Permalink
Browse files

Factor out the code to hook the hvsc instructions into its own file

  • Loading branch information...
1 parent 53d96ca commit 2276ccf07e8fb83a91122e8c512c26d8553a83a4 @kakaroto committed Nov 28, 2010
Showing with 73 additions and 88 deletions.
  1. +53 −0 hook_hvsc.h.S
  2. +3 −3 hvsc_handler.h.S
  3. +2 −25 payload_trace_all_sc_calls.S
  4. +3 −25 payload_trace_hypercalls.S
  5. +2 −25 payload_trace_vuart.S
  6. +10 −10 vuart_tracer.h.S
View
@@ -0,0 +1,53 @@
+/*
+ * hook_hvsc.h.s -- PL3 - Hooks all hvsc instructions
+ *
+ * Copyright (C) Youness Alaoui (KaKaRoTo)
+ *
+ * This software is distributed under the terms of the GNU General Public
+ * License ("GPL") version 3, as published by the Free Software Foundation.
+ *
+ */
+
+#ifndef __HOOK_HVSC_H_S__
+#define __HOOK_HVSC_H_S__
+
+hook_hvsc:
+ mflr %r0
+ stdu %r1, -0x80(%r1)
+ std %r31, 0x70(%r1)
+ std %r0, 0x90(%r1)
+
+ MEM_BASE(%r31)
+ mr %r3, %r31 // start of memory
+ lis %r4, 0x4400
+ ori %r4, %r4, 0x0022 // load 0x44000022 (hvsc instruction)
+ oris %r5, %r31, 0x30 // end of memory (0x300000)
+ LOAD_LABEL2 (%r7, %r31, hvsc_handler) // load our handler in %r7
+l_hook_hvsc_loop:
+ lwz %r6, 0(%r3)
+ cmpw %r6, %r4
+ bne l_hook_hvsc_incr // Found an hvsc instruction
+ LOAD_LABEL2 (%r8, %r31, hvsc_call)
+ cmpw %r3, %r8 // Make sure it's not our handler's hvsc
+ beq l_hook_hvsc_incr
+ // Build a branch instruction
+ li %r8, 18 // bits 0-5='18' means 'b/bl/ba/bla'
+ rldicr %r8, %r8, 26, 37
+ subf %r9, %r3, %r7 // relative address = target - current
+ rldicl %r9, %r9, 0, 38 // Clear the sign extension of the 24bit
+ // address to avoid ORing the 0-5 bits
+ or %r8, %r8, %r9 // or the instruction with the address
+ ori %r8, %r8, 1 // or the link bit == 'bl' instruction
+ stw %r8, 0(%r3) // replace the hvsc instruction
+l_hook_hvsc_incr:
+ addi %r3, %r3, 4
+ cmpw %r3, %r5 // loop until the end of the memory
+ bne l_hook_hvsc_loop
+
+ ld %r31, 0x70(%r1)
+ ld %r0, 0x90(%r1)
+ addi %r1, %r1, 0x80
+ mtlr %r0
+ blr
+
+#endif /* __HOOK_HVSC_H_S__ */
View
@@ -13,7 +13,7 @@
#include "trace_helpers.h.S"
-hvsc_hook:
+hvsc_handler:
mflr %r0
stdu %r1, -0x100(%r1)
std %r30, 0xC0(%r1)
@@ -48,15 +48,15 @@ hvsc_call:
sc 1
cmplwi %r31, 0
- beq l_hvsc_return
+ beq l_hvsc_handler_return
bl store_regs
mr %r11, %r30
li %r12, 0x11
bl send_trace
bl load_regs
-l_hvsc_return:
+l_hvsc_handler_return:
ld %r30, 0xC0(%r1)
ld %r31, 0xC8(%r1)
ld %r0, 0xF0(%r1)
@@ -19,6 +19,7 @@
#include "send_eth.h.S"
#include "memory_patching.h.S"
+#include "hook_hvsc.h.S"
RESIDENT_AREA_START()
#include "memory_patching_res.h.S"
@@ -52,31 +53,7 @@ payload_main:
// because another thread might be running at the same time
// and if it calls hvsc and we're not yet ready, then we're
// screwed
- mr %r3, %r30 // start of memory
- lis %r4, 0x4400
- ori %r4, %r4, 0x0022 // load 0x44000022 (hvsc instruction)
- oris %r5, %r30, 0x30 // end of memory (0x300000)
- LOAD_LABEL2 (%r7, %r30, hvsc_hook) // load our handler in %r7
-l_patch_hvsc_loop:
- lwz %r6, 0(%r3)
- cmpw %r6, %r4
- bne l_patch_hvsc_incr // Found an hvsc instruction
- LOAD_LABEL2 (%r8, %r30, hvsc_call)
- cmpw %r3, %r8 // Make sure it's not our handler's hvsc
- beq l_patch_hvsc_incr
- // Build a branch instruction
- li %r8, 18 // bits 0-5='18' means 'b/bl/ba/bla'
- rldicr %r8, %r8, 26, 37
- subf %r9, %r3, %r7 // relative address = target - current
- rldicl %r9, %r9, 0, 38 // Clear the sign extension of the 24bit
- // address to avoid ORing the 0-5 bits
- or %r8, %r8, %r9 // or the instruction with the address
- ori %r8, %r8, 1 // or the link bit == 'bl' instruction
- stw %r8, 0(%r3) // replace the hvsc instruction
-l_patch_hvsc_incr:
- addi %r3, %r3, 4
- cmpw %r3, %r5 // loop until the end of the memory
- bne l_patch_hvsc_loop
+ bl hook_hvsc
// prolog
ld %r30, 0x90(%r1)
@@ -19,6 +19,7 @@
#include "send_eth.h.S"
#include "memory_patching.h.S"
+#include "hook_hvsc.h.S"
RESIDENT_AREA_START()
#include "memory_patching_res.h.S"
@@ -48,35 +49,12 @@ payload_main:
INIT_SEND_ETH(%r30)
APPLY_PATCHES(%r30, %r31)
+
// Replace hvsc after we copy our handler to the resident area
// because another thread might be running at the same time
// and if it calls hvsc and we're not yet ready, then we're
// screwed
- mr %r3, %r30 // start of memory
- lis %r4, 0x4400
- ori %r4, %r4, 0x0022 // load 0x44000022 (hvsc instruction)
- oris %r5, %r30, 0x30 // end of memory (0x300000)
- LOAD_LABEL2 (%r7, %r30, hvsc_hook) // load our handler in %r7
-l_patch_hvsc_loop:
- lwz %r6, 0(%r3)
- cmpw %r6, %r4
- bne l_patch_hvsc_incr // Found an hvsc instruction
- LOAD_LABEL2 (%r8, %r30, hvsc_call)
- cmpw %r3, %r8 // Make sure it's not our handler's hvsc
- beq l_patch_hvsc_incr
- // Build a branch instruction
- li %r8, 18 // bits 0-5='18' means 'b/bl/ba/bla'
- rldicr %r8, %r8, 26, 37
- subf %r9, %r3, %r7 // relative address = target - current
- rldicl %r9, %r9, 0, 38 // Clear the sign extension of the 24bit
- // address to avoid ORing the 0-5 bits
- or %r8, %r8, %r9 // or the instruction with the address
- ori %r8, %r8, 1 // or the link bit == 'bl' instruction
- stw %r8, 0(%r3) // replace the hvsc instruction
-l_patch_hvsc_incr:
- addi %r3, %r3, 4
- cmpw %r3, %r5 // loop until the end of the memory
- bne l_patch_hvsc_loop
+ bl hook_hvsc
// prolog
ld %r30, 0x90(%r1)
View
@@ -19,6 +19,7 @@
#include "send_eth.h.S"
#include "memory_patching.h.S"
+#include "hook_hvsc.h.S"
RESIDENT_AREA_START()
#include "memory_patching_res.h.S"
@@ -51,31 +52,7 @@ payload_main:
// because another thread might be running at the same time
// and if it calls hvsc and we're not yet ready, then we're
// screwed
- mr %r3, %r30 // start of memory
- lis %r4, 0x4400
- ori %r4, %r4, 0x0022 // load 0x44000022 (hvsc instruction)
- oris %r5, %r30, 0x30 // end of memory (0x300000)
- LOAD_LABEL2 (%r7, %r30, hvsc_hook) // load our handler in %r7
-l_patch_hvsc_loop:
- lwz %r6, 0(%r3)
- cmpw %r6, %r4
- bne l_patch_hvsc_incr // Found an hvsc instruction
- LOAD_LABEL2 (%r8, %r30, hvsc_call)
- cmpw %r3, %r8 // Make sure it's not our handler's hvsc
- beq l_patch_hvsc_incr
- // Build a branch instruction
- li %r8, 18 // bits 0-5='18' means 'b/bl/ba/bla'
- rldicr %r8, %r8, 26, 37
- subf %r9, %r3, %r7 // relative address = target - current
- rldicl %r9, %r9, 0, 38 // Clear the sign extension of the 24bit
- // address to avoid ORing the 0-5 bits
- or %r8, %r8, %r9 // or the instruction with the address
- ori %r8, %r8, 1 // or the link bit == 'bl' instruction
- stw %r8, 0(%r3) // replace the hvsc instruction
-l_patch_hvsc_incr:
- addi %r3, %r3, 4
- cmpw %r3, %r5 // loop until the end of the memory
- bne l_patch_hvsc_loop
+ bl hook_hvsc
// prolog
ld %r30, 0x90(%r1)
View
@@ -13,7 +13,7 @@
#include "trace_helpers.h.S"
-hvsc_hook:
+hvsc_handler:
mflr %r0
stdu %r1, -0x100(%r1)
std %r29, 0xC0(%r1)
@@ -29,21 +29,21 @@ hvsc_hook:
cmplwi %r11, 162 // lv1_read_virtual_uart
- beq l_hvsc_hook_read_uart
+ beq l_hvsc_handler_read_uart
cmplwi %r11, 163 // lv1_write_virtual_uart
- beq l_hvsc_hook_write_uart
+ beq l_hvsc_handler_write_uart
b hvsc_call
-l_hvsc_hook_write_uart:
+l_hvsc_handler_write_uart:
bl store_regs
mr %r3, %r4
mr %r4, %r5
bl send_buffer
bl load_regs
- b l_hvsc_hook_continue
-l_hvsc_hook_read_uart:
+ b l_hvsc_handler_continue
+l_hvsc_handler_read_uart:
mr %r29, %r4
-l_hvsc_hook_continue:
+l_hvsc_handler_continue:
li %r31, 1
bl store_regs
@@ -57,7 +57,7 @@ hvsc_call:
sc 1
cmplwi %r31, 0
- beq l_hvsc_return
+ beq l_hvsc_handler_return
bl store_regs
mr %r11, %r30
@@ -66,14 +66,14 @@ hvsc_call:
bl load_regs
cmplwi %r30, 162
- bne l_hvsc_return
+ bne l_hvsc_handler_return
bl store_regs
mr %r3, %r29
bl send_buffer
bl load_regs
-l_hvsc_return:
+l_hvsc_handler_return:
ld %r29, 0xC0(%r1)
ld %r30, 0xC8(%r1)
ld %r31, 0xD0(%r1)

0 comments on commit 2276ccf

Please sign in to comment.