arno
/
bddisasm
mirror of https://github.com/bitdefender/bddisasm.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Fixed several issues with CET instructions specification - shadow stack and shadow stack pointer implicit operands were missing from SETSSBSY instruction, and flags access was missing from them.

Browse Source
pull/1/head
Andrei Vlad LUTAS 4 years ago
parent efe359b506
commit 811c3d0f7c
5 changed files with 34 additions and 29 deletions
Show Stats Download Patch File Download Diff File

36
bddisasm/include/instructions.h
Unescape View File

@ -1583,12 +1583,13 @@ const ND_INSTRUCTION gInstructions[2554] =
{
ND_INS_CLRSSBSY, ND_CAT_CET, ND_SET_CET, 75,
ND_MOD_ANY,
0, 0, ND_OPS_CNT(1, 0), 0, 0, 0, 0, 0, 0, ND_FLAG_SHS|ND_FLAG_MODRM, ND_CFF_CET,
0,
0,
0, 0, ND_OPS_CNT(1, 1), 0, 0, 0, 0, 0, 0, ND_FLAG_SHS|ND_FLAG_MODRM, ND_CFF_CET,
0,
0|REG_RFLAG_CF,
0,
0|REG_RFLAG_ZF|REG_RFLAG_PF|REG_RFLAG_AF|REG_RFLAG_OF|REG_RFLAG_SF,
OP(ND_OPT_M, ND_OPS_q, ND_OPF_RW, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
},
// Pos:118 Instruction:"CLTS" Encoding:"0x0F 0x06"/""
@ -5590,8 +5591,8 @@ const ND_INSTRUCTION gInstructions[2554] =
0,
0,
OP(ND_OPT_R, ND_OPS_d, ND_OPF_R, 0, 0),
OP(ND_OPT_MEM_SHS, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_R, 0, 0),
OP(ND_OPT_SSP, ND_OPS_y, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
OP(ND_OPT_MEM_SHS, ND_OPS_v2, ND_OPF_DEFAULT|ND_OPF_R, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
},
// Pos:413 Instruction:"INCSSPQ Rq" Encoding:"0xF3 rexw 0x0F 0xAE /5:reg"/"M"
@ -5604,8 +5605,8 @@ const ND_INSTRUCTION gInstructions[2554] =
0,
0,
OP(ND_OPT_R, ND_OPS_q, ND_OPF_R, 0, 0),
OP(ND_OPT_MEM_SHS, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_R, 0, 0),
OP(ND_OPT_SSP, ND_OPS_y, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
OP(ND_OPT_MEM_SHS, ND_OPS_v2, ND_OPF_DEFAULT|ND_OPF_R, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
},
// Pos:414 Instruction:"INSB Yb,DX" Encoding:"0x6C"/""
@ -15126,7 +15127,7 @@ const ND_INSTRUCTION gInstructions[2554] =
0,
0,
OP(ND_OPT_R, ND_OPS_d, ND_OPF_W, 0, 0),
OP(ND_OPT_SSP, ND_OPS_y, ND_OPF_DEFAULT|ND_OPF_R, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_R, 0, 0),
},
// Pos:1127 Instruction:"RDSSPQ Rq" Encoding:"a0xF3 rexw 0x0F 0x1E /1:reg"/"M"
@ -15139,7 +15140,7 @@ const ND_INSTRUCTION gInstructions[2554] =
0,
0,
OP(ND_OPT_R, ND_OPS_q, ND_OPF_W, 0, 0),
OP(ND_OPT_SSP, ND_OPS_y, ND_OPF_DEFAULT|ND_OPF_R, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_R, 0, 0),
},
// Pos:1128 Instruction:"RDTSC" Encoding:"0x0F 0x31"/""
@ -15569,12 +15570,13 @@ const ND_INSTRUCTION gInstructions[2554] =
{
ND_INS_RSTORSSP, ND_CAT_CET, ND_SET_CET, 680,
ND_MOD_ANY,
0, 0, ND_OPS_CNT(1, 0), 0, 0, 0, 0, 0, 0, ND_FLAG_SHS|ND_FLAG_MODRM, ND_CFF_CET,
0,
0,
0, 0, ND_OPS_CNT(1, 1), 0, 0, 0, 0, 0, 0, ND_FLAG_SHS|ND_FLAG_MODRM, ND_CFF_CET,
0,
0|REG_RFLAG_CF,
0,
0|REG_RFLAG_ZF|REG_RFLAG_PF|REG_RFLAG_AF|REG_RFLAG_OF|REG_RFLAG_SF,
OP(ND_OPT_M, ND_OPS_q, ND_OPF_RW, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
},
// Pos:1159 Instruction:"RSTS Ms" Encoding:"cyrix 0x0F 0x7D /r:mem"/"M"
@ -15802,12 +15804,12 @@ const ND_INSTRUCTION gInstructions[2554] =
ND_INS_SAVEPREVSSP, ND_CAT_CET, ND_SET_CET, 687,
ND_MOD_ANY,
0, 0, ND_OPS_CNT(0, 2), 0, 0, 0, 0, 0, 0, ND_FLAG_MODRM, ND_CFF_CET,
0|REG_RFLAG_CF,
0,
0,
0,
0,
OP(ND_OPT_MEM_SHS, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
OP(ND_OPT_SSP, ND_OPS_y, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
OP(ND_OPT_MEM_SHS, ND_OPS_q, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
},
// Pos:1176 Instruction:"SBB Eb,Gb" Encoding:"0x18 /r"/"MR"
@ -16284,11 +16286,13 @@ const ND_INSTRUCTION gInstructions[2554] =
{
ND_INS_SETSSBSY, ND_CAT_CET, ND_SET_CET, 709,
ND_MOD_ANY,
0, 0, ND_OPS_CNT(0, 0), 0, 0, 0, 0, 0, 0, ND_FLAG_SHS|ND_FLAG_MODRM, ND_CFF_CET,
0, 0, ND_OPS_CNT(0, 2), 0, 0, 0, 0, 0, 0, ND_FLAG_SHS|ND_FLAG_MODRM, ND_CFF_CET,
0,
0,
0,
0,
OP(ND_OPT_MEM_SHS, ND_OPS_q, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
},
// Pos:1211 Instruction:"SETZ Eb" Encoding:"0x0F 0x94 /r"/"M"

2
inc/version.h
Unescape View File

@ -7,6 +7,6 @@
#define DISASM_VERSION_MAJOR 1
#define DISASM_VERSION_MINOR 25
#define DISASM_VERSION_REVISION 0
#define DISASM_VERSION_REVISION 1
#endif // _DISASM_VER_H_

5
isagenerator/disasmlib.py
Unescape View File

@ -270,13 +270,14 @@ valid_impops = {# register size
'X87STATUS': ('X87STATUS', 'w'), # X87 status register.
'MXCSR' : ('MXCSR', 'd'), # MXCSR register.
'PKRU' : ('PKRU', 'd'), # PKRU register.
'SSP' : ('SSP', 'y'), # Shadow stack pointer.
'SSP' : ('SSP', 'yf'), # Shadow stack pointer.
# Implicit memory operands.
'pBXALb' : ('pBXAL', 'b'), # Implicit [RBX + AL], as used by XLAT.
'pDIq' : ('pDI', 'q'), # Implicit qword [RDI].
'pDIdq' : ('pDI', 'dq'), # Implicit xmmword [RDI].
'SHS' : ('SHS', 'v'), # Shadow stack access, 1 word.
'SHS' : ('SHS', 'q'), # Shadow stack access, 1 qword (use by CET instructions).
'SHS1' : ('SHS', 'v'), # Shadow stack access, 1 word.
'SHS2' : ('SHS', 'v2'), # Shadow stack, 2 words.
'SHS3' : ('SHS', 'v3'), # Shadow stack, 3 words.
'SHS4' : ('SHS', 'v4'), # Shadow stack, 4 words.

12
isagenerator/instructions/table_0F.dat
Unescape View File

@ -18,7 +18,7 @@ SMSW Mw CR0 [ 0x0F 0x01 /4
SMSW Rv CR0 [ 0x0F 0x01 /4:reg] s:I286REAL, t:SYSTEM, w:W|R, m:NOSGX
LMSW Ew CR0 [ 0x0F 0x01 /6] s:I286REAL, t:SYSTEM, w:R|W, a:SERIAL, m:KERNEL
INVLPG Mb nil [ 0x0F 0x01 /7:mem] s:I486REAL, t:SYSTEM, w:R, a:AG, m:KERNEL|NOV86
RSTORSSP Mq nil [ 0xF3 0x0F 0x01 /5:mem] s:CET, t:CET, a:SHS, w:RW
RSTORSSP Mq SSP [ 0xF3 0x0F 0x01 /5:mem] s:CET, t:CET, a:SHS, w:RW|RW, f:CF=m|ZF=0|PF=0|AF=0|OF=0|SF=0
ENCLV nil EAX,RBX,RCX,RDX [ NP 0x0F 0x01 /0xC0] s:SGX, t:SGX, w:R|CRW|CRW|CRW, m:KERNEL|NOSMM|NOTSX|VMX
VMCALL nil nil [ 0x0F 0x01 /0xC1] s:VTX, t:VTX, m:VMX|NOSGX
VMLAUNCH nil Fv [ 0x0F 0x01 /0xC2] s:VTX, t:VTX, w:W, f:VMX, m:VMXROOT
@ -39,7 +39,7 @@ ENCLU nil EAX,RBX,RCX,RDX [ NP 0x0F 0x01 /0
SERIALIZE nil nil [ NP 0x0F 0x01 /0xE8] s:SERIALIZE, t:MISC
XSUSLDTRK nil nil [ 0xF2 0x0F 0x01 /0xE8] s:TSXLDTRK, t:MISC
XRESLDTRK nil nil [ 0xF2 0x0F 0x01 /0xE9] s:TSXLDTRK, t:MISC
SAVEPREVSSP nil SHS,SSP [ 0xF3 0x0F 0x01 /0xEA] s:CET, t:CET, w:W|RW
SAVEPREVSSP nil SHS,SSP [ 0xF3 0x0F 0x01 /0xEA] s:CET, t:CET, w:W|RW, f:CF=t
RDPKRU nil EDX,EAX,ECX,PKRU [ NP 0x0F 0x01 /0xEE] s:PKU, t:MISC, w:W|W|R|R
WRPKRU nil EDX,EAX,ECX,PKRU [ NP 0x0F 0x01 /0xEF] s:PKU, t:MISC, w:R|R|R|W
SWAPGS nil GSBASE,KGSBASE [ 0x0F 0x01 /0xF8] s:LONGMODE, t:SYSTEM, w:RW|RW, m:KERNEL|O64
@ -59,7 +59,7 @@ STGI nil nil [ 0x0F 0x01 /0
CLGI nil nil [ 0x0F 0x01 /0xDD] s:SVM, t:SYSTEM, m:VMXROOT
SKINIT nil EAX [ 0x0F 0x01 /0xDE] s:SVM, t:SYSTEM, w:R, m:VMXROOT
INVLPGA nil rAX,ECX [ 0x0F 0x01 /0xDF] s:SVM, t:SYSTEM, w:R|R, m:VMXROOT
SETSSBSY nil nil [ 0xF3 0x0F 0x01 /0xE8] s:CET, t:CET, a:SHS
SETSSBSY nil SHS,SSP [ 0xF3 0x0F 0x01 /0xE8] s:CET, t:CET, a:SHS, w:RW|RW
INVLPGB nil rAX,ECX,EDX [ 0x0F 0x01 /0xFE] s:INVLPGB, t:SYSTEM, w:R|R|R, m:NOREAL|KERNEL
RMPADJUST nil RAX,RCX,RDX,Fv [ 0xF3 0x0F 0x01 /0xFE] s:SNP, t:SYSTEM, w:RW|R|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
RMPUPDATE nil RAX,RCX,Fv [ 0xF2 0x0F 0x01 /0xFE] s:SNP, t:SYSTEM, w:RW|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
@ -475,7 +475,7 @@ XRSTOR64 M? EDX,EAX,XCR0,BANK [ rexw NP 0x0F 0xAE /5
XSAVEOPT M? EDX,EAX,XCR0,BANK [ NP 0x0F 0xAE /6:mem] s:XSAVE, t:XSAVE, c:XSAVEOPT, w:W|R|R|R|R
XSAVEOPT64 M? EDX,EAX,XCR0,BANK [ rexw NP 0x0F 0xAE /6:mem] s:XSAVE, t:XSAVE, c:XSAVEOPT, w:W|R|R|R|R
CLWB Mcl nil [ 0x66 0x0F 0xAE /6:mem] s:CLWB, t:MISC, w:W
CLRSSBSY Mq nil [ 0xF3 0x0F 0xAE /6:mem] s:CET, t:CET, a:SHS, w:RW
CLRSSBSY Mq SSP [ 0xF3 0x0F 0xAE /6:mem] s:CET, t:CET, a:SHS, w:RW|RW, f:CF=m|ZF=0|PF=0|AF=0|OF=0|SF=0
CLFLUSH Mcl nil [ NP 0x0F 0xAE /7:mem] s:CLFSH, t:MISC, w:R
CLFLUSHOPT Mcl nil [ 0x66 0x0F 0xAE /7:mem] s:CLFSHOPT, t:MISC, w:R
@ -485,8 +485,8 @@ RDFSBASE Ry FSBASE [ o64 0xF3 0x0F 0xAE /0
RDGSBASE Ry GSBASE [ o64 0xF3 0x0F 0xAE /1:reg] s:RDWRFSGS, t:RDWRFSGS, w:W|R, m:O64
WRFSBASE Ry FSBASE [ o64 0xF3 0x0F 0xAE /2:reg] s:RDWRFSGS, t:RDWRFSGS, w:R|W, m:O64
WRGSBASE Ry GSBASE [ o64 0xF3 0x0F 0xAE /3:reg] s:RDWRFSGS, t:RDWRFSGS, w:R|W, m:O64
INCSSPD Rd SHS,SSP [ 0xF3 0x0F 0xAE /5:reg] s:CET, t:CET, c:INCSSP, w:R|R|RW
INCSSPQ Rq SHS,SSP [ 0xF3 rexw 0x0F 0xAE /5:reg] s:CET, t:CET, c:INCSSP, w:R|R|RW
INCSSPD Rd SHS2,SSP [ 0xF3 0x0F 0xAE /5:reg] s:CET, t:CET, c:INCSSP, w:R|R|RW
INCSSPQ Rq SHS2,SSP [ 0xF3 rexw 0x0F 0xAE /5:reg] s:CET, t:CET, c:INCSSP, w:R|R|RW
LFENCE nil nil [ NP 0x0F 0xAE /5:reg] s:SSE2, t:MISC
UMONITOR mMb Fv [ 0xF3 0x0F 0xAE /6:reg] s:WAITPKG, t:WAITPKG, w:R|W, f:WAITPKG, m:NOTSX
UMWAIT Ry EDX,EAX [ 0xF2 0x0F 0xAE /6:reg] s:WAITPKG, t:WAITPKG, w:R|R|R, m:NOTSX

8
isagenerator/instructions/table_base.dat
Unescape View File

@ -324,8 +324,8 @@ SHL Ev,Ib Fv [ 0xC1 /4 ib] s:I86
SHR Ev,Ib Fv [ 0xC1 /5 ib] s:I86, t:SHIFT, w:RW|R|W, f:SHIFT
SAL Ev,Ib Fv [ 0xC1 /6 ib] s:I86, t:SHIFT, w:RW|R|W, f:SHIFT
SAR Ev,Ib Fv [ 0xC1 /7 ib] s:I86, t:SHIFT, w:RW|R|W, f:SHIFT
RETN Iw rIP,sSP,Kv,SHS [ 0xC2 iw] s:I86, t:RET, w:R|W|W|R|R, a:F64|OP1SEXDW, p:BND
RETN nil rIP,Kv,SHS [ 0xC3] s:I86, t:RET, w:W|R|R, a:F64, p:BND
RETN Iw rIP,sSP,Kv,SHS1 [ 0xC2 iw] s:I86, t:RET, w:R|W|W|R|R, a:F64|OP1SEXDW, p:BND
RETN nil rIP,Kv,SHS1 [ 0xC3] s:I86, t:RET, w:W|R|R, a:F64, p:BND
LES Gz,Mp ES [ 0xC4 /r:mem] s:I86, t:SEGOP, w:W|R|W, m:NO64|NOSGX
LDS Gz,Mp DS [ 0xC5 /r:mem] s:I86, t:SEGOP, w:W|R|W, m:NO64|NOSGX
MOV Eb,Ib nil [ 0xC6 /0 ib] s:I86, t:DATAXFER, w:W|R, p:XRELEASE|HLEWOL
@ -392,7 +392,7 @@ IN AL,Ib Fv [ 0xE4 ib] s:I86
IN eAX,Ib Fv [ 0xE5 ib] s:I86, t:IO, w:W|R|R, f:IO, m:NOSGX
OUT Ib,AL Fv [ 0xE6 ib] s:I86, t:IO, w:R|R|R, f:IO, a:SERIAL, m:NOSGX
OUT Ib,eAX Fv [ 0xE7 ib] s:I86, t:IO, w:R|R|R, f:IO, a:SERIAL, m:NOSGX
CALL Jz rIP,Kv,SHS [ 0xE8 cz] s:I86, t:CALL, c:CALLNR, w:R|RW|W|W, a:F64, p:BND
CALL Jz rIP,Kv,SHS1 [ 0xE8 cz] s:I86, t:CALL, c:CALLNR, w:R|RW|W|W, a:F64, p:BND
JMP Jz rIP [ 0xE9 cz] s:I86, t:UNCOND_BR, c:JMPNR, w:R|RW, a:F64, p:BND
JMPF Ap CS,rIP [ 0xEA cp] s:I86, t:UNCOND_BR, c:JMPFD, w:R|W|W, m:NO64|NOSGX
JMP Jb rIP [ 0xEB cb] s:I86, t:UNCOND_BR, c:JMPNR, w:R|RW, a:F64, p:BND
@ -438,7 +438,7 @@ INC Eb Fv [ 0xFE /0] s:I86
DEC Eb Fv [ 0xFE /1] s:I86, t:ARITH, w:RW|W, f:ARITH, p:HLE|LOCK
INC Ev Fv [ 0xFF /0] s:I86, t:ARITH, w:RW|W, f:ARITH, p:HLE|LOCK
DEC Ev Fv [ 0xFF /1] s:I86, t:ARITH, w:RW|W, f:ARITH, p:HLE|LOCK
CALL Ev rIP,Kv,SHS [ 0xFF /2] s:I86, t:CALL, c:CALLNI, w:R|W|W|W, a:F64|CETT, p:BND|DNT
CALL Ev rIP,Kv,SHS1 [ 0xFF /2] s:I86, t:CALL, c:CALLNI, w:R|W|W|W, a:F64|CETT, p:BND|DNT
CALLF Mp CS,rIP,Kv2,SHS2 [ 0xFF /3:mem] s:I86, t:CALL, c:CALLFI, w:R|W|W|W|W, a:CETT, m:NOSGX
JMP Ev rIP [ 0xFF /4] s:I86, t:UNCOND_BR, c:JMPNI, w:R|W, a:F64|CETT, p:BND|DNT
JMPF Mp CS,rIP [ 0xFF /5:mem] s:I86, t:UNCOND_BR, c:JMPFI, w:R|W|W, a:CETT, m:NOSGX

Write Preview
Loading…
Cancel
Save