2015-08-25 13:21:47 +03:00
|
|
|
/*
|
|
|
|
|
|
|
|
|
|
Java bindings for the Unicorn Emulator Engine
|
|
|
|
|
|
Rewrite the Java bindings.
This brings the Java API up to par with Python feature-wise and substantially
simplifies the hook implementation, enabling proper bounds-checked hooks.
The rewrite strives for compatibility with the previous API, but there are some
breaking changes. It is possible to push closer to full backwards compatibility
if required, at the cost of reintroducing some of the suboptimal designs. Here
are the main points of breakage:
- ReadHook and WriteHook are gone, replaced simply by MemHook. Hooking valid
memory accesses now requires a type parameter. This enables fetch and
read-after hooks with a unified API and a single callback object.
- mem_read now takes an int, not a long. We are unable to allocate more than 2GB
in a single request anyway (Java limitation).
- Instruction hooks now require specifying the instruction explicitly, instead
of guessing based on the hook type. This is necessary to distinguish
sysenter/syscall and ARM64 mrs/msr/sys/sysl, without excessively bloating the
library with redundant hook types. Bounds must also be specified, to support
bounds-checked instruction hooks.
- Reading object-type registers (any register larger than 64 bits, or registers
with special formats) requires a second argument to reg_read. This allows us
to provide a fast reg_read that returns a long for the common cases, while
still supporting a more general reg_read for other registers.
- mem_map_ptr is rewritten to take a *direct* java.nio.Buffer, which enables
many more use cases than a simple byte array, and improves performance (a
byte array cannot really be used as a mapped buffer without GC-pinning it,
which hurts the GC performance).
- Context handling API is redesigned to be safer and more object-oriented.
A lot of bugs are fixed with this implementation:
- Unicorn instances can be properly garbage-collected, instead of hanging around
forever in the Unicorn.unicorns table.
- Hooks no longer fire outside of their bounds (#1164), and in fact, hook bounds
are properly respected (previously, all hooks were just registered globally to
all addresses).
- Hooks are substantially faster, as they are now dispatched directly via a
single method call rather than being indirected through invokeCallbacks.
- Loading vector registers works now, rather than crashing the VM (#1539).
Several features are now enabled in the Java implementation:
- All of the current ctl_* calls are implemented.
- mmio_map is implemented.
- New virtual TLB mode is implemented.
- reading/writing Context registers is implemented.
- New hook types are added: TcgOpcodeHook, EdgeGeneratedHook,
InvalidInstructionHook, TlbFillHook, and the instruction hooks Arm64SysHook,
CpuidHook.
- All known special registers are supported.
2023-05-07 03:49:41 +03:00
|
|
|
Copyright(c) 2023 Robert Xiao
|
2015-08-25 13:21:47 +03:00
|
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or
|
|
|
|
|
modify it under the terms of the GNU General Public License
|
|
|
|
|
version 2 as published by the Free Software Foundation.
|
|
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
|
along with this program; if not, write to the Free Software
|
|
|
|
|
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
package unicorn;
|
|
|
|
|
|
2023-05-09 12:42:14 +03:00
|
|
|
/** Callback for {@code UC_HOOK_EDGE_GENERATED} */
|
Rewrite the Java bindings.
This brings the Java API up to par with Python feature-wise and substantially
simplifies the hook implementation, enabling proper bounds-checked hooks.
The rewrite strives for compatibility with the previous API, but there are some
breaking changes. It is possible to push closer to full backwards compatibility
if required, at the cost of reintroducing some of the suboptimal designs. Here
are the main points of breakage:
- ReadHook and WriteHook are gone, replaced simply by MemHook. Hooking valid
memory accesses now requires a type parameter. This enables fetch and
read-after hooks with a unified API and a single callback object.
- mem_read now takes an int, not a long. We are unable to allocate more than 2GB
in a single request anyway (Java limitation).
- Instruction hooks now require specifying the instruction explicitly, instead
of guessing based on the hook type. This is necessary to distinguish
sysenter/syscall and ARM64 mrs/msr/sys/sysl, without excessively bloating the
library with redundant hook types. Bounds must also be specified, to support
bounds-checked instruction hooks.
- Reading object-type registers (any register larger than 64 bits, or registers
with special formats) requires a second argument to reg_read. This allows us
to provide a fast reg_read that returns a long for the common cases, while
still supporting a more general reg_read for other registers.
- mem_map_ptr is rewritten to take a *direct* java.nio.Buffer, which enables
many more use cases than a simple byte array, and improves performance (a
byte array cannot really be used as a mapped buffer without GC-pinning it,
which hurts the GC performance).
- Context handling API is redesigned to be safer and more object-oriented.
A lot of bugs are fixed with this implementation:
- Unicorn instances can be properly garbage-collected, instead of hanging around
forever in the Unicorn.unicorns table.
- Hooks no longer fire outside of their bounds (#1164), and in fact, hook bounds
are properly respected (previously, all hooks were just registered globally to
all addresses).
- Hooks are substantially faster, as they are now dispatched directly via a
single method call rather than being indirected through invokeCallbacks.
- Loading vector registers works now, rather than crashing the VM (#1539).
Several features are now enabled in the Java implementation:
- All of the current ctl_* calls are implemented.
- mmio_map is implemented.
- New virtual TLB mode is implemented.
- reading/writing Context registers is implemented.
- New hook types are added: TcgOpcodeHook, EdgeGeneratedHook,
InvalidInstructionHook, TlbFillHook, and the instruction hooks Arm64SysHook,
CpuidHook.
- All known special registers are supported.
2023-05-07 03:49:41 +03:00
|
|
|
public interface EdgeGeneratedHook extends Hook {
|
2023-05-09 12:42:14 +03:00
|
|
|
/** Called whenever a jump is made to a new (untranslated) basic block.
|
|
|
|
|
*
|
|
|
|
|
* @param u {@link Unicorn} instance firing this hook
|
|
|
|
|
* @param cur_tb newly translated block being entered
|
|
|
|
|
* @param prev_tb previous block being exited
|
|
|
|
|
* @param user user data provided when registering this hook
|
|
|
|
|
*/
|
Rewrite the Java bindings.
This brings the Java API up to par with Python feature-wise and substantially
simplifies the hook implementation, enabling proper bounds-checked hooks.
The rewrite strives for compatibility with the previous API, but there are some
breaking changes. It is possible to push closer to full backwards compatibility
if required, at the cost of reintroducing some of the suboptimal designs. Here
are the main points of breakage:
- ReadHook and WriteHook are gone, replaced simply by MemHook. Hooking valid
memory accesses now requires a type parameter. This enables fetch and
read-after hooks with a unified API and a single callback object.
- mem_read now takes an int, not a long. We are unable to allocate more than 2GB
in a single request anyway (Java limitation).
- Instruction hooks now require specifying the instruction explicitly, instead
of guessing based on the hook type. This is necessary to distinguish
sysenter/syscall and ARM64 mrs/msr/sys/sysl, without excessively bloating the
library with redundant hook types. Bounds must also be specified, to support
bounds-checked instruction hooks.
- Reading object-type registers (any register larger than 64 bits, or registers
with special formats) requires a second argument to reg_read. This allows us
to provide a fast reg_read that returns a long for the common cases, while
still supporting a more general reg_read for other registers.
- mem_map_ptr is rewritten to take a *direct* java.nio.Buffer, which enables
many more use cases than a simple byte array, and improves performance (a
byte array cannot really be used as a mapped buffer without GC-pinning it,
which hurts the GC performance).
- Context handling API is redesigned to be safer and more object-oriented.
A lot of bugs are fixed with this implementation:
- Unicorn instances can be properly garbage-collected, instead of hanging around
forever in the Unicorn.unicorns table.
- Hooks no longer fire outside of their bounds (#1164), and in fact, hook bounds
are properly respected (previously, all hooks were just registered globally to
all addresses).
- Hooks are substantially faster, as they are now dispatched directly via a
single method call rather than being indirected through invokeCallbacks.
- Loading vector registers works now, rather than crashing the VM (#1539).
Several features are now enabled in the Java implementation:
- All of the current ctl_* calls are implemented.
- mmio_map is implemented.
- New virtual TLB mode is implemented.
- reading/writing Context registers is implemented.
- New hook types are added: TcgOpcodeHook, EdgeGeneratedHook,
InvalidInstructionHook, TlbFillHook, and the instruction hooks Arm64SysHook,
CpuidHook.
- All known special registers are supported.
2023-05-07 03:49:41 +03:00
|
|
|
public void hook(Unicorn u, TranslationBlock cur_tb,
|
|
|
|
|
TranslationBlock prev_tb, Object user);
|
2015-08-25 13:21:47 +03:00
|
|
|
}
|