diff options
| -rw-r--r-- | miasm2/jitter/emulatedsymbexec.py | 5 | ||||
| -rw-r--r-- | miasm2/jitter/jitcore_python.py | 21 | ||||
| -rw-r--r-- | miasm2/jitter/jitload.py | 4 | ||||
| -rw-r--r-- | miasm2/jitter/vm_mngr.c | 22 | ||||
| -rw-r--r-- | miasm2/jitter/vm_mngr.h | 4 | ||||
| -rw-r--r-- | miasm2/jitter/vm_mngr_py.c | 58 |
6 files changed, 94 insertions, 20 deletions
diff --git a/miasm2/jitter/emulatedsymbexec.py b/miasm2/jitter/emulatedsymbexec.py index f7c48227..d72de771 100644 --- a/miasm2/jitter/emulatedsymbexec.py +++ b/miasm2/jitter/emulatedsymbexec.py @@ -5,13 +5,14 @@ from miasm2.ir.symbexec import symbexec class EmulatedSymbExec(symbexec): """Symbolic exec instance linked with a jitter""" - def __init__(self, cpu, *args, **kwargs): + def __init__(self, cpu, vm, *args, **kwargs): """Instanciate an EmulatedSymbExec, associated to CPU @cpu and bind memory accesses. @cpu: JitCpu instance """ super(EmulatedSymbExec, self).__init__(*args, **kwargs) self.cpu = cpu + self.vm = vm self.func_read = self._func_read self.func_write = self._func_write @@ -28,6 +29,7 @@ class EmulatedSymbExec(symbexec): addr = expr_mem.arg.arg.arg size = expr_mem.size / 8 value = self.cpu.get_mem(addr, size) + self.vm.add_mem_read(addr, size) return m2_expr.ExprInt(int(value[::-1].encode("hex"), 16), expr_mem.size) @@ -53,6 +55,7 @@ class EmulatedSymbExec(symbexec): # Write in VmMngr context self.cpu.set_mem(addr, content) + self.vm.add_mem_write(addr, len(content)) # Interaction symbexec <-> jitter def update_cpu_from_engine(self): diff --git a/miasm2/jitter/jitcore_python.py b/miasm2/jitter/jitcore_python.py index e1e62816..ae72b307 100644 --- a/miasm2/jitter/jitcore_python.py +++ b/miasm2/jitter/jitcore_python.py @@ -17,10 +17,14 @@ class JitCore_Python(jitcore.JitCore): super(JitCore_Python, self).__init__(ir_arch, bs) self.ir_arch = ir_arch - # CPU (None for now) will be set by the "jitted" Python function - self.symbexec = EmulatedSymbExec(None, self.ir_arch, {}) + # CPU & VM (None for now) will be set by the "jitted" Python function + self.symbexec = EmulatedSymbExec(None, None, self.ir_arch, {}) self.symbexec.enable_emulated_simplifications() + def set_cpu_vm(self, cpu, vm): + self.symbexec.cpu = cpu + self.symbexec.vm = vm + def load(self): "Preload symbols according to current architecture" self.symbexec.reset_regs() @@ -45,7 +49,6 @@ class JitCore_Python(jitcore.JitCore): # Get exec engine exec_engine = self.symbexec - exec_engine.cpu = cpu # For each irbloc inside irblocs while True: @@ -66,12 +69,19 @@ class JitCore_Python(jitcore.JitCore): # For each new instruction (in assembly) if line.offset not in offsets_jitted: + # Test exceptions + vmmngr.check_invalid_code_blocs() + vmmngr.check_memory_breakpoint() + if vmmngr.get_exception(): + exec_engine.update_cpu_from_engine() + return line.offset + offsets_jitted.add(line.offset) # Log registers values if self.log_regs: exec_engine.update_cpu_from_engine() - cpu.dump_gpregs() + exec_engine.cpu.dump_gpregs() # Log instruction if self.log_mn: @@ -90,6 +100,9 @@ class JitCore_Python(jitcore.JitCore): exec_engine.update_cpu_from_engine() return line.offset + vmmngr.check_invalid_code_blocs() + vmmngr.check_memory_breakpoint() + # Get next bloc address ad = expr_simp(exec_engine.eval_expr(self.ir_arch.IRDst)) diff --git a/miasm2/jitter/jitload.py b/miasm2/jitter/jitload.py index 8943e2c7..1447c899 100644 --- a/miasm2/jitter/jitload.py +++ b/miasm2/jitter/jitload.py @@ -198,7 +198,7 @@ class jitter: self.ir_arch = ir_arch self.bs = bin_stream_vm(self.vm) - self.symbexec = EmulatedSymbExec(self.cpu, self.ir_arch, {}) + self.symbexec = EmulatedSymbExec(self.cpu, self.vm, self.ir_arch, {}) self.symbexec.reset_regs() try: @@ -218,6 +218,8 @@ class jitter: self.jit = JitCore(self.ir_arch, self.bs) if jit_type in ['tcc', 'gcc']: self.jit.init_codegen(self.C_Gen(self.ir_arch)) + elif jit_type == "python": + self.jit.set_cpu_vm(self.cpu, self.vm) self.cpu.init_regs() self.vm.init_memory_page_pool() diff --git a/miasm2/jitter/vm_mngr.c b/miasm2/jitter/vm_mngr.c index 208343fb..8df039b4 100644 --- a/miasm2/jitter/vm_mngr.c +++ b/miasm2/jitter/vm_mngr.c @@ -76,7 +76,7 @@ const uint8_t parity_table[256] = { 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P, }; -//#define DEBUG_MIASM_AUTOMOD_CODE +// #define DEBUG_MIASM_AUTOMOD_CODE @@ -441,12 +441,12 @@ void add_range_to_pylist(PyObject* pylist, uint64_t addr1, uint64_t addr2) } -void vm_mngr_add_mem_read(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t size) +void add_mem_read(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t size) { add_range_to_pylist(vm_mngr->memory_r, addr, addr + size); } -void vm_mngr_add_mem_write(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t size) +void add_mem_write(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t size) { add_range_to_pylist(vm_mngr->memory_w, addr, addr + size); } @@ -577,51 +577,51 @@ PyObject* addr2BlocObj(vm_mngr_t* vm_mngr, uint64_t addr) void vm_MEM_WRITE_08(vm_mngr_t* vm_mngr, uint64_t addr, unsigned char src) { - vm_mngr_add_mem_write(vm_mngr, addr, 1); + add_mem_write(vm_mngr, addr, 1); memory_page_write(vm_mngr, 8, addr, src); } void vm_MEM_WRITE_16(vm_mngr_t* vm_mngr, uint64_t addr, unsigned short src) { - vm_mngr_add_mem_write(vm_mngr, addr, 2); + add_mem_write(vm_mngr, addr, 2); memory_page_write(vm_mngr, 16, addr, src); } void vm_MEM_WRITE_32(vm_mngr_t* vm_mngr, uint64_t addr, unsigned int src) { - vm_mngr_add_mem_write(vm_mngr, addr, 4); + add_mem_write(vm_mngr, addr, 4); memory_page_write(vm_mngr, 32, addr, src); } void vm_MEM_WRITE_64(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t src) { - vm_mngr_add_mem_write(vm_mngr, addr, 8); + add_mem_write(vm_mngr, addr, 8); memory_page_write(vm_mngr, 64, addr, src); } unsigned char vm_MEM_LOOKUP_08(vm_mngr_t* vm_mngr, uint64_t addr) { unsigned char ret; - vm_mngr_add_mem_read(vm_mngr, addr, 1); + add_mem_read(vm_mngr, addr, 1); ret = memory_page_read(vm_mngr, 8, addr); return ret; } unsigned short vm_MEM_LOOKUP_16(vm_mngr_t* vm_mngr, uint64_t addr) { unsigned short ret; - vm_mngr_add_mem_read(vm_mngr, addr, 2); + add_mem_read(vm_mngr, addr, 2); ret = memory_page_read(vm_mngr, 16, addr); return ret; } unsigned int vm_MEM_LOOKUP_32(vm_mngr_t* vm_mngr, uint64_t addr) { unsigned int ret; - vm_mngr_add_mem_read(vm_mngr, addr, 4); + add_mem_read(vm_mngr, addr, 4); ret = memory_page_read(vm_mngr, 32, addr); return ret; } uint64_t vm_MEM_LOOKUP_64(vm_mngr_t* vm_mngr, uint64_t addr) { uint64_t ret; - vm_mngr_add_mem_read(vm_mngr, addr, 8); + add_mem_read(vm_mngr, addr, 8); ret = memory_page_read(vm_mngr, 64, addr); return ret; } diff --git a/miasm2/jitter/vm_mngr.h b/miasm2/jitter/vm_mngr.h index 9267a462..b6e7a7cf 100644 --- a/miasm2/jitter/vm_mngr.h +++ b/miasm2/jitter/vm_mngr.h @@ -285,8 +285,8 @@ void remove_memory_breakpoint(vm_mngr_t* vm_mngr, uint64_t ad, unsigned int acce void add_memory_page(vm_mngr_t* vm_mngr, struct memory_page_node* mpn); -void vm_mngr_add_mem_read(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t size); -void vm_mngr_add_mem_write(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t size); +void add_mem_read(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t size); +void add_mem_write(vm_mngr_t* vm_mngr, uint64_t addr, uint64_t size); void check_invalid_code_blocs(vm_mngr_t* vm_mngr); void check_memory_breakpoint(vm_mngr_t* vm_mngr); void reset_memory_access(vm_mngr_t* vm_mngr); diff --git a/miasm2/jitter/vm_mngr_py.c b/miasm2/jitter/vm_mngr_py.c index 1e751ba4..5aece270 100644 --- a/miasm2/jitter/vm_mngr_py.c +++ b/miasm2/jitter/vm_mngr_py.c @@ -186,7 +186,7 @@ PyObject* vm_set_mem(VmMngr* self, PyObject* args) if (ret < 0) RAISE(PyExc_TypeError, "Error in set_mem"); - vm_mngr_add_mem_write(&self->vm_mngr, addr, size); + add_mem_write(&self->vm_mngr, addr, size); check_invalid_code_blocs(&self->vm_mngr); Py_INCREF(Py_None); @@ -326,9 +326,57 @@ PyObject* vm_reset_memory_access(VmMngr* self, PyObject* args) reset_memory_access(&self->vm_mngr); Py_INCREF(Py_None); return Py_None; +} + +PyObject* py_add_mem_read(VmMngr* self, PyObject* args) +{ + PyObject *py_addr; + PyObject *py_size; + uint64_t addr; + uint64_t size; + + if (!PyArg_ParseTuple(args, "OO", &py_addr, &py_size)) + return NULL; + + PyGetInt(py_addr, addr); + PyGetInt(py_size, size); + add_mem_read(&self->vm_mngr, addr, size); + Py_INCREF(Py_None); + return Py_None; + +} + +PyObject* py_add_mem_write(VmMngr* self, PyObject* args) +{ + PyObject *py_addr; + PyObject *py_size; + uint64_t addr; + uint64_t size; + + if (!PyArg_ParseTuple(args, "OO", &py_addr, &py_size)) + return NULL; + + PyGetInt(py_addr, addr); + PyGetInt(py_size, size); + add_mem_write(&self->vm_mngr, addr, size); + Py_INCREF(Py_None); + return Py_None; } +PyObject* vm_check_invalid_code_blocs(VmMngr* self, PyObject* args) +{ + check_invalid_code_blocs(&self->vm_mngr); + Py_INCREF(Py_None); + return Py_None; +} + +PyObject* vm_check_memory_breakpoint(VmMngr* self, PyObject* args) +{ + check_memory_breakpoint(&self->vm_mngr); + Py_INCREF(Py_None); + return Py_None; +} PyObject *vm_dump(PyObject* self) { @@ -594,6 +642,14 @@ static PyMethodDef VmMngr_methods[] = { "X"}, {"reset_memory_access",(PyCFunction)vm_reset_memory_access, METH_VARARGS, "X"}, + {"add_mem_read",(PyCFunction)py_add_mem_read, METH_VARARGS, + "X"}, + {"add_mem_write",(PyCFunction)py_add_mem_write, METH_VARARGS, + "X"}, + {"check_invalid_code_blocs",(PyCFunction)vm_check_invalid_code_blocs, METH_VARARGS, + "X"}, + {"check_memory_breakpoint",(PyCFunction)vm_check_memory_breakpoint, METH_VARARGS, + "X"}, {NULL} /* Sentinel */ }; |