Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cmpxchg 64 bit pipeline addition #58

Open
wants to merge 7 commits into
base: master
from

Conversation

@VoR0220
Copy link
Collaborator

VoR0220 commented Feb 7, 2020

Adds a way to get Qwords in memory and exchange the values in registers.

VoR0220 added 7 commits Jan 21, 2020
Signed-off-by: VoR0220 <catalanor0220@gmail.com>
Signed-off-by: VoR0220 <catalanor0220@gmail.com>
Signed-off-by: VoR0220 <catalanor0220@gmail.com>
Signed-off-by: VoR0220 <catalanor0220@gmail.com>
Signed-off-by: VoR0220 <catalanor0220@gmail.com>
Signed-off-by: VoR0220 <catalanor0220@gmail.com>
… is complete

Signed-off-by: VoR0220 <catalanor0220@gmail.com>
@@ -236,6 +236,7 @@ pub fn decode_args_with_modrm(opcode: &Opcode, bytestream: &[u8], args: &mut [Op
0
},
ImmediateAddress =>{
println!("immediate address value: {:X}", u32_from_bytes(bytes)?);

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

Remove debug println

@@ -54,6 +65,7 @@ impl MemorySystem{
}
/// This will get an area of memory as a slice of bytes
pub fn get_memory(&self, address: u32) -> Result<&[u8], VMError> {
//println!("result: {:X}", address & 0xFFFF0000);

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

completely remove

pub fn get_u64(&self, address: u32) -> Result<u64, VMError>{
use std::convert::TryInto;
let m = self.get_sized_memory(address, 8)?;
println!("hit here in u64");

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

more debug printlns

@@ -890,6 +890,10 @@ lazy_static! {
.with_rmw()
.into_table(&mut ops);
// Begin cmp opcodes
//0x0F C7 CMPXCHG8B
define_opcode(0xC7).is_two_byte_op().calls(cmpxchg8b).with_gas(Low)
.with_arg(ArgSource::ModRM, OpcodeValueSize::Fixed(ValueSize::Dword))

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

Shouldn't this be ValueSize::Qword?

This comment has been minimized.

Copy link
@VoR0220

VoR0220 Feb 12, 2020

Author Collaborator

No. This is to get the address, not the Qword itself. The address points to the Qword.

@@ -77,9 +77,11 @@ pub fn popa(vm: &mut VM, pipeline: &Pipeline, _hv: &mut dyn Hypervisor) -> Resul
/// The logic function for the 'enter' opcode
pub fn enter(vm: &mut VM, pipeline: &Pipeline, _hv: &mut dyn Hypervisor) -> Result<(), VMError>{
let locals = vm.get_arg(pipeline.args[0].location)?.u16_exact()?;
let mut nesting = vm.get_arg(pipeline.args[1].location)?.u8_exact()?;
vm.eip += 2;

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

Because EIP is changed directly, this instruction should be marked as unpredictable for pipeline purposes. I also don't really understand why EIP is changed here

This comment has been minimized.

Copy link
@VoR0220

VoR0220 Feb 12, 2020

Author Collaborator

ah shoot I accidentally kept this in here while trying to copy the logic from the cpp version. I'll fix it up.

Ok(())
}

#[allow(exceeding_bitshifts)]

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

Is this because Rust can't properly determine the range of count and thus throws the bitshift error for safety? From what I see, count should never exceed 8.

This comment has been minimized.

Copy link
@VoR0220

VoR0220 Feb 12, 2020

Author Collaborator

Rust doesn't allow bitshifts to exceed the size of the integer by default and in this case we do need to be able to do that.

This comment has been minimized.

Copy link
@VoR0220

VoR0220 Feb 12, 2020

Author Collaborator

But yes. It can't properly determine the range of count and destination

}
vm.flags.carry = ((destination >> (count - 1)) & 1) > 0;
// get MSB
if destination.get::<BigEndian>(0.into()) as bool {

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

this can be simplified to if destination & 0x80 > 0 though I don't have a strong opinion on which way is more clear. The constant switching between BigEndian and LittleEndian throughout this file for picking out bits is confusing though

This comment has been minimized.

Copy link
@VoR0220

VoR0220 Feb 12, 2020

Author Collaborator

yea there was some confusion with that with these opcodes but I figured it out. I can try to make them a bit more consistent.

let edx = vm.get_reg(Reg32::EDX as u8, ValueSize::Dword).u32_exact()?;
let ecx = vm.get_reg(Reg32::ECX as u8, ValueSize::Dword).u32_exact()?;
let ebx = vm.get_reg(Reg32::EBX as u8, ValueSize::Dword).u32_exact()?;
println!("hit in the cmpxchg opcode");

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

more debug printlns

let ecx = vm.get_reg(Reg32::ECX as u8, ValueSize::Dword).u32_exact()?;
let ebx = vm.get_reg(Reg32::EBX as u8, ValueSize::Dword).u32_exact()?;
println!("hit in the cmpxchg opcode");
let address = vm.get_arg_lea(pipeline.args[0].location)?;

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

Is there a good reason to use get_arg_lea and then get_mem, instead of marking the opcode as using a qword argument and using get_arg and set_arg directly?

This comment has been minimized.

Copy link
@VoR0220

VoR0220 Feb 12, 2020

Author Collaborator

the 64 bit cmpxchg doesn't use the qword directly as an argument but rather the address to the qword.

@@ -259,6 +259,7 @@ impl VM{
None => SizedValue::None,
Immediate(v) => v,
Address(a, s) => {
println!("got muh memory, {:X}", a);

This comment has been minimized.

Copy link
@Earlz

Earlz Feb 10, 2020

Collaborator

debug println

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants
You can’t perform that action at this time.