break;
case PROTECTED:
case PROTECTED_PAE:
- case LONG_32_COMPAT:
if (state->mmode != XED_MACHINE_MODE_LEGACY_32) {
xed_state_init(state,
XED_MACHINE_MODE_LEGACY_32,
XED_ADDRESS_WIDTH_32b);
}
break;
+ case LONG_32_COMPAT:
+ if (state->mmode != XED_MACHINE_MODE_LONG_COMPAT_32) {
+ xed_state_init(state,
+ XED_MACHINE_MODE_LONG_COMPAT_32,
+ XED_ADDRESS_WIDTH_32b,
+ XED_ADDRESS_WIDTH_32b);
+ }
+ break;
case LONG:
- if (state->mmode != XED_MACHINE_MODE_LONG_64) {
- state->mmode = XED_MACHINE_MODE_LONG_64;
+ if (state->mmode != XED_MACHINE_MODE_LONG_64) {
+ PrintDebug("Setting decoder to long mode\n");
+ // state->mmode = XED_MACHINE_MODE_LONG_64;
+ //xed_state_set_machine_mode(state, XED_MACHINE_MODE_LONG_64);
+ xed_state_init(state,
+ XED_MACHINE_MODE_LONG_64,
+ XED_ADDRESS_WIDTH_64b,
+ XED_ADDRESS_WIDTH_64b);
}
break;
default:
xed_state_t * decoder_state = (xed_state_t *)V3_Malloc(sizeof(xed_state_t));
xed_state_zero(decoder_state);
+ xed_state_init(decoder_state,
+ XED_MACHINE_MODE_LEGACY_32,
+ XED_ADDRESS_WIDTH_32b,
+ XED_ADDRESS_WIDTH_32b);
info->decoder_state = decoder_state;
ullong_t displacement;
// struct v3_segment * seg_reg;
-
-
+ PrintDebug("Xen mode = %s\n", xed_machine_mode_enum_t2str(xed_state_get_machine_mode(info->decoder_state)));
+ PrintDebug("Address width: %s\n",
+ xed_address_width_enum_t2str(xed_state_get_address_width(info->decoder_state)));
+ PrintDebug("Stack Address width: %s\n",
+ xed_address_width_enum_t2str(xed_state_get_stack_address_width(info->decoder_state)));
memset((void*)&mem_op, '\0', sizeof(struct memory_operand));
base = MASK(mem_op.base, mem_op.base_size);
index = MASK(mem_op.index, mem_op.index_size);
scale = mem_op.scale;
- displacement = MASK(mem_op.displacement, mem_op.displacement_size);
+ // displacement = MASK(mem_op.displacement, mem_op.displacement_size);
+ displacement = mem_op.displacement;
PrintDebug("Seg=%p, base=%p, index=%p, scale=%p, displacement=%p\n",
(void *)seg, (void *)base, (void *)index, (void *)scale, (void *)(addr_t)displacement);
static int xed_reg_to_v3_reg(struct guest_info * info, xed_reg_enum_t xed_reg, addr_t * v3_reg, uint_t * reg_len) {
+ PrintDebug("Xed Register: %s\n", xed_reg_enum_t2str(xed_reg));
+
switch (xed_reg) {
case XED_REG_INVALID:
*v3_reg = 0;
return GPR_REGISTER;
+
+
+
+ case XED_REG_R8:
+ *v3_reg = (addr_t)&(info->vm_regs.r8);
+ *reg_len = 8;
+ return GPR_REGISTER;
+ case XED_REG_R8D:
+ *v3_reg = (addr_t)&(info->vm_regs.r8);
+ *reg_len = 4;
+ return GPR_REGISTER;
+ case XED_REG_R8W:
+ *v3_reg = (addr_t)&(info->vm_regs.r8);
+ *reg_len = 2;
+ return GPR_REGISTER;
+ case XED_REG_R8B:
+ *v3_reg = (addr_t)&(info->vm_regs.r8);
+ *reg_len = 1;
+ return GPR_REGISTER;
+
+ case XED_REG_R9:
+ *v3_reg = (addr_t)&(info->vm_regs.r9);
+ *reg_len = 8;
+ return GPR_REGISTER;
+ case XED_REG_R9D:
+ *v3_reg = (addr_t)&(info->vm_regs.r9);
+ *reg_len = 4;
+ return GPR_REGISTER;
+ case XED_REG_R9W:
+ *v3_reg = (addr_t)&(info->vm_regs.r9);
+ *reg_len = 2;
+ return GPR_REGISTER;
+ case XED_REG_R9B:
+ *v3_reg = (addr_t)&(info->vm_regs.r9);
+ *reg_len = 1;
+ return GPR_REGISTER;
+
+ case XED_REG_R10:
+ *v3_reg = (addr_t)&(info->vm_regs.r10);
+ *reg_len = 8;
+ return GPR_REGISTER;
+ case XED_REG_R10D:
+ *v3_reg = (addr_t)&(info->vm_regs.r10);
+ *reg_len = 4;
+ return GPR_REGISTER;
+ case XED_REG_R10W:
+ *v3_reg = (addr_t)&(info->vm_regs.r10);
+ *reg_len = 2;
+ return GPR_REGISTER;
+ case XED_REG_R10B:
+ *v3_reg = (addr_t)&(info->vm_regs.r10);
+ *reg_len = 1;
+ return GPR_REGISTER;
+
+ case XED_REG_R11:
+ *v3_reg = (addr_t)&(info->vm_regs.r11);
+ *reg_len = 8;
+ return GPR_REGISTER;
+ case XED_REG_R11D:
+ *v3_reg = (addr_t)&(info->vm_regs.r11);
+ *reg_len = 4;
+ return GPR_REGISTER;
+ case XED_REG_R11W:
+ *v3_reg = (addr_t)&(info->vm_regs.r11);
+ *reg_len = 2;
+ return GPR_REGISTER;
+ case XED_REG_R11B:
+ *v3_reg = (addr_t)&(info->vm_regs.r11);
+ *reg_len = 1;
+ return GPR_REGISTER;
+
+ case XED_REG_R12:
+ *v3_reg = (addr_t)&(info->vm_regs.r12);
+ *reg_len = 8;
+ return GPR_REGISTER;
+ case XED_REG_R12D:
+ *v3_reg = (addr_t)&(info->vm_regs.r12);
+ *reg_len = 4;
+ return GPR_REGISTER;
+ case XED_REG_R12W:
+ *v3_reg = (addr_t)&(info->vm_regs.r12);
+ *reg_len = 2;
+ return GPR_REGISTER;
+ case XED_REG_R12B:
+ *v3_reg = (addr_t)&(info->vm_regs.r12);
+ *reg_len = 1;
+ return GPR_REGISTER;
+
+ case XED_REG_R13:
+ *v3_reg = (addr_t)&(info->vm_regs.r13);
+ *reg_len = 8;
+ return GPR_REGISTER;
+ case XED_REG_R13D:
+ *v3_reg = (addr_t)&(info->vm_regs.r13);
+ *reg_len = 4;
+ return GPR_REGISTER;
+ case XED_REG_R13W:
+ *v3_reg = (addr_t)&(info->vm_regs.r13);
+ *reg_len = 2;
+ return GPR_REGISTER;
+ case XED_REG_R13B:
+ *v3_reg = (addr_t)&(info->vm_regs.r13);
+ *reg_len = 1;
+ return GPR_REGISTER;
+
+ case XED_REG_R14:
+ *v3_reg = (addr_t)&(info->vm_regs.r14);
+ *reg_len = 8;
+ return GPR_REGISTER;
+ case XED_REG_R14D:
+ *v3_reg = (addr_t)&(info->vm_regs.r14);
+ *reg_len = 4;
+ return GPR_REGISTER;
+ case XED_REG_R14W:
+ *v3_reg = (addr_t)&(info->vm_regs.r14);
+ *reg_len = 2;
+ return GPR_REGISTER;
+ case XED_REG_R14B:
+ *v3_reg = (addr_t)&(info->vm_regs.r14);
+ *reg_len = 1;
+ return GPR_REGISTER;
+
+ case XED_REG_R15:
+ *v3_reg = (addr_t)&(info->vm_regs.r15);
+ *reg_len = 8;
+ return GPR_REGISTER;
+ case XED_REG_R15D:
+ *v3_reg = (addr_t)&(info->vm_regs.r15);
+ *reg_len = 4;
+ return GPR_REGISTER;
+ case XED_REG_R15W:
+ *v3_reg = (addr_t)&(info->vm_regs.r15);
+ *reg_len = 2;
+ return GPR_REGISTER;
+ case XED_REG_R15B:
+ *v3_reg = (addr_t)&(info->vm_regs.r15);
+ *reg_len = 1;
+ return GPR_REGISTER;
+
+
/*
* CTRL REGS
*/
- case XED_REG_R8:
- case XED_REG_R8D:
- case XED_REG_R8W:
- case XED_REG_R8B:
-
- case XED_REG_R9:
- case XED_REG_R9D:
- case XED_REG_R9W:
- case XED_REG_R9B:
-
- case XED_REG_R10:
- case XED_REG_R10D:
- case XED_REG_R10W:
- case XED_REG_R10B:
-
- case XED_REG_R11:
- case XED_REG_R11D:
- case XED_REG_R11W:
- case XED_REG_R11B:
-
- case XED_REG_R12:
- case XED_REG_R12D:
- case XED_REG_R12W:
- case XED_REG_R12B:
-
- case XED_REG_R13:
- case XED_REG_R13D:
- case XED_REG_R13W:
- case XED_REG_R13B:
-
- case XED_REG_R14:
- case XED_REG_R14D:
- case XED_REG_R14W:
- case XED_REG_R14B:
- case XED_REG_R15:
- case XED_REG_R15D:
- case XED_REG_R15W:
- case XED_REG_R15B:
case XED_REG_XMM0:
case XED_REG_XMM1:
/* Data Instructions */
+ // Write
case XED_IFORM_ADC_MEMv_GPRv:
case XED_IFORM_ADC_MEMv_IMM:
case XED_IFORM_ADC_MEMb_GPR8:
case XED_IFORM_ADC_MEMb_IMM:
+ // Read
+ case XED_IFORM_ADC_GPRv_MEMv:
+ case XED_IFORM_ADC_GPR8_MEMb:
return V3_OP_ADC;
+ // Write
case XED_IFORM_ADD_MEMv_GPRv:
case XED_IFORM_ADD_MEMb_IMM:
case XED_IFORM_ADD_MEMb_GPR8:
case XED_IFORM_ADD_MEMv_IMM:
+ // Read
+ case XED_IFORM_ADD_GPRv_MEMv:
+ case XED_IFORM_ADD_GPR8_MEMb:
return V3_OP_ADD;
+ // Write
case XED_IFORM_AND_MEMv_IMM:
case XED_IFORM_AND_MEMb_GPR8:
case XED_IFORM_AND_MEMv_GPRv:
case XED_IFORM_AND_MEMb_IMM:
+ // Read
+ case XED_IFORM_AND_GPR8_MEMb:
+ case XED_IFORM_AND_GPRv_MEMv:
return V3_OP_AND;
+ // Write
case XED_IFORM_SUB_MEMv_IMM:
case XED_IFORM_SUB_MEMb_GPR8:
case XED_IFORM_SUB_MEMb_IMM:
case XED_IFORM_SUB_MEMv_GPRv:
+ // Read
+ case XED_IFORM_SUB_GPR8_MEMb:
+ case XED_IFORM_SUB_GPRv_MEMv:
return V3_OP_SUB;
+ // Write
case XED_IFORM_MOV_MEMv_GPRv:
case XED_IFORM_MOV_MEMb_GPR8:
case XED_IFORM_MOV_MEMb_AL:
case XED_IFORM_MOV_MEMv_IMM:
case XED_IFORM_MOV_MEMb_IMM:
+ // Read
+ case XED_IFORM_MOV_GPRv_MEMv:
+ case XED_IFORM_MOV_GPR8_MEMb:
+ case XED_IFORM_MOV_AL_MEMb:
return V3_OP_MOV;
+
+ // Read
+ case XED_IFORM_MOVZX_GPRv_MEMb:
+ case XED_IFORM_MOVZX_GPRv_MEMw:
+ return V3_OP_MOVZX;
+
+ // Read
+ case XED_IFORM_MOVSX_GPRv_MEMb:
+ case XED_IFORM_MOVSX_GPRv_MEMw:
+ return V3_OP_MOVSX;
+
+
case XED_IFORM_DEC_MEMv:
case XED_IFORM_DEC_MEMb:
return V3_OP_DEC;
case XED_IFORM_INC_MEMv:
return V3_OP_INC;
+ // Write
case XED_IFORM_OR_MEMv_IMM:
case XED_IFORM_OR_MEMb_IMM:
case XED_IFORM_OR_MEMv_GPRv:
case XED_IFORM_OR_MEMb_GPR8:
+ // Read
+ case XED_IFORM_OR_GPRv_MEMv:
+ case XED_IFORM_OR_GPR8_MEMb:
return V3_OP_OR;
+ // Write
case XED_IFORM_XOR_MEMv_GPRv:
case XED_IFORM_XOR_MEMb_IMM:
case XED_IFORM_XOR_MEMb_GPR8:
case XED_IFORM_XOR_MEMv_IMM:
+ // Read
+ case XED_IFORM_XOR_GPRv_MEMv:
+ case XED_IFORM_XOR_GPR8_MEMb:
return V3_OP_XOR;
case XED_IFORM_NEG_MEMb:
