Added the Shadow Stack Pointer operand to the SYSRET and SYSENTER instructions.

Regenrated CET test files, as the CPUID feature flag was split as per the last documentation into CET_SS and CET_IBT.
pull/2/head
Andrei Vlad LUTAS 4 years ago
parent 3f385cc531
commit 94d7894fa5

@ -17374,7 +17374,7 @@ const ND_INSTRUCTION gInstructions[2554] =
{
ND_INS_SYSENTER, ND_CAT_SYSCALL, ND_SET_PPRO, 761,
ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_SMM|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXO|ND_MOD_TSX,
0, 0, ND_OPS_CNT(0, 8), 0, 0, 0, 0, 0, 0, 0, ND_CFF_SEP,
0, 0, ND_OPS_CNT(0, 9), 0, 0, 0, 0, 0, 0, 0, ND_CFF_SEP,
0,
0,
0,
@ -17387,6 +17387,7 @@ const ND_INSTRUCTION gInstructions[2554] =
OP(ND_OPT_SEG_CS, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
OP(ND_OPT_RIP, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
OP(ND_OPT_F, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_RW, 0, 0),
},
// Pos:1291 Instruction:"SYSEXIT" Encoding:"0x0F 0x35"/""
@ -17409,7 +17410,7 @@ const ND_INSTRUCTION gInstructions[2554] =
{
ND_INS_SYSRET, ND_CAT_SYSRET, ND_SET_AMD, 763,
ND_MOD_R0|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXO|ND_MOD_TSX,
0, 0, ND_OPS_CNT(0, 7), 0, 0, 0, 0, 0, 0, ND_FLAG_O64, ND_CFF_FSC,
0, 0, ND_OPS_CNT(0, 8), 0, 0, 0, 0, 0, 0, ND_FLAG_O64, ND_CFF_FSC,
0,
0,
0,
@ -17421,6 +17422,7 @@ const ND_INSTRUCTION gInstructions[2554] =
OP(ND_OPT_SEG_CS, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
OP(ND_OPT_RIP, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
OP(ND_OPT_F, ND_OPS_v, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
OP(ND_OPT_SSP, ND_OPS_yf, ND_OPF_DEFAULT|ND_OPF_W, 0, 0),
},
// Pos:1293 Instruction:"T1MSKC By,Ey" Encoding:"xop m:9 0x01 /7"/"VM"

@ -80,7 +80,7 @@
Operand: 0, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 1, RegCount: 1
0000000000000011 0f180b PREFETCHT0 [rbx]
0000000000000011 0f180b PREFETCHT0 byte ptr [rbx]
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: SSE, Ins cat: PREFETCH, CET tracked: no
CPUID leaf: 0x00000001, reg: edx, bit: 25
@ -92,10 +92,10 @@
REP: no, REPcc: no, LOCK: no
HLE: no, XACQUIRE only: no, XRELEASE only: no
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: R-, Type: Memory, Size: -2, RawSize: -2, Encoding: M,
Operand: 0, Acc: R-, Type: Memory, Size: 1, RawSize: 1, Encoding: M,
Segment: 3, Base: 3,
0000000000000014 0f1813 PREFETCHT1 [rbx]
0000000000000014 0f1813 PREFETCHT1 byte ptr [rbx]
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: SSE, Ins cat: PREFETCH, CET tracked: no
CPUID leaf: 0x00000001, reg: edx, bit: 25
@ -107,10 +107,10 @@
REP: no, REPcc: no, LOCK: no
HLE: no, XACQUIRE only: no, XRELEASE only: no
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: R-, Type: Memory, Size: -2, RawSize: -2, Encoding: M,
Operand: 0, Acc: R-, Type: Memory, Size: 1, RawSize: 1, Encoding: M,
Segment: 3, Base: 3,
0000000000000017 0f181b PREFETCHT2 [rbx]
0000000000000017 0f181b PREFETCHT2 byte ptr [rbx]
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: SSE, Ins cat: PREFETCH, CET tracked: no
CPUID leaf: 0x00000001, reg: edx, bit: 25
@ -122,10 +122,10 @@
REP: no, REPcc: no, LOCK: no
HLE: no, XACQUIRE only: no, XRELEASE only: no
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: R-, Type: Memory, Size: -2, RawSize: -2, Encoding: M,
Operand: 0, Acc: R-, Type: Memory, Size: 1, RawSize: 1, Encoding: M,
Segment: 3, Base: 3,
000000000000001A 0f1803 PREFETCHNTA [rbx]
000000000000001A 0f1803 PREFETCHNTA byte ptr [rbx]
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: SSE, Ins cat: PREFETCH, CET tracked: no
CPUID leaf: 0x00000001, reg: edx, bit: 25
@ -137,7 +137,7 @@
REP: no, REPcc: no, LOCK: no
HLE: no, XACQUIRE only: no, XRELEASE only: no
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: R-, Type: Memory, Size: -2, RawSize: -2, Encoding: M,
Operand: 0, Acc: R-, Type: Memory, Size: 1, RawSize: 1, Encoding: M,
Segment: 3, Base: 3,
000000000000001D 660f42c1 CMOVC ax, cx

@ -764,6 +764,7 @@
Operand: 5, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Segment, RegSize: 4, RegId: 1, RegCount: 1
Operand: 6, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
Operand: 7, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
Operand: 8, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: SSP, RegSize: 4, RegId: 0, RegCount: 1
0000000000000076 0f35 SYSEXIT
DSIZE: 32, ASIZE: 32, VLEN: -

@ -1,6 +1,6 @@
0000000000000000 f30f0128 RSTORSSP qword ptr [eax]
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -16,7 +16,7 @@
0000000000000004 f30f01ea SAVEPREVSSP
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -32,7 +32,7 @@
0000000000000008 f30f01e8 SETSSBSY
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -48,7 +48,7 @@
000000000000000C f30f1ec8 RDSSPD eax
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -63,8 +63,8 @@
0000000000000010 f30f1efa ENDBR64
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
ISA Set: CET_IBT, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: edx, bit: 20
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
@ -76,8 +76,8 @@
0000000000000014 f30f1efb ENDBR32
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
ISA Set: CET_IBT, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: edx, bit: 20
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
@ -89,7 +89,7 @@
0000000000000018 f30fae30 CLRSSBSY qword ptr [eax]
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -105,7 +105,7 @@
000000000000001C f30faee8 INCSSPD eax
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -122,7 +122,7 @@
0000000000000020 660f38f500 WRUSSD dword ptr [eax], eax
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -138,7 +138,7 @@
0000000000000025 0f38f600 WRSSD dword ptr [eax], eax
DSIZE: 32, ASIZE: 32, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes

@ -1,6 +1,6 @@
0000000000000000 f30f0128 RSTORSSP qword ptr [rax]
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -16,7 +16,7 @@
0000000000000004 f30f01ea SAVEPREVSSP
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -32,7 +32,7 @@
0000000000000008 f30f01e8 SETSSBSY
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -48,7 +48,7 @@
000000000000000C f30f1ec8 RDSSPD eax
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -63,7 +63,7 @@
0000000000000010 f3480f1ec8 RDSSPQ rax
DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -78,8 +78,8 @@
0000000000000015 f30f1efa ENDBR64
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
ISA Set: CET_IBT, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: edx, bit: 20
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
@ -91,8 +91,8 @@
0000000000000019 f30f1efb ENDBR32
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
ISA Set: CET_IBT, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: edx, bit: 20
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
@ -104,7 +104,7 @@
000000000000001D f30fae30 CLRSSBSY qword ptr [rax]
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -120,7 +120,7 @@
0000000000000021 f30faee8 INCSSPD eax
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -137,7 +137,7 @@
0000000000000025 f3480faee8 INCSSPQ rax
DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -154,7 +154,7 @@
000000000000002A 660f38f500 WRUSSD dword ptr [rax], eax
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -170,7 +170,7 @@
000000000000002F 66480f38f500 WRUSSQ qword ptr [rax], rax
DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -186,7 +186,7 @@
0000000000000035 0f38f600 WRSSD dword ptr [rax], eax
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -202,7 +202,7 @@
0000000000000039 480f38f600 WRSSQ qword ptr [rax], rax
DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: CET, Ins cat: CET, CET tracked: no
ISA Set: CET_SS, Ins cat: CET, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 7
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes

@ -100,6 +100,7 @@
Operand: 4, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Segment, RegSize: 4, RegId: 1, RegCount: 1
Operand: 5, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
Operand: 6, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
Operand: 7, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: SSP, RegSize: 8, RegId: 0, RegCount: 1
000000000000000F f30faec0 RDFSBASE eax
DSIZE: 32, ASIZE: 64, VLEN: -

@ -74,7 +74,7 @@ LOADALL nil BANK [ 0x0F 0x05]
SYSCALL nil STAR,LSTAR,FMASK,SS,RCX,R11,CS,rIP,Fv,SSP [ o64 0x0F 0x05] s:AMD, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW|RW, a:F64, i:FSC, m:O64|NOSGX
CLTS nil CR0 [ 0x0F 0x06] s:I286REAL, t:SYSTEM, w:W, m:KERNEL|NOV86
LOADALLD nil BANK [ 0x0F 0x07] s:I486REAL, t:UNDOC, w:R
SYSRET nil STAR,SS,rCX,R11,CS,rIP,Fv [ o64 0x0F 0x07] s:AMD, t:SYSRET, w:R|W|R|R|W|W|W, i:FSC, m:KERNEL|O64
SYSRET nil STAR,SS,rCX,R11,CS,rIP,Fv,SSP [ o64 0x0F 0x07] s:AMD, t:SYSRET, w:R|W|R|R|W|W|W|W, i:FSC, m:KERNEL|O64
INVD nil nil [ 0x0F 0x08] s:I486REAL, t:SYSTEM, a:SERIAL, m:KERNEL|NOV86
WBINVD nil nil [ NP 0x0F 0x09] s:I486REAL, t:SYSTEM, a:SERIAL, m:KERNEL|NOV86
WBNOINVD nil nil [ 0xF3 0x0F 0x09] s:WBNOINVD, t:WBNOINVD, m:KERNEL|NOV86
@ -229,8 +229,8 @@ WRMSR nil EAX,EDX,ECX,MSR [ 0x0F 0x30]
RDTSC nil EAX,EDX,TSC [ 0x0F 0x31] s:PENTIUMREAL, t:SYSTEM, w:W|W|R
RDMSR nil EAX,EDX,ECX,MSR [ 0x0F 0x32] s:PENTIUMREAL, t:SYSTEM, w:W|W|R|R, m:KERNEL|NOV86, i:MSR
RDPMC nil EAX,EDX,ECX,MSR [ 0x0F 0x33] s:RDPMC, t:SYSTEM, w:W|W|R|R, m:NOSGX
SYSENTER nil SCS,SESP,SEIP,SS,sSP,CS,rIP,Fv [ 0x0F 0x34] s:PPRO, t:SYSCALL, w:R|R|R|W|W|W|W|W, i:SEP, f:IF=0, m:NOREAL|NOSGX
SYSEXIT nil SS,sSP,CS,rIP,SSP [ 0x0F 0x35] s:PPRO, t:SYSRET, w:W|W|W|W|W, a:F64, i:SEP, m:KERNEL|NOREAL
SYSENTER nil SCS,SESP,SEIP,SS,sSP,CS,rIP,Fv,SSP [ 0x0F 0x34] s:PPRO, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW, i:SEP, f:IF=0, m:NOREAL|NOSGX
SYSEXIT nil SS,sSP,CS,rIP,SSP [ 0x0F 0x35] s:PPRO, t:SYSRET, w:W|W|W|W|W|W, a:F64, i:SEP, m:KERNEL|NOREAL
RDSHR Ed nil [ cyrix 0x0F 0x36 /r] s:CYRIX, t:SYSTEM, w:R
GETSEC nil EAX,EBX [ NP 0x0F 0x37] s:SMX, t:SYSTEM, w:RCW|R, m:KERNEL|NOREAL|NOSGX
WRSHR Ed nil [ cyrix 0x0F 0x37 /r] s:CYRIX, t:SYSTEM, w:W

Loading…
Cancel
Save