mirror of
https://github.com/bitdefender/bddisasm.git
synced 2024-12-22 22:18:09 +00:00
Multiple improvements
- New shemu flag - SHEMU_FLAG_SIDT, set when sheu encounters a SIDT in ring0. - Added the CET Tracked flag to SYSCLAL, SYSENTER and INT n instructions. - Fixed Do Not Track prefix recognition for CALL and JMP in long-mode. - Fixed MONITOR and MONITORX implicit operands - the rAX register encodes a virtual address that will be used as the monitored range. That address is subject to a 1 byte load. - Fixed RMPADJUST and RMPUPDATE implicit operands - the rAX register encodes a virtual address, and the rCX register encodes a virtual address of the RMP updated entry.
This commit is contained in:
parent
5a617986b7
commit
08096172cc
@ -215,6 +215,8 @@ static const uint16_t gOperandMap[] =
|
|||||||
ND_OPE_S, // ND_OPT_SSE_XMM6
|
ND_OPE_S, // ND_OPT_SSE_XMM6
|
||||||
ND_OPE_S, // ND_OPT_SSE_XMM7
|
ND_OPE_S, // ND_OPT_SSE_XMM7
|
||||||
|
|
||||||
|
ND_OPE_S, // ND_OPT_MEM_rAX (as used by MONITOR, MONITORX and RMPADJUST)
|
||||||
|
ND_OPE_S, // ND_OPT_MEM_rCX (as used by RMPUPDATE)
|
||||||
ND_OPE_S, // ND_OPT_MEM_rBX_AL (as used by XLAT)
|
ND_OPE_S, // ND_OPT_MEM_rBX_AL (as used by XLAT)
|
||||||
ND_OPE_S, // ND_OPT_MEM_rDI (as used by masked moves)
|
ND_OPE_S, // ND_OPT_MEM_rDI (as used by masked moves)
|
||||||
ND_OPE_S, // ND_OPT_MEM_SHS
|
ND_OPE_S, // ND_OPT_MEM_SHS
|
||||||
@ -733,10 +735,26 @@ NdFetchPrefixes(
|
|||||||
case ND_PREFIX_G2_SEG_GS:
|
case ND_PREFIX_G2_SEG_GS:
|
||||||
if (ND_CODE_64 == Instrux->DefCode)
|
if (ND_CODE_64 == Instrux->DefCode)
|
||||||
{
|
{
|
||||||
// Do not overwrite FS/GS with ES/CS/DS/SS in 64 bit mode. In 64 bit mode, only FS/GS overrides
|
if (prefix == ND_PREFIX_G2_SEG_FS ||
|
||||||
// are considered.
|
prefix == ND_PREFIX_G2_SEG_GS)
|
||||||
if (prefix == ND_PREFIX_G2_SEG_FS || prefix == ND_PREFIX_G2_SEG_GS)
|
|
||||||
{
|
{
|
||||||
|
// The last FS/GS is always used, if present.
|
||||||
|
Instrux->Seg = prefix;
|
||||||
|
Instrux->HasSeg = true;
|
||||||
|
}
|
||||||
|
else if (prefix == ND_PREFIX_G2_NO_TRACK &&
|
||||||
|
Instrux->Seg != ND_PREFIX_G2_SEG_FS &&
|
||||||
|
Instrux->Seg != ND_PREFIX_G2_SEG_GS)
|
||||||
|
{
|
||||||
|
// The Do Not Track prefix is considered only if there isn't a FS/GS prefix.
|
||||||
|
Instrux->Seg = prefix;
|
||||||
|
Instrux->HasSeg = true;
|
||||||
|
}
|
||||||
|
else if (Instrux->Seg != ND_PREFIX_G2_SEG_FS &&
|
||||||
|
Instrux->Seg != ND_PREFIX_G2_SEG_GS &&
|
||||||
|
Instrux->Seg != ND_PREFIX_G2_NO_TRACK)
|
||||||
|
{
|
||||||
|
// All other prefixes are considered if Do Not Track, FS, GS are not present.
|
||||||
Instrux->Seg = prefix;
|
Instrux->Seg = prefix;
|
||||||
Instrux->HasSeg = true;
|
Instrux->HasSeg = true;
|
||||||
}
|
}
|
||||||
@ -746,11 +764,6 @@ NdFetchPrefixes(
|
|||||||
Instrux->Seg = prefix;
|
Instrux->Seg = prefix;
|
||||||
Instrux->HasSeg = true;
|
Instrux->HasSeg = true;
|
||||||
}
|
}
|
||||||
if (prefix == ND_PREFIX_G2_BR_TAKEN || prefix == ND_PREFIX_G2_BR_NOT_TAKEN)
|
|
||||||
{
|
|
||||||
Instrux->Bhint = prefix;
|
|
||||||
Instrux->HasSeg = true;
|
|
||||||
}
|
|
||||||
morePrefixes = true;
|
morePrefixes = true;
|
||||||
break;
|
break;
|
||||||
case ND_PREFIX_G3_OPERAND_SIZE:
|
case ND_PREFIX_G3_OPERAND_SIZE:
|
||||||
@ -2909,6 +2922,28 @@ memory:
|
|||||||
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
|
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case ND_OPT_MEM_rAX:
|
||||||
|
// [rAX], used implicitly by MONITOR, MONITORX and RMPADJUST instructions.
|
||||||
|
Instrux->MemoryAccess |= operand->Access.Access;
|
||||||
|
operand->Type = ND_OP_MEM;
|
||||||
|
operand->Info.Memory.HasBase = true;
|
||||||
|
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
|
||||||
|
operand->Info.Memory.Base = NDR_RAX; // Always rAX.
|
||||||
|
operand->Info.Memory.HasSeg = true;
|
||||||
|
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case ND_OPT_MEM_rCX:
|
||||||
|
// [rCX], used implicitly by RMPUPDATE.
|
||||||
|
Instrux->MemoryAccess |= operand->Access.Access;
|
||||||
|
operand->Type = ND_OP_MEM;
|
||||||
|
operand->Info.Memory.HasBase = true;
|
||||||
|
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
|
||||||
|
operand->Info.Memory.Base = NDR_RCX; // Always rCX.
|
||||||
|
operand->Info.Memory.HasSeg = true;
|
||||||
|
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
|
||||||
|
break;
|
||||||
|
|
||||||
case ND_OPT_MEM_SHS:
|
case ND_OPT_MEM_SHS:
|
||||||
// Shadow stack access using the current SSP.
|
// Shadow stack access using the current SSP.
|
||||||
Instrux->MemoryAccess |= operand->Access.Access;
|
Instrux->MemoryAccess |= operand->Access.Access;
|
||||||
@ -4231,10 +4266,9 @@ NdDecodeWithContext(
|
|||||||
Instrux->IsRepeated = ((Instrux->Rep != 0) && (ND_REP_SUPPORT(Instrux) || ND_REPC_SUPPORT(Instrux)));
|
Instrux->IsRepeated = ((Instrux->Rep != 0) && (ND_REP_SUPPORT(Instrux) || ND_REPC_SUPPORT(Instrux)));
|
||||||
|
|
||||||
// Check if the instruction is CET tracked. The do not track prefix (0x3E) works only for indirect near JMP and CALL
|
// Check if the instruction is CET tracked. The do not track prefix (0x3E) works only for indirect near JMP and CALL
|
||||||
// via register. It is always enabled for indirect far JMP and CALL or near indirect JMP and CALL via memoery.
|
// instructions. It is always enabled for far JMP and CALL instructions.
|
||||||
Instrux->IsCetTracked = ND_HAS_CETT(Instrux) && ((!ND_DNT_SUPPORT(Instrux)) ||
|
Instrux->IsCetTracked = ND_HAS_CETT(Instrux) && ((!ND_DNT_SUPPORT(Instrux)) ||
|
||||||
(Instrux->Seg != ND_PREFIX_G2_NO_TRACK) ||
|
(Instrux->Seg != ND_PREFIX_G2_NO_TRACK));
|
||||||
(Instrux->HasModRm && (Instrux->ModRm.mod != 3)));
|
|
||||||
|
|
||||||
// Do instruction validations. These checks are made in order to filter out encodings that would normally
|
// Do instruction validations. These checks are made in order to filter out encodings that would normally
|
||||||
// be invalid and would generate #UD.
|
// be invalid and would generate #UD.
|
||||||
@ -4391,7 +4425,7 @@ NdToText(
|
|||||||
|
|
||||||
if (Instrux->HasSeg && ND_BHINT_SUPPORT(Instrux))
|
if (Instrux->HasSeg && ND_BHINT_SUPPORT(Instrux))
|
||||||
{
|
{
|
||||||
switch (Instrux->Bhint)
|
switch (Instrux->Seg)
|
||||||
{
|
{
|
||||||
case ND_PREFIX_G2_BR_TAKEN:
|
case ND_PREFIX_G2_BR_TAKEN:
|
||||||
res = nd_strcat_s(Buffer, BufferSize, "BHT ");
|
res = nd_strcat_s(Buffer, BufferSize, "BHT ");
|
||||||
|
@ -7316,7 +7316,7 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
ND_INS_INT, ND_CAT_INTERRUPT, ND_SET_I86, 291,
|
ND_INS_INT, ND_CAT_INTERRUPT, ND_SET_I86, 291,
|
||||||
0,
|
0,
|
||||||
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
||||||
0, ND_OPS_CNT(1, 5), 0, 0, 0, 0, 0, 0, 0, 0,
|
0, ND_OPS_CNT(1, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_CETT, 0,
|
||||||
0|NDR_RFLAG_VM,
|
0|NDR_RFLAG_VM,
|
||||||
0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
|
0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
|
||||||
0,
|
0,
|
||||||
@ -7354,7 +7354,7 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
ND_INS_INT3, ND_CAT_INTERRUPT, ND_SET_I86, 293,
|
ND_INS_INT3, ND_CAT_INTERRUPT, ND_SET_I86, 293,
|
||||||
0,
|
0,
|
||||||
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
||||||
0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, 0, 0,
|
0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_CETT, 0,
|
||||||
0|NDR_RFLAG_VM,
|
0|NDR_RFLAG_VM,
|
||||||
0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
|
0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
|
||||||
0,
|
0,
|
||||||
@ -7373,7 +7373,7 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
ND_INS_INTO, ND_CAT_INTERRUPT, ND_SET_I86, 294,
|
ND_INS_INTO, ND_CAT_INTERRUPT, ND_SET_I86, 294,
|
||||||
0,
|
0,
|
||||||
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
||||||
0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_I64, 0,
|
0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_CETT|ND_FLAG_I64, 0,
|
||||||
0|NDR_RFLAG_VM,
|
0|NDR_RFLAG_VM,
|
||||||
0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
|
0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
|
||||||
0,
|
0,
|
||||||
@ -10276,7 +10276,7 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
{
|
{
|
||||||
OP(ND_OPT_GPR_rAX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_MEM_rAX, ND_OPS_b, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
OP(ND_OPT_GPR_rCX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_GPR_rCX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
OP(ND_OPT_GPR_rDX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_GPR_rDX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
},
|
},
|
||||||
@ -10293,7 +10293,7 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
{
|
{
|
||||||
OP(ND_OPT_GPR_rAX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_MEM_rAX, ND_OPS_b, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
OP(ND_OPT_GPR_rCX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_GPR_rCX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
OP(ND_OPT_GPR_rDX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_GPR_rDX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
},
|
},
|
||||||
@ -19031,13 +19031,14 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
ND_INS_RMPADJUST, ND_CAT_SYSTEM, ND_SET_SNP, 684,
|
ND_INS_RMPADJUST, ND_CAT_SYSTEM, ND_SET_SNP, 684,
|
||||||
0,
|
0,
|
||||||
ND_MOD_R0|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
ND_MOD_R0|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
||||||
0, ND_OPS_CNT(0, 4), 0, 0, 0, 0, 0, 0, ND_FLAG_MODRM|ND_FLAG_O64, ND_CFF_SNP,
|
0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_I67|ND_FLAG_MODRM|ND_FLAG_O64, ND_CFF_SNP,
|
||||||
0,
|
0,
|
||||||
0|NDR_RFLAG_OF|NDR_RFLAG_ZF|NDR_RFLAG_AF|NDR_RFLAG_PF|NDR_RFLAG_SF,
|
0|NDR_RFLAG_OF|NDR_RFLAG_ZF|NDR_RFLAG_AF|NDR_RFLAG_PF|NDR_RFLAG_SF,
|
||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
{
|
{
|
||||||
OP(ND_OPT_GPR_rAX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_RW, 0, 0),
|
OP(ND_OPT_MEM_rAX, ND_OPS_b, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
|
OP(ND_OPT_GPR_rAX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_RW, 0, 0),
|
||||||
OP(ND_OPT_GPR_rCX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_GPR_rCX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
OP(ND_OPT_GPR_rDX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_GPR_rDX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
OP(ND_OPT_F, ND_OPS_v, ND_OPF_DEFAULT, ND_OPA_W, 0, 0),
|
OP(ND_OPT_F, ND_OPS_v, ND_OPF_DEFAULT, ND_OPA_W, 0, 0),
|
||||||
@ -19049,14 +19050,14 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
ND_INS_RMPUPDATE, ND_CAT_SYSTEM, ND_SET_SNP, 685,
|
ND_INS_RMPUPDATE, ND_CAT_SYSTEM, ND_SET_SNP, 685,
|
||||||
0,
|
0,
|
||||||
ND_MOD_R0|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
ND_MOD_R0|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
||||||
0, ND_OPS_CNT(0, 3), 0, 0, 0, 0, 0, 0, ND_FLAG_MODRM|ND_FLAG_O64, ND_CFF_SNP,
|
0, ND_OPS_CNT(0, 3), 0, 0, 0, 0, 0, 0, ND_FLAG_I67|ND_FLAG_MODRM|ND_FLAG_O64, ND_CFF_SNP,
|
||||||
0,
|
0,
|
||||||
0|NDR_RFLAG_OF|NDR_RFLAG_ZF|NDR_RFLAG_AF|NDR_RFLAG_PF|NDR_RFLAG_SF,
|
0|NDR_RFLAG_OF|NDR_RFLAG_ZF|NDR_RFLAG_AF|NDR_RFLAG_PF|NDR_RFLAG_SF,
|
||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
{
|
{
|
||||||
OP(ND_OPT_GPR_rAX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_RW, 0, 0),
|
OP(ND_OPT_GPR_rAX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_RW, 0, 0),
|
||||||
OP(ND_OPT_GPR_rCX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
OP(ND_OPT_MEM_rCX, ND_OPS_dq, ND_OPF_DEFAULT, ND_OPA_R, 0, 0),
|
||||||
OP(ND_OPT_F, ND_OPS_v, ND_OPF_DEFAULT, ND_OPA_W, 0, 0),
|
OP(ND_OPT_F, ND_OPS_v, ND_OPF_DEFAULT, ND_OPA_W, 0, 0),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
@ -21694,7 +21695,7 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
ND_INS_SYSCALL, ND_CAT_SYSCALL, ND_SET_AMD, 783,
|
ND_INS_SYSCALL, ND_CAT_SYSCALL, ND_SET_AMD, 783,
|
||||||
0,
|
0,
|
||||||
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
||||||
0, ND_OPS_CNT(0, 10), 0, 0, 0, 0, 0, 0, ND_FLAG_F64, ND_CFF_FSC,
|
0, ND_OPS_CNT(0, 10), 0, 0, 0, 0, 0, 0, ND_FLAG_F64|ND_FLAG_CETT, ND_CFF_FSC,
|
||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
@ -21718,7 +21719,7 @@ const ND_INSTRUCTION gInstructions[2701] =
|
|||||||
ND_INS_SYSENTER, ND_CAT_SYSCALL, ND_SET_PPRO, 784,
|
ND_INS_SYSENTER, ND_CAT_SYSCALL, ND_SET_PPRO, 784,
|
||||||
0,
|
0,
|
||||||
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF,
|
||||||
0, ND_OPS_CNT(0, 9), 0, 0, 0, 0, 0, 0, 0, ND_CFF_SEP,
|
0, ND_OPS_CNT(0, 9), 0, 0, 0, 0, 0, 0, ND_FLAG_CETT, ND_CFF_SEP,
|
||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
|
@ -441,6 +441,8 @@ typedef enum _ND_OPERAND_TYPE_SPEC
|
|||||||
ND_OPT_SSE_XMM7,
|
ND_OPT_SSE_XMM7,
|
||||||
|
|
||||||
// Implicit memory operands.
|
// Implicit memory operands.
|
||||||
|
ND_OPT_MEM_rAX,
|
||||||
|
ND_OPT_MEM_rCX,
|
||||||
ND_OPT_MEM_rBX_AL,
|
ND_OPT_MEM_rBX_AL,
|
||||||
ND_OPT_MEM_rDI,
|
ND_OPT_MEM_rDI,
|
||||||
ND_OPT_MEM_SHS,
|
ND_OPT_MEM_SHS,
|
||||||
|
@ -66,7 +66,8 @@
|
|||||||
REP: no, REPcc: no, LOCK: no
|
REP: no, REPcc: no, LOCK: no
|
||||||
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
BND: no, BHINT: no, DNT: no
|
BND: no, BHINT: no, DNT: no
|
||||||
Operand: 0, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
Operand: 0, Acc: R-, Type: Memory, Size: 1, RawSize: 1, Encoding: S,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 1, RegCount: 1
|
Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 1, RegCount: 1
|
||||||
Operand: 2, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 2, RegCount: 1
|
Operand: 2, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 2, RegCount: 1
|
||||||
|
|
||||||
|
@ -580,7 +580,7 @@
|
|||||||
|
|
||||||
0000000000000066 cd21 INT 0x21
|
0000000000000066 cd21 INT 0x21
|
||||||
DSIZE: 16, ASIZE: 16, VLEN: -
|
DSIZE: 16, ASIZE: 16, VLEN: -
|
||||||
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
|
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
|
||||||
FLAGS access
|
FLAGS access
|
||||||
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
||||||
Valid modes
|
Valid modes
|
||||||
@ -603,7 +603,7 @@
|
|||||||
|
|
||||||
0000000000000068 cc INT3
|
0000000000000068 cc INT3
|
||||||
DSIZE: 16, ASIZE: 16, VLEN: -
|
DSIZE: 16, ASIZE: 16, VLEN: -
|
||||||
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
|
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
|
||||||
FLAGS access
|
FLAGS access
|
||||||
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
||||||
Valid modes
|
Valid modes
|
||||||
|
@ -580,7 +580,7 @@
|
|||||||
|
|
||||||
0000000000000064 cd21 INT 0x21
|
0000000000000064 cd21 INT 0x21
|
||||||
DSIZE: 32, ASIZE: 32, VLEN: -
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
|
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
|
||||||
FLAGS access
|
FLAGS access
|
||||||
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
||||||
Valid modes
|
Valid modes
|
||||||
@ -603,7 +603,7 @@
|
|||||||
|
|
||||||
0000000000000066 cc INT3
|
0000000000000066 cc INT3
|
||||||
DSIZE: 32, ASIZE: 32, VLEN: -
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
|
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
|
||||||
FLAGS access
|
FLAGS access
|
||||||
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
||||||
Valid modes
|
Valid modes
|
||||||
@ -786,7 +786,7 @@
|
|||||||
|
|
||||||
0000000000000074 0f34 SYSENTER
|
0000000000000074 0f34 SYSENTER
|
||||||
DSIZE: 32, ASIZE: 32, VLEN: -
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
ISA Set: PPRO, Ins cat: SYSCALL, CET tracked: no
|
ISA Set: PPRO, Ins cat: SYSCALL, CET tracked: yes
|
||||||
CPUID leaf: 0x00000001, reg: edx, bit: 11
|
CPUID leaf: 0x00000001, reg: edx, bit: 11
|
||||||
FLAGS access
|
FLAGS access
|
||||||
IF: 0,
|
IF: 0,
|
||||||
|
@ -360,7 +360,7 @@
|
|||||||
|
|
||||||
0000000000000032 cd21 INT 0x21
|
0000000000000032 cd21 INT 0x21
|
||||||
DSIZE: 32, ASIZE: 64, VLEN: -
|
DSIZE: 32, ASIZE: 64, VLEN: -
|
||||||
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
|
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
|
||||||
FLAGS access
|
FLAGS access
|
||||||
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
||||||
Valid modes
|
Valid modes
|
||||||
@ -383,7 +383,7 @@
|
|||||||
|
|
||||||
0000000000000034 cc INT3
|
0000000000000034 cc INT3
|
||||||
DSIZE: 32, ASIZE: 64, VLEN: -
|
DSIZE: 32, ASIZE: 64, VLEN: -
|
||||||
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
|
ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
|
||||||
FLAGS access
|
FLAGS access
|
||||||
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m,
|
||||||
Valid modes
|
Valid modes
|
||||||
@ -566,7 +566,7 @@
|
|||||||
|
|
||||||
0000000000000042 0f05 SYSCALL
|
0000000000000042 0f05 SYSCALL
|
||||||
DSIZE: 64, ASIZE: 64, VLEN: -
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: no
|
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
|
||||||
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
||||||
FLAGS access
|
FLAGS access
|
||||||
Entire register
|
Entire register
|
||||||
|
@ -13,10 +13,12 @@
|
|||||||
REP: no, REPcc: no, LOCK: no
|
REP: no, REPcc: no, LOCK: no
|
||||||
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
BND: no, BHINT: no, DNT: no
|
BND: no, BHINT: no, DNT: no
|
||||||
Operand: 0, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
Operand: 0, Acc: R-, Type: Memory, Size: 1, RawSize: 1, Encoding: S,
|
||||||
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 1, RegCount: 1
|
Segment: 3, Base: 0,
|
||||||
Operand: 2, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 2, RegCount: 1
|
Operand: 1, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
Operand: 3, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
|
Operand: 2, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 1, RegCount: 1
|
||||||
|
Operand: 3, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 2, RegCount: 1
|
||||||
|
Operand: 4, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
|
||||||
0000000000000004 f20f01fe RMPUPDATE
|
0000000000000004 f20f01fe RMPUPDATE
|
||||||
DSIZE: 32, ASIZE: 64, VLEN: -
|
DSIZE: 32, ASIZE: 64, VLEN: -
|
||||||
@ -34,7 +36,8 @@
|
|||||||
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
BND: no, BHINT: no, DNT: no
|
BND: no, BHINT: no, DNT: no
|
||||||
Operand: 0, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
Operand: 0, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 1, RegCount: 1
|
Operand: 1, Acc: R-, Type: Memory, Size: 16, RawSize: 16, Encoding: S,
|
||||||
|
Segment: 3, Base: 1,
|
||||||
Operand: 2, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
|
Operand: 2, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
|
||||||
0000000000000008 f30f01ff PSMASH
|
0000000000000008 f30f01ff PSMASH
|
||||||
|
1
bddisasm_test/cet/dnt_32
Normal file
1
bddisasm_test/cet/dnt_32
Normal file
@ -0,0 +1 @@
|
|||||||
|
<EFBFBD><10>衐<EFBFBD>d<><64>><3E>><3E><>>.<2E>>.<2E><>.><3E>.><3E><>>d<>>d<>衐><3E>d><3E><>
|
28
bddisasm_test/cet/dnt_32.asm
Normal file
28
bddisasm_test/cet/dnt_32.asm
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
bits 32
|
||||||
|
|
||||||
|
call dword [eax]
|
||||||
|
call eax
|
||||||
|
db 0x64
|
||||||
|
call dword [eax]
|
||||||
|
db 0x64
|
||||||
|
call eax
|
||||||
|
db 0x3E
|
||||||
|
call dword [eax]
|
||||||
|
db 0x3E
|
||||||
|
call eax
|
||||||
|
db 0x3E, 0x2E
|
||||||
|
call dword [eax]
|
||||||
|
db 0x3E, 0x2E
|
||||||
|
call eax
|
||||||
|
db 0x2E, 0x3E
|
||||||
|
call dword [eax]
|
||||||
|
db 0x2E, 0x3E
|
||||||
|
call eax
|
||||||
|
db 0x3E, 0x64
|
||||||
|
call dword [eax]
|
||||||
|
db 0x3E, 0x64
|
||||||
|
call eax
|
||||||
|
db 0x64, 0x3E
|
||||||
|
call dword [eax]
|
||||||
|
db 0x64, 0x3E
|
||||||
|
call eax
|
273
bddisasm_test/cet/dnt_32.result
Normal file
273
bddisasm_test/cet/dnt_32.result
Normal file
@ -0,0 +1,273 @@
|
|||||||
|
0000000000000000 ff10 CALL dword ptr [eax]
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: M,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000002 ffd0 CALL eax
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000004 64ff10 CALL dword ptr fs:[eax]
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: M,
|
||||||
|
Segment: 4, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000007 64ffd0 CALL eax
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
000000000000000A 3eff10 DNT CALL dword ptr ds:[eax]
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: M,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
000000000000000D 3effd0 DNT CALL eax
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000010 3e2eff10 CALL dword ptr cs:[eax]
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: M,
|
||||||
|
Segment: 1, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000014 3e2effd0 CALL eax
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000018 2e3eff10 DNT CALL dword ptr ds:[eax]
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: M,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
000000000000001C 2e3effd0 DNT CALL eax
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000020 3e64ff10 CALL dword ptr fs:[eax]
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: M,
|
||||||
|
Segment: 4, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000024 3e64ffd0 CALL eax
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000028 643eff10 DNT CALL dword ptr ds:[eax]
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: M,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
000000000000002C 643effd0 DNT CALL eax
|
||||||
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
1
bddisasm_test/cet/dnt_64
Normal file
1
bddisasm_test/cet/dnt_64
Normal file
@ -0,0 +1 @@
|
|||||||
|
<EFBFBD><10>衐<EFBFBD>d<><64>><3E>><3E><>>.<2E>>.<2E><>.><3E>.><3E><>>d<>>d<>衐><3E>d><3E><>
|
28
bddisasm_test/cet/dnt_64.asm
Normal file
28
bddisasm_test/cet/dnt_64.asm
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
bits 64
|
||||||
|
|
||||||
|
call qword [rax]
|
||||||
|
call rax
|
||||||
|
db 0x64
|
||||||
|
call qword [rax]
|
||||||
|
db 0x64
|
||||||
|
call rax
|
||||||
|
db 0x3E
|
||||||
|
call qword [rax]
|
||||||
|
db 0x3E
|
||||||
|
call rax
|
||||||
|
db 0x3E, 0x2E
|
||||||
|
call qword [rax]
|
||||||
|
db 0x3E, 0x2E
|
||||||
|
call rax
|
||||||
|
db 0x2E, 0x3E
|
||||||
|
call qword [rax]
|
||||||
|
db 0x2E, 0x3E
|
||||||
|
call rax
|
||||||
|
db 0x3E, 0x64
|
||||||
|
call qword [rax]
|
||||||
|
db 0x3E, 0x64
|
||||||
|
call rax
|
||||||
|
db 0x64, 0x3E
|
||||||
|
call qword [rax]
|
||||||
|
db 0x64, 0x3E
|
||||||
|
call rax
|
273
bddisasm_test/cet/dnt_64.result
Normal file
273
bddisasm_test/cet/dnt_64.result
Normal file
@ -0,0 +1,273 @@
|
|||||||
|
0000000000000000 ff10 CALL qword ptr [rax]
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 8, RawSize: 8, Encoding: M,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000002 ffd0 CALL rax
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000004 64ff10 CALL qword ptr fs:[rax]
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 8, RawSize: 8, Encoding: M,
|
||||||
|
Segment: 4, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000007 64ffd0 CALL rax
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
000000000000000A 3eff10 DNT CALL qword ptr [rax]
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 8, RawSize: 8, Encoding: M,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
000000000000000D 3effd0 DNT CALL rax
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000010 3e2eff10 DNT CALL qword ptr [rax]
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 8, RawSize: 8, Encoding: M,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000014 3e2effd0 DNT CALL rax
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000018 2e3eff10 DNT CALL qword ptr [rax]
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 8, RawSize: 8, Encoding: M,
|
||||||
|
Segment: 3, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
000000000000001C 2e3effd0 DNT CALL rax
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: no
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000020 3e64ff10 CALL qword ptr fs:[rax]
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 8, RawSize: 8, Encoding: M,
|
||||||
|
Segment: 4, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000024 3e64ffd0 CALL rax
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
0000000000000028 643eff10 CALL qword ptr fs:[rax]
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Memory, Size: 8, RawSize: 8, Encoding: M,
|
||||||
|
Segment: 4, Base: 0,
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
||||||
|
000000000000002C 643effd0 CALL rax
|
||||||
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
|
ISA Set: I86, Ins cat: CALL, CET tracked: yes
|
||||||
|
Valid modes
|
||||||
|
R0: yes, R1: yes, R2: yes, R3: yes
|
||||||
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
||||||
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
||||||
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
||||||
|
Valid prefixes
|
||||||
|
REP: no, REPcc: no, LOCK: no
|
||||||
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
||||||
|
BND: yes, BHINT: no, DNT: yes
|
||||||
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 1, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: IP, RegSize: 8, RegId: 0, RegCount: 1
|
||||||
|
Operand: 2, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||||
|
Segment: 2, Base: 4,
|
||||||
|
Operand: 3, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Shadow stack: 3,
|
||||||
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
|||||||
0000000000000000 0f db 0x0f (0x80000009)
|
0000000000000000 0f db 0x0f (0x80000009)
|
||||||
0000000000000010 0f05 SYSCALL
|
0000000000000010 0f05 SYSCALL
|
||||||
DSIZE: 32, ASIZE: 32, VLEN: -
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: no
|
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
|
||||||
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
||||||
FLAGS access
|
FLAGS access
|
||||||
Entire register
|
Entire register
|
||||||
|
@ -60,7 +60,7 @@
|
|||||||
|
|
||||||
000000000000000B 0f05 SYSCALL
|
000000000000000B 0f05 SYSCALL
|
||||||
DSIZE: 64, ASIZE: 64, VLEN: -
|
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||||
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: no
|
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
|
||||||
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
||||||
FLAGS access
|
FLAGS access
|
||||||
Entire register
|
Entire register
|
||||||
|
@ -82,7 +82,7 @@
|
|||||||
|
|
||||||
000000000000000A 260f05 SYSCALL
|
000000000000000A 260f05 SYSCALL
|
||||||
DSIZE: 32, ASIZE: 32, VLEN: -
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
||||||
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: no
|
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
|
||||||
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
||||||
FLAGS access
|
FLAGS access
|
||||||
Entire register
|
Entire register
|
||||||
|
Binary file not shown.
@ -260,6 +260,7 @@ typedef unsigned int SHEMU_STATUS;
|
|||||||
#define SHEMU_FLAG_SWAPGS 0x00020000 // SWAPGS was executed.
|
#define SHEMU_FLAG_SWAPGS 0x00020000 // SWAPGS was executed.
|
||||||
#define SHEMU_FLAG_SYSCALL_MSR_READ 0x00040000 // A SYSCALL/SYSENTER MSR read.
|
#define SHEMU_FLAG_SYSCALL_MSR_READ 0x00040000 // A SYSCALL/SYSENTER MSR read.
|
||||||
#define SHEMU_FLAG_SYSCALL_MSR_WRITE 0x00080000 // A SYSCALL/SYSENTER MSR write.
|
#define SHEMU_FLAG_SYSCALL_MSR_WRITE 0x00080000 // A SYSCALL/SYSENTER MSR write.
|
||||||
|
#define SHEMU_FLAG_SIDT 0x00100000 // SIDT was executed.
|
||||||
|
|
||||||
|
|
||||||
//
|
//
|
||||||
|
@ -7,6 +7,6 @@
|
|||||||
|
|
||||||
#define DISASM_VERSION_MAJOR 1
|
#define DISASM_VERSION_MAJOR 1
|
||||||
#define DISASM_VERSION_MINOR 34
|
#define DISASM_VERSION_MINOR 34
|
||||||
#define DISASM_VERSION_REVISION 2
|
#define DISASM_VERSION_REVISION 4
|
||||||
|
|
||||||
#endif // DISASM_VER_H
|
#endif // DISASM_VER_H
|
||||||
|
@ -294,6 +294,8 @@ valid_impops = {# register size
|
|||||||
'SSP' : ('SSP', 'yf'), # Shadow stack pointer. 32 bit in protected/compat mode, 64 in long mode.
|
'SSP' : ('SSP', 'yf'), # Shadow stack pointer. 32 bit in protected/compat mode, 64 in long mode.
|
||||||
|
|
||||||
# Implicit memory operands.
|
# Implicit memory operands.
|
||||||
|
'pAXb' : ('pAX', 'b'), # Implicit byte [rAX], used by MONITOR and MONITORX. Can be overriden.
|
||||||
|
'pCXdq' : ('pCX', 'dq'), # Implicit xmmword [rCX], used by RMPADJUST. Can be overriden.
|
||||||
'pBXALb' : ('pBXAL', 'b'), # Implicit [RBX + AL], as used by XLAT.
|
'pBXALb' : ('pBXAL', 'b'), # Implicit [RBX + AL], as used by XLAT.
|
||||||
'pDIq' : ('pDI', 'q'), # Implicit qword [RDI].
|
'pDIq' : ('pDI', 'q'), # Implicit qword [RDI].
|
||||||
'pDIdq' : ('pDI', 'dq'), # Implicit xmmword [RDI].
|
'pDIdq' : ('pDI', 'dq'), # Implicit xmmword [RDI].
|
||||||
|
@ -146,6 +146,8 @@ optype = {
|
|||||||
'XMM7' : 'ND_OPT_SSE_XMM7',
|
'XMM7' : 'ND_OPT_SSE_XMM7',
|
||||||
|
|
||||||
# Memory operands
|
# Memory operands
|
||||||
|
'pAX' : 'ND_OPT_MEM_rAX',
|
||||||
|
'pCX' : 'ND_OPT_MEM_rCX',
|
||||||
'pBXAL' : 'ND_OPT_MEM_rBX_AL',
|
'pBXAL' : 'ND_OPT_MEM_rBX_AL',
|
||||||
'pDI' : 'ND_OPT_MEM_rDI',
|
'pDI' : 'ND_OPT_MEM_rDI',
|
||||||
'SHS' : 'ND_OPT_MEM_SHS',
|
'SHS' : 'ND_OPT_MEM_SHS',
|
||||||
|
@ -27,7 +27,7 @@ VMLAUNCH nil Fv [ NP 0x0F 0x01 /0
|
|||||||
VMRESUME nil Fv [ NP 0x0F 0x01 /0xC3] s:VTX, t:VTX, w:W, f:VMX, m:VMXROOT
|
VMRESUME nil Fv [ NP 0x0F 0x01 /0xC3] s:VTX, t:VTX, w:W, f:VMX, m:VMXROOT
|
||||||
VMXOFF nil Fv [ NP 0x0F 0x01 /0xC4] s:VTX, t:VTX, w:W, f:VMX, m:VMXROOT
|
VMXOFF nil Fv [ NP 0x0F 0x01 /0xC4] s:VTX, t:VTX, w:W, f:VMX, m:VMXROOT
|
||||||
PCONFIG nil EAX,RBX,RCX,RDX [ NP 0x0F 0x01 /0xC5] s:PCONFIG, t:PCONFIG, w:R|RW|RW|RW, m:NOV86
|
PCONFIG nil EAX,RBX,RCX,RDX [ NP 0x0F 0x01 /0xC5] s:PCONFIG, t:PCONFIG, w:R|RW|RW|RW, m:NOV86
|
||||||
MONITOR nil EAX,ECX,EDX [ NP 0x0F 0x01 /0xC8] s:SSE3, t:MISC, w:R|R|R, i:MONITOR, m:KERNEL|NOV86
|
MONITOR nil pAXb,ECX,EDX [ NP 0x0F 0x01 /0xC8] s:SSE3, t:MISC, w:R|R|R, i:MONITOR, m:KERNEL|NOV86
|
||||||
MWAIT nil EAX,ECX [ NP 0x0F 0x01 /0xC9] s:SSE3, t:MISC, w:RW|R, i:MONITOR, m:KERNEL|NOV86
|
MWAIT nil EAX,ECX [ NP 0x0F 0x01 /0xC9] s:SSE3, t:MISC, w:RW|R, i:MONITOR, m:KERNEL|NOV86
|
||||||
CLAC nil Fv [ NP 0x0F 0x01 /0xCA] s:SMAP, t:SMAP, w:W, f:AC=0, m:KERNEL|NOV86
|
CLAC nil Fv [ NP 0x0F 0x01 /0xCA] s:SMAP, t:SMAP, w:W, f:AC=0, m:KERNEL|NOV86
|
||||||
ERETU nil rIP,Fv,rSP,CS,SS,Kv5,SSP,GSBASE,KGSBASE [0xF3 0x0F 0x01 /0xCA] s:FRED, t:FRED, w:W|W|W|W|W|R|CRCW|RW|RW, m:KERNEL|O64|NOTSX, a:F64
|
ERETU nil rIP,Fv,rSP,CS,SS,Kv5,SSP,GSBASE,KGSBASE [0xF3 0x0F 0x01 /0xCA] s:FRED, t:FRED, w:W|W|W|W|W|R|CRCW|RW|RW, m:KERNEL|O64|NOTSX, a:F64
|
||||||
@ -68,14 +68,14 @@ WRPKRU nil EDX,EAX,ECX,PKRU [ NP 0x0F 0x01 /0
|
|||||||
STUI nil UIF [ 0xF3 0x0F 0x01 /0xEF] s:UINTR, t:UINTR, w:W, m:O64|NOTSX|NOSGX
|
STUI nil UIF [ 0xF3 0x0F 0x01 /0xEF] s:UINTR, t:UINTR, w:W, m:O64|NOTSX|NOSGX
|
||||||
SWAPGS nil GSBASE,KGSBASE [ 0x0F 0x01 /0xF8] s:LONGMODE, t:SYSTEM, w:RW|RW, m:KERNEL|O64
|
SWAPGS nil GSBASE,KGSBASE [ 0x0F 0x01 /0xF8] s:LONGMODE, t:SYSTEM, w:RW|RW, m:KERNEL|O64
|
||||||
RDTSCP nil EAX,EDX,ECX,TSC,TSCAUX [ 0x0F 0x01 /0xF9] s:RDTSCP, t:SYSTEM, w:W|W|W|R|R
|
RDTSCP nil EAX,EDX,ECX,TSC,TSCAUX [ 0x0F 0x01 /0xF9] s:RDTSCP, t:SYSTEM, w:W|W|W|R|R
|
||||||
MONITORX nil EAX,ECX,EDX [ NP 0x0F 0x01 /0xFA] s:MWAITT, t:SYSTEM, w:R|R|R, m:KERNEL|NOV86
|
MONITORX nil pAXb,ECX,EDX [ NP 0x0F 0x01 /0xFA] s:MWAITT, t:SYSTEM, w:R|R|R, m:KERNEL|NOV86
|
||||||
MCOMMIT nil Fv [ 0xF3 0x0F 0x01 /0xFA] s:MCOMMIT, t:MISC, w:W, f:CF=m|PF=0|AF=0|ZF=0|SF=0|OF=0
|
MCOMMIT nil Fv [ 0xF3 0x0F 0x01 /0xFA] s:MCOMMIT, t:MISC, w:W, f:CF=m|PF=0|AF=0|ZF=0|SF=0|OF=0
|
||||||
MWAITX nil EAX,ECX,EBX [ NP 0x0F 0x01 /0xFB] s:MWAITT, t:SYSTEM, w:R|R|R, m:KERNEL|NOV86
|
MWAITX nil EAX,ECX,EBX [ NP 0x0F 0x01 /0xFB] s:MWAITT, t:SYSTEM, w:R|R|R, m:KERNEL|NOV86
|
||||||
CLZERO nil rAX [ 0x0F 0x01 /0xFC] s:CLZERO, t:MISC, w:R
|
CLZERO nil rAX [ 0x0F 0x01 /0xFC] s:CLZERO, t:MISC, w:R
|
||||||
RDPRU nil EAX,EDX,ECX,Fv [ 0x0F 0x01 /0xFD] s:RDPRU, t:MISC, w:W|W|R|W, f:CF=m|PF=0|AF=0|ZF=0|SF=0|OF=0
|
RDPRU nil EAX,EDX,ECX,Fv [ 0x0F 0x01 /0xFD] s:RDPRU, t:MISC, w:W|W|R|W, f:CF=m|PF=0|AF=0|ZF=0|SF=0|OF=0
|
||||||
INVLPGB nil rAX,ECX,EDX [ 0x0F 0x01 /0xFE] s:INVLPGB, t:SYSTEM, w:R|R|R, m:NOREAL|KERNEL
|
INVLPGB nil rAX,ECX,EDX [ 0x0F 0x01 /0xFE] s:INVLPGB, t:SYSTEM, w:R|R|R, m:NOREAL|KERNEL
|
||||||
RMPADJUST nil RAX,RCX,RDX,Fv [ 0xF3 0x0F 0x01 /0xFE] s:SNP, t:SYSTEM, w:RW|R|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
|
RMPADJUST nil pAXb,EAX,RCX,RDX,Fv [ 0xF3 0x0F 0x01 /0xFE] s:SNP, t:SYSTEM, w:R|RW|R|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, a:I67, m:O64|KERNEL
|
||||||
RMPUPDATE nil RAX,RCX,Fv [ 0xF2 0x0F 0x01 /0xFE] s:SNP, t:SYSTEM, w:RW|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
|
RMPUPDATE nil RAX,pCXdq,Fv [ 0xF2 0x0F 0x01 /0xFE] s:SNP, t:SYSTEM, w:RW|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, a:I67, m:O64|KERNEL
|
||||||
TLBSYNC nil nil [ 0x0F 0x01 /0xFF] s:INVLPGB, t:SYSTEM, m:NOREAL|KERNEL
|
TLBSYNC nil nil [ 0x0F 0x01 /0xFF] s:INVLPGB, t:SYSTEM, m:NOREAL|KERNEL
|
||||||
PSMASH nil RAX,Fv [ 0xF3 0x0F 0x01 /0xFF] s:SNP, t:SYSTEM, w:RW|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
|
PSMASH nil RAX,Fv [ 0xF3 0x0F 0x01 /0xFF] s:SNP, t:SYSTEM, w:RW|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
|
||||||
PVALIDATE nil rAX,ECX,EDX,Fv [ 0xF2 0x0F 0x01 /0xFF] s:SNP, t:SYSTEM, w:RW|R|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m|CF=m, m:KERNEL
|
PVALIDATE nil rAX,ECX,EDX,Fv [ 0xF2 0x0F 0x01 /0xFF] s:SNP, t:SYSTEM, w:RW|R|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m|CF=m, m:KERNEL
|
||||||
@ -84,7 +84,7 @@ LAR Gv,Rz Fv [ 0x0F 0x02 /r
|
|||||||
LSL Gv,Mw Fv [ 0x0F 0x03 /r:mem] s:I286PROT, t:SYSTEM, w:RW|R|W, f:ZF=m, m:NOREAL
|
LSL Gv,Mw Fv [ 0x0F 0x03 /r:mem] s:I286PROT, t:SYSTEM, w:RW|R|W, f:ZF=m, m:NOREAL
|
||||||
LSL Gv,Rz Fv [ 0x0F 0x03 /r:reg] s:I286PROT, t:SYSTEM, w:RW|R|W, f:ZF=m, m:NOREAL
|
LSL Gv,Rz Fv [ 0x0F 0x03 /r:reg] s:I286PROT, t:SYSTEM, w:RW|R|W, f:ZF=m, m:NOREAL
|
||||||
#LOADALL nil BANK [ 0x0F 0x05] s:I486REAL, t:UNDOC, w:R
|
#LOADALL nil BANK [ 0x0F 0x05] s:I486REAL, t:UNDOC, w:R
|
||||||
SYSCALL nil STAR,LSTAR,FMASK,SS,RCX,R11,CS,rIP,Fv,SSP [ 0x0F 0x05] s:AMD, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW|RW, a:F64, i:FSC, m:NOSGX
|
SYSCALL nil STAR,LSTAR,FMASK,SS,RCX,R11,CS,rIP,Fv,SSP [ 0x0F 0x05] s:AMD, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW|RW, a:F64|CETT, i:FSC, m:NOSGX
|
||||||
CLTS nil CR0 [ 0x0F 0x06] s:I286REAL, t:SYSTEM, w:W, m:KERNEL|NOV86
|
CLTS nil CR0 [ 0x0F 0x06] s:I286REAL, t:SYSTEM, w:W, m:KERNEL|NOV86
|
||||||
#LOADALLD nil BANK [ 0x0F 0x07] s:I486REAL, t:UNDOC, w:R
|
#LOADALLD nil BANK [ 0x0F 0x07] s:I486REAL, t:UNDOC, w:R
|
||||||
SYSRET nil STAR,SS,rCX,R11,CS,rIP,Fv,SSP [ 0x0F 0x07] s:AMD, t:SYSRET, w:R|W|R|R|W|W|W|W, i:FSC, m:KERNEL
|
SYSRET nil STAR,SS,rCX,R11,CS,rIP,Fv,SSP [ 0x0F 0x07] s:AMD, t:SYSRET, w:R|W|R|R|W|W|W|W, i:FSC, m:KERNEL
|
||||||
@ -254,7 +254,7 @@ WRMSR nil EAX,EDX,ECX,MSR [ 0x0F 0x30]
|
|||||||
RDTSC nil EAX,EDX,TSC [ 0x0F 0x31] s:PENTIUMREAL, t:SYSTEM, w:W|W|R
|
RDTSC nil EAX,EDX,TSC [ 0x0F 0x31] s:PENTIUMREAL, t:SYSTEM, w:W|W|R
|
||||||
RDMSR nil EAX,EDX,ECX,MSR [ 0x0F 0x32] s:PENTIUMREAL, t:SYSTEM, w:W|W|R|R, m:KERNEL|NOV86, i:MSR
|
RDMSR nil EAX,EDX,ECX,MSR [ 0x0F 0x32] s:PENTIUMREAL, t:SYSTEM, w:W|W|R|R, m:KERNEL|NOV86, i:MSR
|
||||||
RDPMC nil EAX,EDX,ECX,MSR [ 0x0F 0x33] s:RDPMC, t:SYSTEM, w:W|W|R|R, m:NOSGX
|
RDPMC nil EAX,EDX,ECX,MSR [ 0x0F 0x33] s:RDPMC, t:SYSTEM, w:W|W|R|R, m:NOSGX
|
||||||
SYSENTER nil SCS,SESP,SEIP,SS,sSP,CS,rIP,Fv,SSP [ 0x0F 0x34] s:PPRO, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW, i:SEP, f:IF=0, m:NOREAL|NOSGX
|
SYSENTER nil SCS,SESP,SEIP,SS,sSP,CS,rIP,Fv,SSP [ 0x0F 0x34] s:PPRO, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW, a:CETT, i:SEP, f:IF=0, m:NOREAL|NOSGX
|
||||||
SYSEXIT nil SS,sSP,CS,rIP,SSP [ 0x0F 0x35] s:PPRO, t:SYSRET, w:W|W|W|W|W|W, a:F64, i:SEP, m:KERNEL|NOREAL
|
SYSEXIT nil SS,sSP,CS,rIP,SSP [ 0x0F 0x35] s:PPRO, t:SYSRET, w:W|W|W|W|W|W, a:F64, i:SEP, m:KERNEL|NOREAL
|
||||||
RDSHR Ed nil [ cyrix 0x0F 0x36 /r] s:CYRIX, t:SYSTEM, w:R
|
RDSHR Ed nil [ cyrix 0x0F 0x36 /r] s:CYRIX, t:SYSTEM, w:R
|
||||||
GETSEC nil EAX,EBX [ NP 0x0F 0x37] s:SMX, t:SYSTEM, w:RCW|R, m:KERNEL|NOREAL|NOSGX
|
GETSEC nil EAX,EBX [ NP 0x0F 0x37] s:SMX, t:SYSTEM, w:RCW|R, m:KERNEL|NOREAL|NOSGX
|
||||||
|
@ -338,9 +338,9 @@ ENTER Iw,Ib rBP,sSP,Kv [ 0xC8 iw ib] s:I18
|
|||||||
LEAVE nil sBP,rBP,rSP,Kv [ 0xC9] s:I186, t:MISC, w:R|RW|RW|R, a:D64
|
LEAVE nil sBP,rBP,rSP,Kv [ 0xC9] s:I186, t:MISC, w:R|RW|RW|R, a:D64
|
||||||
RETF Iw CS,rIP,Kv2,SHS2 [ 0xCA iw] s:I86, t:RET, w:R|W|W|R|R
|
RETF Iw CS,rIP,Kv2,SHS2 [ 0xCA iw] s:I86, t:RET, w:R|W|W|R|R
|
||||||
RETF nil CS,rIP,Kv2,SHS2 [ 0xCB] s:I86, t:RET, w:W|W|R|R
|
RETF nil CS,rIP,Kv2,SHS2 [ 0xCB] s:I86, t:RET, w:W|W|R|R
|
||||||
INT3 nil CS,rIP,Kv3,Fv,SHS3 [ 0xCC] s:I86, t:INTERRUPT, w:RW|RW|RW|W|W, f:INT, m:NOSGX
|
INT3 nil CS,rIP,Kv3,Fv,SHS3 [ 0xCC] s:I86, t:INTERRUPT, w:RW|RW|RW|W|W, a:CETT, f:INT, m:NOSGX
|
||||||
INT Ib CS,rIP,Kv3,Fv,SHS3 [ 0xCD ib] s:I86, t:INTERRUPT, w:R|RW|RW|RW|W|W, f:INT, m:NOSGX
|
INT Ib CS,rIP,Kv3,Fv,SHS3 [ 0xCD ib] s:I86, t:INTERRUPT, w:R|RW|RW|RW|W|W, a:CETT, f:INT, m:NOSGX
|
||||||
INTO nil CS,rIP,Kv3,Fv,SHS3 [ 0xCE] s:I86, t:INTERRUPT, w:RW|RW|RW|W|W, f:INT, m:NO64|NOSGX
|
INTO nil CS,rIP,Kv3,Fv,SHS3 [ 0xCE] s:I86, t:INTERRUPT, w:RW|RW|RW|W|W, a:CETT, f:INT, m:NO64|NOSGX
|
||||||
IRETW nil CS,rIP,Kv3,Fv,SHS3 [ ds16 0xCF] s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL
|
IRETW nil CS,rIP,Kv3,Fv,SHS3 [ ds16 0xCF] s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL
|
||||||
IRETD nil CS,rIP,Kv3,Fv,SHS3 [ ds32 0xCF] s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL
|
IRETD nil CS,rIP,Kv3,Fv,SHS3 [ ds32 0xCF] s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL
|
||||||
IRETQ nil CS,rIP,Kv3,Fv,SHS3 [ ds64 0xCF] s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL
|
IRETQ nil CS,rIP,Kv3,Fv,SHS3 [ ds64 0xCF] s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL
|
||||||
|
@ -12,7 +12,7 @@ from setuptools import find_packages, setup, Command, Extension, Distribution
|
|||||||
from codecs import open
|
from codecs import open
|
||||||
|
|
||||||
VERSION = (0, 1, 3)
|
VERSION = (0, 1, 3)
|
||||||
LIBRARY_VERSION = (1, 34, 2)
|
LIBRARY_VERSION = (1, 34, 4)
|
||||||
LIBRARY_INSTRUX_SIZE = 864
|
LIBRARY_INSTRUX_SIZE = 864
|
||||||
|
|
||||||
packages = ['pybddisasm']
|
packages = ['pybddisasm']
|
||||||
|
Loading…
Reference in New Issue
Block a user