yuzu/unicorn
1
0
Fork 0
mirror of https://github.com/yuzu-emu/unicorn.git synced 2025-07-20 01:19:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/unicorn-engine/unicorn

Browse source
This commit is contained in:
Nguyen Anh Quynh 2016-02-11 17:53:57 +08:00
parent 5719481e3f 1768408637
commit c7a97ac0be
16 changed files with 779 additions and 76 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CREDITS.TXT
View file

@ -54,3 +54,4 @@ Nguyen Tan Cong
Loi Anh Tuan Loi Anh Tuan
Shaun Wheelhouse: Homebrew package Shaun Wheelhouse: Homebrew package
Kamil Rytarowski: Pkgsrc package Kamil Rytarowski: Pkgsrc package
Zak Escano: MSVC binding

6
bindings/dotnet/UnicornManaged/Const/X86.fs
View file

@ -251,7 +251,11 @@ module X86 =
let UC_X86_REG_R13W = 239 let UC_X86_REG_R13W = 239
let UC_X86_REG_R14W = 240 let UC_X86_REG_R14W = 240
let UC_X86_REG_R15W = 241 let UC_X86_REG_R15W = 241
let UC_X86_REG_ENDING = 242 let UC_X86_REG_IDTR = 242
let UC_X86_REG_GDTR = 243
let UC_X86_REG_LDTR = 244
let UC_X86_REG_TR = 245
let UC_X86_REG_ENDING = 246
// X86 instructions // X86 instructions

6
bindings/go/unicorn/x86_const.go
View file

@ -246,7 +246,11 @@ const (
X86_REG_R13W = 239 X86_REG_R13W = 239
X86_REG_R14W = 240 X86_REG_R14W = 240
X86_REG_R15W = 241 X86_REG_R15W = 241
X86_REG_ENDING = 242 X86_REG_IDTR = 242
X86_REG_GDTR = 243
X86_REG_LDTR = 244
X86_REG_TR = 245
X86_REG_ENDING = 246
// X86 instructions // X86 instructions

77
bindings/java/samples/Sample_x86_mmr.java Normal file
View file

@ -0,0 +1,77 @@
/*
Java bindings for the Unicorn Emulator Engine
Copyright(c) 2016 Chris Eagle
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/* Sample code to demonstrate how to register read/write API */
import unicorn.*;
public class Sample_x86_mmr {
static void test_x86_mmr() {
// Initialize emulator in X86-32bit mode
Unicorn uc;
try {
uc = new Unicorn(Unicorn.UC_ARCH_X86, Unicorn.UC_MODE_32);
} catch (UnicornException uex) {
System.out.println("Failed on uc_open() with error returned: " + uex);
return;
}
// map 4k
uc.mem_map(ADDRESS, 0x1000, Unicorn.UC_PROT_ALL);
X86_MMR ldtr1 = new X86_MMR(0x1111111122222222L, 0x33333333, 0x44444444, (short)0x5555);
X86_MMR ldtr2;
X86_MMR gdtr1 = new X86_MMR(0x6666666677777777L, 0x88888888, 0x99999999, (short)0xaaaa);
X86_MMR gdtr2, gdtr3, gdtr4;
int eax;
// initialize machine registers
uc.reg_write(Unicorn.UC_X86_REG_LDTR, ldtr1);
uc.reg_write(Unicorn.UC_X86_REG_GDTR, gdtr1);
uc.reg_write(Unicorn.UC_X86_REG_EAX, new Long(0xdddddddd));
// read the registers back out
eax = (int)((Long)uc.reg_read(Unicorn.UC_X86_REG_EAX)).longValue();
ldtr2 = (X86_MMR)uc.reg_read(Unicorn.UC_X86_REG_LDTR);
gdtr2 = (X86_MMR)uc.reg_read(Unicorn.UC_X86_REG_GDTR);
System.out.printf(">>> EAX = 0x%x\n", eax);
System.out.printf(">>> LDTR.base = 0x%x\n", ldtr2.base);
System.out.printf(">>> LDTR.limit = 0x%x\n", ldtr2.limit);
System.out.printf(">>> LDTR.flags = 0x%x\n", ldtr2.flags);
System.out.printf(">>> LDTR.selector = 0x%x\n\n", ldtr2.selector);
System.out.printf(">>> GDTR.base = 0x%x\n", gdtr2.base);
System.out.printf(">>> GDTR.limit = 0x%x\n", gdtr2.limit);
uc.close();
}
public static void main(String args[])
{
test_x86_mmr();
}
}

37
bindings/java/unicorn/MemRegion.java Normal file
View file

@ -0,0 +1,37 @@
/*
Java bindings for the Unicorn Emulator Engine
Copyright(c) 2016 Chris Eagle
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
package unicorn;
public class MemRegion {
public long begin;
public long end;
public int perms;
public MemRegion(long begin, long end, int perms) {
this.begin = begin;
this.end = end;
this.perms = perms;
}
}

124
bindings/java/unicorn/Unicorn.java
View file

@ -26,6 +26,8 @@ import java.util.*;
public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, SparcConst, MipsConst, X86Const { public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, SparcConst, MipsConst, X86Const {
private long eng; private long eng;
private int arch;
private int mode;
private long blockHandle = 0; private long blockHandle = 0;
private long interruptHandle = 0; private long interruptHandle = 0;
@ -275,6 +277,38 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S
} }
} }
/**
* Write to register.
*
* @param regid Register ID that is to be modified.
* @param value Number containing the new register value
*/
private native void reg_write_num(int regid, Number value) throws UnicornException;
/**
* Write to register.
*
* @param regid Register ID that is to be modified.
* @param value X86 specific memory management register containing the new register value
*/
private native void reg_write_mmr(int regid, X86_MMR value) throws UnicornException;
/**
* Read register value.
*
* @param regid Register ID that is to be retrieved.
* @return Number containing the requested register value.
*/
private native Number reg_read_num(int regid) throws UnicornException;
/**
* Read register value.
*
* @param regid Register ID that is to be retrieved.
* @return X86_MMR containing the requested register value.
*/
private native Number reg_read_mmr(int regid) throws UnicornException;
/** /**
* Native access to uc_open * Native access to uc_open
* *
@ -288,10 +322,13 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S
* *
* @param arch Architecture type (UC_ARCH_*) * @param arch Architecture type (UC_ARCH_*)
* @param mode Hardware mode. This is combined of UC_MODE_* * @param mode Hardware mode. This is combined of UC_MODE_*
* @see unicorn.UnicornArchs, unicorn.UnicornModes * @see unicorn.UnicornConst
* *
*/ */
public Unicorn(int arch, int mode) throws UnicornException { public Unicorn(int arch, int mode) throws UnicornException {
//remember these in case we need arch specific code
this.arch = arch;
this.mode = mode;
eng = open(arch, mode); eng = open(arch, mode);
unicorns.put(eng, this); unicorns.put(eng, this);
allLists.add(blockList); allLists.add(blockList);
@ -327,7 +364,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S
* *
* @param arch Architecture type (UC_ARCH_*) * @param arch Architecture type (UC_ARCH_*)
* @return true if this library supports the given arch. * @return true if this library supports the given arch.
* @see unicorn.UnicornArchs * @see unicorn.UnicornConst
*/ */
public native static boolean arch_supported(int arch); public native static boolean arch_supported(int arch);
@ -337,12 +374,23 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S
*/ */
public native void close() throws UnicornException; public native void close() throws UnicornException;
/**
* Query internal status of engine.
*
* @param type query type. See UC_QUERY_*
* @param result save the internal status queried
*
* @return: error code. see UC_ERR_*
* @see unicorn.UnicornConst
*/
public native int query(int type) throws UnicornException;
/** /**
* Report the last error number when some API function fail. * Report the last error number when some API function fail.
* Like glibc's errno, uc_errno might not retain its old value once accessed. * Like glibc's errno, uc_errno might not retain its old value once accessed.
* *
* @return Error code of uc_err enum type (UC_ERR_*, see above) * @return Error code of uc_err enum type (UC_ERR_*, see above)
* @see unicorn.UnicornErrors * @see unicorn.UnicornConst
*/ */
public native int errno(); public native int errno();
@ -351,26 +399,67 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S
* *
* @param code Error code (see UC_ERR_* above) * @param code Error code (see UC_ERR_* above)
* @return Returns a String that describes the error code * @return Returns a String that describes the error code
* @see unicorn.UnicornErrors * @see unicorn.UnicornConst
*/ */
public native static String strerror(int code); public native static String strerror(int code);
/** /**
* Write to register. * Write to register.
* *
* @deprecated use reg_write(int regid, Object value) instead
* @param regid Register ID that is to be modified. * @param regid Register ID that is to be modified.
* @param value Array containing value that will be written into register @regid * @param value Array containing value that will be written into register @regid
*/ */
@Deprecated
public native void reg_write(int regid, byte[] value) throws UnicornException; public native void reg_write(int regid, byte[] value) throws UnicornException;
/**
* Write to register.
*
* @param regid Register ID that is to be modified.
* @param value Object containing the new register value. Long, BigInteger, or
* other custom class used to represent register values
*/
public void reg_write(int regid, Object value) throws UnicornException {
if (value instanceof Number) {
reg_write_num(regid, (Number)value);
}
else if (arch == UC_ARCH_X86 && value instanceof X86_MMR) {
if (regid >= UC_X86_REG_IDTR && regid <= UC_X86_REG_TR) {
reg_write_mmr(regid, (X86_MMR)value);
}
}
else {
throw new ClassCastException("Invalid value type");
}
}
/**
* Read register value.
*
* @deprecated use Object reg_write(int regid) instead
* @param regid Register ID that is to be retrieved.
* @param regsz Size of the register being retrieved.
* @return Byte array containing the requested register value.
*/
@Deprecated
public native byte[] reg_read(int regid, int regsz) throws UnicornException;
/** /**
* Read register value. * Read register value.
* *
* @param regid Register ID that is to be retrieved. * @param regid Register ID that is to be retrieved.
* @param regsz Size of the register being retrieved. * @return Object containing the requested register value. Long, BigInteger, or
* @return Byte array containing the requested register value. * other custom class used to represent register values
*/ */
public native byte[] reg_read(int regid, int regsz) throws UnicornException; public Object reg_read(int regid) throws UnicornException {
if (arch == UC_ARCH_X86 && regid >= UC_X86_REG_IDTR && regid <= UC_X86_REG_TR) {
return reg_read_mmr(regid);
}
else {
return reg_read_num(regid);
}
}
/** /**
* Write to memory. * Write to memory.
@ -625,6 +714,19 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S
*/ */
public native void mem_map(long address, long size, int perms) throws UnicornException; public native void mem_map(long address, long size, int perms) throws UnicornException;
/**
* Map existing host memory in for emulation.
* This API adds a memory region that can be used by emulation.
*
* @param address Base address of the memory range
* @param size Size of the memory block.
* @param perms Permissions on the memory block. A combination of UC_PROT_READ, UC_PROT_WRITE, UC_PROT_EXEC
* @param ptr Block of host memory backing the newly mapped memory. This block is
* expected to be an equal or larger size than provided, and be mapped with at
* least PROT_READ | PROT_WRITE. If it is not, the resulting behavior is undefined.
*/
public native void mem_map_ptr(long address, long size, int perms, byte[] block) throws UnicornException;
/** /**
* Unmap a range of memory. * Unmap a range of memory.
* *
@ -642,5 +744,13 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S
*/ */
public native void mem_protect(long address, long size, int perms) throws UnicornException; public native void mem_protect(long address, long size, int perms) throws UnicornException;
/**
* Retrieve all memory regions mapped by mem_map() and mem_map_ptr()
* NOTE: memory regions may be split by mem_unmap()
*
* @return list of mapped regions.
*/
public native MemRegion[] mem_regions() throws UnicornException;
} }

38
bindings/java/unicorn/UnicornErrors.java
View file

@ -1,38 +0,0 @@
/*
Java bindings for the Unicorn Emulator Engine
Copyright(c) 2015 Chris Eagle
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
package unicorn;
public interface UnicornErrors {
public static final int UC_ERR_OK = 0; // No error: everything was fine
public static final int UC_ERR_OOM = 1; // Out-Of-Memory error: uc_open(), uc_emulate()
public static final int UC_ERR_ARCH = 2; // Unsupported architecture: uc_open()
public static final int UC_ERR_HANDLE = 3; // Invalid handle
public static final int UC_ERR_UCH = 4; // Invalid handle (uch)
public static final int UC_ERR_MODE = 5; // Invalid/unsupported mode: uc_open()
public static final int UC_ERR_VERSION = 6; // Unsupported version (bindings)
public static final int UC_ERR_MEM_READ = 7; // Quit emulation due to invalid memory READ: uc_emu_start()
public static final int UC_ERR_MEM_WRITE = 8; // Quit emulation due to invalid memory WRITE: uc_emu_start()
public static final int UC_ERR_HOOK = 9; // Invalid hook type: uc_hook_add()
public static final int UC_ERR_INSN_INVALID = 10; // Quit emulation due to invalid instruction: uc_emu_start()
public static final int UC_ERR_MAP = 11; // Invalid memory mapping: uc_mem_map()
}

6
bindings/java/unicorn/X86Const.java
View file

@ -248,7 +248,11 @@ public interface X86Const {
public static final int UC_X86_REG_R13W = 239; public static final int UC_X86_REG_R13W = 239;
public static final int UC_X86_REG_R14W = 240; public static final int UC_X86_REG_R14W = 240;
public static final int UC_X86_REG_R15W = 241; public static final int UC_X86_REG_R15W = 241;
public static final int UC_X86_REG_ENDING = 242; public static final int UC_X86_REG_IDTR = 242;
public static final int UC_X86_REG_GDTR = 243;
public static final int UC_X86_REG_LDTR = 244;
public static final int UC_X86_REG_TR = 245;
public static final int UC_X86_REG_ENDING = 246;
// X86 instructions // X86 instructions

46
bindings/java/unicorn/X86_MMR.java Normal file
View file

@ -0,0 +1,46 @@
/*
Java bindings for the Unicorn Emulator Engine
Copyright(c) 2016 Chris Eagle
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
package unicorn;
public class X86_MMR {
public long base;
public int limit;
public int flags;
public short selector;
public X86_MMR(long base, int limit, int flags, short selector) {
this.base = base;
this.limit = limit;
this.flags = flags;
this.selector = selector;
}
public X86_MMR(long base, int limit) {
this.base = base;
this.limit = limit;
selector = 0;
flags = 0;
}
}

189
bindings/java/unicorn_Unicorn.c
View file

@ -24,8 +24,8 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <unicorn/unicorn.h> #include <unicorn/unicorn.h>
#include <unicorn/x86.h>
#include "unicorn_Unicorn.h" #include "unicorn_Unicorn.h"
//cache jmethodID values as we look them up //cache jmethodID values as we look them up
@ -201,6 +201,117 @@ static uc_engine *getEngine(JNIEnv *env, jobject self) {
return (uc_engine *)(*env)->GetLongField(env, self, fid); return (uc_engine *)(*env)->GetLongField(env, self, fid);
} }
/*
* Class: unicorn_Unicorn
* Method: reg_write_num
* Signature: (ILjava/lang/Number;)V
*/
JNIEXPORT void JNICALL Java_unicorn_Unicorn_reg_1write_1num
(JNIEnv *env, jobject self, jint regid, jobject value) {
uc_engine *eng = getEngine(env, self);
jclass clz = (*env)->FindClass(env, "java/lang/Number");
if ((*env)->ExceptionCheck(env)) {
return;
}
jmethodID longValue = (*env)->GetMethodID(env, clz, "longValue", "()J");
jlong longVal = (*env)->CallLongMethod(env, value, longValue);
uc_err err = uc_reg_write(eng, regid, &longVal);
if (err != UC_ERR_OK) {
throwException(env, err);
}
}
/*
* Class: unicorn_Unicorn
* Method: reg_write_mmr
* Signature: (ILunicorn/X86_MMR;)V
*/
JNIEXPORT void JNICALL Java_unicorn_Unicorn_reg_1write_1mmr
(JNIEnv *env, jobject self, jint regid, jobject value) {
uc_engine *eng = getEngine(env, self);
uc_x86_mmr mmr;
jclass clz = (*env)->FindClass(env, "unicorn/X86_MMR");
if ((*env)->ExceptionCheck(env)) {
return;
}
jfieldID fid = (*env)->GetFieldID(env, clz, "base", "J");
mmr.base = (uint64_t)(*env)->GetLongField(env, value, fid);
fid = (*env)->GetFieldID(env, clz, "limit", "I");
mmr.limit = (uint32_t)(*env)->GetLongField(env, value, fid);
fid = (*env)->GetFieldID(env, clz, "flags", "I");
mmr.flags = (uint32_t)(*env)->GetLongField(env, value, fid);
fid = (*env)->GetFieldID(env, clz, "selector", "S");
mmr.selector = (uint16_t)(*env)->GetLongField(env, value, fid);
uc_err err = uc_reg_write(eng, regid, &mmr);
if (err != UC_ERR_OK) {
throwException(env, err);
}
}
/*
* Class: unicorn_Unicorn
* Method: reg_read_num
* Signature: (I)Ljava/lang/Number;
*/
JNIEXPORT jobject JNICALL Java_unicorn_Unicorn_reg_1read_1num
(JNIEnv *env, jobject self, jint regid) {
uc_engine *eng = getEngine(env, self);
jclass clz = (*env)->FindClass(env, "java/lang/Long");
if ((*env)->ExceptionCheck(env)) {
return NULL;
}
jlong longVal;
uc_err err = uc_reg_read(eng, regid, &longVal);
if (err != UC_ERR_OK) {
throwException(env, err);
}
jmethodID cons = (*env)->GetMethodID(env, clz, "<init>", "(J)V");
jobject result = (*env)->NewObject(env, clz, cons, longVal);
if ((*env)->ExceptionCheck(env)) {
return NULL;
}
return result;
}
/*
* Class: unicorn_Unicorn
* Method: reg_read_mmr
* Signature: (I)Ljava/lang/Number;
*/
JNIEXPORT jobject JNICALL Java_unicorn_Unicorn_reg_1read_1mmr
(JNIEnv *env, jobject self, jint regid) {
uc_engine *eng = getEngine(env, self);
jclass clz = (*env)->FindClass(env, "unicorn/X86_MMR");
if ((*env)->ExceptionCheck(env)) {
return NULL;
}
uc_x86_mmr mmr;
uc_err err = uc_reg_read(eng, regid, &mmr);
if (err != UC_ERR_OK) {
throwException(env, err);
}
jmethodID cons = (*env)->GetMethodID(env, clz, "<init>", "(JIIS)V");
jobject result = (*env)->NewObject(env, clz, cons, mmr.base, mmr.limit, mmr.flags, mmr.selector);
if ((*env)->ExceptionCheck(env)) {
return NULL;
}
return result;
}
/* /*
* Class: unicorn_Unicorn * Class: unicorn_Unicorn
* Method: open * Method: open
@ -244,7 +355,28 @@ JNIEXPORT jboolean JNICALL Java_unicorn_Unicorn_arch_1supported
JNIEXPORT void JNICALL Java_unicorn_Unicorn_close JNIEXPORT void JNICALL Java_unicorn_Unicorn_close
(JNIEnv *env, jobject self) { (JNIEnv *env, jobject self) {
uc_engine *eng = getEngine(env, self); uc_engine *eng = getEngine(env, self);
uc_close(eng); uc_err err = uc_close(eng);
if (err != UC_ERR_OK) {
throwException(env, err);
}
//We also need to ReleaseByteArrayElements for any regions that
//were mapped with uc_mem_map_ptr
}
/*
* Class: unicorn_Unicorn
* Method: query
* Signature: (I)I
*/
JNIEXPORT jint JNICALL Java_unicorn_Unicorn_query
(JNIEnv *env, jobject self, jint type) {
uc_engine *eng = getEngine(env, self);
size_t result;
uc_err err = uc_query(eng, type, &result);
if (err != UC_ERR_OK) {
throwException(env, err);
}
return (jint)result;
} }
/* /*
@ -508,6 +640,24 @@ JNIEXPORT void JNICALL Java_unicorn_Unicorn_mem_1map
} }
} }
/*
* Class: unicorn_Unicorn
* Method: mem_map_ptr
* Signature: (JJI[B)V
*/
JNIEXPORT void JNICALL Java_unicorn_Unicorn_mem_1map_1ptr
(JNIEnv *env, jobject self, jlong address, jlong size, jint perms, jbyteArray block) {
uc_engine *eng = getEngine(env, self);
jbyte *array = (*env)->GetByteArrayElements(env, block, NULL);
uc_err err = uc_mem_map_ptr(eng, (uint64_t)address, (size_t)size, (uint32_t)perms, (void*)array);
if (err != UC_ERR_OK) {
throwException(env, err);
}
//Need to track address/block/array so that we can ReleaseByteArrayElements when the
//block gets unmapped or when uc_close gets called
//(*env)->ReleaseByteArrayElements(env, block, array, JNI_ABORT);
}
/* /*
* Class: unicorn_Unicorn * Class: unicorn_Unicorn
* Method: mem_unmap * Method: mem_unmap
@ -521,6 +671,9 @@ JNIEXPORT void JNICALL Java_unicorn_Unicorn_mem_1unmap
if (err != UC_ERR_OK) { if (err != UC_ERR_OK) {
throwException(env, err); throwException(env, err);
} }
//If a region was mapped using uc_mem_map_ptr, we also need to
//ReleaseByteArrayElements for that region
} }
/* /*
@ -537,3 +690,35 @@ JNIEXPORT void JNICALL Java_unicorn_Unicorn_mem_1protect
throwException(env, err); throwException(env, err);
} }
} }
/*
* Class: unicorn_Unicorn
* Method: mem_regions
* Signature: ()[Lunicorn/MemRegion;
*/
JNIEXPORT jobjectArray JNICALL Java_unicorn_Unicorn_mem_1regions
(JNIEnv *env, jobject self) {
uc_engine *eng = getEngine(env, self);
uc_mem_region *regions = NULL;
uint32_t count = 0;
uint32_t i;
uc_err err = uc_mem_regions(eng, &regions, &count);
if (err != UC_ERR_OK) {
throwException(env, err);
}
jclass clz = (*env)->FindClass(env, "unicorn/MemRegion");
if ((*env)->ExceptionCheck(env)) {
return NULL;
}
jobjectArray result = (*env)->NewObjectArray(env, (jsize)count, clz, NULL);
jmethodID cons = (*env)->GetMethodID(env, clz, "<init>", "(JJI)V");
for (i = 0; i < count; i++) {
jobject mr = (*env)->NewObject(env, clz, cons, regions[i].begin, regions[i].end, regions[i].perms);
(*env)->SetObjectArrayElement(env, result, (jsize)i, mr);
}
free(regions);
return result;
}

10
bindings/python/unicorn/unicorn.py
View file

@ -107,6 +107,7 @@ _setup_prototype(_uc, "uc_mem_map", ucerr, uc_engine, ctypes.c_uint64, ctypes.c_
_setup_prototype(_uc, "uc_mem_map_ptr", ucerr, uc_engine, ctypes.c_uint64, ctypes.c_size_t, ctypes.c_uint32, ctypes.c_void_p) _setup_prototype(_uc, "uc_mem_map_ptr", ucerr, uc_engine, ctypes.c_uint64, ctypes.c_size_t, ctypes.c_uint32, ctypes.c_void_p)
_setup_prototype(_uc, "uc_mem_unmap", ucerr, uc_engine, ctypes.c_uint64, ctypes.c_size_t) _setup_prototype(_uc, "uc_mem_unmap", ucerr, uc_engine, ctypes.c_uint64, ctypes.c_size_t)
_setup_prototype(_uc, "uc_mem_protect", ucerr, uc_engine, ctypes.c_uint64, ctypes.c_size_t, ctypes.c_uint32) _setup_prototype(_uc, "uc_mem_protect", ucerr, uc_engine, ctypes.c_uint64, ctypes.c_size_t, ctypes.c_uint32)
_setup_prototype(_uc, "uc_query", ucerr, uc_engine, ctypes.c_uint32, ctypes.POINTER(ctypes.c_size_t))
# uc_hook_add is special due to variable number of arguments # uc_hook_add is special due to variable number of arguments
_uc.uc_hook_add = getattr(_uc, "uc_hook_add") _uc.uc_hook_add = getattr(_uc, "uc_hook_add")
@ -262,6 +263,14 @@ class Uc(object):
if status != UC_ERR_OK: if status != UC_ERR_OK:
raise UcError(status) raise UcError(status)
# return CPU mode at runtime
def query(self, query_mode):
result = ctypes.c_size_t(0)
status = _uc.uc_query(self._uch, query_mode, ctypes.byref(result))
if status != UC_ERR_OK:
raise UcError(status)
return result.value
def _hookcode_cb(self, handle, address, size, user_data): def _hookcode_cb(self, handle, address, size, user_data):
# call user's callback with self object # call user's callback with self object
@ -381,3 +390,4 @@ def debug():
(major, minor, _combined) = uc_version() (major, minor, _combined) = uc_version()
return "python-%s-c%u.%u-b%u.%u" % (all_archs, major, minor, UC_API_MAJOR, UC_API_MINOR) return "python-%s-c%u.%u-b%u.%u" % (all_archs, major, minor, UC_API_MAJOR, UC_API_MINOR)

6
bindings/python/unicorn/x86_const.py
View file

@ -244,7 +244,11 @@ UC_X86_REG_R12W = 238
UC_X86_REG_R13W = 239 UC_X86_REG_R13W = 239
UC_X86_REG_R14W = 240 UC_X86_REG_R14W = 240
UC_X86_REG_R15W = 241 UC_X86_REG_R15W = 241
UC_X86_REG_ENDING = 242 UC_X86_REG_IDTR = 242
UC_X86_REG_GDTR = 243
UC_X86_REG_LDTR = 244
UC_X86_REG_TR = 245
UC_X86_REG_ENDING = 246
# X86 instructions # X86 instructions

10
include/unicorn/x86.h
View file

@ -8,6 +8,15 @@
extern "C" { extern "C" {
#endif #endif
// Memory-Management Register for instructions IDTR, GDTR, LDTR, TR.
// Borrow from SegmentCache in qemu/target-i386/cpu.h
typedef struct uc_x86_mmr {
uint16_t selector; /* not used by GDTR and IDTR */
uint64_t base; /* handle 32 or 64 bit CPUs */
uint32_t limit;
uint32_t flags; /* not used by GDTR and IDTR */
} uc_x86_mmr;
// Callback function for tracing SYSCALL/SYSENTER (for uc_hook_intr()) // Callback function for tracing SYSCALL/SYSENTER (for uc_hook_intr())
// @user_data: user data passed to tracing APIs. // @user_data: user data passed to tracing APIs.
typedef void (*uc_cb_insn_syscall_t)(struct uc_struct *uc, void *user_data); typedef void (*uc_cb_insn_syscall_t)(struct uc_struct *uc, void *user_data);
@ -64,6 +73,7 @@ typedef enum uc_x86_reg {
UC_X86_REG_R9D, UC_X86_REG_R10D, UC_X86_REG_R11D, UC_X86_REG_R12D, UC_X86_REG_R13D, UC_X86_REG_R9D, UC_X86_REG_R10D, UC_X86_REG_R11D, UC_X86_REG_R12D, UC_X86_REG_R13D,
UC_X86_REG_R14D, UC_X86_REG_R15D, UC_X86_REG_R8W, UC_X86_REG_R9W, UC_X86_REG_R10W, UC_X86_REG_R14D, UC_X86_REG_R15D, UC_X86_REG_R8W, UC_X86_REG_R9W, UC_X86_REG_R10W,
UC_X86_REG_R11W, UC_X86_REG_R12W, UC_X86_REG_R13W, UC_X86_REG_R14W, UC_X86_REG_R15W, UC_X86_REG_R11W, UC_X86_REG_R12W, UC_X86_REG_R13W, UC_X86_REG_R14W, UC_X86_REG_R15W,
UC_X86_REG_IDTR, UC_X86_REG_GDTR, UC_X86_REG_LDTR, UC_X86_REG_TR,
UC_X86_REG_ENDING // <-- mark the end of the list of registers UC_X86_REG_ENDING // <-- mark the end of the list of registers
} uc_x86_reg; } uc_x86_reg;

7
qemu/target-arm/unicorn_arm.c
View file

@ -116,10 +116,15 @@ static bool arm_stop_interrupt(int intno)
static uc_err arm_query(struct uc_struct *uc, uc_query_type type, size_t *result) static uc_err arm_query(struct uc_struct *uc, uc_query_type type, size_t *result)
{ {
CPUState *mycpu = first_cpu; CPUState *mycpu = first_cpu;
uint32_t mode;
switch(type) { switch(type) {
case UC_QUERY_MODE: case UC_QUERY_MODE:
*result = (ARM_CPU(uc, mycpu)->env.thumb != 0); // zero out ARM/THUMB mode
mode = uc->mode & ~(UC_MODE_ARM | UC_MODE_THUMB);
// THUMB mode or ARM MOde
mode += ((ARM_CPU(uc, mycpu)->env.thumb != 0)? UC_MODE_THUMB : UC_MODE_ARM);
*result = mode;
return UC_ERR_OK; return UC_ERR_OK;
default: default:
return UC_ERR_ARG; return UC_ERR_ARG;

129
qemu/target-i386/unicorn.c Normal file → Executable file
View file

@ -9,6 +9,7 @@
#include "tcg.h" #include "tcg.h"
#include "unicorn_common.h" #include "unicorn_common.h"
#include <unicorn/x86.h> /* needed for uc_x86_mmr */
#define READ_QWORD(x) ((uint64)x) #define READ_QWORD(x) ((uint64)x)
#define READ_DWORD(x) (x & 0xffffffff) #define READ_DWORD(x) (x & 0xffffffff)
@ -260,22 +261,42 @@ int x86_reg_read(struct uc_struct *uc, unsigned int regid, void *value)
*(int16_t *)value = READ_WORD(X86_CPU(uc, mycpu)->env.eip); *(int16_t *)value = READ_WORD(X86_CPU(uc, mycpu)->env.eip);
break; break;
case UC_X86_REG_CS: case UC_X86_REG_CS:
*(int32_t *)value = X86_CPU(uc, mycpu)->env.segs[R_CS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_CS].selector;
break; break;
case UC_X86_REG_DS: case UC_X86_REG_DS:
*(int32_t *)value = X86_CPU(uc, mycpu)->env.segs[R_DS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_DS].selector;
break; break;
case UC_X86_REG_SS: case UC_X86_REG_SS:
*(int32_t *)value = X86_CPU(uc, mycpu)->env.segs[R_SS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_SS].selector;
break; break;
case UC_X86_REG_ES: case UC_X86_REG_ES:
*(int32_t *)value = X86_CPU(uc, mycpu)->env.segs[R_ES].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_ES].selector;
break; break;
case UC_X86_REG_FS: case UC_X86_REG_FS:
*(int32_t *)value = X86_CPU(uc, mycpu)->env.segs[R_FS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_FS].selector;
break; break;
case UC_X86_REG_GS: case UC_X86_REG_GS:
*(int32_t *)value = X86_CPU(uc, mycpu)->env.segs[R_GS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_GS].selector;
break;
case UC_X86_REG_IDTR:
((uc_x86_mmr *)value)->limit = (uint16_t)X86_CPU(uc, mycpu)->env.idt.limit;
((uc_x86_mmr *)value)->base = (uint32_t)X86_CPU(uc, mycpu)->env.idt.base;
break;
case UC_X86_REG_GDTR:
((uc_x86_mmr *)value)->limit = (uint16_t)X86_CPU(uc, mycpu)->env.gdt.limit;
((uc_x86_mmr *)value)->base = (uint32_t)X86_CPU(uc, mycpu)->env.gdt.base;
break;
case UC_X86_REG_LDTR:
((uc_x86_mmr *)value)->limit = X86_CPU(uc, mycpu)->env.ldt.limit;
((uc_x86_mmr *)value)->base = (uint32_t)X86_CPU(uc, mycpu)->env.ldt.base;
((uc_x86_mmr *)value)->selector = (uint16_t)X86_CPU(uc, mycpu)->env.ldt.selector;
((uc_x86_mmr *)value)->flags = X86_CPU(uc, mycpu)->env.ldt.flags;
break;
case UC_X86_REG_TR:
((uc_x86_mmr *)value)->limit = X86_CPU(uc, mycpu)->env.tr.limit;
((uc_x86_mmr *)value)->base = (uint32_t)X86_CPU(uc, mycpu)->env.tr.base;
((uc_x86_mmr *)value)->selector = (uint16_t)X86_CPU(uc, mycpu)->env.tr.selector;
((uc_x86_mmr *)value)->flags = X86_CPU(uc, mycpu)->env.tr.flags;
break; break;
} }
break; break;
@ -412,22 +433,22 @@ int x86_reg_read(struct uc_struct *uc, unsigned int regid, void *value)
*(int16_t *)value = READ_WORD(X86_CPU(uc, mycpu)->env.eip); *(int16_t *)value = READ_WORD(X86_CPU(uc, mycpu)->env.eip);
break; break;
case UC_X86_REG_CS: case UC_X86_REG_CS:
*(int64_t *)value = X86_CPU(uc, mycpu)->env.segs[R_CS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_CS].selector;
break; break;
case UC_X86_REG_DS: case UC_X86_REG_DS:
*(int64_t *)value = X86_CPU(uc, mycpu)->env.segs[R_DS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_DS].selector;
break; break;
case UC_X86_REG_SS: case UC_X86_REG_SS:
*(int64_t *)value = X86_CPU(uc, mycpu)->env.segs[R_SS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_SS].selector;
break; break;
case UC_X86_REG_ES: case UC_X86_REG_ES:
*(int64_t *)value = X86_CPU(uc, mycpu)->env.segs[R_ES].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_ES].selector;
break; break;
case UC_X86_REG_FS: case UC_X86_REG_FS:
*(int64_t *)value = X86_CPU(uc, mycpu)->env.segs[R_FS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_FS].selector;
break; break;
case UC_X86_REG_GS: case UC_X86_REG_GS:
*(int64_t *)value = X86_CPU(uc, mycpu)->env.segs[R_GS].base; *(int16_t *)value = (uint16_t)X86_CPU(uc, mycpu)->env.segs[R_GS].selector;
break; break;
case UC_X86_REG_R8: case UC_X86_REG_R8:
*(int64_t *)value = READ_QWORD(X86_CPU(uc, mycpu)->env.regs[8]); *(int64_t *)value = READ_QWORD(X86_CPU(uc, mycpu)->env.regs[8]);
@ -525,6 +546,26 @@ int x86_reg_read(struct uc_struct *uc, unsigned int regid, void *value)
case UC_X86_REG_R15B: case UC_X86_REG_R15B:
*(int8_t *)value = READ_BYTE_L(X86_CPU(uc, mycpu)->env.regs[15]); *(int8_t *)value = READ_BYTE_L(X86_CPU(uc, mycpu)->env.regs[15]);
break; break;
case UC_X86_REG_IDTR:
((uc_x86_mmr *)value)->limit = (uint16_t)X86_CPU(uc, mycpu)->env.idt.limit;
((uc_x86_mmr *)value)->base = X86_CPU(uc, mycpu)->env.idt.base;
break;
case UC_X86_REG_GDTR:
((uc_x86_mmr *)value)->limit = (uint16_t)X86_CPU(uc, mycpu)->env.gdt.limit;
((uc_x86_mmr *)value)->base = X86_CPU(uc, mycpu)->env.gdt.base;
break;
case UC_X86_REG_LDTR:
((uc_x86_mmr *)value)->limit = X86_CPU(uc, mycpu)->env.ldt.limit;
((uc_x86_mmr *)value)->base = X86_CPU(uc, mycpu)->env.ldt.base;
((uc_x86_mmr *)value)->selector = (uint16_t)X86_CPU(uc, mycpu)->env.ldt.selector;
((uc_x86_mmr *)value)->flags = X86_CPU(uc, mycpu)->env.ldt.flags;
break;
case UC_X86_REG_TR:
((uc_x86_mmr *)value)->limit = X86_CPU(uc, mycpu)->env.tr.limit;
((uc_x86_mmr *)value)->base = X86_CPU(uc, mycpu)->env.tr.base;
((uc_x86_mmr *)value)->selector = (uint16_t)X86_CPU(uc, mycpu)->env.tr.selector;
((uc_x86_mmr *)value)->flags = X86_CPU(uc, mycpu)->env.tr.flags;
break;
} }
break; break;
#endif #endif
@ -667,22 +708,42 @@ int x86_reg_write(struct uc_struct *uc, unsigned int regid, const void *value)
uc_emu_stop(uc); uc_emu_stop(uc);
break; break;
case UC_X86_REG_CS: case UC_X86_REG_CS:
X86_CPU(uc, mycpu)->env.segs[R_CS].base = *(uint32_t *)value; X86_CPU(uc, mycpu)->env.segs[R_CS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_DS: case UC_X86_REG_DS:
X86_CPU(uc, mycpu)->env.segs[R_DS].base = *(uint32_t *)value; X86_CPU(uc, mycpu)->env.segs[R_DS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_SS: case UC_X86_REG_SS:
X86_CPU(uc, mycpu)->env.segs[R_SS].base = *(uint32_t *)value; X86_CPU(uc, mycpu)->env.segs[R_SS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_ES: case UC_X86_REG_ES:
X86_CPU(uc, mycpu)->env.segs[R_ES].base = *(uint32_t *)value; X86_CPU(uc, mycpu)->env.segs[R_ES].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_FS: case UC_X86_REG_FS:
X86_CPU(uc, mycpu)->env.segs[R_FS].base = *(uint32_t *)value; X86_CPU(uc, mycpu)->env.segs[R_FS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_GS: case UC_X86_REG_GS:
X86_CPU(uc, mycpu)->env.segs[R_GS].base = *(uint32_t *)value; X86_CPU(uc, mycpu)->env.segs[R_GS].selector = *(uint16_t *)value;
break;
case UC_X86_REG_IDTR:
X86_CPU(uc, mycpu)->env.idt.limit = (uint16_t)((uc_x86_mmr *)value)->limit;
X86_CPU(uc, mycpu)->env.idt.base = (uint32_t)((uc_x86_mmr *)value)->base;
break;
case UC_X86_REG_GDTR:
X86_CPU(uc, mycpu)->env.gdt.limit = (uint16_t)((uc_x86_mmr *)value)->limit;
X86_CPU(uc, mycpu)->env.gdt.base = (uint32_t)((uc_x86_mmr *)value)->base;
break;
case UC_X86_REG_LDTR:
X86_CPU(uc, mycpu)->env.ldt.limit = ((uc_x86_mmr *)value)->limit;
X86_CPU(uc, mycpu)->env.ldt.base = (uint32_t)((uc_x86_mmr *)value)->base;
X86_CPU(uc, mycpu)->env.ldt.selector = (uint16_t)((uc_x86_mmr *)value)->selector;
X86_CPU(uc, mycpu)->env.ldt.flags = ((uc_x86_mmr *)value)->flags;
break;
case UC_X86_REG_TR:
X86_CPU(uc, mycpu)->env.tr.limit = ((uc_x86_mmr *)value)->limit;
X86_CPU(uc, mycpu)->env.tr.base = (uint32_t)((uc_x86_mmr *)value)->base;
X86_CPU(uc, mycpu)->env.tr.selector = (uint16_t)((uc_x86_mmr *)value)->selector;
X86_CPU(uc, mycpu)->env.tr.flags = ((uc_x86_mmr *)value)->flags;
break; break;
} }
break; break;
@ -829,22 +890,22 @@ int x86_reg_write(struct uc_struct *uc, unsigned int regid, const void *value)
uc_emu_stop(uc); uc_emu_stop(uc);
break; break;
case UC_X86_REG_CS: case UC_X86_REG_CS:
X86_CPU(uc, mycpu)->env.segs[R_CS].base = *(uint64_t *)value; X86_CPU(uc, mycpu)->env.segs[R_CS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_DS: case UC_X86_REG_DS:
X86_CPU(uc, mycpu)->env.segs[R_DS].base = *(uint64_t *)value; X86_CPU(uc, mycpu)->env.segs[R_DS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_SS: case UC_X86_REG_SS:
X86_CPU(uc, mycpu)->env.segs[R_SS].base = *(uint64_t *)value; X86_CPU(uc, mycpu)->env.segs[R_SS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_ES: case UC_X86_REG_ES:
X86_CPU(uc, mycpu)->env.segs[R_ES].base = *(uint64_t *)value; X86_CPU(uc, mycpu)->env.segs[R_ES].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_FS: case UC_X86_REG_FS:
X86_CPU(uc, mycpu)->env.segs[R_FS].base = *(uint64_t *)value; X86_CPU(uc, mycpu)->env.segs[R_FS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_GS: case UC_X86_REG_GS:
X86_CPU(uc, mycpu)->env.segs[R_GS].base = *(uint64_t *)value; X86_CPU(uc, mycpu)->env.segs[R_GS].selector = *(uint16_t *)value;
break; break;
case UC_X86_REG_R8: case UC_X86_REG_R8:
X86_CPU(uc, mycpu)->env.regs[8] = *(uint64_t *)value; X86_CPU(uc, mycpu)->env.regs[8] = *(uint64_t *)value;
@ -942,6 +1003,26 @@ int x86_reg_write(struct uc_struct *uc, unsigned int regid, const void *value)
case UC_X86_REG_R15B: case UC_X86_REG_R15B:
WRITE_BYTE_L(X86_CPU(uc, mycpu)->env.regs[15], *(uint8_t *)value); WRITE_BYTE_L(X86_CPU(uc, mycpu)->env.regs[15], *(uint8_t *)value);
break; break;
case UC_X86_REG_IDTR:
X86_CPU(uc, mycpu)->env.idt.limit = (uint16_t)((uc_x86_mmr *)value)->limit;
X86_CPU(uc, mycpu)->env.idt.base = ((uc_x86_mmr *)value)->base;
break;
case UC_X86_REG_GDTR:
X86_CPU(uc, mycpu)->env.gdt.limit = (uint16_t)((uc_x86_mmr *)value)->limit;
X86_CPU(uc, mycpu)->env.gdt.base = ((uc_x86_mmr *)value)->base;
break;
case UC_X86_REG_LDTR:
X86_CPU(uc, mycpu)->env.ldt.limit = ((uc_x86_mmr *)value)->limit;
X86_CPU(uc, mycpu)->env.ldt.base = ((uc_x86_mmr *)value)->base;
X86_CPU(uc, mycpu)->env.ldt.selector = (uint16_t)((uc_x86_mmr *)value)->selector;
X86_CPU(uc, mycpu)->env.ldt.flags = ((uc_x86_mmr *)value)->flags;
break;
case UC_X86_REG_TR:
X86_CPU(uc, mycpu)->env.tr.limit = ((uc_x86_mmr *)value)->limit;
X86_CPU(uc, mycpu)->env.tr.base = ((uc_x86_mmr *)value)->base;
X86_CPU(uc, mycpu)->env.tr.selector = (uint16_t)((uc_x86_mmr *)value)->selector;
X86_CPU(uc, mycpu)->env.tr.flags = ((uc_x86_mmr *)value)->flags;
break;
} }
break; break;
#endif #endif

163
tests/unit/test_gdt_idt_x86.c Normal file
View file

@ -0,0 +1,163 @@
#include <unicorn/unicorn.h>
#include <inttypes.h>
#include <assert.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
/**
* Assert that err matches expect
*/
#define uc_assert_err(expect, err) \
do { \
uc_err __err = err; \
if (__err != expect) { \
fprintf(stderr, "%s", uc_strerror(__err)); \
exit(1); \
} \
} while (0)
/**
* Assert that err is UC_ERR_OK
*/
#define uc_assert_success(err) uc_assert_err(UC_ERR_OK, err)
/**
* Assert that err is anything but UC_ERR_OK
*
* Note: Better to use uc_assert_err(<specific error>, err),
* as this serves to document which errors a function will return
* in various scenarios.
*/
#define uc_assert_fail(err) \
do { \
uc_err __err = err; \
if (__err == UC_ERR_OK) { \
fprintf(stderr, "%s", uc_strerror(__err)); \
exit(1); \
} \
} while (0)
#define OK(x) uc_assert_success(x)
/******************************************************************************/
static void test_idt_gdt_i386(/*void **state*/)
{
uc_engine *uc;
uc_err err;
uint8_t buf[6];
uc_x86_mmr idt;
uc_x86_mmr gdt;
uc_x86_mmr ldt;
uc_x86_mmr tr;
const uint8_t code[] = "\x0f\x01\x0c\x24\x0f\x01\x44\x24\x06"; // sidt [esp]; sgdt [esp+6]
const uint64_t address = 0x1000000;
int r_esp = address + 0x1000 - 0x100; // initial esp
idt.base = 0x12345678;
idt.limit = 0xabcd;
gdt.base = 0x87654321;
gdt.limit = 0xdcba;
ldt.base = 0xfedcba98;
ldt.limit = 0x11111111;
ldt.selector = 0x3333;
ldt.flags = 0x55555555;
tr.base = 0x22222222;
tr.limit = 0x33333333;
tr.selector = 0x4444;
tr.flags = 0x66666666;
// Initialize emulator in X86-32bit mode
err = uc_open(UC_ARCH_X86, UC_MODE_32, &uc);
uc_assert_success(err);
// map 1 page memory for this emulation
err = uc_mem_map(uc, address, 0x1000, UC_PROT_ALL);
uc_assert_success(err);
// write machine code to be emulated to memory
err = uc_mem_write(uc, address, code, sizeof(code)-1);
uc_assert_success(err);
// initialize machine registers
err = uc_reg_write(uc, UC_X86_REG_ESP, &r_esp);
uc_assert_success(err);
err = uc_reg_write(uc, UC_X86_REG_IDTR, &idt);
uc_assert_success(err);
err = uc_reg_write(uc, UC_X86_REG_GDTR, &gdt);
uc_assert_success(err);
err = uc_reg_write(uc, UC_X86_REG_LDTR, &ldt);
uc_assert_success(err);
err = uc_reg_write(uc, UC_X86_REG_TR, &tr);
uc_assert_success(err);
memset(&idt, 0, sizeof(idt));
memset(&gdt, 0, sizeof(gdt));
memset(&ldt, 0, sizeof(ldt));
memset(&tr, 0, sizeof(tr));
// emulate machine code in infinite time
err = uc_emu_start(uc, address, address+sizeof(code)-1, 0, 0);
uc_assert_success(err);
uc_reg_read(uc, UC_X86_REG_IDTR, &idt);
assert(idt.base == 0x12345678);
assert(idt.limit == 0xabcd);
uc_reg_read(uc, UC_X86_REG_GDTR, &gdt);
assert(gdt.base == 0x87654321);
assert(gdt.limit == 0xdcba);
//userspace can only set ldt selector, remainder are loaded from
//GDT/LDT, but we allow all to emulator user
uc_reg_read(uc, UC_X86_REG_LDTR, &ldt);
assert(ldt.base == 0xfedcba98);
assert(ldt.limit == 0x11111111);
assert(ldt.selector == 0x3333);
assert(ldt.flags = 0x55555555);
//userspace can only set tr selector, remainder are loaded from
//GDT/LDT, but we allow all to emulator user
uc_reg_read(uc, UC_X86_REG_TR, &tr);
assert(tr.base == 0x22222222);
assert(tr.limit == 0x33333333);
assert(tr.selector == 0x4444);
assert(tr.flags = 0x66666666);
// read from memory
err = uc_mem_read(uc, r_esp, buf, 6);
uc_assert_success(err);
assert(memcmp(buf, "\xcd\xab\x78\x56\x34\x12", 6) == 0);
// read from memory
err = uc_mem_read(uc, r_esp + 6, buf, 6);
uc_assert_success(err);
assert(memcmp(buf, "\xba\xdc\x21\x43\x65\x87", 6) == 0);
uc_close(uc);
}
/******************************************************************************/
int main(void) {
/*
const struct CMUnitTest tests[] = {
cmocka_unit_test(test_idt_gdt_i386)
};
return cmocka_run_group_tests(tests, NULL, NULL);
*/
test_idt_gdt_i386();
fprintf(stderr, "success\n");
return 0;
}