emu_cpu_data.h

Go to the documentation of this file.
00001 /********************************************************************************
00002  *                               libemu
00003  *
00004  *                    - x86 shellcode emulation -
00005  *
00006  *
00007  * Copyright (C) 2007  Paul Baecher & Markus Koetter
00008  * 
00009  * This program is free software; you can redistribute it and/or
00010  * modify it under the terms of the GNU General Public License
00011  * as published by the Free Software Foundation; either version 2
00012  * of the License, or (at your option) any later version.
00013  * 
00014  * This program is distributed in the hope that it will be useful,
00015  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00016  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00017  * GNU General Public License for more details.
00018  * 
00019  * You should have received a copy of the GNU General Public License
00020  * along with this program; if not, write to the Free Software
00021  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
00022  * 
00023  * 
00024  *             contact nepenthesdev@users.sourceforge.net  
00025  *
00026  *******************************************************************************/
00027 
00028 
00029 #ifndef EMU_CPU_DATA_H_
00030 #define EMU_CPU_DATA_H_
00031 
00032 #include <stdint.h>
00033 #include <stdbool.h>
00034 
00035 #include <emu/emu.h>
00036 #include <emu/emu_cpu_instruction.h>
00037 #include <emu/emu_instruction.h>
00038 
00039 enum emu_cpu_flag {
00040         f_cf = 0, f_pf = 2, f_af = 4, f_zf = 6, f_sf = 7, f_tf = 8, f_if = 9,
00041         f_df = 10, f_of = 11
00042 };
00043 
00044 #define CPU_FLAG_SET(cpu_p, fl) (cpu_p)->eflags |= 1 << (fl)
00045 #define CPU_FLAG_UNSET(cpu_p, fl) (cpu_p)->eflags &= ~(1 << (fl))
00046 #define CPU_FLAG_TOGGLE(cpu_p, fl) (cpu_p)->eflags ^= 1 << (fl)
00047 #define CPU_FLAG_ISSET(cpu_p, fl) ((cpu_p)->eflags & (1 << (fl)))
00048 
00049 struct emu_track_and_source;
00050 
00051 
00052 #define CPU_DEBUG_FLAG_SET(cpu_p, fl) (cpu_p)->debugflags |= 1 << (fl)
00053 #define CPU_DEBUG_FLAG_UNSET(cpu_p, fl) (cpu_p)->debugflags &= ~(1 << (fl))
00054 #define CPU_DEBUG_FLAG_TOGGLE(cpu_p, fl) (cpu_p)->debugflags ^= 1 << (fl)
00055 #define CPU_DEBUG_FLAG_ISSET(cpu_p, fl) ((cpu_p)->debugflags & (1 << (fl)))
00056 
00057 enum emu_cpu_debug_flag {
00058         instruction_string = 0,
00059         instruction_size = 1,
00060 };
00061 
00062 struct emu_cpu
00063 {
00064         struct emu *emu;
00065         struct emu_memory *mem;
00066         
00067         uint32_t debugflags;
00068 
00069         uint32_t eip;
00070         uint32_t eflags;
00071         uint32_t reg[8];
00072         uint16_t *reg16[8];
00073         uint8_t *reg8[8];
00074 
00075         struct emu_instruction                  instr;
00076         struct emu_cpu_instruction_info         *cpu_instr_info;
00077         
00078         uint32_t last_fpu_instr[2];
00079 
00080         char *instr_string;
00081 
00082         bool repeat_current_instr;
00083 
00084         struct emu_track_and_source *tracking;
00085 };
00086 
00087 
00088 #define MODRM_MOD(x) (((x) >> 6) & 3)
00089 #define MODRM_REGOPC(x) (((x) >> 3) & 7)
00090 #define MODRM_RM(x) ((x) & 7)
00091     
00092 #define SIB_SCALE(x) (((x) >> 6) & 3)
00093 #define SIB_INDEX(x) (((x) >> 3) & 7)
00094 #define SIB_BASE(x) ((x) & 7)
00095 
00096 #define PREFIX_ADSIZE (1 << 0)
00097 #define PREFIX_OPSIZE (1 << 1)
00098 #define PREFIX_LOCK (1 << 2)
00099 #define PREFIX_CS_OVR (1 << 3)
00100 #define PREFIX_DS_OVR (1 << 4)
00101 #define PREFIX_ES_OVR (1 << 5)
00102 #define PREFIX_FS_OVR (1 << 6)
00103 #define PREFIX_GS_OVR (1 << 7)
00104 #define PREFIX_SS_OVR (1 << 8)
00105 #define PREFIX_F2 (1 << 9)
00106 #define PREFIX_F3 (1 << 10)
00107 
00108 #define OPSIZE_8 1
00109 #define OPSIZE_16 2
00110 #define OPSIZE_32 3
00111 
00112 
00113 #define MAX_INT8           127
00114 #define MIN_INT8          -128
00115 
00116 #define MAX_UINT8          255
00117 #define MIN_UINT8            0
00118 
00119 #define MAX_INT16        32767
00120 #define MIN_INT16       -MAX_INT16 -1
00121 
00122 #define MAX_UINT16       65535
00123 #define MIN_UINT16           0
00124 
00125 
00126 #define MAX_INT32   2147483647
00127 #define MIN_INT32  -MAX_INT32 -1
00128 
00129 #define MAX_UINT32      4294967295U
00130 #define MIN_UINT32           0
00131 
00132 
00133 
00134 
00135 extern int64_t max_inttype_borders[][2][2];
00136 
00137 #define INTOF(bits) int##bits##_t
00138 #define UINTOF(bits) uint##bits##_t
00139 
00140 #if !defined(INSTR_CALC)
00141 #if BYTE_ORDER == BIG_ENDIAN 
00142 #define INSTR_CALC(bits, a, b, c, operation)                    \
00143 UINTOF(bits) operand_a; \
00144 UINTOF(bits) operand_b; \
00145 bcopy(&(a), &operand_a, bits/8); \
00146 bcopy(&(b), &operand_b, bits/8); \
00147 UINTOF(bits) operation_result = operand_a operation operand_b;    \
00148 bcopy(&operation_result, &(c), bits/8); 
00149 #else // ENDIAN
00150 #define INSTR_CALC(bits, a, b, c, operation)                    \
00151 UINTOF(bits) operand_a = a;                                                             \
00152 UINTOF(bits) operand_b = b;                                                             \
00153 UINTOF(bits) operation_result = operand_a operation operand_b;  \
00154 c = operation_result;
00155 #endif // ENDIAN
00156 #endif // INSTR_CALC
00157 
00158 #if !defined(INSTR_SET_FLAG_ZF)
00159 #define INSTR_SET_FLAG_ZF(cpu)                                          \
00160 {                                                                                                                       \
00161         if (operation_result == 0)                                                              \
00162                 CPU_FLAG_SET(cpu, f_zf);                                                                \
00163         else                                                                                                    \
00164                 CPU_FLAG_UNSET(cpu, f_zf);                                                      \
00165 }
00166 #endif // INSTR_SET_FLAG_ZF
00167 
00168 #if !defined(INSTR_SET_FLAG_PF)
00169 #define INSTR_SET_FLAG_PF(cpu)                                          \
00170 {                                                                                                                       \
00171         int num_p_bits=0;                                                                               \
00172         int i;                                                                                                  \
00173         for ( i=0;i<8;i++ )                                                                             \
00174                 if (operation_result & (1 << i) )                                       \
00175                         num_p_bits++;                                                                   \
00176                                                                                                                         \
00177         if ((num_p_bits % 2) == 0)                                                              \
00178                 CPU_FLAG_SET(cpu, f_pf);                                                                \
00179         else                                                                                                    \
00180                 CPU_FLAG_UNSET(cpu, f_pf);                                                      \
00181 }
00182 #endif // INSTR_SET_FLAG_PF
00183 
00184 #if !defined(INSTR_SET_FLAG_SF)
00185 #define INSTR_SET_FLAG_SF(cpu)                                                          \
00186 {                                                                                                                                       \
00187         if (operation_result & (1 << (sizeof(operation_result)*8 - 1))) \
00188                 CPU_FLAG_SET(cpu, f_sf);                                                                                \
00189         else                                                                                                                    \
00190                 CPU_FLAG_UNSET(cpu, f_sf);                                                                      \
00191 }
00192 #endif // INSTR_SET_FLAG_SF
00193 
00194 #if !defined(INSTR_SET_FLAG_OF)
00195 #define INSTR_SET_FLAG_OF(cpu, operand, bits)                                                           \
00196 {                                                                                                                                                               \
00197         int64_t sx = (INTOF(bits))operand_a;                                   \
00198         int64_t sy = (INTOF(bits))operand_b;                                   \
00199         int64_t sz = 0;                                                             \
00200                                                                                                                                                                 \
00201         sz = sx operand sy;                                                                                                                     \
00202                                                                                                                                                                 \
00203         if (sz < max_inttype_borders[sizeof(operation_result)][0][0] || sz > max_inttype_borders[sizeof(operation_result)][0][1] \
00204         || sz != (INTOF(bits))operation_result )                                                                            \
00205         {                                                                           \
00206                 CPU_FLAG_SET(cpu, f_of);                                                 \
00207         }else                                                                       \
00208         {                                                                           \
00209                 CPU_FLAG_UNSET(cpu, f_of);                                               \
00210         }                                                                           \
00211 }
00212 #endif // INSTR_SET_FLAG_OF
00213 
00214 
00215 #if !defined(INSTR_SET_FLAG_CF)
00216 #define INSTR_SET_FLAG_CF(cpu, operand)                                                                 \
00217 {                                                                                                                                                               \
00218         uint64_t ux = (uint64_t)operand_a;                                           \
00219         uint64_t uy = (uint64_t)operand_b;                                           \
00220         uint64_t uz = 0;                                                            \
00221                                                                                                                                                                 \
00222         uz = ux operand uy;                                                                                                                     \
00223                                                                                                                                                                 \
00224         if (uz < max_inttype_borders[sizeof(operation_result)][1][0] || uz > max_inttype_borders[sizeof(operation_result)][1][1] \
00225         || uz != (uint64_t)operation_result )                                                                       \
00226         {                                                                           \
00227                 CPU_FLAG_SET(cpu, f_cf);                                                 \
00228         }else                                                                       \
00229         {                                                                           \
00230                 CPU_FLAG_UNSET(cpu, f_cf);                                               \
00231         }                                                                           \
00232 }
00233 #endif // INSTR_SET_FLAG_CF
00234 
00235 
00236 #include <string.h>
00237 #define WORD_UPPER_TO_BYTE(to,from) \
00238 memcpy(&(to),((uint8_t *)&(from))+1,1);
00239 
00240 #define WORD_LOWER_TO_BYTE(to,from) \
00241 memcpy(&(to),&(from),1);
00242 
00243 #define DWORD_UPPER_TO_WORD(to,from) \
00244 memcpy(&(to),((uint8_t *)&(from))+2,2);
00245 
00246 #define DWORD_LOWER_TO_WORD(to,from) \
00247 memcpy(&(to),&(from),2);
00248 
00249 #define QWORD_UPPER_TO_DWORD(to,from) \
00250 memcpy(&(to),((uint8_t *)&(from))+4,4);
00251 
00252 #define QWORD_LOWER_TO_DWORD(to,from) \
00253 memcpy(&(to),&(from),4);
00254 
00255 #define DWORD_FROM_WORDS(to, upper, lower) \
00256 memcpy(&to,&lower,2); \
00257 memcpy(((char *)&to)+2,&upper,2); 
00258 
00259 #define QWORD_FROM_DWORDS(to, upper, lower) \
00260 memcpy(&to,&lower,4); \
00261 memcpy(((char *)&to)+4,&upper,4); 
00262 
00263 
00264 
00265 
00266 #define TRACK_INIT_REG32(instruction, reg32) (instruction).track.init.reg[reg32] = 0xffffffff;
00267 #define TRACK_NEED_REG32(instruction, reg32) (instruction).track.need.reg[reg32] = 0xffffffff;
00268 
00269 #define TRACK_INIT_REG16(instruction, reg16) (instruction).track.init.reg[reg16] |= 0xffff << 16;
00270 #define TRACK_NEED_REG16(instruction, reg16) (instruction).track.need.reg[reg16] |= 0xffff << 16;
00271 
00272 #define TRACK_INIT_REG8(instruction, reg8) (instruction).track.init.reg[reg8] |= 0xff << 24;
00273 #define TRACK_NEED_REG8(instruction, reg8) (instruction).track.need.reg[reg8] |= 0xff << 24;
00274 
00275 #define TRACK_INIT_EFLAG(instruction, fl) (instruction).track.init.eflags |= 1 << (fl)
00276 #define TRACK_NEED_EFLAG(instruction, fl) (instruction).track.need.eflags |= 1 << (fl)
00277 
00278 #define SOURCE_NORM_POS(instruction, pos) (instruction).source.norm_pos = pos;
00279 #define SOURCE_COND_POS(instruction, pos)       (instruction).source.has_cond_pos = 1; (instruction).source.cond_pos = pos;
00280 
00281 
00282 #define TRACK_FPU_LAST_INSTRUCTION  0x0
00283 
00284 #define TRACK_INIT_FPU(instruction, what) (instruction).track.init.fpu |= 1 << (what);
00285 #define TRACK_NEED_FPU(instruction, what) (instruction).track.need.fpu |= 1 << (what);
00286 
00287 
00288 
00289 #define NNY "no need yet"
00290 #define SST "16bit memory access is unsupported"
00291 
00292 #define UNIMPLEMENTED(cpu_p, reason) \
00293 emu_strerror_set((cpu_p)->emu, "The following function is unimplemented %s %s:%i (%s)", __PRETTY_FUNCTION__, __FILE__, __LINE__,  reason); \
00294 return -1; 
00295 
00296 #define STUB(cpu_p) \
00297 emu_log((cpu_p)->emu, EMU_LOG_INFO, "The following function is a stub %s %s:%i \n", __PRETTY_FUNCTION__, __FILE__, __LINE__);
00298 
00299 #endif /*EMU_CPU_DATA_H_*/