrace;
-} SUPDRVTRACERDATA;
-/** Pointer to the tracer data associated with a provider. */
-typedef SUPDRVTRACERDATA *PSUPDRVTRACERDATA;
-/**
- * Support driver tracepoint provider core.
- */
-typedef struct SUPDRVVDTPROVIDERCORE
+{
-    /** The tracer data member. */
-    SUPDRVTRACERDATA            TracerData;
-    /** The provider descriptor. */
-    struct VTGDESCPROVIDER     *pDesc;
-    /** The VTG header. */
-    struct VTGOBJHDR           *pHdr;
-    /** Pointer to the provider name (a copy that's always available). */
-    const char                 *pszName;
-    /** Pointer to the module name. */
-    const char                 *pszModName;
-} SUPDRVVDTPROVIDERCORE;
-/** Pointer to a tracepoint provider core structure. */
-typedef SUPDRVVDTPROVIDERCORE *PSUPDRVVDTPROVIDERCORE;
 /**
 …
             uint64_t        r13;
             uint64_t        r14;
+            uint64_t        r15;
         } Amd64;
     } u;
 } SUPDRVTRACERUSRCTX;
 /** Pointer to the usermode probe context information. */
+typedef SUPDRVTRACERUSRCTX *PSUPDRVTRACERUSRCTX;
+/** Pointer to the const usermode probe context information. */
 typedef SUPDRVTRACERUSRCTX const *PCSUPDRVTRACERUSRCTX;
+/**
+ * The CPU state.
+ */
+typedef enum SUPGIPCPUSTATE
+{
+    /** Invalid CPU state / unused CPU entry. */
+    SUPGIPCPUSTATE_INVALID = 0,
+    /** The CPU is not present. */
+    SUPGIPCPUSTATE_ABSENT,
+    /** The CPU is offline. */
+    SUPGIPCPUSTATE_OFFLINE,
+    /** The CPU is online. */
+    SUPGIPCPUSTATE_ONLINE,
+    /** Force 32-bit enum type. */
+    SUPGIPCPUSTATE_32_BIT_HACK = 0x7fffffff
+} SUPGIPCPUSTATE;
+/**
+ * Per CPU data.
+ */
+typedef struct SUPGIPCPU
+{
+    /** Update transaction number.
+     * This number is incremented at the start and end of each update. It follows
+     * thusly that odd numbers indicates update in progress, while even numbers
+     * indicate stable data. Use this to make sure that the data items you fetch
+     * are consistent. */
+    volatile uint32_t   u32TransactionId;
+    /** The interval in TSC ticks between two NanoTS updates.
+     * This is the average interval over the last 2, 4 or 8 updates + a little slack.
+     * The slack makes the time go a tiny tiny bit slower and extends the interval enough
+     * to avoid ending up with too many 1ns increments. */
+    volatile uint32_t   u32UpdateIntervalTSC;
+    /** Current nanosecond timestamp. */
+    volatile uint64_t   u64NanoTS;
+    /** The TSC at the time of u64NanoTS. */
+    volatile uint64_t   u64TSC;
+    /** Current CPU Frequency. */
+    volatile uint64_t   u64CpuHz;
+    /** Number of errors during updating.
+     * Typical errors are under/overflows. */
+    volatile uint32_t   cErrors;
+    /** Index of the head item in au32TSCHistory. */
+    volatile uint32_t   iTSCHistoryHead;
+    /** Array of recent TSC interval deltas.
+     * The most recent item is at index iTSCHistoryHead.
+     * This history is used to calculate u32UpdateIntervalTSC.
+     */
+    volatile uint32_t   au32TSCHistory[8];
+    /** The interval between the last two NanoTS updates. (experiment for now) */
+    volatile uint32_t   u32PrevUpdateIntervalNS;
+    /** Reserved for future per processor data. */
+    volatile uint32_t   au32Reserved[5+5];
+    /** @todo Add topology/NUMA info. */
+    /** The CPU state. */
+    SUPGIPCPUSTATE volatile enmState;
+    /** The host CPU ID of this CPU (the SUPGIPCPU is indexed by APIC ID). */
+    RTCPUID                 idCpu;
+    /** The CPU set index of this CPU. */
+    int16_t                 iCpuSet;
+    /** The APIC ID of this CPU. */
+    uint16_t                idApic;
+} SUPGIPCPU;
+AssertCompileSize(RTCPUID, 4);
+AssertCompileSize(SUPGIPCPU, 128);
+AssertCompileMemberAlignment(SUPGIPCPU, u64NanoTS, 8);
+AssertCompileMemberAlignment(SUPGIPCPU, u64TSC, 8);
+/** Pointer to per cpu data.
+ * @remark there is no const version of this typedef, see g_pSUPGlobalInfoPage for details. */
+typedef SUPGIPCPU *PSUPGIPCPU;
+/**
+ * Global Information Page.
+ *
+ * This page contains useful information and can be mapped into any
+ * process or VM. It can be accessed thru the g_pSUPGlobalInfoPage
+ * pointer when a session is open.
+ */
+typedef struct SUPGLOBALINFOPAGE
+{
+    /** Magic (SUPGLOBALINFOPAGE_MAGIC). */
+    uint32_t            u32Magic;
+    /** The GIP version. */
+    uint32_t            u32Version;
+    /** The GIP update mode, see SUPGIPMODE. */
+    uint32_t            u32Mode;
+    /** The number of entries in the CPU table.
+     * (This can work as RTMpGetArraySize().)  */
+    uint16_t            cCpus;
+    /** The size of the GIP in pages. */
+    uint16_t            cPages;
+    /** The update frequency of the of the NanoTS. */
+    volatile uint32_t   u32UpdateHz;
+    /** The update interval in nanoseconds. (10^9 / u32UpdateHz) */
+    volatile uint32_t   u32UpdateIntervalNS;
+    /** The timestamp of the last time we update the update frequency. */
+    volatile uint64_t   u64NanoTSLastUpdateHz;
+    /** The set of online CPUs. */
+    RTCPUSET            OnlineCpuSet;
+    /** The set of present CPUs. */
+    RTCPUSET            PresentCpuSet;
+    /** The set of possible CPUs. */
+    RTCPUSET            PossibleCpuSet;
+    /** The number of CPUs that are online. */
+    volatile uint16_t   cOnlineCpus;
+    /** The number of CPUs present in the system. */
+    volatile uint16_t   cPresentCpus;
+    /** The highest number of CPUs possible. */
+    uint16_t            cPossibleCpus;
+    /** The highest number of CPUs possible. */
+    uint16_t            u16Padding0;
+    /** The max CPU ID (RTMpGetMaxCpuId). */
+    RTCPUID             idCpuMax;
+    /** Padding / reserved space for future data. */
+    uint32_t            au32Padding1[29];
+    /** Table indexed by the CPU APIC ID to get the CPU table index. */
+    uint16_t            aiCpuFromApicId[256];
+    /** CPU set index to CPU table index. */
+    uint16_t            aiCpuFromCpuSetIdx[RTCPUSET_MAX_CPUS];
+    /** Array of per-cpu data.
+     * This is index by ApicId via the aiCpuFromApicId table.
+     *
+     * The clock and frequency information is updated for all CPUs if u32Mode
+     * is SUPGIPMODE_ASYNC_TSC, otherwise (SUPGIPMODE_SYNC_TSC) only the first
+     * entry is updated. */
+    SUPGIPCPU           aCPUs[1];
+} SUPGLOBALINFOPAGE;
+AssertCompileMemberAlignment(SUPGLOBALINFOPAGE, u64NanoTSLastUpdateHz, 8);
+#if defined(RT_ARCH_SPARC) || defined(RT_ARCH_SPARC64)
+AssertCompileMemberAlignment(SUPGLOBALINFOPAGE, aCPUs, 32);
+#else
+AssertCompileMemberAlignment(SUPGLOBALINFOPAGE, aCPUs, 256);
+#endif
+/** Pointer to the global info page.
+ * @remark there is no const version of this typedef, see g_pSUPGlobalInfoPage for details. */
+typedef SUPGLOBALINFOPAGE *PSUPGLOBALINFOPAGE;
+/** The value of the SUPGLOBALINFOPAGE::u32Magic field. (Soryo Fuyumi) */
+#define SUPGLOBALINFOPAGE_MAGIC     0x19590106
+/** The GIP version.
+ * Upper 16 bits is the major version. Major version is only changed with
+ * incompatible changes in the GIP. */
+#define SUPGLOBALINFOPAGE_VERSION   0x00030000
+/**
+ * SUPGLOBALINFOPAGE::u32Mode values.
+ */
+typedef enum SUPGIPMODE
+{
+    /** The usual invalid null entry. */
+    SUPGIPMODE_INVALID = 0,
+    /** The TSC of the cores and cpus in the system is in sync. */
+    SUPGIPMODE_SYNC_TSC,
+    /** Each core has it's own TSC. */
+    SUPGIPMODE_ASYNC_TSC,
+    /** The usual 32-bit hack. */
+    SUPGIPMODE_32BIT_HACK = 0x7fffffff
+} SUPGIPMODE;
+/** Pointer to the Global Information Page.
+ *
+ * This pointer is valid as long as SUPLib has a open session. Anyone using
+ * the page must treat this pointer as highly volatile and not trust it beyond
+ * one transaction.
+ *
+ * @remark  The GIP page is read-only to everyone but the support driver and
+ *          is actually mapped read only everywhere but in ring-0. However
+ *          it is not marked 'const' as this might confuse compilers into
+ *          thinking that values doesn't change even if members are marked
+ *          as volatile. Thus, there is no PCSUPGLOBALINFOPAGE type.
+ */
+#if defined(IN_SUP_R0) || defined(IN_SUP_R3) || defined(IN_SUP_RC)
+extern DECLEXPORT(PSUPGLOBALINFOPAGE)   g_pSUPGlobalInfoPage;
+#elif !defined(IN_RING0) || defined(RT_OS_WINDOWS) || defined(RT_OS_SOLARIS)
+extern DECLIMPORT(PSUPGLOBALINFOPAGE)   g_pSUPGlobalInfoPage;
+#else /* IN_RING0 && !RT_OS_WINDOWS */
+# if !defined(__GNUC__) || defined(RT_OS_DARWIN) || !defined(RT_ARCH_AMD64)
+#  define g_pSUPGlobalInfoPage          (&g_SUPGlobalInfoPage)
+# else
+#  define g_pSUPGlobalInfoPage          (SUPGetGIPHlp())
+/** Workaround for ELF+GCC problem on 64-bit hosts.
+ * (GCC emits a mov with a R_X86_64_32 reloc, we need R_X86_64_64.) */
+DECLINLINE(PSUPGLOBALINFOPAGE) SUPGetGIPHlp(void)
+{
+    PSUPGLOBALINFOPAGE pGIP;
+    __asm__ __volatile__ ("movabs $g_SUPGlobalInfoPage,%0\n\t"
+                          : "=a" (pGIP));
+    return pGIP;
+}
+# endif
+/** The GIP.
+ * We save a level of indirection by exporting the GIP instead of a variable
+ * pointing to it. */
+extern DECLIMPORT(SUPGLOBALINFOPAGE)    g_SUPGlobalInfoPage;
+#endif
+/**
+ * Gets the GIP pointer.
+ *
+ * @returns Pointer to the GIP or NULL.
+ */
+SUPDECL(PSUPGLOBALINFOPAGE)             SUPGetGIP(void);
+#ifdef ___iprt_asm_amd64_x86_h
+/**
+ * Gets the TSC frequency of the calling CPU.
+ *
+ * @returns TSC frequency, UINT64_MAX on failure.
+ * @param   pGip        The GIP pointer.
+ */
+DECLINLINE(uint64_t) SUPGetCpuHzFromGIP(PSUPGLOBALINFOPAGE pGip)
+{
+    unsigned iCpu;
+    if (RT_UNLIKELY(!pGip || pGip->u32Magic != SUPGLOBALINFOPAGE_MAGIC))
+        return UINT64_MAX;
+    if (pGip->u32Mode != SUPGIPMODE_ASYNC_TSC)
+        iCpu = 0;
+    else
+    {
+        iCpu = pGip->aiCpuFromApicId[ASMGetApicId()];
+        if (iCpu >= pGip->cCpus)
+            return UINT64_MAX;
+    }
+    return pGip->aCPUs[iCpu].u64CpuHz;
+}
+#endif
+/**
+ * Request for generic VMMR0Entry calls.
+ */
+typedef struct SUPVMMR0REQHDR
+{
+    /** The magic. (SUPVMMR0REQHDR_MAGIC) */
+    uint32_t    u32Magic;
+    /** The size of the request. */
+    uint32_t    cbReq;
+} SUPVMMR0REQHDR;
+/** Pointer to a ring-0 request header. */
+typedef SUPVMMR0REQHDR *PSUPVMMR0REQHDR;
+/** the SUPVMMR0REQHDR::u32Magic value (Ethan Iverson - The Bad Plus). */
+#define SUPVMMR0REQHDR_MAGIC        UINT32_C(0x19730211)
+/** For the fast ioctl path.
+ * @{
+ */
+/** @see VMMR0_DO_RAW_RUN. */
+#define SUP_VMMR0_DO_RAW_RUN    0
+/** @see VMMR0_DO_HWACC_RUN. */
+#define SUP_VMMR0_DO_HWACC_RUN  1
+/** @see VMMR0_DO_NOP */
+#define SUP_VMMR0_DO_NOP        2
+/** @} */
+/** SUPR3QueryVTCaps capability flags
+ * @{
+ */
+#define SUPVTCAPS_AMD_V             RT_BIT(0)
+#define SUPVTCAPS_VT_X              RT_BIT(1)
+#define SUPVTCAPS_NESTED_PAGING     RT_BIT(2)
+/** @} */
+/**
+ * Request for generic FNSUPR0SERVICEREQHANDLER calls.
+ */
+typedef struct SUPR0SERVICEREQHDR
+{
+    /** The magic. (SUPR0SERVICEREQHDR_MAGIC) */
+    uint32_t    u32Magic;
+    /** The size of the request. */
+    uint32_t    cbReq;
+} SUPR0SERVICEREQHDR;
+/** Pointer to a ring-0 service request header. */
+typedef SUPR0SERVICEREQHDR *PSUPR0SERVICEREQHDR;
+/** the SUPVMMR0REQHDR::u32Magic value (Esbjoern Svensson - E.S.P.).  */
+#define SUPR0SERVICEREQHDR_MAGIC    UINT32_C(0x19640416)
+/** Event semaphore handle. Ring-0 / ring-3. */
+typedef R0PTRTYPE(struct SUPSEMEVENTHANDLE *) SUPSEMEVENT;
+/** Pointer to an event semaphore handle. */
+typedef SUPSEMEVENT *PSUPSEMEVENT;
+/** Nil event semaphore handle. */
+#define NIL_SUPSEMEVENT         ((SUPSEMEVENT)0)
+/**
+ * Creates a single release event semaphore.
+ *
+ * @returns VBox status code.
+ * @param   pSession        The session handle of the caller.
+ * @param   phEvent         Where to return the handle to the event semaphore.
+ */
+SUPDECL(int) SUPSemEventCreate(PSUPDRVSESSION pSession, PSUPSEMEVENT phEvent);
+/**
+ * Closes a single release event semaphore handle.
+ *
+ * @returns VBox status code.
+ * @retval  VINF_OBJECT_DESTROYED if the semaphore was destroyed.
+ * @retval  VINF_SUCCESS if the handle was successfully closed but the semaphore
+ *          object remained alive because of other references.
+ *
+ * @param   pSession            The session handle of the caller.
+ * @param   hEvent              The handle. Nil is quietly ignored.
+ */
+SUPDECL(int) SUPSemEventClose(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent);
+/**
+ * Signals a single release event semaphore.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEvent              The semaphore handle.
+ */
+SUPDECL(int) SUPSemEventSignal(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent);
+#ifdef IN_RING0
+/**
+ * Waits on a single release event semaphore, not interruptible.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEvent              The semaphore handle.
+ * @param   cMillies            The number of milliseconds to wait.
+ * @remarks Not available in ring-3.
+ */
+SUPDECL(int) SUPSemEventWait(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent, uint32_t cMillies);
+#endif
+/**
+ * Waits on a single release event semaphore, interruptible.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEvent              The semaphore handle.
+ * @param   cMillies            The number of milliseconds to wait.
+ */
+SUPDECL(int) SUPSemEventWaitNoResume(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent, uint32_t cMillies);
+/**
+ * Waits on a single release event semaphore, interruptible.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEvent              The semaphore handle.
+ * @param   uNsTimeout          The deadline given on the RTTimeNanoTS() clock.
+ */
+SUPDECL(int) SUPSemEventWaitNsAbsIntr(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent, uint64_t uNsTimeout);
+/**
+ * Waits on a single release event semaphore, interruptible.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEvent              The semaphore handle.
+ * @param   cNsTimeout          The number of nanoseconds to wait.
+ */
+SUPDECL(int) SUPSemEventWaitNsRelIntr(PSUPDRVSESSION pSession, SUPSEMEVENT hEvent, uint64_t cNsTimeout);
+/**
+ * Gets the best timeout resolution that SUPSemEventWaitNsAbsIntr and
+ * SUPSemEventWaitNsAbsIntr can do.
+ *
+ * @returns The resolution in nanoseconds.
+ * @param   pSession            The session handle of the caller.
+ */
+SUPDECL(uint32_t) SUPSemEventGetResolution(PSUPDRVSESSION pSession);
+/** Multiple release event semaphore handle. Ring-0 / ring-3. */
+typedef R0PTRTYPE(struct SUPSEMEVENTMULTIHANDLE *)  SUPSEMEVENTMULTI;
+/** Pointer to an multiple release event semaphore handle. */
+typedef SUPSEMEVENTMULTI                           *PSUPSEMEVENTMULTI;
+/** Nil multiple release event semaphore handle. */
+#define NIL_SUPSEMEVENTMULTI                        ((SUPSEMEVENTMULTI)0)
+/**
+ * Creates a multiple release event semaphore.
+ *
+ * @returns VBox status code.
+ * @param   pSession        The session handle of the caller.
+ * @param   phEventMulti    Where to return the handle to the event semaphore.
+ */
+SUPDECL(int) SUPSemEventMultiCreate(PSUPDRVSESSION pSession, PSUPSEMEVENTMULTI phEventMulti);
+/**
+ * Closes a multiple release event semaphore handle.
+ *
+ * @returns VBox status code.
+ * @retval  VINF_OBJECT_DESTROYED if the semaphore was destroyed.
+ * @retval  VINF_SUCCESS if the handle was successfully closed but the semaphore
+ *          object remained alive because of other references.
+ *
+ * @param   pSession            The session handle of the caller.
+ * @param   hEventMulti         The handle. Nil is quietly ignored.
+ */
+SUPDECL(int) SUPSemEventMultiClose(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti);
+/**
+ * Signals a multiple release event semaphore.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEventMulti         The semaphore handle.
+ */
+SUPDECL(int) SUPSemEventMultiSignal(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti);
+/**
+ * Resets a multiple release event semaphore.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEventMulti         The semaphore handle.
+ */
+SUPDECL(int) SUPSemEventMultiReset(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti);
+#ifdef IN_RING0
+/**
+ * Waits on a multiple release event semaphore, not interruptible.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEventMulti         The semaphore handle.
+ * @param   cMillies            The number of milliseconds to wait.
+ * @remarks Not available in ring-3.
+ */
+SUPDECL(int) SUPSemEventMultiWait(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti, uint32_t cMillies);
+#endif
+/**
+ * Waits on a multiple release event semaphore, interruptible.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEventMulti         The semaphore handle.
+ * @param   cMillies            The number of milliseconds to wait.
+ */
+SUPDECL(int) SUPSemEventMultiWaitNoResume(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti, uint32_t cMillies);
+/**
+ * Waits on a multiple release event semaphore, interruptible.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEventMulti         The semaphore handle.
+ * @param   uNsTimeout          The deadline given on the RTTimeNanoTS() clock.
+ */
+SUPDECL(int) SUPSemEventMultiWaitNsAbsIntr(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti, uint64_t uNsTimeout);
+/**
+ * Waits on a multiple release event semaphore, interruptible.
+ *
+ * @returns VBox status code.
+ * @param   pSession            The session handle of the caller.
+ * @param   hEventMulti         The semaphore handle.
+ * @param   cNsTimeout          The number of nanoseconds to wait.
+ */
+SUPDECL(int) SUPSemEventMultiWaitNsRelIntr(PSUPDRVSESSION pSession, SUPSEMEVENTMULTI hEventMulti, uint64_t cNsTimeout);
+/**
+ * Gets the best timeout resolution that SUPSemEventMultiWaitNsAbsIntr and
+ * SUPSemEventMultiWaitNsRelIntr can do.
+ *
+ * @returns The resolution in nanoseconds.
+ * @param   pSession            The session handle of the caller.
+ */
+SUPDECL(uint32_t) SUPSemEventMultiGetResolution(PSUPDRVSESSION pSession);
+#ifdef IN_RING3
+/** @defgroup   grp_sup_r3     SUP Host Context Ring-3 API
+ * @ingroup grp_sup
+ * @{
+ */
+/**
+ * Installs the support library.
+ *
+ * @returns VBox status code.
+ */
+SUPR3DECL(int) SUPR3Install(void);
+/**
+ * Uninstalls the support library.
+ *
+ * @returns VBox status code.
+ */
+SUPR3DECL(int) SUPR3Uninstall(void);
+/**
+ * Trusted main entry point.
+ *
+ * This is exported as "TrustedMain" by the dynamic libraries which contains the
+ * "real" application binary for which the hardened stub is built.  The entry
+ * point is invoked upon successful initialization of the support library and
+ * runtime.
+ *
+ * @returns main kind of exit code.
+ * @param   argc            The argument count.
+ * @param   argv            The argument vector.
+ * @param   envp            The environment vector.
+ */
+typedef DECLCALLBACK(int) FNSUPTRUSTEDMAIN(int argc, char **argv, char **envp);
+/** Pointer to FNSUPTRUSTEDMAIN(). */
+typedef FNSUPTRUSTEDMAIN *PFNSUPTRUSTEDMAIN;
+/** Which operation failed. */
+typedef enum SUPINITOP
+{
+    /** Invalid. */
+    kSupInitOp_Invalid = 0,
+    /** Installation integrity error. */
+    kSupInitOp_Integrity,
+    /** Setuid related. */
+    kSupInitOp_RootCheck,
+    /** Driver related. */
+    kSupInitOp_Driver,
+    /** IPRT init related. */
+    kSupInitOp_IPRT,
+    /** Place holder. */
+    kSupInitOp_End
+} SUPINITOP;
+/**
+ * Trusted error entry point, optional.
+ *
+ * This is exported as "TrustedError" by the dynamic libraries which contains
+ * the "real" application binary for which the hardened stub is built.
+ *
+ * @param   pszWhere        Where the error occurred (function name).
+ * @param   enmWhat         Which operation went wrong.
+ * @param   rc              The status code.
+ * @param   pszMsgFmt       Error message format string.
+ * @param   va              The message format arguments.
+ */
+typedef DECLCALLBACK(void) FNSUPTRUSTEDERROR(const char *pszWhere, SUPINITOP enmWhat, int rc, const char *pszMsgFmt, va_list va);
+/** Pointer to FNSUPTRUSTEDERROR. */
+typedef FNSUPTRUSTEDERROR *PFNSUPTRUSTEDERROR;
+/**
+ * Secure main.
+ *
+ * This is used for the set-user-ID-on-execute binaries on unixy systems
+ * and when using the open-vboxdrv-via-root-service setup on Windows.
+ *
+ * This function will perform the integrity checks of the VirtualBox
+ * installation, open the support driver, open the root service (later),
+ * and load the DLL corresponding to \a pszProgName and execute its main
+ * function.
+ *
+ * @returns Return code appropriate for main().
+ *
+ * @param   pszProgName     The program name. This will be used to figure out which
+ *                          DLL/SO/DYLIB to load and execute.
+ * @param   fFlags          Flags.
+ * @param   argc            The argument count.
+ * @param   argv            The argument vector.
+ * @param   envp            The environment vector.
+ */
+DECLHIDDEN(int) SUPR3HardenedMain(const char *pszProgName, uint32_t fFlags, int argc, char **argv, char **envp);
+/** @name SUPR3SecureMain flags.
+ * @{ */
+/** Don't open the device. (Intended for VirtualBox without -startvm.) */
+#define SUPSECMAIN_FLAGS_DONT_OPEN_DEV      RT_BIT_32(0)
+/** @} */
+/**
+ * Initializes the support library.
+ * Each successful call to SUPR3Init() must be countered by a
+ * call to SUPR3Term(false).
+ *
+ * @returns VBox status code.
+ * @param   ppSession       Where to store the session handle. Defaults to NULL.
+ */
+SUPR3DECL(int) SUPR3Init(PSUPDRVSESSION *ppSession);
+/**
+ * Terminates the support library.
+ *
+ * @returns VBox status code.
+ * @param   fForced     Forced termination. This means to ignore the
+ *                      init call count and just terminated.
+ */
+#ifdef __cplusplus
+SUPR3DECL(int) SUPR3Term(bool fForced = false);
+#else
+SUPR3DECL(int) SUPR3Term(int fForced);
+#endif
+/**
+ * Sets the ring-0 VM handle for use with fast IOCtls.
+ *
+ * @returns VBox status code.
+ * @param   pVMR0       The ring-0 VM handle.
+ *                      NIL_RTR0PTR can be used to unset the handle when the
+ *                      VM is about to be destroyed.
+ */
+SUPR3DECL(int) SUPR3SetVMForFastIOCtl(PVMR0 pVMR0);
+/**
+ * Calls the HC R0 VMM entry point.
+ * See VMMR0Entry() for more details.
+ *
+ * @returns error code specific to uFunction.
+ * @param   pVMR0       Pointer to the Ring-0 (Host Context) mapping of the VM structure.
+ * @param   idCpu       The virtual CPU ID.
+ * @param   uOperation  Operation to execute.
+ * @param   pvArg       Argument.
+ */
+SUPR3DECL(int) SUPR3CallVMMR0(PVMR0 pVMR0, VMCPUID idCpu, unsigned uOperation, void *pvArg);
+/**
+ * Variant of SUPR3CallVMMR0, except that this takes the fast ioclt path
+ * regardsless of compile-time defaults.
+ *
+ * @returns VBox status code.
+ * @param   pVMR0       The ring-0 VM handle.
+ * @param   uOperation  The operation; only the SUP_VMMR0_DO_* ones are valid.
+ * @param   idCpu       The virtual CPU ID.
+ */
+SUPR3DECL(int) SUPR3CallVMMR0Fast(PVMR0 pVMR0, unsigned uOperation, VMCPUID idCpu);
+/**
+ * Calls the HC R0 VMM entry point, in a safer but slower manner than
+ * SUPR3CallVMMR0. When entering using this call the R0 components can call
+ * into the host kernel (i.e. use the SUPR0 and RT APIs).
+ *
+ * See VMMR0Entry() for more details.
+ *
+ * @returns error code specific to uFunction.
+ * @param   pVMR0       Pointer to the Ring-0 (Host Context) mapping of the VM structure.
+ * @param   idCpu       The virtual CPU ID.
+ * @param   uOperation  Operation to execute.
+ * @param   u64Arg      Constant argument.
+ * @param   pReqHdr     Pointer to a request header. Optional.
+ *                      This will be copied in and out of kernel space. There currently is a size
+ *                      limit on this, just below 4KB.
+ */
+SUPR3DECL(int) SUPR3CallVMMR0Ex(PVMR0 pVMR0, VMCPUID idCpu, unsigned uOperation, uint64_t u64Arg, PSUPVMMR0REQHDR pReqHdr);
+/**
+ * Calls a ring-0 service.
+ *
+ * The operation and the request packet is specific to the service.
+ *
+ * @returns error code specific to uFunction.
+ * @param   pszService  The service name.
+ * @param   cchService  The length of the service name.
+ * @param   uReq        The request number.
+ * @param   u64Arg      Constant argument.
+ * @param   pReqHdr     Pointer to a request header. Optional.
+ *                      This will be copied in and out of kernel space. There currently is a size
+ *                      limit on this, just below 4KB.
+ */
+SUPR3DECL(int) SUPR3CallR0Service(const char *pszService, size_t cchService, uint32_t uOperation, uint64_t u64Arg, PSUPR0SERVICEREQHDR pReqHdr);
+/** Which logger. */
+typedef enum SUPLOGGER
+{
+    SUPLOGGER_DEBUG = 1,
+    SUPLOGGER_RELEASE
+} SUPLOGGER;
+/**
+ * Changes the settings of the specified ring-0 logger.
+ *
+ * @returns VBox status code.
+ * @param   enmWhich    Which logger.
+ * @param   pszFlags    The flags settings.
+ * @param   pszGroups   The groups settings.
+ * @param   pszDest     The destination specificier.
+ */
+SUPR3DECL(int) SUPR3LoggerSettings(SUPLOGGER enmWhich, const char *pszFlags, const char *pszGroups, const char *pszDest);
+/**
+ * Creates a ring-0 logger instance.
+ *
+ * @returns VBox status code.
+ * @param   enmWhich    Which logger to create.
+ * @param   pszFlags    The flags settings.
+ * @param   pszGroups   The groups settings.
+ * @param   pszDest     The destination specificier.
+ */
+SUPR3DECL(int) SUPR3LoggerCreate(SUPLOGGER enmWhich, const char *pszFlags, const char *pszGroups, const char *pszDest);
+/**
+ * Destroys a ring-0 logger instance.
+ *
+ * @returns VBox status code.
+ * @param   enmWhich    Which logger.
+ */
+SUPR3DECL(int) SUPR3LoggerDestroy(SUPLOGGER enmWhich);
+/**
+ * Queries the paging mode of the host OS.
+ *
+ * @returns The paging mode.
+ */
+SUPR3DECL(SUPPAGINGMODE) SUPR3GetPagingMode(void);
+/**
+ * Allocate zero-filled pages.
+ *
+ * Use this to allocate a number of pages suitable for seeding / locking.
+ * Call SUPR3PageFree() to free the pages once done with them.
+ *
+ * @returns VBox status.
+ * @param   cPages          Number of pages to allocate.
+ * @param   ppvPages        Where to store the base pointer to the allocated pages.
+ */
+SUPR3DECL(int) SUPR3PageAlloc(size_t cPages, void **ppvPages);
+/**
+ * Frees pages allocated with SUPR3PageAlloc().
+ *
+ * @returns VBox status.
+ * @param   pvPages         Pointer returned by SUPR3PageAlloc().
+ * @param   cPages          Number of pages that was allocated.
+ */
+SUPR3DECL(int) SUPR3PageFree(void *pvPages, size_t cPages);
+/**
+ * Allocate non-zeroed, locked, pages with user and, optionally, kernel
+ * mappings.
+ *
+ * Use SUPR3PageFreeEx() to free memory allocated with this function.
+ *
+ * @returns VBox status code.
+ * @param   cPages          The number of pages to allocate.
+ * @param   fFlags          Flags, reserved. Must be zero.
+ * @param   ppvPages        Where to store the address of the user mapping.
+ * @param   pR0Ptr          Where to store the address of the kernel mapping.
+ *                          NULL if no kernel mapping is desired.
+ * @param   paPages         Where to store the physical addresses of each page.
+ *                          Optional.
+ */
+SUPR3DECL(int) SUPR3PageAllocEx(size_t cPages, uint32_t fFlags, void **ppvPages, PRTR0PTR pR0Ptr, PSUPPAGE paPages);
+/**
+ * Maps a portion of a ring-3 only allocation into kernel space.
+ *
+ * @returns VBox status code.
+ *
+ * @param   pvR3            The address SUPR3PageAllocEx return.
+ * @param   off             Offset to start mapping at. Must be page aligned.
+ * @param   cb              Number of bytes to map. Must be page aligned.
+ * @param   fFlags          Flags, must be zero.
+ * @param   pR0Ptr          Where to store the address on success.
+ *
+ */
+SUPR3DECL(int) SUPR3PageMapKernel(void *pvR3, uint32_t off, uint32_t cb, uint32_t fFlags, PRTR0PTR pR0Ptr);
+/**
+ * Changes the protection of
+ *
+ * @returns VBox status code.
+ * @retval  VERR_NOT_SUPPORTED if the OS doesn't allow us to change page level
+ *          protection. See also RTR0MemObjProtect.
+ *
+ * @param   pvR3            The ring-3 address SUPR3PageAllocEx returned.
+ * @param   R0Ptr           The ring-0 address SUPR3PageAllocEx returned if it
+ *                          is desired that the corresponding ring-0 page
+ *                          mappings should change protection as well. Pass
+ *                          NIL_RTR0PTR if the ring-0 pages should remain
+ *                          unaffected.
+ * @param   off             Offset to start at which to start chagning the page
+ *                          level protection. Must be page aligned.
+ * @param   cb              Number of bytes to change. Must be page aligned.
+ * @param   fProt           The new page level protection, either a combination
+ *                          of RTMEM_PROT_READ, RTMEM_PROT_WRITE and
+ *                          RTMEM_PROT_EXEC, or just RTMEM_PROT_NONE.
+ */
+SUPR3DECL(int) SUPR3PageProtect(void *pvR3, RTR0PTR R0Ptr, uint32_t off, uint32_t cb, uint32_t fProt);
+/**
+ * Free pages allocated by SUPR3PageAllocEx.
+ *
+ * @returns VBox status code.
+ * @param   pvPages         The address of the user mapping.
+ * @param   cPages          The number of pages.
+ */
+SUPR3DECL(int) SUPR3PageFreeEx(void *pvPages, size_t cPages);
+/**
+ * Allocated memory with page aligned memory with a contiguous and locked physical
+ * memory backing below 4GB.
+ *
+ * @returns Pointer to the allocated memory (virtual address).
+ *          *pHCPhys is set to the physical address of the memory.
+ *          If ppvR0 isn't NULL, *ppvR0 is set to the ring-0 mapping.
+ *          The returned memory must be freed using SUPR3ContFree().
+ * @returns NULL on failure.
+ * @param   cPages      Number of pages to allocate.
+ * @param   pR0Ptr      Where to store the ring-0 mapping of the allocation. (optional)
+ * @param   pHCPhys     Where to store the physical address of the memory block.
+ *
+ * @remark  This 2nd version of this API exists because we're not able to map the
+ *          ring-3 mapping executable on WIN64. This is a serious problem in regard to
+ *          the world switchers.
+ */
+SUPR3DECL(void *) SUPR3ContAlloc(size_t cPages, PRTR0PTR pR0Ptr, PRTHCPHYS pHCPhys);
+/**
+ * Frees memory allocated with SUPR3ContAlloc().
+ *
+ * @returns VBox status code.
+ * @param   pv          Pointer to the memory block which should be freed.
+ * @param   cPages      Number of pages to be freed.
+ */
+SUPR3DECL(int) SUPR3ContFree(void *pv, size_t cPages);
+/**
+ * Allocated non contiguous physical memory below 4GB.
+ *
+ * The memory isn't zeroed.
+ *
+ * @returns VBox status code.
+ * @returns NULL on failure.
+ * @param   cPages      Number of pages to allocate.
+ * @param   ppvPages    Where to store the pointer to the allocated memory.
+ *                      The pointer stored here on success must be passed to
+ *                      SUPR3LowFree when the memory should be released.
+ * @param   ppvPagesR0  Where to store the ring-0 pointer to the allocated memory. optional.
+ * @param   paPages     Where to store the physical addresses of the individual pages.
+ */
+SUPR3DECL(int) SUPR3LowAlloc(size_t cPages, void **ppvPages, PRTR0PTR ppvPagesR0, PSUPPAGE paPages);
+/**
+ * Frees memory allocated with SUPR3LowAlloc().
+ *
+ * @returns VBox status code.
+ * @param   pv          Pointer to the memory block which should be freed.
+ * @param   cPages      Number of pages that was allocated.
+ */
+SUPR3DECL(int) SUPR3LowFree(void *pv, size_t cPages);
+/**
+ * Load a module into R0 HC.
+ *
+ * This will verify the file integrity in a similar manner as
+ * SUPR3HardenedVerifyFile before loading it.
+ *
+ * @returns VBox status code.
+ * @param   pszFilename     The path to the image file.
+ * @param   pszModule       The module name. Max 32 bytes.
+ * @param   ppvImageBase    Where to store the image address.
+ * @param   pErrInfo        Where to return extended error information.
+ *                          Optional.
+ */
+SUPR3DECL(int) SUPR3LoadModule(const char *pszFilename, const char *pszModule, void **ppvImageBase, PRTERRINFO pErrInfo);
+/**
+ * Load a module into R0 HC.
+ *
+ * This will verify the file integrity in a similar manner as
+ * SUPR3HardenedVerifyFile before loading it.
+ *
+ * @returns VBox status code.
+ * @param   pszFilename         The path to the image file.
+ * @param   pszModule           The module name. Max 32 bytes.
+ * @param   pszSrvReqHandler    The name of the service request handler entry
+ *                              point. See FNSUPR0SERVICEREQHANDLER.
+ * @param   ppvImageBase        Where to store the image address.
+ */
+SUPR3DECL(int) SUPR3LoadServiceModule(const char *pszFilename, const char *pszModule,
+                                      const char *pszSrvReqHandler, void **ppvImageBase);
+/**
+ * Frees a R0 HC module.
+ *
+ * @returns VBox status code.
+ * @param   pszModule       The module to free.
+ * @remark  This will not actually 'free' the module, there are of course usage counting.
+ */
+SUPR3DECL(int) SUPR3FreeModule(void *pvImageBase);
+/**
+ * Get the address of a symbol in a ring-0 module.
+ *
+ * @returns VBox status code.
+ * @param   pszModule       The module name.
+ * @param   pszSymbol       Symbol name. If it's value is less than 64k it's treated like a
+ *                          ordinal value rather than a string pointer.
+ * @param   ppvValue        Where to store the symbol value.
+ */
+SUPR3DECL(int) SUPR3GetSymbolR0(void *pvImageBase, const char *pszSymbol, void **ppvValue);
+/**
+ * Load R0 HC VMM code.
+ *
+ * @returns VBox status code.
+ * @deprecated  Use SUPR3LoadModule(pszFilename, "VMMR0.r0", &pvImageBase)
+ */
+SUPR3DECL(int) SUPR3LoadVMM(const char *pszFilename);
+/**
+ * Unloads R0 HC VMM code.
+ *
+ * @returns VBox status code.
+ * @deprecated  Use SUPR3FreeModule().
+ */
+SUPR3DECL(int) SUPR3UnloadVMM(void);
+/**
+ * Get the physical address of the GIP.
+ *
+ * @returns VBox status code.
+ * @param   pHCPhys     Where to store the physical address of the GIP.
+ */
+SUPR3DECL(int) SUPR3GipGetPhys(PRTHCPHYS pHCPhys);
+/**
+ * Verifies the integrity of a file, and optionally opens it.
+ *
+ * The integrity check is for whether the file is suitable for loading into
+ * the hypervisor or VM process. The integrity check may include verifying
+ * the authenticode/elfsign/whatever signature of the file, which can take
+ * a little while.
+ *
+ * @returns VBox status code. On failure it will have printed a LogRel message.
+ *
+ * @param   pszFilename     The file.
+ * @param   pszWhat         For the LogRel on failure.
+ * @param   phFile          Where to store the handle to the opened file. This is optional, pass NULL
+ *                          if the file should not be opened.
+ * @deprecated Write a new one.
+ */
+SUPR3DECL(int) SUPR3HardenedVerifyFile(const char *pszFilename, const char *pszWhat, PRTFILE phFile);
+/**
+ * Verifies the integrity of a the current process, including the image
+ * location and that the invocation was absolute.
+ *
+ * This must currently be called after initializing the runtime.  The intended
+ * audience is set-uid-to-root applications, root services and similar.
+ *
+ * @returns VBox status code.  On failure
+ *          message.
+ * @param   pszArgv0        The first argument to main().
+ * @param   fInternal       Set this to @c true if this is an internal
+ *                          VirtualBox application.  Otherwise pass @c false.
+ * @param   pErrInfo        Where to return extended error information.
+ */
+SUPR3DECL(int) SUPR3HardenedVerifySelf(const char *pszArgv0, bool fInternal, PRTERRINFO pErrInfo);
+/**
+ * Verifies the integrity of an installation directory.
+ *
+ * The integrity check verifies that the directory cannot be tampered with by
+ * normal users on the system.  On Unix this translates to root ownership and
+ * no symbolic linking.
+ *
+ * @returns VBox status code. On failure a message will be stored in @a pszErr.
+ *
+ * @param   pszDirPath      The directory path.
+ * @param   fRecursive      Whether the check should be recursive or
+ *                          not.  When set, all sub-directores will be checked,
+ *                          including files (@a fCheckFiles is ignored).
+ * @param   fCheckFiles     Whether to apply the same basic integrity check to
+ *                          the files in the directory as the directory itself.
+ * @param   pErrInfo        Where to return extended error information.
+ *                          Optional.
+ */
+SUPR3DECL(int) SUPR3HardenedVerifyDir(const char *pszDirPath, bool fRecursive, bool fCheckFiles, PRTERRINFO pErrInfo);
+/**
+ * Verifies the integrity of a plug-in module.
+ *
+ * This is similar to SUPR3HardenedLdrLoad, except it does not load the module
+ * and that the module does not have to be shipped with VirtualBox.
+ *
+ * @returns VBox status code. On failure a message will be stored in @a pszErr.
+ *
+ * @param   pszFilename     The filename of the plug-in module (nothing can be
+ *                          omitted here).
+ * @param   pErrInfo        Where to return extended error information.
+ *                          Optional.
+ */
+SUPR3DECL(int) SUPR3HardenedVerifyPlugIn(const char *pszFilename, PRTERRINFO pErrInfo);
+/**
+ * Same as RTLdrLoad() but will verify the files it loads (hardened builds).
+ *
+ * Will add dll suffix if missing and try load the file.
+ *
+ * @returns iprt status code.
+ * @param   pszFilename     Image filename. This must have a path.
+ * @param   phLdrMod        Where to store the handle to the loaded module.
+ * @param   fFlags          See RTLDRLOAD_FLAGS_XXX.
+ * @param   pErrInfo        Where to return extended error information.
+ *                          Optional.
+ */
+SUPR3DECL(int) SUPR3HardenedLdrLoad(const char *pszFilename, PRTLDRMOD phLdrMod, uint32_t fFlags, PRTERRINFO pErrInfo);
+/**
+ * Same as RTLdrLoadAppPriv() but it will verify the files it loads (hardened
+ * builds).
+ *
+ * Will add dll suffix to the file if missing, then look for it in the
+ * architecture dependent application directory.
+ *
+ * @returns iprt status code.
+ * @param   pszFilename     Image filename.
+ * @param   phLdrMod        Where to store the handle to the loaded module.
+ * @param   fFlags          See RTLDRLOAD_FLAGS_XXX.
+ * @param   pErrInfo        Where to return extended error information.
+ *                          Optional.
+ */
+SUPR3DECL(int) SUPR3HardenedLdrLoadAppPriv(const char *pszFilename, PRTLDRMOD phLdrMod, uint32_t fFlags, PRTERRINFO pErrInfo);
+/**
+ * Same as RTLdrLoad() but will verify the files it loads (hardened builds).
+ *
+ * This differs from SUPR3HardenedLdrLoad() in that it can load modules from
+ * extension packs and anything else safely installed on the system, provided
+ * they pass the hardening tests.
+ *
+ * @returns iprt status code.
+ * @param   pszFilename     The full path to the module, with extension.
+ * @param   phLdrMod        Where to store the handle to the loaded module.
+ * @param   pErrInfo        Where to return extended error information.
+ *                          Optional.
+ */
+SUPR3DECL(int) SUPR3HardenedLdrLoadPlugIn(const char *pszFilename, PRTLDRMOD phLdrMod, PRTERRINFO pErrInfo);
+/**
+ * Check if the host kernel can run in VMX root mode.
+ *
+ * @returns VINF_SUCCESS if supported, error code indicating why if not.
+ */
+SUPR3DECL(int) SUPR3QueryVTxSupported(void);
+/**
+ * Return VT-x/AMD-V capabilities.
+ *
+ * @returns VINF_SUCCESS if supported, error code indicating why if not.
+ * @param   pfCaps      Pointer to capability dword (out).
+ * @todo Intended for main, which means we need to relax the privilege requires
+ *       when accessing certain vboxdrv functions.
+ */
+SUPR3DECL(int) SUPR3QueryVTCaps(uint32_t *pfCaps);
+/**
+ * Open the tracer.
+ *
+ * @returns VBox status code.
+ * @param   uCookie         Cookie identifying the tracer we expect to talk to.
+ * @param   uArg            Tracer specific open argument.
+ */
+SUPR3DECL(int) SUPR3TracerOpen(uint32_t uCookie, uintptr_t uArg);
+/**
+ * Closes the tracer.
+ *
+ * @returns VBox status code.
+ */
+SUPR3DECL(int) SUPR3TracerClose(void);
+/**
+ * Perform an I/O request on the tracer.
+ *
+ * @returns VBox status.
+ * @param   uCmd                The tracer command.
+ * @param   uArg                The argument.
+ * @param   piRetVal            Where to store the tracer return value.
+ */
+SUPR3DECL(int) SUPR3TracerIoCtl(uintptr_t uCmd, uintptr_t uArg, int32_t *piRetVal);
+/**
+ * Registers the user module with the tracer.
+ *
+ * @returns VBox status code.
+ * @param   hModNative          Native module handle.  Pass ~(uintptr_t)0 if not
+ *                              at hand.
+ * @param   pszModule           The module name.
+ * @param   pVtgHdr             The VTG header.
+ * @param   uVtgHdrAddr         The address to which the VTG header is loaded
+ *                              in the relevant execution context.
+ * @param   fFlags              See SUP_TRACER_UMOD_FLAGS_XXX
+ */
+SUPR3DECL(int) SUPR3TracerRegisterModule(uintptr_t hModNative, const char *pszModule, struct VTGOBJHDR *pVtgHdr,
+                                         RTUINTPTR uVtgHdrAddr, uint32_t fFlags);
+/**
+ * Deregisters the user module.
+ *
+ * @returns VBox status code.
+ * @param   pVtgHdr             The VTG header.
+ */
+SUPR3DECL(int) SUPR3TracerDeregisterModule(struct VTGOBJHDR *pVtgHdr);
+/**
+ * Fire the probe.
+ *
+ * @param   pVtgProbeLoc        The probe location record.
+ * @param   uArg0               Raw probe argument 0.
+ * @param   uArg1               Raw probe argument 1.
+ * @param   uArg2               Raw probe argument 2.
+ * @param   uArg3               Raw probe argument 3.
+ * @param   uArg4               Raw probe argument 4.
+ */
+SUPDECL(void)  SUPTracerFireProbe(struct VTGPROBELOC *pVtgProbeLoc, uintptr_t uArg0, uintptr_t uArg1, uintptr_t uArg2,
+                                  uintptr_t uArg3, uintptr_t uArg4);
+/** @} */
+#endif /* IN_RING3 */
+/** @name User mode module flags (SUPR3TracerRegisterModule & SUP_IOCTL_TRACER_UMOD_REG).
+ * @{ */
+/** Executable image. */
+#define SUP_TRACER_UMOD_FLAGS_EXE           UINT32_C(1)
+/** Shared library (DLL, DYLIB, SO, etc). */
+#define SUP_TRACER_UMOD_FLAGS_SHARED        UINT32_C(2)
+/** Image type mask. */
+#define SUP_TRACER_UMOD_FLAGS_TYPE_MASK     UINT32_C(3)
+/** @} */
+#ifdef IN_RING0
+/** @defgroup   grp_sup_r0     SUP Host Context Ring-0 API
+ * @ingroup grp_sup
+ * @{
+ */
+/**
+ * Security objectype.
+ */
+typedef enum SUPDRVOBJTYPE
+{
+    /** The usual invalid object. */
+    SUPDRVOBJTYPE_INVALID = 0,
+    /** A Virtual Machine instance. */
+    SUPDRVOBJTYPE_VM,
+    /** Internal network. */
+    SUPDRVOBJTYPE_INTERNAL_NETWORK,
+    /** Internal network interface. */
+    SUPDRVOBJTYPE_INTERNAL_NETWORK_INTERFACE,
+    /** Single release event semaphore. */
+    SUPDRVOBJTYPE_SEM_EVENT,
+    /** Multiple release event semaphore. */
+    SUPDRVOBJTYPE_SEM_EVENT_MULTI,
+    /** Raw PCI device. */
+    SUPDRVOBJTYPE_RAW_PCI_DEVICE,
+    /** The first invalid object type in this end. */
+    SUPDRVOBJTYPE_END,
+    /** The usual 32-bit type size hack. */
+    SUPDRVOBJTYPE_32_BIT_HACK = 0x7ffffff
+} SUPDRVOBJTYPE;
+/**
+ * Object destructor callback.
+ * This is called for reference counted objectes when the count reaches 0.
+ *
+ * @param   pvObj       The object pointer.
+ * @param   pvUser1     The first user argument.
+ * @param   pvUser2     The second user argument.
+ */
+typedef DECLCALLBACK(void) FNSUPDRVDESTRUCTOR(void *pvObj, void *pvUser1, void *pvUser2);
+/** Pointer to a FNSUPDRVDESTRUCTOR(). */
+typedef FNSUPDRVDESTRUCTOR *PFNSUPDRVDESTRUCTOR;
+SUPR0DECL(void *) SUPR0ObjRegister(PSUPDRVSESSION pSession, SUPDRVOBJTYPE enmType, PFNSUPDRVDESTRUCTOR pfnDestructor, void *pvUser1, void *pvUser2);
+SUPR0DECL(int) SUPR0ObjAddRef(void *pvObj, PSUPDRVSESSION pSession);
+SUPR0DECL(int) SUPR0ObjAddRefEx(void *pvObj, PSUPDRVSESSION pSession, bool fNoBlocking);
+SUPR0DECL(int) SUPR0ObjRelease(void *pvObj, PSUPDRVSESSION pSession);
+SUPR0DECL(int) SUPR0ObjVerifyAccess(void *pvObj, PSUPDRVSESSION pSession, const char *pszObjName);
+SUPR0DECL(int) SUPR0LockMem(PSUPDRVSESSION pSession, RTR3PTR pvR3, uint32_t cPages, PRTHCPHYS paPages);
+SUPR0DECL(int) SUPR0UnlockMem(PSUPDRVSESSION pSession, RTR3PTR pvR3);
+SUPR0DECL(int) SUPR0ContAlloc(PSUPDRVSESSION pSession, uint32_t cPages, PRTR0PTR ppvR0, PRTR3PTR ppvR3, PRTHCPHYS pHCPhys);
+SUPR0DECL(int) SUPR0ContFree(PSUPDRVSESSION pSession, RTHCUINTPTR uPtr);
+SUPR0DECL(int) SUPR0LowAlloc(PSUPDRVSESSION pSession, uint32_t cPages, PRTR0PTR ppvR0, PRTR3PTR ppvR3, PRTHCPHYS paPages);
+SUPR0DECL(int) SUPR0LowFree(PSUPDRVSESSION pSession, RTHCUINTPTR uPtr);
+SUPR0DECL(int) SUPR0MemAlloc(PSUPDRVSESSION pSession, uint32_t cb, PRTR0PTR ppvR0, PRTR3PTR ppvR3);
+SUPR0DECL(int) SUPR0MemGetPhys(PSUPDRVSESSION pSession, RTHCUINTPTR uPtr, PSUPPAGE paPages);
+SUPR0DECL(int) SUPR0MemFree(PSUPDRVSESSION pSession, RTHCUINTPTR uPtr);
+SUPR0DECL(int) SUPR0PageAllocEx(PSUPDRVSESSION pSession, uint32_t cPages, uint32_t fFlags, PRTR3PTR ppvR3, PRTR0PTR ppvR0, PRTHCPHYS paPages);
+SUPR0DECL(int) SUPR0PageMapKernel(PSUPDRVSESSION pSession, RTR3PTR pvR3, uint32_t offSub, uint32_t cbSub, uint32_t fFlags, PRTR0PTR ppvR0);
+SUPR0DECL(int) SUPR0PageProtect(PSUPDRVSESSION pSession, RTR3PTR pvR3, RTR0PTR pvR0, uint32_t offSub, uint32_t cbSub, uint32_t fProt);
+SUPR0DECL(int) SUPR0PageFree(PSUPDRVSESSION pSession, RTR3PTR pvR3);
+SUPR0DECL(int) SUPR0GipMap(PSUPDRVSESSION pSession, PRTR3PTR ppGipR3, PRTHCPHYS pHCPhysGip);
+SUPR0DECL(int) SUPR0QueryVTCaps(PSUPDRVSESSION pSession, uint32_t *pfCaps);
+SUPR0DECL(int) SUPR0GipUnmap(PSUPDRVSESSION pSession);
+SUPR0DECL(int) SUPR0Printf(const char *pszFormat, ...);
+SUPR0DECL(SUPPAGINGMODE) SUPR0GetPagingMode(void);
+SUPR0DECL(int) SUPR0EnableVTx(bool fEnable);
+/** @name Absolute symbols
+ * Take the address of these, don't try call them.
+ * @{ */
+SUPR0DECL(void) SUPR0AbsIs64bit(void);
+SUPR0DECL(void) SUPR0Abs64bitKernelCS(void);
+SUPR0DECL(void) SUPR0Abs64bitKernelSS(void);
+SUPR0DECL(void) SUPR0Abs64bitKernelDS(void);
+SUPR0DECL(void) SUPR0AbsKernelCS(void);
+SUPR0DECL(void) SUPR0AbsKernelSS(void);
+SUPR0DECL(void) SUPR0AbsKernelDS(void);
+SUPR0DECL(void) SUPR0AbsKernelES(void);
+SUPR0DECL(void) SUPR0AbsKernelFS(void);
+SUPR0DECL(void) SUPR0AbsKernelGS(void);
+/** @} */
+/**
+ * Support driver component factory.
+ *
+ * Component factories are registered by drivers that provides services
+ * such as the host network interface filtering and access to the host
+ * TCP/IP stack.
+ *
+ * @remark Module dependencies and making sure that a component doesn't
+ *         get unloaded while in use, is the sole responsibility of the
+ *         driver/kext/whatever implementing the component.
+ */
+typedef struct SUPDRVFACTORY
+{
+    /** The (unique) name of the component factory. */
+    char szName[56];
+    /**
+     * Queries a factory interface.
+     *
+     * The factory interface is specific to each component and will be be
+     * found in the header(s) for the component alongside its UUID.
+     *
+     * @returns Pointer to the factory interfaces on success, NULL on failure.
+     *
+     * @param   pSupDrvFactory      Pointer to this structure.
+     * @param   pSession            The SUPDRV session making the query.
+     * @param   pszInterfaceUuid    The UUID of the factory interface.
+     */
+    DECLR0CALLBACKMEMBER(void *, pfnQueryFactoryInterface,(struct SUPDRVFACTORY const *pSupDrvFactory, PSUPDRVSESSION pSession, const char *pszInterfaceUuid));
+} SUPDRVFACTORY;
+/** Pointer to a support driver factory. */
+typedef SUPDRVFACTORY *PSUPDRVFACTORY;
+/** Pointer to a const support driver factory. */
+typedef SUPDRVFACTORY const *PCSUPDRVFACTORY;
+SUPR0DECL(int) SUPR0ComponentRegisterFactory(PSUPDRVSESSION pSession, PCSUPDRVFACTORY pFactory);
+SUPR0DECL(int) SUPR0ComponentDeregisterFactory(PSUPDRVSESSION pSession, PCSUPDRVFACTORY pFactory);
+SUPR0DECL(int) SUPR0ComponentQueryFactory(PSUPDRVSESSION pSession, const char *pszName, const char *pszInterfaceUuid, void **ppvFactoryIf);
+/** @name Tracing
+ * @{ */
+/**
+ * Tracer data associated with a provider.
+ */
+typedef union SUPDRVTRACERDATA
+{
+    /** Generic */
+    uint64_t                    au64[2];
+    /** DTrace data. */
+    struct
+    {
+        /** Provider ID. */
+        uintptr_t               idProvider;
+        /** The number of trace points provided. */
+        uint32_t volatile       cProvidedProbes;
+        /** Whether we've invalidated this bugger. */
+        bool                    fZombie;
+    } DTrace;
+} SUPDRVTRACERDATA;
+/** Pointer to the tracer data associated with a provider. */
+typedef SUPDRVTRACERDATA *PSUPDRVTRACERDATA;
+/**
+ * Probe location info for ring-0.
+ *
+ * Since we cannot trust user tracepoint modules, we need to duplicate the probe
+ * ID and enabled flag in ring-0.
+ */
+typedef struct SUPDRVPROBELOC
+{
+    /** The probe ID. */
+    uint32_t                idProbe;
+    /** Whether it's enabled or not. */
+    bool                    fEnabled;
+} SUPDRVPROBELOC;
+/** Pointer to a ring-0 probe location record. */
+typedef SUPDRVPROBELOC *PSUPDRVPROBELOC;
+/**
+ * Probe info for ring-0.
+ *
+ * Since we cannot trust user tracepoint modules, we need to duplicate the
+ * probe enable count.
+ */
+typedef struct SUPDRVPROBEINFO
+{
+    /** The number of times this probe has been enabled. */
+    uint32_t volatile           cEnabled;
+} SUPDRVPROBEINFO;
+/** Pointer to a ring-0 probe info record. */
+typedef SUPDRVPROBEINFO *PSUPDRVPROBEINFO;
+/**
+ * Support driver tracepoint provider core.
+ */
+typedef struct SUPDRVVDTPROVIDERCORE
+{
+    /** The tracer data member. */
+    SUPDRVTRACERDATA            TracerData;
+    /** Pointer to the provider name (a copy that's always available). */
+    const char                 *pszName;
+    /** Pointer to the module name (a copy that's always available). */
+    const char                 *pszModName;
+    /** The provider descriptor. */
+    struct VTGDESCPROVIDER     *pDesc;
+    /** The VTG header. */
+    struct VTGOBJHDR           *pHdr;
+    /** The size of the entries in the pvProbeLocsEn table. */
+    uint8_t                     cbProbeLocsEn;
+    /** The actual module bit count (corresponds to cbProbeLocsEn). */
+    uint8_t                     cBits;
+    /** Set if this is a Umod, otherwise clear.. */
+    bool                        fUmod;
+    /** Explicit alignment padding (paranoia). */
+    uint8_t                     abAlignment[ARCH_BITS == 32 ? 1 : 5];
+    /** The probe locations used for descriptive purposes. */
+    struct VTGPROBELOC const   *paProbeLocsRO;
+    /** Pointer to the probe location array where the enable flag needs
+     * flipping. For kernel providers, this will always be SUPDRVPROBELOC,
+     * while user providers can either be 32-bit or 64-bit.  Use
+     * cbProbeLocsEn to calculate the address of an entry. */
+    void                       *pvProbeLocsEn;
+    /** Pointer to the probe array containing the enabled counts. */
+    uint32_t                   *pacProbeEnabled;
+    /** The ring-0 probe location info for user tracepoint modules.
+     * This is NULL if fUmod is false. */
+    PSUPDRVPROBELOC             paR0ProbeLocs;
+    /** The ring-0 probe info for user tracepoint modules.
+     * This is NULL if fUmod is false. */
+    PSUPDRVPROBEINFO            paR0Probes;
+} SUPDRVVDTPROVIDERCORE;
+/** Pointer to a tracepoint provider core structure. */
+typedef SUPDRVVDTPROVIDERCORE *PSUPDRVVDTPROVIDERCORE;
 /** Pointer to a tracer registration record. */

trunk/src/VBox/HostDrivers/Support/Makefile.kmk

r41092	r41117
87	87	SUPLib.cpp \
88	88	SUPLibSem.cpp \
	89	SUPLibTracerA.asm \
89	90	SUPR3HardenedIPRT.cpp \
90	91	SUPR3HardenedVerify.cpp \

trunk/src/VBox/HostDrivers/Support/SUPDrv.c

-              r41068
+              r41117
                 /*pSession->uTracerData       = 0;*/
                 pSession->hTracerCaller     = NIL_RTNATIVETHREAD;
+                RTListInit(&pSession->TpProviders);
+                /*pSession->cTpProviders      = 0;*/
+                /*pSession->cTpProbesFiring   = 0;*/
+                RTListInit(&pSession->TpUmods);
+                /*RT_ZERO(pSession->apTpLookupTable);*/
                 VBOXDRV_SESSION_CREATE(pSession, fUser);
 …
             PSUPTRACERUMODREG pReq = (PSUPTRACERUMODREG)pReqHdr;
             REQ_CHECK_SIZES(SUP_IOCTL_TRACER_UMOD_REG);
+            if (!RTStrEnd(pReq->u.In.szName, sizeof(pReq->u.In.szName)))
+                return VERR_INVALID_PARAMETER;
             /* execute */
+            pReqHdr->rc = supdrvIOCtl_TracerUmodRegister(pDevExt, pSession, pReq->u.In.pVtgHdr, pReq->u.In.szName, pReq->u.In.fFlags);
+            pReqHdr->rc = supdrvIOCtl_TracerUmodRegister(pDevExt, pSession,
+                                                         pReq->u.In.R3PtrVtgHdr, pReq->u.In.uVtgHdrAddr,
+                                                         pReq->u.In.R3PtrStrTab, pReq->u.In.cbStrTab,
+                                                         pReq->u.In.szName, pReq->u.In.fFlags);
             return 0;
+        }
 …
             /* execute */
             pReqHdr->rc = supdrvIOCtl_TracerUmodDeregister(pDevExt, pSession, pReq->u.In.pVtgHdr);
+            return 0;
+        }
+        case SUP_CTL_CODE_NO_SIZE(SUP_IOCTL_TRACER_UMOD_FIRE_PROBE):
+        {
+            /* validate */
+            PSUPTRACERUMODFIREPROBE pReq = (PSUPTRACERUMODFIREPROBE)pReqHdr;
+            REQ_CHECK_SIZES(SUP_IOCTL_TRACER_UMOD_FIRE_PROBE);
+            supdrvIOCtl_TracerUmodProbeFire(pDevExt, pSession, &pReq->u.In);
+            pReqHdr->rc = VINF_SUCCESS;
             return 0;
+        }

trunk/src/VBox/HostDrivers/Support/SUPDrvIOC.h

-              r40982
+              r41117
  */
 #include <iprt/types.h>
+#include <VBox/sup.h>
 /*
 …
  *          - Remove RTSpinlockReleaseNoInts.
  */
 #define SUPDRV_IOC_VERSION                              0x001a0001
+#define SUPDRV_IOC_VERSION                              0x001a0002
 /** SUP_IOCTL_COOKIE. */
 …
         struct
+        {
+            /** Pointer to the VTG header. */
+            RTR3PTR         pVtgHdr;
+            /** The address at which the VTG header actually resides.
+             * This will differ from R3PtrVtgHdr for raw-mode context
+             * modules. */
+            RTUINTPTR       uVtgHdrAddr;
+            /** The ring-3 pointer of the VTG header. */
+            RTR3PTR         R3PtrVtgHdr;
+            /** The ring-3 pointer of the probe location string table. */
+            RTR3PTR         R3PtrStrTab;
+            /** The size of the string table. */
+            uint32_t        cbStrTab;
             /** Future flags, MBZ.  */
             uint32_t        fFlags;
 …
+/** @name SUP_IOCTL_TRACER_UMOD_FIRE_PROBE
+ * Fire a probe in a user tracepoint module.
+ *
+ * @{
+ */
+#define SUP_IOCTL_TRACER_UMOD_FIRE_PROBE            SUP_CTL_CODE_SIZE(33, SUP_IOCTL_TRACER_UMOD_FIRE_PROBE_SIZE)
+#define SUP_IOCTL_TRACER_UMOD_FIRE_PROBE_SIZE       sizeof(SUPTRACERUMODFIREPROBE)
+#define SUP_IOCTL_TRACER_UMOD_FIRE_PROBE_SIZE_IN    sizeof(SUPTRACERUMODFIREPROBE)
+#define SUP_IOCTL_TRACER_UMOD_FIRE_PROBE_SIZE_OUT   sizeof(SUPREQHDR)
+typedef struct SUPTRACERUMODFIREPROBE
+{
+    /** The header. */
+    SUPREQHDR               Hdr;
+    union
+    {
+        SUPDRVTRACERUSRCTX  In;
+    } u;
+} SUPTRACERUMODFIREPROBE, *PSUPTRACERUMODFIREPROBE;
+/** @} */
 #pragma pack()                          /* paranoia */

trunk/src/VBox/HostDrivers/Support/SUPDrvInternal.h

-              r41067
+              r41117
     /** The thread currently actively talking to the tracer. (One at the time!) */
     RTNATIVETHREAD                  hTracerCaller;
+    /** List of tracepoint providers associated with the session
+     * (SUPDRVTPPROVIDER). */
+    RTLISTANCHOR                    TpProviders;
+    /** The number of providers in TpProviders. */
+    uint32_t                        cTpProviders;
+    /** The number of threads active in supdrvIOCtl_TracerUmodProbeFire or
+     *  SUPR0TracerUmodProbeFire. */
+    uint32_t volatile               cTpProbesFiring;
+    /** User tracepoint modules (PSUPDRVTRACKERUMOD). */
+    RTLISTANCHOR                    TpUmods;
+    /** The user tracepoint module lookup table. */
+    struct SUPDRVTRACERUMOD        *apTpLookupTable[32];
 #ifndef SUPDRV_AGNOSTIC
 # if defined(RT_OS_DARWIN)
 …
     /** The number of session having opened the tracer currently. */
     uint32_t                        cTracerOpens;
+    /** The number of threads currently calling into the tracer. */
+    uint32_t volatile               cTracerCallers;
     /** Set if the tracer is being unloaded. */
     bool                            fTracerUnloading;
+    /** Hash table for user tracer modules (SUPDRVVTGCOPY). */
+    RTLISTANCHOR                    aTrackerUmodHash[128];
     /*
 …
 void VBOXCALL   supdrvTracerModuleUnloading(PSUPDRVDEVEXT pDevExt, PSUPDRVLDRIMAGE pImage);
 void VBOXCALL   supdrvTracerCleanupSession(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession);
+int  VBOXCALL   supdrvIOCtl_TracerUmodRegister(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession,
+                                               RTR3PTR R3PtrVtgHdr, RTUINTPTR uVtgHdrAddr,
+                                               RTR3PTR R3PtrStrTab, uint32_t cbStrTab,
+                                               const char *pszModName, uint32_t fFlags);
+int  VBOXCALL   supdrvIOCtl_TracerUmodDeregister(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, RTR3PTR R3PtrVtgHdr);
+void  VBOXCALL  supdrvIOCtl_TracerUmodProbeFire(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PSUPDRVTRACERUSRCTX pCtx);
 int  VBOXCALL   supdrvIOCtl_TracerOpen(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, uint32_t uCookie, uintptr_t uArg);
 int  VBOXCALL   supdrvIOCtl_TracerClose(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession);
 …
 DECLASM(void)   supdrvTracerProbeFireStub(void);
-int  VBOXCALL   supdrvIOCtl_TracerUmodRegister(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, RTR3PTR pVtgHdr, const char *pszModName, uint32_t fFlags);
-int  VBOXCALL   supdrvIOCtl_TracerUmodDeregister(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, RTR3PTR pVtgHdr);
-void  VBOXCALL  supdrvIOCtl_TracerUmodProbeFire(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PCSUPDRVTRACERUSRCTX pCtx);
 #ifdef VBOX_WITH_NATIVE_DTRACE
 const SUPDRVTRACERREG * VBOXCALL supdrvDTraceInit(void);

trunk/src/VBox/HostDrivers/Support/SUPDrvTracer.cpp

-              r40981
+              r41117
 #include <iprt/semaphore.h>
 #include <iprt/thread.h>
+#include <iprt/param.h>
+#include <iprt/uuid.h>
 …
 *   Structures and Typedefs                                                    *
 *******************************************************************************/
+/** Pointer to a user tracer module registration record. */
+typedef struct SUPDRVTRACERUMOD *PSUPDRVTRACERUMOD;
 /**
  * Data for a tracepoint provider.
 …
     /** The entry in the provider list for this image. */
     RTLISTNODE              ListEntry;
+    /** The entry in the per session provider list for this image. */
+    RTLISTNODE              SessionListEntry;
     /** The core structure. */
 …
      * SUPR0VtgRegisterDrv.  NULL if pImage is set. */
     PSUPDRVSESSION          pSession;
+    /** The user tracepoint module associated with this provider.  NULL if
+     *  pImage is set. */
+    PSUPDRVTRACERUMOD       pUmod;
     /** Used to indicate that we've called pfnProviderDeregistered already and it
 …
+/**
+ * User tracer module VTG data copy.
+ */
+typedef struct SUPDRVVTGCOPY
+{
+    /** Magic (SUDPRVVTGCOPY_MAGIC).  */
+    uint32_t    u32Magic;
+    /** Refernece counter (we expect to share a lot of these). */
+    uint32_t    cRefs;
+    /** The size of the  */
+    uint32_t    cbStrTab;
+    /** Image type flags. */
+    uint32_t    fFlags;
+    /** Hash list entry (SUPDRVDEVEXT::aTrackerUmodHash).  */
+    RTLISTNODE  ListEntry;
+    /** The VTG object header.
+     * The rest of the data follows immediately afterwards.  First the object,
+     * then the probe locations and finally the probe location string table. All
+     * pointers are fixed up to point within this data. */
+    VTGOBJHDR   Hdr;
+} SUPDRVVTGCOPY;
+/** Pointer to a VTG object copy. */
+typedef SUPDRVVTGCOPY *PSUPDRVVTGCOPY;
+/** Magic value for SUPDRVVTGCOPY. */
+#define SUDPRVVTGCOPY_MAGIC UINT32_C(0x00080386)
+/**
+ * User tracer module registration record.
+ */
+typedef struct SUPDRVTRACERUMOD
+{
+    /** Magic (SUPDRVTRACERUMOD_MAGIC).  */
+    uint32_t                u32Magic;
+    /** List entry.  This is anchored in SUPDRVSESSION::UmodList. */
+    RTLISTNODE              ListEntry;
+    /** The address of the ring-3 VTG header. */
+    RTR3PTR                 R3PtrVtgHdr;
+    /** Pointer to the ring-0 copy of the VTG data. */
+    PSUPDRVVTGCOPY          pVtgCopy;
+    /** The memory object that locks down the user memory. */
+    RTR0MEMOBJ              hMemObjLock;
+    /** The memory object that maps the locked memory into kernel space. */
+    RTR0MEMOBJ              hMemObjMap;
+    /** Pointer to the probe enabled-count array within the mapping. */
+    uint32_t               *pacProbeEnabled;
+    /** Pointer to the probe location array within the mapping. */
+    void                   *pvProbeLocs;
+    /** The address of the ring-3 probe locations. */
+    RTR3PTR                 R3PtrProbeLocs;
+    /** The lookup table index. */
+    uint8_t                 iLookupTable;
+    /** The module bit count. */
+    uint8_t                 cBits;
+    /** The size of a probe location record. */
+    uint8_t                 cbProbeLoc;
+    /** The number of probe locations. */
+    uint32_t                cProbeLocs;
+    /** Ring-0 probe location info. */
+    SUPDRVPROBELOC          aProbeLocs[1];
+} SUPDRVTRACERUMOD;
+/** Magic value for SUPDRVVTGCOPY. */
+#define SUPDRVTRACERUMOD_MAGIC UINT32_C(0x00080486)
 /*******************************************************************************
 *   Defined Constants And Macros                                               *
 …
 /** The address of the current probe fire routine for kernel mode. */
 PFNRT       g_pfnSupdrvProbeFireKernel = supdrvTracerProbeFireStub;
+/*******************************************************************************
+*   Internal Functions                                                         *
+*******************************************************************************/
+static void supdrvVtgReleaseObjectCopy(PSUPDRVDEVEXT pDevExt, PSUPDRVVTGCOPY pThis);
 …
+/**
+ * Validates the VTG data.
+ *
+ * @returns VBox status code.
+ * @param   pVtgHdr             The VTG object header of the data to validate.
+ * @param   cbVtgObj            The size of the VTG object.
+ * @param   pbImage             The image base. For validating the probe
+ *                              locations.
+ * @param   cbImage             The image size to go with @a pbImage.
+ */
+static int supdrvVtgValidate(PVTGOBJHDR pVtgHdr, size_t cbVtgObj, const uint8_t *pbImage, size_t cbImage)
+{
+    uintptr_t   cbTmp;
+    uintptr_t   offTmp;
+    uintptr_t   i;
+    uintptr_t   cProviders;
+    int         rc;
+    if (!pbImage || !cbImage)
+    {
+        pbImage = NULL;
+        cbImage = 0;
+    }
+#define MY_VALIDATE_PTR(p, cb, cMin, cMax, cbUnit, rcBase) \
+    do { \
+        if (   (cb) >= cbVtgObj \
+            || (uintptr_t)(p) - (uintptr_t)pVtgHdr > cbVtgObj - (cb) ) \
+        { \
+            SUPR0Printf("supdrvVtgValidate: " #rcBase "_TOO_PTR - p=%p cb=%#zx pVtgHdr=%p cbVtgHdr=%#zu line=%u %s\n", \
+                        p, (size_t)(cb), pVtgHdr, cbVtgObj, __LINE__, #p); \
+            return rcBase ## _PTR; \
+        } \
+        if ((cb) <  (cMin) * (cbUnit)) \
+        { \
+            SUPR0Printf("supdrvVtgValidate: " #rcBase "_TOO_FEW - cb=%#zx cMin=%#zx cbUnit=%#zx line=%u %s\n", \
+                        (size_t)(cb), (size_t)(cMin), (size_t)cbUnit, __LINE__, #p); \
+            return rcBase ## _TOO_FEW; \
+        } \
+        if ((cb) >= (cMax) * (cbUnit)) \
+        { \
+            SUPR0Printf("supdrvVtgValidate: " #rcBase "_TOO_MUCH - cb=%#zx cMax=%#zx cbUnit=%#zx line=%u %s\n", \
+                        (size_t)(cb), (size_t)(cMax), (size_t)cbUnit, __LINE__, #p); \
+            return rcBase ## _TOO_MUCH; \
+        } \
+        if ((cb) / (cbUnit) * (cbUnit) != (cb)) \
+        { \
+            SUPR0Printf("supdrvVtgValidate: " #rcBase "_NOT_MULTIPLE - cb=%#zx cbUnit=%#zx line=%u %s\n", \
+                        (size_t)(cb), (size_t)cbUnit, __LINE__, #p); \
+            return rcBase ## _NOT_MULTIPLE; \
+        } \
+    } while (0)
+/** Used by the validation code below. */
+#define MY_CHECK_RET(a_Expr, a_rc) \
+    MY_CHECK_MSG_RET(a_Expr, ("%s: Validation failed on line " RT_XSTR(__LINE__) ": " #a_Expr "\n", __FUNCTION__), a_rc)
+/** Used by the validation code below. */
+#define MY_CHECK_MSG_RET(a_Expr, a_PrintfArgs, a_rc) \
+    do { if (RT_UNLIKELY(!(a_Expr))) { SUPR0Printf a_PrintfArgs; return (a_rc); } } while (0)
+/** Used by the validation code below. */
 #define MY_WITHIN_IMAGE(p, rc) \
     do { \
 …
             return (rc); \
     } while (0)
+#define MY_VALIDATE_STR(offStrTab) \
+/**
+ * Validates the VTG object header.
+ *
+ * @returns VBox status code.
+ * @param   pVtgHdr             The header.
+ * @param   uVtgHdrAddr         The address where the header is actually
+ *                              loaded.
+ * @param   cbVtgObj            The alleged size of the header.
+ * @param   pbImage             The image base, if available.
+ * @param   cbImage             The image size, if available.
+ * @param   fUmod               Whether this is a user module.
+ */
+static int supdrvVtgValidateHdr(PVTGOBJHDR pVtgHdr, RTUINTPTR uVtgHdrAddr, const uint8_t *pbImage, size_t cbImage, bool fUmod)
+{
+    struct VTGAREAS
+    {
+        uint32_t off;
+        uint32_t cb;
+    } const        *paAreas;
+    unsigned        cAreas;
+    unsigned        i;
+    uint32_t        cbVtgObj;
+    uint32_t        off;
+#define MY_VALIDATE_SIZE(cb, cMin, cMax, cbUnit, rcBase) \
     do { \
+        if ((offStrTab) >= pVtgHdr->cbStrTab) \
+        if ((cb) <  (cMin) * (cbUnit)) \
+        { \
+            SUPR0Printf("supdrvVtgValidateHdr: " #rcBase "_TOO_FEW - cb=%#zx cMin=%#zx cbUnit=%#zx line=%u %s\n", \
+                        (size_t)(cb), (size_t)(cMin), (size_t)cbUnit, __LINE__, #cb); \
+            return rcBase ## _TOO_FEW; \
+        } \
+        if ((cb) >= (cMax) * (cbUnit)) \
+        { \
+            SUPR0Printf("supdrvVtgValidateHdr: " #rcBase "_TOO_MUCH - cb=%#zx cMax=%#zx cbUnit=%#zx line=%u %s\n", \
+                        (size_t)(cb), (size_t)(cMax), (size_t)cbUnit, __LINE__, #cb); \
+            return rcBase ## _TOO_MUCH; \
+        } \
+        if ((cb) / (cbUnit) * (cbUnit) != (cb)) \
+        { \
+            SUPR0Printf("supdrvVtgValidateHdr: " #rcBase "_NOT_MULTIPLE - cb=%#zx cbUnit=%#zx line=%u %s\n", \
+                        (size_t)(cb), (size_t)cbUnit, __LINE__, #cb); \
+            return rcBase ## _NOT_MULTIPLE; \
+        } \
+    } while (0)
+#define MY_VALIDATE_OFF(off, cb, cMin, cMax, cbUnit, cbAlign, rcBase) \
+    do { \
+        if (   (cb) >= cbVtgObj \
+            || off > cbVtgObj - (cb) ) \
+        { \
+            SUPR0Printf("supdrvVtgValidateHdr: " #rcBase "_OFF - off=%#x cb=%#x pVtgHdr=%p cbVtgHdr=%#zx line=%u %s\n", \
+                        (off), (cb), pVtgHdr, cbVtgObj, __LINE__, #off); \
+            return rcBase ## _OFF; \
+        } \
+        if (RT_ALIGN(off, cbAlign) != (off)) \
+        { \
+            SUPR0Printf("supdrvVtgValidateHdr: " #rcBase "_OFF - off=%#x align=%#zx line=%u %s\n", \
+                        (off), (size_t)(cbAlign), __LINE__, #off); \
+            return rcBase ## _OFF; \
+        } \
+        MY_VALIDATE_SIZE(cb, cMin, cMax, cbUnit, rcBase); \
+    } while (0)
+    /*
+     * Make sure both pbImage and cbImage are NULL/0 if one if of them is.
+     */
+    if (!pbImage || !cbImage)
+    {
+        pbImage = NULL;
+        cbImage = 0;
+        cbVtgObj = pVtgHdr->cbObj;
+    }
+    else
+    {
+        MY_WITHIN_IMAGE(pVtgHdr, VERR_SUPDRV_VTG_BAD_HDR_PTR);
+        cbVtgObj = pVtgHdr->cbObj;
+        MY_WITHIN_IMAGE((uint8_t *)pVtgHdr + cbVtgObj - 1, VERR_SUPDRV_VTG_BAD_HDR_PTR);
+    }
+    if (cbVtgObj > _1M)
+    {
+        SUPR0Printf("supdrvVtgValidateHdr: VERR_SUPDRV_TRACER_TOO_LARGE - cbVtgObj=%#x\n", cbVtgObj);
+        return VERR_SUPDRV_TRACER_TOO_LARGE;
+    }
+    /*
+     * Set the probe location array offset and size members.
+     */
+    if (!pVtgHdr->offProbeLocs)
+    {
+        uint64_t u64Tmp = pVtgHdr->uProbeLocsEnd.u64 - pVtgHdr->uProbeLocs.u64;
+        if (u64Tmp >= UINT32_MAX)
+            return VERR_SUPDRV_VTG_BAD_HDR_TOO_MUCH;
+        pVtgHdr->cbProbeLocs  = (uint32_t)u64Tmp;
+        u64Tmp = pVtgHdr->uProbeLocs.u64 - uVtgHdrAddr;
+        if ((int64_t)u64Tmp != (int32_t)u64Tmp)
+            return VERR_SUPDRV_VTG_BAD_HDR_PTR;
+        pVtgHdr->offProbeLocs = (int32_t)u64Tmp;
+    }
+    /*
+     * The non-area description fields.
+     */
+    if (memcmp(pVtgHdr->szMagic, VTGOBJHDR_MAGIC, sizeof(pVtgHdr->szMagic)))
+        return VERR_SUPDRV_VTG_MAGIC;
+    if (   pVtgHdr->cBits != ARCH_BITS
+        && (   !fUmod
+            || (   pVtgHdr->cBits != 32
+                && pVtgHdr->cBits != 64)) )
+        return VERR_SUPDRV_VTG_BITS;
+    if (   pVtgHdr->au32Reserved1[0]
+        || pVtgHdr->au32Reserved1[1]
+        || pVtgHdr->au32Reserved1[2]
+        || pVtgHdr->au32Reserved1[3])
+        return VERR_SUPDRV_VTG_BAD_HDR_MISC;
+    if (RTUuidIsNull(&pVtgHdr->Uuid))
+        return VERR_SUPDRV_VTG_BAD_HDR_MISC;
+    /*
+     * Check the individual area descriptors.
+     */
+    MY_VALIDATE_OFF(pVtgHdr->offStrTab,          pVtgHdr->cbStrTab,       4,   _1M, sizeof(char),            sizeof(uint8_t),  VERR_SUPDRV_VTG_BAD_HDR);
+    MY_VALIDATE_OFF(pVtgHdr->offArgLists,        pVtgHdr->cbArgLists,     1,  _32K, sizeof(uint32_t),        sizeof(uint32_t), VERR_SUPDRV_VTG_BAD_HDR);
+    MY_VALIDATE_OFF(pVtgHdr->offProbes,          pVtgHdr->cbProbes,       1,  _32K, sizeof(VTGDESCPROBE),    sizeof(uint32_t), VERR_SUPDRV_VTG_BAD_HDR);
+    MY_VALIDATE_OFF(pVtgHdr->offProviders,       pVtgHdr->cbProviders,    1,    16, sizeof(VTGDESCPROVIDER), sizeof(uint32_t), VERR_SUPDRV_VTG_BAD_HDR);
+    MY_VALIDATE_OFF(pVtgHdr->offProbeEnabled,    pVtgHdr->cbProbeEnabled, 1,  _32K, sizeof(uint32_t),        sizeof(uint32_t), VERR_SUPDRV_VTG_BAD_HDR);
+    if (!fUmod)
+    {
+        MY_WITHIN_IMAGE(pVtgHdr->uProbeLocs.p,    VERR_SUPDRV_VTG_BAD_HDR_PTR);
+        MY_WITHIN_IMAGE(pVtgHdr->uProbeLocsEnd.p, VERR_SUPDRV_VTG_BAD_HDR_PTR);
+        MY_VALIDATE_SIZE(                        pVtgHdr->cbProbeLocs,    1, _128K, sizeof(VTGPROBELOC),     VERR_SUPDRV_VTG_BAD_HDR);
+    }
+    else
+    {
+        if (pVtgHdr->cBits == 32)
+            MY_VALIDATE_SIZE(                   pVtgHdr->cbProbeLocs,    1, _8K,   sizeof(VTGPROBELOC32),    VERR_SUPDRV_VTG_BAD_HDR);
+        else
+            MY_VALIDATE_SIZE(                   pVtgHdr->cbProbeLocs,    1, _8K,   sizeof(VTGPROBELOC64),    VERR_SUPDRV_VTG_BAD_HDR);
+        /* Will check later that offProbeLocs are following closely on the
+           enable count array, so no need to validate the offset here. */
+    }
+    /*
+     * Some additional consistency checks.
+     */
+    if (   pVtgHdr->uProbeLocsEnd.u64 - pVtgHdr->uProbeLocs.u64 != pVtgHdr->cbProbeLocs
+        || (int64_t)(pVtgHdr->uProbeLocs.u64 - uVtgHdrAddr)     != pVtgHdr->offProbeLocs)
+    {
+        SUPR0Printf("supdrvVtgValidateHdr: VERR_SUPDRV_VTG_BAD_HDR_MISC - uProbeLocs=%#llx uProbeLocsEnd=%#llx offProbeLocs=%#llx cbProbeLocs=%#x uVtgHdrAddr=%RTptr\n",
+                    pVtgHdr->uProbeLocs.u64, pVtgHdr->uProbeLocsEnd.u64, pVtgHdr->offProbeLocs, pVtgHdr->cbProbeLocs, uVtgHdrAddr);
+        return VERR_SUPDRV_VTG_BAD_HDR_MISC;
+    }
+    if (pVtgHdr->cbProbes / sizeof(VTGDESCPROBE) != pVtgHdr->cbProbeEnabled / sizeof(uint32_t))
+    {
+        SUPR0Printf("supdrvVtgValidateHdr: VERR_SUPDRV_VTG_BAD_HDR_MISC - cbProbeEnabled=%#zx cbProbes=%#zx\n",
+                    pVtgHdr->cbProbeEnabled, pVtgHdr->cbProbes);
+        return VERR_SUPDRV_VTG_BAD_HDR_MISC;
+    }
+    /*
+     * Check that there are no overlapping areas.  This is a little bit ugly...
+     */
+    paAreas = (struct VTGAREAS const *)&pVtgHdr->offStrTab;
+    cAreas  = pVtgHdr->offProbeLocs >= 0 ? 6 : 5;
+    off     = sizeof(VTGOBJHDR);
+    for (i = 0; i < cAreas; i++)
+    {
+        if (paAreas[i].off < off)
+        {
+            SUPR0Printf("supdrvVtgValidateHdr: VERR_SUPDRV_VTG_BAD_HDR_MISC - overlapping areas %d and %d\n", i, i-1);
+            return VERR_SUPDRV_VTG_BAD_HDR_MISC;
+        }
+        off = paAreas[i].off + paAreas[i].cb;
+    }
+    if (   pVtgHdr->offProbeLocs > 0
+        && (uint32_t)-pVtgHdr->offProbeLocs < pVtgHdr->cbProbeLocs)
+    {
+        SUPR0Printf("supdrvVtgValidateHdr: VERR_SUPDRV_VTG_BAD_HDR_MISC - probe locations overlaps the header\n");
+        return VERR_SUPDRV_VTG_BAD_HDR_MISC;
+    }
+    /*
+     * Check that the object size is correct.
+     */
+    if (pVtgHdr->cbObj != pVtgHdr->offProbeEnabled + pVtgHdr->cbProbeEnabled)
+    {
+        SUPR0Printf("supdrvVtgValidateHdr: VERR_SUPDRV_VTG_BAD_HDR_MISC - bad header size %#x, expected %#x\n",
+                    pVtgHdr->cbObj, pVtgHdr->offProbeEnabled + pVtgHdr->cbProbeEnabled);
+        return VERR_SUPDRV_VTG_BAD_HDR_MISC;
+    }
+    return VINF_SUCCESS;
+#undef MY_VALIDATE_OFF
+#undef MY_VALIDATE_SIZE
+}
+/**
+ * Validates the VTG data.
+ *
+ * @returns VBox status code.
+ * @param   pVtgHdr             The VTG object header of the data to validate.
+ * @param   uVtgHdrAddr         The address where the header is actually
+ *                              loaded.
+ * @param   pbImage             The image base. For validating the probe
+ *                              locations.
+ * @param   cbImage             The image size to go with @a pbImage.
+ * @param   fUmod               Whether this is a user module.
+ */
+static int supdrvVtgValidate(PVTGOBJHDR pVtgHdr, RTUINTPTR uVtgHdrAddr, const uint8_t *pbImage, size_t cbImage, bool fUmod)
+{
+    uintptr_t   offTmp;
+    uintptr_t   i;
+    uintptr_t   cProviders;
+    int         rc;
+    if (!pbImage || !cbImage)
+    {
+        pbImage = NULL;
+        cbImage = 0;
+    }
+#define MY_VALIDATE_STR(a_offStrTab) \
+    do { \
+        if ((a_offStrTab) >= pVtgHdr->cbStrTab) \
             return VERR_SUPDRV_VTG_STRTAB_OFF; \
         rc = supdrvVtgValidateString(pVtgHdr->pachStrTab + (offStrTab)); \
+        rc = supdrvVtgValidateString((char *)pVtgHdr + pVtgHdr->offStrTab + (a_offStrTab)); \
         if (rc != VINF_SUCCESS) \
             return rc; \
 …
      * The header.
      */
+    if (memcmp(pVtgHdr->szMagic, VTGOBJHDR_MAGIC, sizeof(pVtgHdr->szMagic)))
+        return VERR_SUPDRV_VTG_MAGIC;
+    if (pVtgHdr->cBits != ARCH_BITS)
+        return VERR_SUPDRV_VTG_BITS;
+    if (pVtgHdr->u32Reserved0)
+        return VERR_SUPDRV_VTG_BAD_HDR;
+    MY_VALIDATE_PTR(pVtgHdr->paProviders,       pVtgHdr->cbProviders,    1,    16, sizeof(VTGDESCPROVIDER), VERR_SUPDRV_VTG_BAD_HDR);
+    MY_VALIDATE_PTR(pVtgHdr->paProbes,          pVtgHdr->cbProbes,       1,  _32K, sizeof(VTGDESCPROBE),    VERR_SUPDRV_VTG_BAD_HDR);
+    MY_VALIDATE_PTR(pVtgHdr->pafProbeEnabled,   pVtgHdr->cbProbeEnabled, 1,  _32K, sizeof(bool),            VERR_SUPDRV_VTG_BAD_HDR);
+    MY_VALIDATE_PTR(pVtgHdr->pachStrTab,        pVtgHdr->cbStrTab,       4,   _1M, sizeof(char),            VERR_SUPDRV_VTG_BAD_HDR);
+    MY_VALIDATE_PTR(pVtgHdr->paArgLists,        pVtgHdr->cbArgLists,     1,  _32K, sizeof(uint32_t),        VERR_SUPDRV_VTG_BAD_HDR);
+    MY_WITHIN_IMAGE(pVtgHdr->paProbLocs,    VERR_SUPDRV_VTG_BAD_HDR_PTR);
+    MY_WITHIN_IMAGE(pVtgHdr->paProbLocsEnd, VERR_SUPDRV_VTG_BAD_HDR_PTR);
+    if ((uintptr_t)pVtgHdr->paProbLocs > (uintptr_t)pVtgHdr->paProbLocsEnd)
+    {
+        SUPR0Printf("supdrvVtgValidate: VERR_SUPDRV_VTG_BAD_HDR_PTR - paProbeLocs=%p > paProbLocsEnd=%p\n",
+                    pVtgHdr->paProbLocs, pVtgHdr->paProbLocsEnd);
+        return VERR_SUPDRV_VTG_BAD_HDR_PTR;
+    }
+    cbTmp = (uintptr_t)pVtgHdr->paProbLocsEnd - (uintptr_t)pVtgHdr->paProbLocs;
+    if (cbTmp < sizeof(VTGPROBELOC))
+    {
+        SUPR0Printf("supdrvVtgValidate: VERR_SUPDRV_VTG_BAD_HDR_TOO_FEW - cbTmp=%#zx paProbeLocs=%p paProbLocsEnd=%p\n",
+                    cbTmp, pVtgHdr->paProbLocs, pVtgHdr->paProbLocsEnd);
+        return VERR_SUPDRV_VTG_BAD_HDR_TOO_FEW;
+    }
+    if (cbTmp >= _128K * sizeof(VTGPROBELOC))
+    {
+        SUPR0Printf("supdrvVtgValidate: VERR_SUPDRV_VTG_BAD_HDR_TOO_MUCH - cbTmp=%#zx paProbeLocs=%p paProbLocsEnd=%p\n",
+                    cbTmp, pVtgHdr->paProbLocs, pVtgHdr->paProbLocsEnd);
+        return VERR_SUPDRV_VTG_BAD_HDR_TOO_MUCH;
+    }
+    if (cbTmp / sizeof(VTGPROBELOC) * sizeof(VTGPROBELOC) != cbTmp)
+    {
+        SUPR0Printf("supdrvVtgValidate: VERR_SUPDRV_VTG_BAD_HDR_NOT_MULTIPLE - cbTmp=%#zx cbUnit=%#zx paProbeLocs=%p paProbLocsEnd=%p\n",
+                    cbTmp, sizeof(VTGPROBELOC), pVtgHdr->paProbLocs, pVtgHdr->paProbLocsEnd);
+        return VERR_SUPDRV_VTG_BAD_HDR_NOT_MULTIPLE;
+    }
+    if (pVtgHdr->cbProbes / sizeof(VTGDESCPROBE) != pVtgHdr->cbProbeEnabled)
+    {
+        SUPR0Printf("supdrvVtgValidate: VERR_SUPDRV_VTG_BAD_HDR - cbProbeEnabled=%#zx cbProbes=%#zx\n",
+                    pVtgHdr->cbProbeEnabled, pVtgHdr->cbProbes);
+        return VERR_SUPDRV_VTG_BAD_HDR;
+    }
+    rc = supdrvVtgValidateHdr(pVtgHdr, uVtgHdrAddr, pbImage, cbImage, fUmod);
+    if (RT_FAILURE(rc))
+        return rc;
     /*
 …
     while (i-- > 0)
+    {
         MY_VALIDATE_STR(pVtgHdr->paProviders[i].offName);
+        if (pVtgHdr->paProviders[i].iFirstProbe >= pVtgHdr->cbProbeEnabled)
             return VERR_SUPDRV_VTG_BAD_PROVIDER;
         if (pVtgHdr->paProviders[i].iFirstProbe + pVtgHdr->paProviders[i].cProbes > pVtgHdr->cbProbeEnabled)
             return VERR_SUPDRV_VTG_BAD_PROVIDER;
         MY_VALIDATE_ATTR(pVtgHdr->paProviders[i].AttrSelf);
         MY_VALIDATE_ATTR(pVtgHdr->paProviders[i].AttrModules);
         MY_VALIDATE_ATTR(pVtgHdr->paProviders[i].AttrFunctions);
         MY_VALIDATE_ATTR(pVtgHdr->paProviders[i].AttrNames);
         MY_VALIDATE_ATTR(pVtgHdr->paProviders[i].AttrArguments);
         if (pVtgHdr->paProviders[i].bReserved)
             return VERR_SUPDRV_VTG_BAD_PROVIDER;
+        PCVTGDESCPROVIDER pProvider = (PCVTGDESCPROVIDER)((uintptr_t)pVtgHdr + pVtgHdr->offProviders) + i;
+        MY_VALIDATE_STR(pProvider->offName);
+        MY_CHECK_RET(pProvider->iFirstProbe < pVtgHdr->cbProbeEnabled / sizeof(uint32_t), VERR_SUPDRV_VTG_BAD_PROVIDER);
+        MY_CHECK_RET((uint32_t)pProvider->iFirstProbe + pProvider->cProbes <= pVtgHdr->cbProbeEnabled / sizeof(uint32_t),
+                     VERR_SUPDRV_VTG_BAD_PROVIDER);
+        MY_VALIDATE_ATTR(pProvider->AttrSelf);
+        MY_VALIDATE_ATTR(pProvider->AttrModules);
+        MY_VALIDATE_ATTR(pProvider->AttrFunctions);
+        MY_VALIDATE_ATTR(pProvider->AttrNames);
+        MY_VALIDATE_ATTR(pProvider->AttrArguments);
+        MY_CHECK_RET(pProvider->bReserved == 0, VERR_SUPDRV_VTG_BAD_PROVIDER);
+    }
 …
     while (i-- > 0)
+    {
+        PVTGDESCARGLIST pArgList;
+        unsigned        iArg;
+        bool            fHaveLargeArgs;
+        MY_VALIDATE_STR(pVtgHdr->paProbes[i].offName);
+        if (pVtgHdr->paProbes[i].offArgList >= pVtgHdr->cbArgLists)
+        PCVTGDESCPROBE      pProbe    = (PCVTGDESCPROBE)(   (uintptr_t)pVtgHdr + pVtgHdr->offProbes)    + i;
+        PCVTGDESCPROVIDER   pProvider = (PCVTGDESCPROVIDER)((uintptr_t)pVtgHdr + pVtgHdr->offProviders) + pProbe->idxProvider;
+        PCVTGDESCARGLIST    pArgList  = (PCVTGDESCARGLIST)( (uintptr_t)pVtgHdr + pVtgHdr->offArgLists + pProbe->offArgList );
+        unsigned            iArg;
+        bool                fHaveLargeArgs;
+        MY_VALIDATE_STR(pProbe->offName);
+        MY_CHECK_RET(pProbe->offArgList < pVtgHdr->cbArgLists, VERR_SUPDRV_VTG_BAD_PROBE);
+        MY_CHECK_RET((pProbe->offArgList & 3) == 0, VERR_SUPDRV_VTG_BAD_PROBE);
+        MY_CHECK_RET(pProbe->idxEnabled == i, VERR_SUPDRV_VTG_BAD_PROBE); /* The lists are parallel. */
+        MY_CHECK_RET(pProbe->idxProvider < cProviders, VERR_SUPDRV_VTG_BAD_PROBE);
+        MY_CHECK_RET(i - pProvider->iFirstProbe < pProvider->cProbes, VERR_SUPDRV_VTG_BAD_PROBE);
+        if (pProbe->offObjHdr != (intptr_t)pVtgHdr - (intptr_t)pProbe)
+        {
+            SUPR0Printf("supdrvVtgValidate: VERR_SUPDRV_TRACER_BAD_ARG_FLAGS - iProbe=%u offObjHdr=%d expected %zd\n",
+                        i, pProbe->offObjHdr, (intptr_t)pVtgHdr - (intptr_t)pProbe);
             return VERR_SUPDRV_VTG_BAD_PROBE;
-        if (pVtgHdr->paProbes[i].offArgList & 3)
-            return VERR_SUPDRV_VTG_BAD_PROBE;
-        if (pVtgHdr->paProbes[i].idxEnabled != i) /* The lists are parallel. */
-            return VERR_SUPDRV_VTG_BAD_PROBE;
-        if (pVtgHdr->paProbes[i].idxProvider >= cProviders)
-            return VERR_SUPDRV_VTG_BAD_PROBE;
-        if (  i - pVtgHdr->paProviders[pVtgHdr->paProbes[i].idxProvider].iFirstProbe
-            >= pVtgHdr->paProviders[pVtgHdr->paProbes[i].idxProvider].cProbes)
-            return VERR_SUPDRV_VTG_BAD_PROBE;
-        if (pVtgHdr->paProbes[i].u32User)
-            return VERR_SUPDRV_VTG_BAD_PROBE;
-        if (pVtgHdr->paProbes[i].u32User2)
-            return VERR_SUPDRV_VTG_BAD_PROBE;
-        if (   pVtgHdr->paProbes[i].offObjHdr
-            != (intptr_t)pVtgHdr - (intptr_t)&pVtgHdr->paProbes[i])
+        {
-            SUPR0Printf("supdrvVtgValidate: VERR_SUPDRV_TRACER_BAD_ARG_FLAGS - iProbe=%u offObjHdr=%d expected %zd\n",
-                        i, pVtgHdr->paProbes[i].offObjHdr, (intptr_t)pVtgHdr - (intptr_t)&pVtgHdr->paProbes[i]);
-            return VERR_SUPDRV_VTG_BAD_PROBE;
+        }
         /* The referenced argument list. */
-        pArgList = (PVTGDESCARGLIST)((uintptr_t)pVtgHdr->paArgLists + pVtgHdr->paProbes[i].offArgList);
         if (pArgList->cArgs > 16)
+        {
 …
     /*
+     * Check that pafProbeEnabled is all zero.
+     */
+    i = pVtgHdr->cbProbeEnabled;
+    while (i-- > 0)
+        if (pVtgHdr->pafProbeEnabled[0])
+            return VERR_SUPDRV_VTG_BAD_PROBE_ENABLED;
+     * Check that pacProbeEnabled is all zeros.
+     */
+    {
+        uint32_t const *pcProbeEnabled = (uint32_t const *)((uintptr_t)pVtgHdr + pVtgHdr->offProbeEnabled);
+        i = pVtgHdr->cbProbeEnabled / sizeof(uint32_t);
+        while (i-- > 0)
+            MY_CHECK_RET(pcProbeEnabled[0] == 0, VERR_SUPDRV_VTG_BAD_PROBE_ENABLED);
+    }
     /*
      * Probe locations.
      */
+    i = pVtgHdr->paProbLocsEnd - pVtgHdr->paProbLocs;
+    while (i-- > 0)
+    {
+        if (pVtgHdr->paProbLocs[i].uLine >= _1G)
+            return VERR_SUPDRV_VTG_BAD_PROBE_LOC;
+        if (pVtgHdr->paProbLocs[i].fEnabled)
+            return VERR_SUPDRV_VTG_BAD_PROBE_LOC;
+        if (pVtgHdr->paProbLocs[i].idProbe != UINT32_MAX)
+            return VERR_SUPDRV_VTG_BAD_PROBE_LOC;
+        MY_WITHIN_IMAGE(pVtgHdr->paProbLocs[i].pszFunction, VERR_SUPDRV_VTG_BAD_PROBE_LOC);
+        offTmp = (uintptr_t)pVtgHdr->paProbLocs[i].pbProbe - (uintptr_t)pVtgHdr->paProbes;
+        if (offTmp >= pVtgHdr->cbProbes)
+            return VERR_SUPDRV_VTG_BAD_PROBE_LOC;
+        if (offTmp / sizeof(VTGDESCPROBE) * sizeof(VTGDESCPROBE) != offTmp)
+            return VERR_SUPDRV_VTG_BAD_PROBE_LOC;
+    {
+        PCVTGPROBELOC paProbeLocs = (PCVTGPROBELOC)((intptr_t)pVtgHdr + pVtgHdr->offProbeLocs);
+        i = pVtgHdr->cbProbeLocs / sizeof(VTGPROBELOC);
+        while (i-- > 0)
+        {
+            MY_CHECK_RET(paProbeLocs[i].uLine < _1G, VERR_SUPDRV_VTG_BAD_PROBE_LOC);
+            MY_CHECK_RET(paProbeLocs[i].fEnabled == false, VERR_SUPDRV_VTG_BAD_PROBE_LOC);
+            MY_CHECK_RET(paProbeLocs[i].idProbe == 0, VERR_SUPDRV_VTG_BAD_PROBE_LOC);
+            MY_WITHIN_IMAGE(paProbeLocs[i].pszFunction, VERR_SUPDRV_VTG_BAD_PROBE_LOC);
+            offTmp = (uintptr_t)paProbeLocs[i].pbProbe - (uintptr_t)pVtgHdr->offProbes - (uintptr_t)pVtgHdr;
+            MY_CHECK_RET(offTmp < pVtgHdr->cbProbes, VERR_SUPDRV_VTG_BAD_PROBE_LOC);
+            MY_CHECK_RET(offTmp / sizeof(VTGDESCPROBE) * sizeof(VTGDESCPROBE) == offTmp, VERR_SUPDRV_VTG_BAD_PROBE_LOC);
+        }
+    }
     return VINF_SUCCESS;
+}
 #undef MY_VALIDATE_STR
 #undef MY_VALIDATE_PTR
+#undef MY_VALIDATE_ATTR
 #undef MY_WITHIN_IMAGE
+}
 …
+{
     Assert(offStrTab < pVtgHdr->cbStrTab);
     return &pVtgHdr->pachStrTab[offStrTab];
+    return (char *)pVtgHdr + pVtgHdr->offStrTab + offStrTab;
+}
 …
+{
     LOG_TRACER(("Freeing tracepoint provider '%s' / %p\n", pProv->szName, pProv->Core.TracerData.DTrace.idProvider));
+    pProv->fRegistered = false;
+    pProv->fZombie     = true;
+    pProv->Core.pDesc  = NULL;
+    pProv->Core.pHdr   = NULL;
+    pProv->fRegistered          = false;
+    pProv->fZombie              = true;
+    pProv->Core.pDesc           = NULL;
+    pProv->Core.pHdr            = NULL;
+    pProv->Core.paProbeLocsRO   = NULL;
+    pProv->Core.pvProbeLocsEn   = NULL;
+    pProv->Core.pacProbeEnabled = NULL;
+    pProv->Core.paR0ProbeLocs   = NULL;
+    pProv->Core.paR0Probes      = NULL;
     RT_ZERO(pProv->Core.TracerData);
     RTMemFree(pProv);
 …
 /**
  * Deregisters a provider.
+ * Unlinks and deregisters a provider.
+ *
  * If the provider is still busy, it will be put in the zombie list.
 …
+{
     int rc;
+    RTListNodeRemove(&pProv->ListEntry);
+    if (pProv->pSession)
+    {
+        RTListNodeRemove(&pProv->SessionListEntry);
+        RTListInit(&pProv->SessionListEntry);
+        pProv->pSession->cTpProviders--;
+    }
     if (!pProv->fRegistered || !pDevExt->pTracerOps)
         rc = VINF_SUCCESS;
 …
+    }
+    pProv->fZombie = true;
+    pProv->fZombie              = true;
+    pProv->pImage               = NULL;
+    pProv->pSession             = NULL;
+    pProv->pUmod                = NULL;
+    pProv->Core.pDesc           = NULL;
+    pProv->Core.pHdr            = NULL;
+    pProv->Core.paProbeLocsRO   = NULL;
+    pProv->Core.pvProbeLocsEn   = NULL;
+    pProv->Core.pacProbeEnabled = NULL;
+    pProv->Core.paR0ProbeLocs   = NULL;
     RTListAppend(&pDevExt->TracerProviderZombieList, &pProv->ListEntry);
     LOG_TRACER(("Invalidated provider '%s' / %p and put it on the zombie list (rc=%Rrc)\n",
 …
     RTListForEachSafe(&pDevExt->TracerProviderList, pProv, pProvNext, SUPDRVTPPROVIDER, ListEntry)
+    {
-        RTListNodeRemove(&pProv->ListEntry);
         supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+    }
 …
  * @param   pszName             The driver name.
  * @param   pVtgHdr             The VTG object header.
- * @param   pVtgObj             The size of the VTG object.
  * @param   pImage              The image if applicable.
  * @param   pSession            The session if applicable.
+ * @param   pUmod               The associated user tracepoint module if
+ *                              applicable.
  * @param   pszModName          The module name.
  */
 static int supdrvTracerRegisterVtgObj(PSUPDRVDEVEXT pDevExt, PVTGOBJHDR pVtgHdr, size_t cbVtgObj, PSUPDRVLDRIMAGE pImage,
                                       PSUPDRVSESSION pSession, const char *pszModName)
+static int supdrvTracerRegisterVtgObj(PSUPDRVDEVEXT pDevExt, PVTGOBJHDR pVtgHdr, PSUPDRVLDRIMAGE pImage,
+                                      PSUPDRVSESSION pSession, PSUPDRVTRACERUMOD pUmod, const char *pszModName)
+{
     int                 rc;
     uintptr_t           i;
     PSUPDRVTPPROVIDER   pProv;
+    size_t              cchModName;
     /*
 …
     AssertPtrNullReturn(pSession, VERR_INVALID_POINTER);
     AssertPtrReturn(pszModName, VERR_INVALID_POINTER);
+    cchModName = strlen(pszModName);
     if (pImage)
+        rc = supdrvVtgValidate(pVtgHdr, cbVtgObj, (const uint8_t *)pImage->pvImage, pImage->cbImageBits);
+        rc = supdrvVtgValidate(pVtgHdr, (uintptr_t)pVtgHdr,
+                               (const uint8_t *)pImage->pvImage, pImage->cbImageBits,
+                               false /*fUmod*/);
     else
         rc = supdrvVtgValidate(pVtgHdr, cbVtgObj, NULL, 0);
+        rc = supdrvVtgValidate(pVtgHdr, (uintptr_t)pVtgHdr, NULL, 0, pUmod != NULL);
     if (RT_FAILURE(rc))
         return rc;
+    /*
+     * Check that there aren't any obvious duplicates.
+     * (Yes, this isn't race free, but it's good enough for now.)
+     */
     rc = RTSemFastMutexRequest(pDevExt->mtxTracer);
     if (RT_FAILURE(rc))
         return rc;
+    RTListForEach(&pDevExt->TracerProviderList, pProv, SUPDRVTPPROVIDER, ListEntry)
+    {
+        if (pProv->Core.pHdr == pVtgHdr)
+        {
+            rc = VERR_SUPDRV_VTG_ALREADY_REGISTERED;
+            break;
+        }
+        if (   pProv->pSession == pSession
+            && pProv->pImage   == pImage)
+        {
+            rc = VERR_SUPDRV_VTG_ONLY_ONCE_PER_SESSION;
+            break;
+    if (pImage || pSession->R0Process == NIL_RTPROCESS)
+    {
+        RTListForEach(&pDevExt->TracerProviderList, pProv, SUPDRVTPPROVIDER, ListEntry)
+        {
+            if (pProv->Core.pHdr == pVtgHdr)
+            {
+                rc = VERR_SUPDRV_VTG_ALREADY_REGISTERED;
+                break;
+            }
+            if (   pProv->pSession == pSession
+                && pProv->pImage   == pImage)
+            {
+                rc = VERR_SUPDRV_VTG_ONLY_ONCE_PER_SESSION;
+                break;
+            }
+        }
+    }
+    else
+    {
+        RTListForEach(&pSession->TpProviders, pProv, SUPDRVTPPROVIDER, SessionListEntry)
+        {
+            if (pProv->Core.pHdr == pVtgHdr)
+            {
+                rc = VERR_SUPDRV_VTG_ALREADY_REGISTERED;
+                break;
+            }
+        }
+    }
 …
     while (i-- > 0)
+    {
         PVTGDESCPROVIDER pDesc   = &pVtgHdr->paProviders[i];
+        PVTGDESCPROVIDER pDesc   = (PVTGDESCPROVIDER)((uintptr_t)pVtgHdr + pVtgHdr->offProviders) + i;
         const char      *pszName = supdrvVtgGetString(pVtgHdr, pDesc->offName);
+        size_t const     cchName = strlen(pszName);
+        pProv = (PSUPDRVTPPROVIDER)RTMemAllocZ(RT_OFFSETOF(SUPDRVTPPROVIDER, szName[cchName + 1]));
+        size_t const     cchName = strlen(pszName) + (pUmod ? 16 : 0);
+        pProv = (PSUPDRVTPPROVIDER)RTMemAllocZ(RT_OFFSETOF(SUPDRVTPPROVIDER, szName[cchName + 1 + cchModName + 1]));
         if (pProv)
+        {
+            pProv->Core.pDesc       = pDesc;
+            pProv->Core.pHdr        = pVtgHdr;
+            pProv->Core.pszName     = &pProv->szName[0];
+            pProv->Core.pszModName  = pszModName;
+            pProv->pImage           = pImage;
+            pProv->pSession         = pSession;
+            pProv->fZombie          = false;
+            pProv->fRegistered      = true;
+            memcpy(&pProv->szName[0], pszName, cchName + 1);
+            pProv->Core.pszName         = &pProv->szName[0];
+            pProv->Core.pszModName      = &pProv->szName[cchName + 1];
+            pProv->Core.pDesc           = pDesc;
+            pProv->Core.pHdr            = pVtgHdr;
+            pProv->Core.paProbeLocsRO   = (PCVTGPROBELOC )((uintptr_t)pVtgHdr + pVtgHdr->offProbeLocs);
+            if (!pUmod)
+            {
+                pProv->Core.pvProbeLocsEn   = (void     *)((uintptr_t)pVtgHdr + pVtgHdr->offProbeLocs);
+                pProv->Core.pacProbeEnabled = (uint32_t *)((uintptr_t)pVtgHdr + pVtgHdr->offProbeEnabled);
+                pProv->Core.paR0ProbeLocs   = NULL;
+                pProv->Core.paR0Probes      = NULL;
+                pProv->Core.cbProbeLocsEn   = sizeof(VTGPROBELOC);
+                pProv->Core.cBits           = ARCH_BITS;
+                pProv->Core.fUmod           = false;
+            }
+            else
+            {
+                pProv->Core.pvProbeLocsEn   = pUmod->pvProbeLocs;
+                pProv->Core.pacProbeEnabled = pUmod->pacProbeEnabled;
+                pProv->Core.paR0ProbeLocs   = &pUmod->aProbeLocs[0];
+                pProv->Core.paR0Probes      = (PSUPDRVPROBEINFO)&pUmod->aProbeLocs[pUmod->cProbeLocs];
+                pProv->Core.cbProbeLocsEn   = pUmod->cbProbeLoc;
+                pProv->Core.cBits           = pUmod->cBits;
+                pProv->Core.fUmod           = true;
+            }
+            pProv->pImage               = pImage;
+            pProv->pSession             = pSession;
+            pProv->pUmod                = pUmod;
+            pProv->fZombie              = false;
+            pProv->fRegistered          = true;
+            if (!pUmod)
+                memcpy(pProv->szName, pszName, cchName + 1);
+            else
+                RTStrPrintf(pProv->szName, cchName + 1, "%s%u", pszName, (uint32_t)pSession->Process);
+            memcpy((void *)pProv->Core.pszModName, pszModName, cchModName + 1);
+            /*
+             * Do the actual registration and list manipulations while holding
+             * down the lock.
+             */
             rc = RTSemFastMutexRequest(pDevExt->mtxTracer);
             if (RT_SUCCESS(rc))
 …
+                {
                     RTListAppend(&pDevExt->TracerProviderList, &pProv->ListEntry);
+                    if (pSession)
+                    {
+                        RTListAppend(&pSession->TpProviders, &pProv->SessionListEntry);
+                        pSession->cTpProviders++;
+                    }
+                    else
+                        RTListInit(&pProv->SessionListEntry);
                     RTSemFastMutexRelease(pDevExt->mtxTracer);
                     LOG_TRACER(("Registered tracepoint provider '%s' in '%s' -> %p\n",
 …
                     LOG_TRACER(("Failed to register tracepoint provider '%s' in '%s' -> %Rrc\n",
                                 pProv->szName, pszModName, rc));
-                    RTMemFree(pProv);
+                }
+            }
 …
             rc = VERR_NO_MEMORY;
+        /*
+         * In case of failure, we have to undo any providers we already
+         * managed to register.
+         */
         if (RT_FAILURE(rc))
+        {
             PSUPDRVTPPROVIDER   pProvNext;
+            supdrvTracerFreeProvider(pProv);
+            if (pProv)
+                supdrvTracerFreeProvider(pProv);
             RTSemFastMutexRequest(pDevExt->mtxTracer);
             RTListForEachReverseSafe(&pDevExt->TracerProviderList, pProv, pProvNext, SUPDRVTPPROVIDER, ListEntry)
+            {
                 if (pProv->Core.pHdr == pVtgHdr)
+            if (pImage)
+            {
+                RTListForEachReverseSafe(&pDevExt->TracerProviderList, pProv, pProvNext, SUPDRVTPPROVIDER, ListEntry)
+                {
+                    RTListNodeRemove(&pProv->ListEntry);
+                    supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+                    if (pProv->Core.pHdr == pVtgHdr)
+                        supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+                }
+            }
+            else
+            {
+                RTListForEachSafe(&pSession->TpProviders, pProv, pProvNext, SUPDRVTPPROVIDER, SessionListEntry)
+                {
+                    if (pProv->Core.pHdr == pVtgHdr)
+                        supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+                }
+            }
 …
     LOG_TRACER(("SUPR0TracerRegisterDrv: pSession=%p pVtgHdr=%p pszName=%s\n", pSession, pVtgHdr, pszName));
     rc = supdrvTracerRegisterVtgObj(pSession->pDevExt, pVtgHdr, _1M, NULL /*pImage*/, pSession, pszName);
+    rc = supdrvTracerRegisterVtgObj(pSession->pDevExt, pVtgHdr, NULL /*pImage*/, pSession, NULL /*pUmod*/, pszName);
     /*
 …
      */
     RTSemFastMutexRequest(pDevExt->mtxTracer);
+    RTListForEachSafe(&pDevExt->TracerProviderList, pProv, pProvNext, SUPDRVTPPROVIDER, ListEntry)
+    {
+        if (pProv->pSession == pSession)
+        {
+            RTListNodeRemove(&pProv->ListEntry);
+            supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+        }
+    RTListForEachSafe(&pSession->TpProviders, pProv, pProvNext, SUPDRVTPPROVIDER, SessionListEntry)
+    {
+        supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+    }
     RTSemFastMutexRelease(pDevExt->mtxTracer);
 …
     PSUPDRVLDRIMAGE pImage = (PSUPDRVLDRIMAGE)hMod;
     PSUPDRVDEVEXT   pDevExt;
-    uintptr_t       cbVtgObj;
     int             rc;
 …
     AssertReturn(pDevExt->pLdrInitImage  == pImage, VERR_WRONG_ORDER);
     AssertReturn(pDevExt->hLdrInitThread == RTThreadNativeSelf(), VERR_WRONG_ORDER);
+    /*
+     * Calculate the max VTG object size and hand it over to the common code.
+     */
+    cbVtgObj = (uintptr_t)pVtgHdr - (uintptr_t)pImage->pvImage;
+    AssertMsgReturn(cbVtgObj /*off*/ < pImage->cbImageBits,
+                    ("pVtgHdr=%p offVtgObj=%p cbImageBits=%p\n", pVtgHdr, cbVtgObj, pImage->cbImageBits),
+                    VERR_INVALID_PARAMETER);
+    cbVtgObj = pImage->cbImageBits - cbVtgObj;
+    rc = supdrvTracerRegisterVtgObj(pDevExt, pVtgHdr, cbVtgObj, pImage, NULL, pImage->szName);
+    AssertReturn((uintptr_t)pVtgHdr - (uintptr_t)pImage->pvImage < pImage->cbImageBits, VERR_INVALID_PARAMETER);
+    /*
+     * Do the job.
+     */
+    rc = supdrvTracerRegisterVtgObj(pDevExt, pVtgHdr, pImage, NULL /*pSession*/, NULL /*pUmod*/, pImage->szName);
     LOG_TRACER(("SUPR0TracerRegisterModule: rc=%d\n", rc));
 …
             else
                 LOG_TRACER(("supdrvTracerCommonDeregisterImpl: Waiting on %u opens\n", pDevExt->cTracerOpens));
+        }
+        /* Tracer calls. */
+        if (pDevExt->cTracerCallers)
+        {
+            cZombies++;
+            if (!(i & 0xf))
+                SUPR0Printf("supdrvTracerCommonDeregisterImpl: Waiting on %u callers\n", pDevExt->cTracerCallers);
+            else
+                LOG_TRACER(("supdrvTracerCommonDeregisterImpl: Waiting on %u callers\n", pDevExt->cTracerCallers));
+        }
 …
+        {
             if (pProv->pImage == pImage)
+            {
-                RTListNodeRemove(&pProv->ListEntry);
                 supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+            }
+        }
 …
+{
     /*
+     * If ring-0 session, make sure it has deregistered VTG objects and the tracer.
+     */
+    if (pSession->R0Process == NIL_RTR0PROCESS)
+    {
+        SUPDRVTPPROVIDER *pProvNext;
+        SUPDRVTPPROVIDER *pProv;
+        RTSemFastMutexRequest(pDevExt->mtxTracer);
+        RTListForEachSafe(&pDevExt->TracerProviderList, pProv, pProvNext, SUPDRVTPPROVIDER, ListEntry)
+        {
+            if (pProv->pSession == pSession)
+            {
+                RTListNodeRemove(&pProv->ListEntry);
+                supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+            }
+        }
+        RTSemFastMutexRelease(pDevExt->mtxTracer);
+        (void)SUPR0TracerDeregisterImpl(NULL, pSession);
+    }
+     * Deregister all providers.
+     */
+    SUPDRVTPPROVIDER   *pProvNext;
+    SUPDRVTPPROVIDER   *pProv;
+    RTSemFastMutexRequest(pDevExt->mtxTracer);
+    RTListForEachSafe(&pSession->TpProviders, pProv, pProvNext, SUPDRVTPPROVIDER, SessionListEntry)
+    {
+        supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+    }
+    RTSemFastMutexRelease(pDevExt->mtxTracer);
     /*
 …
     if (pSession->uTracerData)
         supdrvIOCtl_TracerClose(pDevExt, pSession);
+}
+int  VBOXCALL   supdrvIOCtl_TracerUmodRegister(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, RTR3PTR pVtgHdr, const char *pszModName, uint32_t fFlags)
+{
+    return VERR_NOT_IMPLEMENTED;
+}
+int  VBOXCALL   supdrvIOCtl_TracerUmodDeregister(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, RTR3PTR pVtgHdr)
+{
+    return VERR_NOT_IMPLEMENTED;
+}
+void  VBOXCALL  supdrvIOCtl_TracerUmodProbeFire(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PCSUPDRVTRACERUSRCTX pCtx)
+{
+    /*
+     * Deregister any tracer implementation.
+     */
+    if (pSession->R0Process == NIL_RTR0PROCESS)
+        (void)SUPR0TracerDeregisterImpl(NULL, pSession);
+    if (pSession->R0Process != NIL_RTR0PROCESS)
+    {
+        /*
+         * Free any lingering user modules.  We don't bother holding the lock
+         * here as there shouldn't be anyone messing with the session at this
+         * point.
+         */
+        PSUPDRVTRACERUMOD pUmodNext;
+        PSUPDRVTRACERUMOD pUmod;
+        RTListForEachSafe(&pSession->TpUmods, pUmod, pUmodNext, SUPDRVTRACERUMOD, ListEntry)
+        {
+            RTR0MemObjFree(pUmod->hMemObjMap, false /*fFreeMappings*/);
+            RTR0MemObjFree(pUmod->hMemObjLock, false /*fFreeMappings*/);
+            supdrvVtgReleaseObjectCopy(pDevExt, pUmod->pVtgCopy);
+            RTMemFree(pUmod);
+        }
+    }
+}
+static void supdrvVtgReleaseObjectCopy(PSUPDRVDEVEXT pDevExt, PSUPDRVVTGCOPY pThis)
+{
+    uint32_t cRefs = ASMAtomicDecU32(&pThis->cRefs);
+    if (!cRefs)
+    {
+        RTSemFastMutexRequest(pDevExt->mtxTracer);
+        pThis->u32Magic = ~SUDPRVVTGCOPY_MAGIC;
+        RTListNodeRemove(&pThis->ListEntry);
+        RTSemFastMutexRelease(pDevExt->mtxTracer);
+        RTMemFree(pThis);
+    }
+}
+/**
+ * Finds a matching VTG object copy, caller owns the lock already.
+ *
+ * @returns Copy with reference. NULL if not found.
+ * @param   pHashList           The hash list to search.
+ * @param   pHdr                The VTG header (valid).
+ * @param   cbStrTab            The string table size.
+ * @param   fFlags              The user module flags.
+ */
+static PSUPDRVVTGCOPY supdrvVtgFindObjectCopyLocked(PRTLISTANCHOR pHashList, PCVTGOBJHDR pHdr, uint32_t cbStrTab, uint32_t fFlags)
+{
+    PSUPDRVVTGCOPY  pCur;
+    fFlags &= SUP_TRACER_UMOD_FLAGS_TYPE_MASK;
+    RTListForEach(pHashList, pCur, SUPDRVVTGCOPY, ListEntry)
+    {
+#define HDR_EQUALS(member) pCur->Hdr.member == pHdr->member
+        if (   HDR_EQUALS(Uuid.au32[0])
+            && HDR_EQUALS(Uuid.au32[1])
+            && HDR_EQUALS(Uuid.au32[2])
+            && HDR_EQUALS(Uuid.au32[3])
+            && HDR_EQUALS(cbObj)
+            && HDR_EQUALS(cBits)
+            && pCur->cbStrTab == cbStrTab
+            && pCur->fFlags == fFlags
+           )
+        {
+            if (RT_LIKELY(   HDR_EQUALS(offStrTab)
+                          && HDR_EQUALS(cbStrTab)
+                          && HDR_EQUALS(offArgLists)
+                          && HDR_EQUALS(cbArgLists)
+                          && HDR_EQUALS(offProbes)
+                          && HDR_EQUALS(cbProbes)
+                          && HDR_EQUALS(offProviders)
+                          && HDR_EQUALS(cbProviders)
+                          && HDR_EQUALS(offProbeEnabled)
+                          && HDR_EQUALS(cbProbeEnabled)
+                          && HDR_EQUALS(offProbeLocs)
+                          && HDR_EQUALS(cbProbeLocs)
+                         )
+                )
+            {
+                Assert(pCur->cRefs > 0);
+                Assert(pCur->cRefs < _1M);
+                pCur->cRefs++;
+                return pCur;
+            }
+        }
+#undef HDR_EQUALS
+    }
+    return NULL;
+}
+/**
+ * Finds a matching VTG object copy.
+ *
+ * @returns Copy with reference. NULL if not found.
+ * @param   pDevExt             The device extension.
+ * @param   pHdr                The VTG header (valid).
+ * @param   cbStrTab            The string table size.
+ * @param   fFlags              The user module flags.
+ */
+static PSUPDRVVTGCOPY supdrvVtgFindObjectCopy(PSUPDRVDEVEXT pDevExt, PCVTGOBJHDR pHdr, uint32_t cbStrTab, uint32_t fFlags)
+{
+    PRTLISTANCHOR   pHashList = &pDevExt->aTrackerUmodHash[pHdr->Uuid.au8[3] % RT_ELEMENTS(pDevExt->aTrackerUmodHash)];
+    PSUPDRVVTGCOPY pRet;
+    int rc = RTSemFastMutexRequest(pDevExt->mtxTracer);
+    AssertRCReturn(rc, NULL);
+    pRet = supdrvVtgFindObjectCopyLocked(pHashList, pHdr, cbStrTab, fFlags);
+    RTSemFastMutexRelease(pDevExt->mtxTracer);
+    return pRet;
+}
+/**
+ * Makes a shared copy of the VTG object.
+ *
+ * @returns VBox status code.
+ * @param   pDevExt             The device extension.
+ * @param   pVtgHdr             The VTG header (valid).
+ * @param   R3PtrVtgHdr         The ring-3 VTG header address.
+ * @param   uVtgHdrAddr         The address of the VTG header in the context
+ *                              where it is actually used.
+ * @param   R3PtrStrTab         The ring-3 address of the probe location string
+ *                              table.  The probe location array have offsets
+ *                              into this instead of funciton name pointers.
+ * @param   cbStrTab            The size of the probe location string table.
+ * @param   fFlags              The user module flags.
+ * @param   pUmod               The structure we've allocated to track the
+ *                              module.  This have a valid kernel mapping of the
+ *                              probe location array.  Upon successful return,
+ *                              the pVtgCopy member will hold the address of our
+ *                              copy (with a referenced of course).
+ */
+static int supdrvVtgCreateObjectCopy(PSUPDRVDEVEXT pDevExt, PCVTGOBJHDR pVtgHdr, RTR3PTR R3PtrVtgHdr, RTUINTPTR uVtgHdrAddr,
+                                     RTR3PTR R3PtrStrTab, uint32_t cbStrTab, uint32_t fFlags, PSUPDRVTRACERUMOD pUmod)
+{
+    /*
+     * Calculate the space required, allocate and copy in the data.
+     */
+    int             rc;
+    size_t const    cProbeLocs   = pVtgHdr->cbProbeLocs / (pVtgHdr->cBits == 32 ? sizeof(VTGPROBELOC32) : sizeof(VTGPROBELOC64));
+    size_t const    cbProbeLocs  = cProbeLocs * sizeof(VTGPROBELOC);
+    size_t const    offProbeLocs = RT_ALIGN(pVtgHdr->cbObj, 8);
+    size_t const    cb           = offProbeLocs + cbProbeLocs + cbStrTab + 1;
+    PSUPDRVVTGCOPY  pThis = (PSUPDRVVTGCOPY)RTMemAlloc(RT_OFFSETOF(SUPDRVVTGCOPY, Hdr) + cb);
+    if (!pThis)
+        return VERR_NO_MEMORY;
+    pThis->u32Magic = SUDPRVVTGCOPY_MAGIC;
+    pThis->cRefs    = 1;
+    pThis->cbStrTab = cbStrTab;
+    pThis->fFlags   = fFlags & SUP_TRACER_UMOD_FLAGS_TYPE_MASK;
+    RTListInit(&pThis->ListEntry);
+    rc = RTR0MemUserCopyFrom(&pThis->Hdr, R3PtrVtgHdr, pVtgHdr->cbObj);
+    if (RT_SUCCESS(rc))
+    {
+        char  *pchStrTab = (char *)&pThis->Hdr + offProbeLocs + cbProbeLocs;
+        rc = RTR0MemUserCopyFrom(pchStrTab, R3PtrStrTab, cbStrTab);
+        if (RT_SUCCESS(rc))
+        {
+            PVTGPROBELOC    paDst = (PVTGPROBELOC)((char *)&pThis->Hdr + offProbeLocs);
+            uint32_t        i;
+            /*
+             * Some paranoia: Overwrite the header with the copy we've already
+             * validated and zero terminate the string table.
+             */
+            pThis->Hdr = *pVtgHdr;
+            pchStrTab[cbStrTab] = '\0';
+            /*
+             * Set the probe location array related header members since we're
+             * making our own copy in a different location.
+             */
+            pThis->Hdr.uProbeLocs.u64     = (uintptr_t)paDst;
+            pThis->Hdr.uProbeLocsEnd.u64  = (uintptr_t)paDst + cbProbeLocs;
+            pThis->Hdr.offProbeLocs       = offProbeLocs;
+            pThis->Hdr.cbProbeLocs        = cbProbeLocs;
+            pThis->Hdr.cBits              = ARCH_BITS;
+            /*
+             * Copy, convert and fix up the the probe location table.
+             */
+            if (pVtgHdr->cBits == 32)
+            {
+                uintptr_t const offDelta = (uintptr_t)&pThis->Hdr - uVtgHdrAddr;
+                PCVTGPROBELOC32 paSrc    = (PCVTGPROBELOC32)pUmod->pvProbeLocs;
+                for (i = 0; i < cProbeLocs; i++)
+                {
+                    paDst[i].uLine    = paSrc[i].uLine;
+                    paDst[i].fEnabled = paSrc[i].fEnabled;
+                    paDst[i].idProbe  = paSrc[i].idProbe;
+                    if (paSrc[i].pszFunction > cbStrTab)
+                    {
+                        rc = VERR_SUPDRV_TRACER_UMOD_STRTAB_OFF_BAD;
+                        break;
+                    }
+                    paDst[i].pszFunction = pchStrTab + paSrc[i].pszFunction;
+                    paDst[i].pbProbe     = (uint8_t *)(paSrc[i].pbProbe + offDelta);
+                }
+            }
+            else
+            {
+                uint64_t const  offDelta = (uintptr_t)&pThis->Hdr - uVtgHdrAddr;
+                PCVTGPROBELOC64 paSrc    = (PCVTGPROBELOC64)pUmod->pvProbeLocs;
+                for (i = 0; i < cProbeLocs; i++)
+                {
+                    paDst[i].uLine    = paSrc[i].uLine;
+                    paDst[i].fEnabled = paSrc[i].fEnabled;
+                    paDst[i].idProbe  = paSrc[i].idProbe;
+                    if (paSrc[i].pszFunction > cbStrTab)
+                    {
+                        rc = VERR_SUPDRV_TRACER_UMOD_STRTAB_OFF_BAD;
+                        break;
+                    }
+                    paDst[i].pszFunction = pchStrTab + (uintptr_t)paSrc[i].pszFunction;
+                    paDst[i].pbProbe     = (uint8_t *)(uintptr_t)(paSrc[i].pbProbe + offDelta);
+                }
+            }
+            /*
+             * Validate it
+             *
+             * Note! fUmod is false as this is a kernel copy with all native
+             *       structures.
+             */
+            if (RT_SUCCESS(rc))
+                rc = supdrvVtgValidate(&pThis->Hdr, (uintptr_t)&pThis->Hdr, (uint8_t *)&pThis->Hdr, cb, false /*fUmod*/);
+            if (RT_SUCCESS(rc))
+            {
+                /*
+                 * Add it to the hash list, making sure nobody raced us.
+                 */
+                PRTLISTANCHOR pHashList = &pDevExt->aTrackerUmodHash[  pVtgHdr->Uuid.au8[3]
+                                                                     % RT_ELEMENTS(pDevExt->aTrackerUmodHash)];
+                rc = RTSemFastMutexRequest(pDevExt->mtxTracer);
+                if (RT_SUCCESS(rc))
+                {
+                    pUmod->pVtgCopy = supdrvVtgFindObjectCopyLocked(pHashList, pVtgHdr, cbStrTab, fFlags);
+                    if (!pUmod->pVtgCopy)
+                    {
+                        pUmod->pVtgCopy = pThis;
+                        RTListAppend(pHashList, &pThis->ListEntry);
+                        RTSemFastMutexRelease(pDevExt->mtxTracer);
+                        return rc;
+                    }
+                    /*
+                     * Someone raced us, free our copy and return the existing
+                     * one instead.
+                     */
+                    RTSemFastMutexRelease(pDevExt->mtxTracer);
+                }
+            }
+        }
+    }
+    RTMemFree(pThis);
+    return rc;
+}
+/**
+ * Undoes what supdrvTracerUmodSetProbeIds did.
+ *
+ * @param   pDevExt             The device extension.
+ * @param   pSession            The current session.
+ * @param   pUmod               The user tracepoint module.
+ */
+static void supdrvTracerUmodClearProbeIds(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PSUPDRVTRACERUMOD pUmod)
+{
+    uint32_t i;
+    AssertReturnVoid(pUmod->iLookupTable < RT_ELEMENTS(pSession->apTpLookupTable));
+    AssertReturnVoid(pSession->apTpLookupTable[pUmod->iLookupTable] == pUmod);
+    /*
+     * Clear the probe IDs and disable the probes.
+     */
+    i = pUmod->cProbeLocs;
+    if (pUmod->cBits == 32)
+    {
+        PVTGPROBELOC32 paProbeLocs = (PVTGPROBELOC32)pUmod->pvProbeLocs;
+        while (i-- > 0)
+            paProbeLocs[i].idProbe = 0;
+    }
+    else
+    {
+        PVTGPROBELOC64 paProbeLocs = (PVTGPROBELOC64)pUmod->pvProbeLocs;
+        while (i-- > 0)
+            paProbeLocs[i].idProbe = 0;
+    }
+    /*
+     * Free the lookup table entry.  We'll have to wait for the table to go
+     * idle to make sure there are no current users of pUmod.
+     */
+    RTSemFastMutexRequest(pDevExt->mtxTracer);
+    if (pSession->apTpLookupTable[pUmod->iLookupTable] == pUmod)
+    {
+        if (pSession->cTpProbesFiring > 0)
+        {
+            uint32_t i = 0;
+            while (pSession->cTpProbesFiring > 0)
+            {
+                RTSemFastMutexRelease(pDevExt->mtxTracer);
+                i++;
+                if (!(i & 0xff))
+                    SUPR0Printf("supdrvTracerUmodClearProbeIds: waiting for lookup table to go idle (i=%u)\n", i);
+                RTThreadSleep(10);
+                RTSemFastMutexRequest(pDevExt->mtxTracer);
+            }
+        }
+        ASMAtomicWriteNullPtr(&pSession->apTpLookupTable[pUmod->iLookupTable]);
+    }
+    RTSemFastMutexRelease(pDevExt->mtxTracer);
+}
+/**
+ * Allocates a lookup table entry for the Umod and sets the
+ * VTGPROBELOC::idProbe fields in user mode.
+ *
+ * @returns VINF_SUCCESS or VERR_SUPDRV_TRACER_TOO_MANY_PROVIDERS.
+ * @param   pDevExt             The device extension.
+ * @param   pSession            The current session.
+ * @param   pUmod               The user tracepoint module.
+ */
+static int supdrvTracerUmodSetProbeIds(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PSUPDRVTRACERUMOD pUmod)
+{
+    uint32_t iBase;
+    uint32_t i;
+    /*
+     * Allocate a lookup table entry.
+     */
+    RTSemFastMutexRequest(pDevExt->mtxTracer);
+    for (i = 0; i < RT_ELEMENTS(pSession->apTpLookupTable); i++)
+    {
+        if (!pSession->apTpLookupTable[i])
+        {
+            pSession->apTpLookupTable[i] = pUmod;
+            pUmod->iLookupTable = i;
+            break;
+        }
+    }
+    RTSemFastMutexRelease(pDevExt->mtxTracer);
+    if (i >= RT_ELEMENTS(pSession->apTpLookupTable))
+        return VERR_SUPDRV_TRACER_TOO_MANY_PROVIDERS;
+    /*
+     * Set probe IDs of the usermode probe location to indicate our lookup
+     * table entry as well as the probe location array entry.
+     */
+    iBase = (uint32_t)pUmod->iLookupTable << 24;
+    i = pUmod->cProbeLocs;
+    if (pUmod->cBits == 32)
+    {
+        PVTGPROBELOC32 paProbeLocs = (PVTGPROBELOC32)pUmod->pvProbeLocs;
+        while (i-- > 0)
+            paProbeLocs[i].idProbe = iBase | i;
+    }
+    else
+    {
+        PVTGPROBELOC64 paProbeLocs = (PVTGPROBELOC64)pUmod->pvProbeLocs;
+        while (i-- > 0)
+            paProbeLocs[i].idProbe = iBase | i;
+    }
+    return VINF_SUCCESS;
+}
+int  VBOXCALL   supdrvIOCtl_TracerUmodRegister(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession,
+                                               RTR3PTR R3PtrVtgHdr, RTUINTPTR uVtgHdrAddr,
+                                               RTR3PTR R3PtrStrTab, uint32_t cbStrTab,
+                                               const char *pszModName, uint32_t fFlags)
+{
+    VTGOBJHDR           Hdr;
+    PSUPDRVTRACERUMOD   pUmod;
+    RTR3PTR             R3PtrLock;
+    size_t              cbLock;
+    uint32_t            cProbeLocs;
+    int                 rc;
+    /*
+     * Validate input.
+     */
+    if (pSession->R0Process == NIL_RTR0PROCESS)
+        return VERR_INVALID_CONTEXT;
+    if (   fFlags != SUP_TRACER_UMOD_FLAGS_EXE
+        && fFlags != SUP_TRACER_UMOD_FLAGS_SHARED)
+        return VERR_INVALID_PARAMETER;
+    if (pSession->cTpProviders >= RT_ELEMENTS(pSession->apTpLookupTable))
+        return VERR_SUPDRV_TRACER_TOO_MANY_PROVIDERS;
+    if (   cbStrTab < 2
+        || cbStrTab > _1M)
+        return VERR_SUPDRV_TRACER_UMOD_STRTAB_TOO_BIG;
+    /*
+     * Read the VTG header into a temporary buffer and perform some simple
+     * validations to make sure we aren't wasting our time here.
+     */
+    rc = RTR0MemUserCopyFrom(&Hdr, R3PtrVtgHdr, sizeof(Hdr));
+    if (RT_FAILURE(rc))
+        return rc;
+    rc = supdrvVtgValidateHdr(&Hdr, uVtgHdrAddr, NULL, 0, true /*fUmod*/);
+    if (RT_FAILURE(rc))
+        return rc;
+    if (Hdr.cbProviders / sizeof(VTGDESCPROVIDER) > 2)
+        return VERR_SUPDRV_TRACER_TOO_MANY_PROVIDERS;
+    /*
+     * Check how much needs to be locked down and how many probe locations
+     * there are.
+     */
+    if (   Hdr.offProbeLocs <= 0
+        || Hdr.offProbeEnabled > (uint32_t)Hdr.offProbeLocs
+        || (uint32_t)Hdr.offProbeLocs - Hdr.offProbeEnabled - Hdr.cbProbeEnabled > 128)
+        return VERR_SUPDRV_TRACER_UMOD_NOT_ADJACENT;
+    R3PtrLock  = R3PtrVtgHdr + Hdr.offProbeEnabled;
+    cbLock     = Hdr.offProbeLocs + Hdr.cbProbeLocs - Hdr.offProbeEnabled + (R3PtrLock & PAGE_OFFSET_MASK);
+    R3PtrLock &= ~(RTR3PTR)PAGE_OFFSET_MASK;
+    if (cbLock > _64K)
+        return VERR_SUPDRV_TRACER_UMOD_TOO_MANY_PROBES;
+    cProbeLocs = Hdr.cbProbeLocs / (Hdr.cBits == 32 ? sizeof(VTGPROBELOC32) : sizeof(VTGPROBELOC64));
+    /*
+     * Allocate the tracker data we keep in the session.
+     */
+    pUmod = (PSUPDRVTRACERUMOD)RTMemAllocZ(  RT_OFFSETOF(SUPDRVTRACERUMOD, aProbeLocs[cProbeLocs])
+                                           + (Hdr.cbProbeEnabled / sizeof(uint32_t) * sizeof(SUPDRVPROBEINFO)) );
+    if (!pUmod)
+        return VERR_NO_MEMORY;
+    pUmod->u32Magic         = SUPDRVTRACERUMOD_MAGIC;
+    RTListInit(&pUmod->ListEntry);
+    pUmod->R3PtrVtgHdr      = R3PtrVtgHdr;
+    pUmod->pVtgCopy         = NULL;
+    pUmod->hMemObjLock      = NIL_RTR0MEMOBJ;
+    pUmod->hMemObjMap       = NIL_RTR0MEMOBJ;
+    pUmod->R3PtrProbeLocs   = (RTR3INTPTR)R3PtrVtgHdr + Hdr.offProbeLocs;
+    pUmod->iLookupTable     = UINT8_MAX;
+    pUmod->cBits            = Hdr.cBits;
+    pUmod->cbProbeLoc       = Hdr.cBits == 32 ? sizeof(VTGPROBELOC32) : sizeof(VTGPROBELOC64);
+    pUmod->cProbeLocs       = cProbeLocs;
+    /*
+     * Lock down and map the user-mode structures.
+     */
+    rc = RTR0MemObjLockUser(&pUmod->hMemObjLock, R3PtrLock, cbLock, RTMEM_PROT_READ | RTMEM_PROT_WRITE, NIL_RTR0PROCESS);
+    if (RT_SUCCESS(rc))
+    {
+        rc = RTR0MemObjMapKernel(&pUmod->hMemObjMap, pUmod->hMemObjLock, (void *)-1, 0, RTMEM_PROT_READ | RTMEM_PROT_WRITE);
+        if (RT_SUCCESS(rc))
+        {
+            pUmod->pacProbeEnabled  = (uint32_t *)(  (uintptr_t)RTR0MemObjAddress(pUmod->hMemObjMap)
+                                                   + ((uintptr_t)(R3PtrVtgHdr + Hdr.offProbeEnabled) & PAGE_OFFSET_MASK));
+            pUmod->pvProbeLocs      = (uint8_t *)pUmod->pacProbeEnabled + Hdr.offProbeLocs - Hdr.offProbeEnabled;
+            /*
+             * Does some other process use the same module already?  If so,
+             * share the VTG data with it.  Otherwise, make a ring-0 copy it.
+             */
+            pUmod->pVtgCopy = supdrvVtgFindObjectCopy(pDevExt, &Hdr, cbStrTab, fFlags);
+            if (!pUmod->pVtgCopy)
+                rc = supdrvVtgCreateObjectCopy(pDevExt, &Hdr, R3PtrVtgHdr, uVtgHdrAddr, R3PtrStrTab, cbStrTab, fFlags, pUmod);
+            if (RT_SUCCESS(rc))
+            {
+                AssertPtr(pUmod->pVtgCopy);
+                /*
+                 * Grabe a place in apTpLookupTable and set the probe IDs
+                 * accordingly.
+                 */
+                rc = supdrvTracerUmodSetProbeIds(pDevExt, pSession, pUmod);
+                if (RT_SUCCESS(rc))
+                {
+                    /*
+                     * Register the providers.
+                     */
+                    rc = supdrvTracerRegisterVtgObj(pDevExt, &pUmod->pVtgCopy->Hdr,
+                                                    NULL /*pImage*/, pSession, pUmod, pszModName);
+                    if (RT_SUCCESS(rc))
+                    {
+                        RTSemFastMutexRequest(pDevExt->mtxTracer);
+                        RTListAppend(&pSession->TpUmods, &pUmod->ListEntry);
+                        RTSemFastMutexRelease(pDevExt->mtxTracer);
+                        return VINF_SUCCESS;
+                    }
+                    /* bail out. */
+                    supdrvTracerUmodClearProbeIds(pDevExt, pSession, pUmod);
+                }
+                supdrvVtgReleaseObjectCopy(pDevExt, pUmod->pVtgCopy);
+            }
+            RTR0MemObjFree(pUmod->hMemObjMap, false /*fFreeMappings*/);
+        }
+        RTR0MemObjFree(pUmod->hMemObjLock, false /*fFreeMappings*/);
+    }
+    pUmod->u32Magic = ~SUPDRVTRACERUMOD_MAGIC;
+    RTMemFree(pUmod);
+    return rc;
+}
+int  VBOXCALL   supdrvIOCtl_TracerUmodDeregister(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, RTR3PTR R3PtrVtgHdr)
+{
+    PSUPDRVTRACERUMOD   pUmod = NULL;
+    uint32_t            i;
+    int                 rc;
+    /*
+     * Validate the request.
+     */
+    RTSemFastMutexRequest(pDevExt->mtxTracer);
+    for (i = 0; i < RT_ELEMENTS(pSession->apTpLookupTable); i++)
+    {
+        pUmod = pSession->apTpLookupTable[i];
+        if (   pUmod
+            && pUmod->u32Magic    == SUPDRVTRACERUMOD_MAGIC
+            && pUmod->R3PtrVtgHdr == R3PtrVtgHdr)
+            break;
+    }
+    RTSemFastMutexRelease(pDevExt->mtxTracer);
+    if (pUmod)
+    {
+        SUPDRVTPPROVIDER   *pProvNext;
+        SUPDRVTPPROVIDER   *pProv;
+        /*
+         * Remove ourselves from the lookup table and clean up the ring-3 bits
+         * we've dirtied.  We do this first to make sure no probes are firing
+         * when we're destroying the providers in the next step.
+         */
+        supdrvTracerUmodClearProbeIds(pDevExt, pSession, pUmod);
+        /*
+         * Deregister providers related to the VTG object.
+         */
+        RTSemFastMutexRequest(pDevExt->mtxTracer);
+        RTListForEachSafe(&pSession->TpProviders, pProv, pProvNext, SUPDRVTPPROVIDER, SessionListEntry)
+        {
+            if (pProv->pUmod == pUmod)
+                supdrvTracerDeregisterVtgObj(pDevExt, pProv);
+        }
+        RTSemFastMutexRelease(pDevExt->mtxTracer);
+        /*
+         * Destroy the Umod object.
+         */
+        pUmod->u32Magic = ~SUPDRVTRACERUMOD_MAGIC;
+        supdrvVtgReleaseObjectCopy(pDevExt, pUmod->pVtgCopy);
+        RTR0MemObjFree(pUmod->hMemObjMap, false /*fFreeMappings*/);
+        RTR0MemObjFree(pUmod->hMemObjLock, false /*fFreeMappings*/);
+        RTMemFree(pUmod);
+    }
+    else
+        rc = VERR_NOT_FOUND;
+    return rc;
+}
+/**
+ * Implementation of supdrvIOCtl_TracerUmodProbeFire and
+ * SUPR0TracerUmodProbeFire.
+ *
+ * @param   pDevExt             The device extension.
+ * @param   pSession            The calling session.
+ * @param   pCtx                The context record.
+ */
+static void supdrvTracerUmodProbeFire(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PSUPDRVTRACERUSRCTX pCtx)
+{
+    /*
+     * We cannot trust user mode to hand us the right bits nor not calling us
+     * when disabled.  So, we have to check for our selves.
+     */
+    PSUPDRVTRACERUMOD   pUmod;
+    uint32_t const      iLookupTable = pCtx->idProbe >> 24;
+    uint32_t const      iProbeLoc    = pCtx->idProbe & UINT32_C(0x00ffffff);
+    if (RT_UNLIKELY(   !pDevExt->pTracerOps
+                    || pDevExt->fTracerUnloading))
+        return;
+    if (RT_UNLIKELY(iLookupTable >= RT_ELEMENTS(pSession->apTpLookupTable)))
+        return;
+    if (RT_UNLIKELY(   pCtx->cBits != 32
+                    && pCtx->cBits != 64))
+        return;
+    ASMAtomicIncU32(&pSession->cTpProviders);
+    pUmod = pSession->apTpLookupTable[iLookupTable];
+    if (RT_LIKELY(pUmod))
+    {
+        if (RT_LIKELY(   pUmod->u32Magic == SUPDRVTRACERUMOD_MAGIC
+                      && iProbeLoc < pUmod->cProbeLocs
+                      && pCtx->cBits == pUmod->cBits))
+        {
+            RTR3PTR R3PtrProbeLoc = pUmod->R3PtrProbeLocs + iProbeLoc * pUmod->cbProbeLoc;
+            if (RT_LIKELY(   (pCtx->cBits == 32 ? (RTR3PTR)pCtx->u.X86.uVtgProbeLoc : pCtx->u.Amd64.uVtgProbeLoc)
+                          == R3PtrProbeLoc))
+            {
+                if (RT_LIKELY(pUmod->aProbeLocs[iProbeLoc].fEnabled))
+                {
+                    ASMAtomicIncU32(&pDevExt->cTracerCallers);
+                    if (RT_LIKELY(   pDevExt->pTracerOps
+                                  && !pDevExt->fTracerUnloading))
+                    {
+                        pCtx->idProbe = pUmod->aProbeLocs[iProbeLoc].idProbe;
+                        pDevExt->pTracerOps->pfnProbeFireUser(pDevExt->pTracerOps, pSession, pCtx);
+                    }
+                    ASMAtomicDecU32(&pDevExt->cTracerCallers);
+                }
+            }
+        }
+    }
+    ASMAtomicDecU32(&pSession->cTpProviders);
+}
+SUPR0DECL(void) SUPR0TracerUmodProbeFire(PSUPDRVSESSION pSession, PSUPDRVTRACERUSRCTX pCtx)
+{
+    AssertReturnVoid(SUP_IS_SESSION_VALID(pSession));
+    AssertPtrReturnVoid(pCtx);
+    supdrvTracerUmodProbeFire(pSession->pDevExt, pSession, pCtx);
+}
+void  VBOXCALL  supdrvIOCtl_TracerUmodProbeFire(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PSUPDRVTRACERUSRCTX pCtx)
+{
+    supdrvTracerUmodProbeFire(pDevExt, pSession, pCtx);
+}
 …
     if (RT_SUCCESS(rc))
+    {
+        uint32_t i;
         pDevExt->TracerHlp.uVersion    = SUPDRVTRACERHLP_VERSION;
         /** @todo  */
 …
         RTListInit(&pDevExt->TracerProviderList);
         RTListInit(&pDevExt->TracerProviderZombieList);
+        for (i = 0; i < RT_ELEMENTS(pDevExt->aTrackerUmodHash); i++)
+            RTListInit(&pDevExt->aTrackerUmodHash[i]);
 #ifdef VBOX_WITH_NATIVE_DTRACE
 …
          */
 #ifdef VBOX_WITH_DTRACE_R0DRV
         rc = supdrvTracerRegisterVtgObj(pDevExt, &g_VTGObjHeader, _1M, NULL /*pImage*/, NULL /*pSession*/, "vboxdrv");
+        rc = supdrvTracerRegisterVtgObj(pDevExt, &g_VTGObjHeader, NULL /*pImage*/, NULL /*pSession*/, NULL /*pUmod*/, "vboxdrv");
         if (RT_SUCCESS(rc))
             return rc;

trunk/src/VBox/HostDrivers/Support/SUPLib.cpp

-              r40981
+              r41117
 #include <VBox/param.h>
 #include <VBox/log.h>
+#include <VBox/VBoxTpG.h>
 #include <iprt/assert.h>
 …
+SUPDECL(void) SUPTracerFireProbe(struct VTGPROBELOC *pVtgProbeLoc, uintptr_t uArg0, uintptr_t uArg1, uintptr_t uArg2,
+                                 uintptr_t uArg3, uintptr_t uArg4)
+{
+    /* C and stubbed for now. */
+}
+SUPR3DECL(int) SUPR3TracerRegisterModule(uintptr_t hModNative, const char *pszModule, struct VTGOBJHDR *pVtgHdr, uint32_t fFlags)
+typedef struct SUPDRVTRACERSTRTAB
+{
+    /** Pointer to the string table. */
+    char       *pchStrTab;
+    /** The actual string table size. */
+    uint32_t    cbStrTab;
+    /** The original string pointers. */
+    RTUINTPTR   apszOrgFunctions[1];
+} SUPDRVTRACERSTRTAB, *PSUPDRVTRACERSTRTAB;
+/**
+ * Destroys a string table, restoring the original pszFunction member valus.
+ *
+ * @param   pThis               The string table structure.
+ * @param   paProbLocs          The probe location array.
+ * @param   cProbLocs           The number of probe locations.
+ */
+static void supr3TracerDestroyStrTab(PSUPDRVTRACERSTRTAB pThis, PVTGPROBELOC32 paProbeLocs32, PVTGPROBELOC64 paProbeLocs64,
+                                     uint32_t cProbeLocs, bool f32Bit)
+{
+    /* Restore. */
+    size_t i = cProbeLocs;
+    if (f32Bit)
+        while (i--)
+            paProbeLocs32[i].pszFunction = (uint32_t)pThis->apszOrgFunctions[i];
+    else
+        while (i--)
+            paProbeLocs64[i].pszFunction = pThis->apszOrgFunctions[i];
+    /* Free. */
+    RTMemFree(pThis->pchStrTab);
+    RTMemFree(pThis);
+}
+/**
+ * Creates a string table for the pszFunction members in the probe location
+ * array.
+ *
+ * This will save and replace the pszFunction members with offsets.
+ *
+ * @returns Pointer to a string table structure.  NULL on failure.
+ * @param   paProbLocs          The probe location array.
+ * @param   cProbLocs           The number of elements in the array.
+ * @param   cBits
+ */
+static PSUPDRVTRACERSTRTAB supr3TracerCreateStrTab(PVTGPROBELOC32 paProbeLocs32,
+                                                   PVTGPROBELOC64 paProbeLocs64,
+                                                   uint32_t cProbeLocs,
+                                                   RTUINTPTR offDelta,
+                                                   bool f32Bit)
+{
+    if (cProbeLocs > _128K)
+        return NULL;
+    /*
+     * Allocate the string table structures.
+     */
+    size_t              cbThis    = RT_OFFSETOF(SUPDRVTRACERSTRTAB, apszOrgFunctions[cProbeLocs]);
+    PSUPDRVTRACERSTRTAB pThis     = (PSUPDRVTRACERSTRTAB)RTMemAlloc(cbThis);
+    if (!pThis)
+        return NULL;
+    uint32_t const      cHashBits = cProbeLocs * 2 - 1;
+    uint32_t           *pbmHash   = (uint32_t *)RTMemAllocZ(RT_ALIGN_32(cHashBits, 64) / 8 );
+    if (!pbmHash)
+    {
+        RTMemFree(pThis);
+        return NULL;
+    }
+    /*
+     * Calc the max string table size and save the orignal pointers so we can
+     * replace them later.
+     */
+    size_t cbMax = 1;
+    for (uint32_t i = 0; i < cProbeLocs; i++)
+    {
+        pThis->apszOrgFunctions[i] = f32Bit ? paProbeLocs32[i].pszFunction : paProbeLocs64[i].pszFunction;
+        const char *pszFunction = (const char *)(uintptr_t)(pThis->apszOrgFunctions[i] + offDelta);
+        size_t cch = strlen(pszFunction);
+        if (cch > _1K)
+        {
+            cbMax = 0;
+            break;
+        }
+        cbMax += cch + 1;
+    }
+    /* Alloc space for it. */
+    if (cbMax > 0)
+        pThis->pchStrTab = (char *)RTMemAlloc(cbMax);
+    else
+        pThis->pchStrTab = NULL;
+    if (!pThis->pchStrTab)
+    {
+        RTMemFree(pbmHash);
+        RTMemFree(pThis);
+        return NULL;
+    }
+    /*
+     * Create the string table.
+     */
+    uint32_t off = 0;
+    uint32_t offPrev = 0;
+    for (uint32_t i = 0; i < cProbeLocs; i++)
+    {
+        const char * const psz      = (const char *)(uintptr_t)(pThis->apszOrgFunctions[i] + offDelta);
+        size_t       const cch      = strlen(psz);
+        uint32_t     const iHashBit = RTStrHash1(psz) % cHashBits;
+        if (ASMBitTestAndSet(pbmHash, iHashBit))
+        {
+            /* Often it's the most recent string. */
+            if (   off - offPrev < cch + 1
+                || memcmp(&pThis->pchStrTab[offPrev], psz, cch + 1))
+            {
+                /* It wasn't, search the entire string table. (lazy bird) */
+                offPrev = 0;
+                while (offPrev < off)
+                {
+                    size_t cchCur = strlen(&pThis->pchStrTab[offPrev]);
+                    if (   cchCur == cch
+                        && !memcmp(&pThis->pchStrTab[offPrev], psz, cch + 1))
+                        break;
+                    offPrev += (uint32_t)cchCur + 1;
+                }
+            }
+        }
+        else
+            offPrev = off;
+        /* Add the string to the table. */
+        if (offPrev >= off)
+        {
+            memcpy(&pThis->pchStrTab[off], psz, cch + 1);
+            offPrev = off;
+            off += (uint32_t)cch + 1;
+        }
+        /* Update the entry */
+        if (f32Bit)
+            paProbeLocs32[i].pszFunction = offPrev;
+        else
+            paProbeLocs64[i].pszFunction = offPrev;
+    }
+    pThis->cbStrTab = off;
+    RTMemFree(pbmHash);
+    return pThis;
+}
+SUPR3DECL(int) SUPR3TracerRegisterModule(uintptr_t hModNative, const char *pszModule, struct VTGOBJHDR *pVtgHdr,
+                                         RTUINTPTR uVtgHdrAddr, uint32_t fFlags)
+{
     /* Validate input. */
     NOREF(hModNative);
     AssertPtrReturn(pVtgHdr, VERR_INVALID_POINTER);
+    AssertReturn(!memcmp(pVtgHdr->szMagic, VTGOBJHDR_MAGIC, sizeof(pVtgHdr->szMagic)), VERR_SUPDRV_VTG_MAGIC);
     AssertPtrReturn(pszModule, VERR_INVALID_POINTER);
     size_t cchModule = strlen(pszModule);
 …
     AssertReturn(fFlags == SUP_TRACER_UMOD_FLAGS_EXE || fFlags == SUP_TRACER_UMOD_FLAGS_SHARED, VERR_INVALID_PARAMETER);
+    /* fake */
+    /*
+     * Set the probe location array offset and size members. If the size is
+     * zero, don't bother ring-0 with it.
+     */
+    if (!pVtgHdr->offProbeLocs)
+    {
+        uint64_t u64Tmp = pVtgHdr->uProbeLocsEnd.u64 - pVtgHdr->uProbeLocs.u64;
+        if (u64Tmp >= UINT32_MAX)
+            return VERR_SUPDRV_VTG_BAD_HDR_TOO_MUCH;
+        pVtgHdr->cbProbeLocs  = (uint32_t)u64Tmp;
+        u64Tmp = pVtgHdr->uProbeLocs.u64 - (uintptr_t)pVtgHdr;
+        if ((int64_t)u64Tmp != (int32_t)u64Tmp)
+            return VERR_SUPDRV_VTG_BAD_HDR_PTR;
+        pVtgHdr->offProbeLocs = (int32_t)u64Tmp;
+    }
+    if (   !pVtgHdr->cbProbeLocs
+        || !pVtgHdr->cbProbes)
+        return VINF_SUCCESS;
+    /*
+     * Fake out.
+     */
     if (RT_UNLIKELY(g_u32FakeMode))
         return VINF_SUCCESS;
+    /*
+     * Create a string table for the function names in the location array.
+     * It's somewhat easier to do that here than from ring-0.
+     */
+    size_t const        cProbeLocs  = pVtgHdr->cbProbeLocs
+                                    / (pVtgHdr->cBits == 32 ? sizeof(VTGPROBELOC32) : sizeof(VTGPROBELOC64));
+    PVTGPROBELOC        paProbeLocs = (PVTGPROBELOC)((uintptr_t)pVtgHdr + pVtgHdr->offProbeLocs);
+    PSUPDRVTRACERSTRTAB pStrTab     = supr3TracerCreateStrTab((PVTGPROBELOC32)paProbeLocs,
+                                                              (PVTGPROBELOC64)paProbeLocs,
+                                                              cProbeLocs, (uintptr_t)pVtgHdr - uVtgHdrAddr,
+                                                              pVtgHdr->cBits == 32);
+    if (!pStrTab)
+        return VERR_NO_MEMORY;
     /*
 …
     Req.Hdr.fFlags          = SUPREQHDR_FLAGS_DEFAULT;
     Req.Hdr.rc              = VERR_INTERNAL_ERROR;
+    Req.u.In.pVtgHdr        = pVtgHdr;
+    Req.u.In.uVtgHdrAddr    = uVtgHdrAddr;
+    Req.u.In.R3PtrVtgHdr    = pVtgHdr;
+    Req.u.In.R3PtrStrTab    = pStrTab->pchStrTab;
+    Req.u.In.cbStrTab       = pStrTab->cbStrTab;
     Req.u.In.fFlags         = fFlags;
 …
     if (RT_SUCCESS(rc))
         rc = Req.Hdr.rc;
+    supr3TracerDestroyStrTab(pStrTab, (PVTGPROBELOC32)paProbeLocs, (PVTGPROBELOC64)paProbeLocs,
+                             cProbeLocs,  pVtgHdr->cBits == 32);
     return rc;
+}
 …
     /* Validate input. */
     AssertPtrReturn(pVtgHdr, VERR_INVALID_POINTER);
+    /* fake */
+    AssertReturn(!memcmp(pVtgHdr->szMagic, VTGOBJHDR_MAGIC, sizeof(pVtgHdr->szMagic)), VERR_SUPDRV_VTG_MAGIC);
+    /*
+     * Don't bother if the object is empty.
+     */
+    if (   !pVtgHdr->cbProbeLocs
+        || !pVtgHdr->cbProbes)
+        return VINF_SUCCESS;
+    /*
+     * Fake out.
+     */
     if (RT_UNLIKELY(g_u32FakeMode))
         return VINF_SUCCESS;
 …
+}
+DECLASM(void) suplibTracerFireProbe(PVTGPROBELOC pProbeLoc, PSUPTRACERUMODFIREPROBE pReq)
+{
+    pReq->Hdr.u32Cookie         = g_u32Cookie;
+    pReq->Hdr.u32SessionCookie  = g_u32SessionCookie;
+    Assert(pReq->Hdr.cbIn  == SUP_IOCTL_TRACER_UMOD_FIRE_PROBE_SIZE_IN);
+    Assert(pReq->Hdr.cbOut == SUP_IOCTL_TRACER_UMOD_FIRE_PROBE_SIZE_OUT);
+    pReq->Hdr.fFlags            = SUPREQHDR_FLAGS_DEFAULT;
+    pReq->Hdr.rc                = VINF_SUCCESS;
+    suplibOsIOCtl(&g_supLibData, SUP_IOCTL_TRACER_UMOD_FIRE_PROBE, pReq, SUP_IOCTL_TRACER_UMOD_FIRE_PROBE_SIZE);
+}

trunk/src/VBox/Runtime/VBox/VBoxRTDeps.cpp

r40130	r41117
56	56	(PFNRT)SUPR3PageAllocEx,
57	57	(PFNRT)SUPSemEventCreate,
	58	(PFNRT)SUPTracerFireProbe,
58	59	#endif
59	60	(PFNRT)xmlModuleOpen,

trunk/src/VBox/VMM/VMMR3/VM.cpp

-              r40975
+              r41117
 #if defined(VBOX_WITH_DTRACE_R3) && !defined(VBOX_WITH_NATIVE_DTRACE)
+    //SUPR3TracerRegisterModule(&g_VTGObjHeader, "VBoxVMM");
+    SUPR3TracerRegisterModule(~(uintptr_t)0, "VBoxVMM", &g_VTGObjHeader, (uintptr_t)&g_VTGObjHeader,
+                              SUP_TRACER_UMOD_FLAGS_SHARED);
 #endif

trunk/src/bldprogs/VBoxTpG.cpp

-              r40975
+              r41117
 #include <iprt/stream.h>
 #include <iprt/string.h>
+#include <iprt/uuid.h>
 #include "scmstream.h"
 …
                     "  NAME(%%1):\n"
                     " %%endmacro\n"
                     " segment VTG.Obj public CLASS=DATA align=4096 use32\n"
+                    " segment VTG.Obj public CLASS=VTG align=4096 use32\n"
                     "\n"
                     "%%elifdef ASM_FORMAT_MACHO\n"
 …
                     "  NAME(%%1):\n"
                     " %%endmacro\n"
+                    " [section .VTGPrLc.Begin progbits alloc noexec write align=4096]\n"
+                    " [section .VTGData progbits alloc noexec write align=4096]\n"
+                    " [section .VTGPrLc.Begin progbits alloc noexec write align=32]\n"
+                    " dd 0,0,0,0, 0,0,0,0\n"
                     "VTG_GLOBAL g_aVTGPrLc, data\n"
                     " [section .VTGPrLc       progbits alloc noexec write align=1]\n"
                     " [section .VTGPrLc.End   progbits alloc noexec write align=1]\n"
                     "VTG_GLOBAL g_aVTGPrLc_End, data\n"
+                    " dd 0,0,0,0, 0,0,0,0\n"
                     " [section .VTGData progbits alloc noexec write align=4096]\n"
                     "\n"
 …
                     "                ;0         1         2         3\n"
                     "                ;012345678901234567890123456789012\n"
                     "    db          'VTG Object Header v1.4', 0, 0\n"
+                    "    db          'VTG Object Header v1.5', 0, 0\n"
                     "    dd          %u\n"
+                    "    dd          NAME(g_acVTGProbeEnabled_End) - NAME(g_VTGObjHeader)\n"
+                    "    dd          NAME(g_achVTGStringTable)     - NAME(g_VTGObjHeader)\n"
+                    "    dd          NAME(g_achVTGStringTable_End) - NAME(g_achVTGStringTable)\n"
+                    "    dd          NAME(g_aVTGArgLists)          - NAME(g_VTGObjHeader)\n"
+                    "    dd          NAME(g_aVTGArgLists_End)      - NAME(g_aVTGArgLists)\n"
+                    "    dd          NAME(g_aVTGProbes)            - NAME(g_VTGObjHeader)\n"
+                    "    dd          NAME(g_aVTGProbes_End)        - NAME(g_aVTGProbes)\n"
+                    "    dd          NAME(g_aVTGProviders)         - NAME(g_VTGObjHeader)\n"
+                    "    dd          NAME(g_aVTGProviders_End)     - NAME(g_aVTGProviders)\n"
+                    "    dd          NAME(g_acVTGProbeEnabled)     - NAME(g_VTGObjHeader)\n"
+                    "    dd          NAME(g_acVTGProbeEnabled_End) - NAME(g_acVTGProbeEnabled)\n"
                     "    dd          0\n"
+                    "    RTCCPTR_DEF NAME(g_aVTGProviders)\n"
+                    "    RTCCPTR_DEF NAME(g_aVTGProviders_End)     - NAME(g_aVTGProviders)\n"
+                    "    RTCCPTR_DEF NAME(g_aVTGProbes)\n"
+                    "    RTCCPTR_DEF NAME(g_aVTGProbes_End)        - NAME(g_aVTGProbes)\n"
+                    "    RTCCPTR_DEF NAME(g_afVTGProbeEnabled)\n"
+                    "    RTCCPTR_DEF NAME(g_afVTGProbeEnabled_End) - NAME(g_afVTGProbeEnabled)\n"
+                    "    RTCCPTR_DEF NAME(g_achVTGStringTable)\n"
+                    "    RTCCPTR_DEF NAME(g_achVTGStringTable_End) - NAME(g_achVTGStringTable)\n"
+                    "    RTCCPTR_DEF NAME(g_aVTGArgLists)\n"
+                    "    RTCCPTR_DEF NAME(g_aVTGArgLists_End)      - NAME(g_aVTGArgLists)\n"
+                    "    dd          0\n"
                     "%%ifdef ASM_FORMAT_MACHO ; Apple has a real decent linker!\n"
                     "extern section$start$__VTG$__VTGPrLc\n"
                     "    RTCCPTR_DEF section$start$__VTG$__VTGPrLc\n"
+                    " %%if ARCH_BITS == 32\n"
+                    "    dd          0\n"
+                    " %%endif\n"
                     "extern section$end$__VTG$__VTGPrLc\n"
                     "    RTCCPTR_DEF section$end$__VTG$__VTGPrLc\n"
+                    " %%if ARCH_BITS == 32\n"
+                    "    dd          0\n"
+                    " %%endif\n"
                     "%%else\n"
                     "    RTCCPTR_DEF NAME(g_aVTGPrLc)\n"
+                    "    RTCCPTR_DEF NAME(g_aVTGPrLc_End) ; cross section/segment size not possible\n"
+                    " %%if ARCH_BITS == 32\n"
+                    "    dd          0\n"
+                    " %%endif\n"
+                    "    RTCCPTR_DEF NAME(g_aVTGPrLc_End)\n"
+                    " %%if ARCH_BITS == 32\n"
+                    "    dd          0\n"
+                    " %%endif\n"
                     "%%endif\n"
-                    "    RTCCPTR_DEF 0\n"
-                    "    RTCCPTR_DEF 0\n"
-                    "    RTCCPTR_DEF 0\n"
-                    "    RTCCPTR_DEF 0\n"
+                    ,
                     g_pszScript, g_cBits);
     /*
      * Declare the probe enable flags.
      */
+    RTUUID Uuid;
+    int rc = RTUuidCreate(&Uuid);
+    if (RT_FAILURE(rc))
+        return RTMsgErrorExit(RTEXITCODE_FAILURE, "RTUuidCreate failed: %Rrc", rc);
     ScmStreamPrintf(pStrm,
+                    ";\n"
+                    "; Probe enabled flags.  Since these will be accessed all the time\n"
+                    "; they are placed together and early in the section to get some more\n"
+                    "; cache and TLB hits when the probes are disabled.\n"
+                    ";\n"
+                    "VTG_GLOBAL g_afVTGProbeEnabled, data\n"
+                    );
+    uint32_t        cProbes = 0;
+    RTListForEach(&g_ProviderHead, pProvider, VTGPROVIDER, ListEntry)
+    {
+        RTListForEach(&pProvider->ProbeHead, pProbe, VTGPROBE, ListEntry)
+        {
+            ScmStreamPrintf(pStrm,
+                            "VTG_GLOBAL g_fVTGProbeEnabled_%s_%s, data\n"
+                            "    db 0\n",
+                            pProvider->pszName, pProbe->pszMangledName);
+            cProbes++;
+        }
+    }
+    ScmStreamPrintf(pStrm, "VTG_GLOBAL g_afVTGProbeEnabled_End, data\n");
+    if (cProbes >= _32K)
+        return RTMsgErrorExit(RTEXITCODE_FAILURE, "Too many probes: %u (max %u)", cProbes, _32K - 1);
+                    "    dd 0%08xh, 0%08xh, 0%08xh, 0%08xh\n"
+                    "    dd 0, 0, 0, 0\n"
+                    , Uuid.au32[0], Uuid.au32[1], Uuid.au32[2], Uuid.au32[3]);
     /*
 …
                     "; The argument lists.\n"
                     ";\n"
+                    "ALIGNDATA(16)\n"
                     "VTG_GLOBAL g_aVTGArgLists, data\n");
     uint32_t off = 0;
 …
                     "; Prob definitions.\n"
                     ";\n"
+                    "ALIGNDATA(16)\n"
                     "VTG_GLOBAL g_aVTGProbes, data\n"
                     "\n");
 …
             ScmStreamPrintf(pStrm,
                             "VTG_GLOBAL g_VTGProbeData_%s_%s, data ; idx=#%4u\n"
+                            "    dd %6u  ; name\n"
+                            "    dd %6u  ; Argument list offset\n"
+                            "    dw NAME(g_fVTGProbeEnabled_%s_%s) - NAME(g_afVTGProbeEnabled)\n"
+                            "    dw %6u  ; provider index\n"
+                            "    dd NAME(g_VTGObjHeader) - NAME(g_VTGProbeData_%s_%s) ; offset to the object header\n"
+                            "    dd      0  ; for the application\n"
+                            "    dd      0  ; for the application\n"
+                            "    dd %6u  ; offName\n"
+                            "    dd %6u  ; offArgList\n"
+                            "    dw (NAME(g_cVTGProbeEnabled_%s_%s) - NAME(g_acVTGProbeEnabled)) / 4 ; idxEnabled\n"
+                            "    dw %6u  ; idxProvider\n"
+                            "    dd NAME(g_VTGObjHeader) - NAME(g_VTGProbeData_%s_%s) ; offObjHdr\n"
+                            ,
                             pProvider->pszName, pProbe->pszMangledName, iProbe,
 …
     /*
      * The providers data.
+     * The provider data.
      */
     ScmStreamPrintf(pStrm,
 …
                     "; Provider data.\n"
                     ";\n"
+                    "ALIGNDATA(16)\n"
                     "VTG_GLOBAL g_aVTGProviders, data\n");
     iProvider = 0;
 …
+    }
     ScmStreamPrintf(pStrm, "VTG_GLOBAL g_aVTGProviders_End, data\n");
+    /*
+     * Declare the probe enable flags.
+     *
+     * These must be placed at the end so they'll end up adjacent to the probe
+     * locations.  This is important for reducing the amount of memory we need
+     * to lock down for user mode modules.
+     */
+    ScmStreamPrintf(pStrm,
+                    ";\n"
+                    "; Probe enabled flags.\n"
+                    ";\n"
+                    "ALIGNDATA(16)\n"
+                    "VTG_GLOBAL g_acVTGProbeEnabled, data\n"
+                    );
+    uint32_t        cProbes = 0;
+    RTListForEach(&g_ProviderHead, pProvider, VTGPROVIDER, ListEntry)
+    {
+        RTListForEach(&pProvider->ProbeHead, pProbe, VTGPROBE, ListEntry)
+        {
+            ScmStreamPrintf(pStrm,
+                            "VTG_GLOBAL g_cVTGProbeEnabled_%s_%s, data\n"
+                            "    dd 0\n",
+                            pProvider->pszName, pProbe->pszMangledName);
+            cProbes++;
+        }
+    }
+    ScmStreamPrintf(pStrm, "VTG_GLOBAL g_acVTGProbeEnabled_End, data\n");
+    if (cProbes >= _32K)
+        return RTMsgErrorExit(RTEXITCODE_FAILURE, "Too many probes: %u (max %u)", cProbes, _32K - 1);
     /*
 …
+        {
             ScmStreamPrintf(pStrm,
                             "extern bool    g_fVTGProbeEnabled_%s_%s;\n"
                             "extern uint8_t g_VTGProbeData_%s_%s;\n"
                             "DECLASM(void)  VTGProbeStub_%s_%s(PVTGPROBELOC",
+                            "extern uint32_t g_cVTGProbeEnabled_%s_%s;\n"
+                            "extern uint8_t  g_VTGProbeData_%s_%s;\n"
+                            "DECLASM(void)   VTGProbeStub_%s_%s(PVTGPROBELOC",
                             pProv->pszName, pProbe->pszMangledName,
                             pProv->pszName, pProbe->pszMangledName,
 …
                             ");\n"
                             "# define %s_ENABLED() \\\n"
                             "    (RT_UNLIKELY(g_fVTGProbeEnabled_%s_%s)) \n"
+                            "    (RT_UNLIKELY(g_cVTGProbeEnabled_%s_%s)) \n"
                             "# define %s("
                             , szTmp,
 …
                             ") \\\n"
                             "    do { \\\n"
                             "        if (RT_UNLIKELY(g_fVTGProbeEnabled_%s_%s)) \\\n"
+                            "        if (RT_UNLIKELY(g_cVTGProbeEnabled_%s_%s)) \\\n"
                             "        { \\\n"
                             "            VTG_DECL_VTGPROBELOC(s_VTGProbeLoc) = \\\n"
                             "            { __LINE__, 0, UINT32_MAX, __FUNCTION__, &g_VTGProbeData_%s_%s }; \\\n"
+                            "            { __LINE__, 0, 0, __FUNCTION__, &g_VTGProbeData_%s_%s }; \\\n"
                             "            VTGProbeStub_%s_%s(&s_VTGProbeLoc",
                             pProv->pszName, pProbe->pszMangledName,

Note: See TracChangeset for help on using the changeset viewer.

Changeset 41117 in vbox

Legend:

Download in other formats: