mirrors/unicorn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Format

Browse Source
This commit is contained in:
lazymio 2024-02-12 00:10:58 +08:00
parent 822bb527f3
commit f3323469d0
No known key found for this signature in database
GPG Key ID: DFF27E34A47CB873
3 changed files with 57 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
samples/sample_arm64.c
View File

@ -293,14 +293,13 @@ static void test_arm64_hook_mrs(void)
uc_close(uc); uc_close(uc);
} }
#define CHECK(x) \
#define CHECK(x) do { \ do { \
if((x) != UC_ERR_OK) { \ if ((x) != UC_ERR_OK) { \
fprintf(stderr, "FAIL at %s:%d: %s\n", __FILE__, __LINE__, #x); \ fprintf(stderr, "FAIL at %s:%d: %s\n", __FILE__, __LINE__, #x); \
exit(1); \ exit(1); \
} \ } \
} while(0) } while (0)
/* Test PAC support in the emulator. Code adapted from /* Test PAC support in the emulator. Code adapted from
https://github.com/unicorn-engine/unicorn/issues/1789#issuecomment-1536320351 */ https://github.com/unicorn-engine/unicorn/issues/1789#issuecomment-1536320351 */
@ -309,8 +308,8 @@ static void test_arm64_pac(void)
uc_engine *uc; uc_engine *uc;
uint64_t x1 = 0x0000aaaabbbbccccULL; uint64_t x1 = 0x0000aaaabbbbccccULL;
// paciza x1 // paciza x1
#define ARM64_PAC_CODE "\xe1\x23\xc1\xda" #define ARM64_PAC_CODE "\xe1\x23\xc1\xda"
printf("Try ARM64 PAC\n"); printf("Try ARM64 PAC\n");
@ -318,7 +317,8 @@ static void test_arm64_pac(void)
CHECK(uc_open(UC_ARCH_ARM64, UC_MODE_ARM, &uc)); CHECK(uc_open(UC_ARCH_ARM64, UC_MODE_ARM, &uc));
CHECK(uc_ctl_set_cpu_model(uc, UC_CPU_ARM64_MAX)); CHECK(uc_ctl_set_cpu_model(uc, UC_CPU_ARM64_MAX));
CHECK(uc_mem_map(uc, ADDRESS, 2 * 1024 * 1024, UC_PROT_ALL)); CHECK(uc_mem_map(uc, ADDRESS, 2 * 1024 * 1024, UC_PROT_ALL));
CHECK(uc_mem_write(uc, ADDRESS, ARM64_PAC_CODE, sizeof(ARM64_PAC_CODE) - 1)); CHECK(
uc_mem_write(uc, ADDRESS, ARM64_PAC_CODE, sizeof(ARM64_PAC_CODE) - 1));
CHECK(uc_reg_write(uc, UC_ARM64_REG_X1, &x1)); CHECK(uc_reg_write(uc, UC_ARM64_REG_X1, &x1));
/** Initialize PAC support **/ /** Initialize PAC support **/
@ -334,7 +334,7 @@ static void test_arm64_pac(void)
CHECK(uc_reg_read(uc, UC_ARM64_REG_CP_REG, &reg)); CHECK(uc_reg_read(uc, UC_ARM64_REG_CP_REG, &reg));
// NS && RW && API // NS && RW && API
reg.val |= (1 | (1<<10) | (1<<17)); reg.val |= (1 | (1 << 10) | (1 << 17));
CHECK(uc_reg_write(uc, UC_ARM64_REG_CP_REG, &reg)); CHECK(uc_reg_write(uc, UC_ARM64_REG_CP_REG, &reg));
@ -348,10 +348,10 @@ static void test_arm64_pac(void)
CHECK(uc_reg_read(uc, UC_ARM64_REG_CP_REG, &reg)); CHECK(uc_reg_read(uc, UC_ARM64_REG_CP_REG, &reg));
// EnIA && EnIB // EnIA && EnIB
reg.val |= (1<<31) | (1<<30); reg.val |= (1 << 31) | (1 << 30);
CHECK(uc_reg_write(uc, UC_ARM64_REG_CP_REG, &reg)); CHECK(uc_reg_write(uc, UC_ARM64_REG_CP_REG, &reg));
// HCR_EL2 // HCR_EL2
reg.op0 = 0b11; reg.op0 = 0b11;
reg.op1 = 0b100; reg.op1 = 0b100;
@ -360,12 +360,13 @@ static void test_arm64_pac(void)
reg.op2 = 0b000; reg.op2 = 0b000;
// HCR.API // HCR.API
reg.val |= (1ULL<<41); reg.val |= (1ULL << 41);
CHECK(uc_reg_write(uc, UC_ARM64_REG_CP_REG, &reg)); CHECK(uc_reg_write(uc, UC_ARM64_REG_CP_REG, &reg));
/** Check that PAC worked **/ /** Check that PAC worked **/
CHECK(uc_emu_start(uc, ADDRESS, ADDRESS + sizeof(ARM64_PAC_CODE) - 1, 0, 0)); CHECK(
uc_emu_start(uc, ADDRESS, ADDRESS + sizeof(ARM64_PAC_CODE) - 1, 0, 0));
CHECK(uc_reg_read(uc, UC_ARM64_REG_X1, &x1)); CHECK(uc_reg_read(uc, UC_ARM64_REG_X1, &x1));
printf("X1 = 0x%" PRIx64 "\n", x1); printf("X1 = 0x%" PRIx64 "\n", x1);

13
tests/unit/test_mem.c
View File

@ -333,7 +333,8 @@ static void test_snapshot_with_vtlb(void)
uc_hook hook; uc_hook hook;
// mov eax, [0x2020]; inc eax; mov [0x2020], eax // mov eax, [0x2020]; inc eax; mov [0x2020], eax
char code[] = "\xA1\x20\x20\x00\x00\x04\x00\x00\x00\xFF\xC0\xA3\x20\x20\x00\x00\x04\x00\x00\x00"; char code[] = "\xA1\x20\x20\x00\x00\x04\x00\x00\x00\xFF\xC0\xA3\x20\x20\x00"
"\x00\x04\x00\x00\x00";
OK(uc_open(UC_ARCH_X86, UC_MODE_64, &uc)); OK(uc_open(UC_ARCH_X86, UC_MODE_64, &uc));
@ -342,9 +343,9 @@ static void test_snapshot_with_vtlb(void)
OK(uc_context_alloc(uc, &c1)); OK(uc_context_alloc(uc, &c1));
OK(uc_ctl_context_mode(uc, UC_CTL_CONTEXT_MEMORY)); OK(uc_ctl_context_mode(uc, UC_CTL_CONTEXT_MEMORY));
OK(uc_ctl_tlb_mode(uc, UC_TLB_VIRTUAL)); OK(uc_ctl_tlb_mode(uc, UC_TLB_VIRTUAL));
OK(uc_hook_add(uc, &hook, UC_HOOK_TLB_FILL, test_snapshot_with_vtlb_callback, NULL, 1, 0)); OK(uc_hook_add(uc, &hook, UC_HOOK_TLB_FILL,
test_snapshot_with_vtlb_callback, NULL, 1, 0));
// Map physical memory // Map physical memory
OK(uc_mem_map(uc, 0x1000, 0x1000, UC_PROT_EXEC | UC_PROT_READ)); OK(uc_mem_map(uc, 0x1000, 0x1000, UC_PROT_EXEC | UC_PROT_READ));
@ -354,11 +355,13 @@ static void test_snapshot_with_vtlb(void)
// Initial context save // Initial context save
OK(uc_context_save(uc, c0)); OK(uc_context_save(uc, c0));
OK(uc_emu_start(uc, 0x400000000 + 0x1000, 0x400000000 + 0x1000 + sizeof(code) - 1, 0, 0)); OK(uc_emu_start(uc, 0x400000000 + 0x1000,
0x400000000 + 0x1000 + sizeof(code) - 1, 0, 0));
OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem))); OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem)));
TEST_CHECK(mem == 1); TEST_CHECK(mem == 1);
OK(uc_context_save(uc, c1)); OK(uc_context_save(uc, c1));
OK(uc_emu_start(uc, 0x400000000 + 0x1000, 0x400000000 + 0x1000 + sizeof(code) - 1, 0, 0)); OK(uc_emu_start(uc, 0x400000000 + 0x1000,
0x400000000 + 0x1000 + sizeof(code) - 1, 0, 0));
OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem))); OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem)));
TEST_CHECK(mem == 2); TEST_CHECK(mem == 2);
OK(uc_context_restore(uc, c1)); OK(uc_context_restore(uc, c1));

62
tests/unit/test_x86.c
View File

@ -1514,64 +1514,66 @@ static void test_x86_64_not_overwriting_tmp0_for_pc_update()
} }
#define MEM_BASE 0x40000000 #define MEM_BASE 0x40000000
#define MEM_SIZE 1024*1024 #define MEM_SIZE 1024 * 1024
#define MEM_STACK MEM_BASE + (MEM_SIZE / 2) #define MEM_STACK MEM_BASE + (MEM_SIZE / 2)
#define MEM_TEXT MEM_STACK + 4096 #define MEM_TEXT MEM_STACK + 4096
static void test_fxsave_fpip_x86(void) { static void test_fxsave_fpip_x86(void)
{
// note: fxsave was introduced in Pentium II // note: fxsave was introduced in Pentium II
uint8_t code_x86[] = { uint8_t code_x86[] = {
// help testing through NOP offset [disassembly in at&t syntax] // help testing through NOP offset [disassembly in at&t syntax]
0x90, 0x90, 0x90, 0x90, // nop nop nop nop 0x90, 0x90, 0x90, 0x90, // nop nop nop nop
// run a floating point instruction // run a floating point instruction
0xdb, 0xc9, // fcmovne %st(1), %st 0xdb, 0xc9, // fcmovne %st(1), %st
// fxsave needs 512 bytes of storage space // fxsave needs 512 bytes of storage space
0x81, 0xec, 0x00, 0x02, 0x00, 0x00, // subl $512, %esp 0x81, 0xec, 0x00, 0x02, 0x00, 0x00, // subl $512, %esp
// fxsave needs a 16-byte aligned address for storage // fxsave needs a 16-byte aligned address for storage
0x83, 0xe4, 0xf0, // andl $0xfffffff0, %esp 0x83, 0xe4, 0xf0, // andl $0xfffffff0, %esp
// store fxsave data on the stack // store fxsave data on the stack
0x0f, 0xae, 0x04, 0x24, // fxsave (%esp) 0x0f, 0xae, 0x04, 0x24, // fxsave (%esp)
// fxsave stores FPIP at an 8-byte offset, move FPIP to eax register // fxsave stores FPIP at an 8-byte offset, move FPIP to eax register
0x8b, 0x44, 0x24, 0x08 // movl 0x8(%esp), %eax 0x8b, 0x44, 0x24, 0x08 // movl 0x8(%esp), %eax
}; };
uc_err err; uc_err err;
uint32_t X86_NOP_OFFSET = 4; uint32_t X86_NOP_OFFSET = 4;
uint32_t stack_top = (uint32_t) MEM_STACK; uint32_t stack_top = (uint32_t)MEM_STACK;
uint32_t value; uint32_t value;
uc_engine *uc; uc_engine *uc;
// initialize emulator in X86-32bit mode // initialize emulator in X86-32bit mode
OK(uc_open(UC_ARCH_X86, UC_MODE_32, &uc)); OK(uc_open(UC_ARCH_X86, UC_MODE_32, &uc));
// map 1MB of memory for this emulation // map 1MB of memory for this emulation
OK(uc_mem_map(uc, MEM_BASE, MEM_SIZE, UC_PROT_ALL)); OK(uc_mem_map(uc, MEM_BASE, MEM_SIZE, UC_PROT_ALL));
OK(uc_mem_write(uc, MEM_TEXT, code_x86, sizeof(code_x86))); OK(uc_mem_write(uc, MEM_TEXT, code_x86, sizeof(code_x86)));
OK(uc_reg_write(uc, UC_X86_REG_ESP, &stack_top)); OK(uc_reg_write(uc, UC_X86_REG_ESP, &stack_top));
OK(uc_emu_start(uc, MEM_TEXT, MEM_TEXT + sizeof(code_x86), 0, 0)); OK(uc_emu_start(uc, MEM_TEXT, MEM_TEXT + sizeof(code_x86), 0, 0));
OK(uc_reg_read(uc, UC_X86_REG_EAX, &value)); OK(uc_reg_read(uc, UC_X86_REG_EAX, &value));
TEST_CHECK(value == ((uint32_t) MEM_TEXT + X86_NOP_OFFSET)); TEST_CHECK(value == ((uint32_t)MEM_TEXT + X86_NOP_OFFSET));
OK(uc_mem_unmap(uc, MEM_BASE, MEM_SIZE)); OK(uc_mem_unmap(uc, MEM_BASE, MEM_SIZE));
OK(uc_close(uc)); OK(uc_close(uc));
} }
static void test_fxsave_fpip_x64(void) { static void test_fxsave_fpip_x64(void)
{
uint8_t code_x64[] = { uint8_t code_x64[] = {
// help testing through NOP offset [disassembly in at&t] // help testing through NOP offset [disassembly in at&t]
0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, // nops 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, // nops
// run a floating point instruction // run a floating point instruction
0xdb, 0xc9, // fcmovne %st(1), %st 0xdb, 0xc9, // fcmovne %st(1), %st
// fxsave64 needs 512 bytes of storage space // fxsave64 needs 512 bytes of storage space
0x48, 0x81, 0xec, 0x00, 0x02, 0x00, 0x00, // subq $512, %rsp 0x48, 0x81, 0xec, 0x00, 0x02, 0x00, 0x00, // subq $512, %rsp
// fxsave needs a 16-byte aligned address for storage // fxsave needs a 16-byte aligned address for storage
0x48, 0x83, 0xe4, 0xf0, // andq 0xfffffffffffffff0, %rsp 0x48, 0x83, 0xe4, 0xf0, // andq 0xfffffffffffffff0, %rsp
// store fxsave64 data on the stack // store fxsave64 data on the stack
0x48, 0x0f, 0xae, 0x04, 0x24, // fxsave64 (%rsp) 0x48, 0x0f, 0xae, 0x04, 0x24, // fxsave64 (%rsp)
// fxsave64 stores FPIP at an 8-byte offset, move FPIP to rax register // fxsave64 stores FPIP at an 8-byte offset, move FPIP to rax register
0x48, 0x8b, 0x44, 0x24, 0x08, // movq 0x8(%rsp), %rax 0x48, 0x8b, 0x44, 0x24, 0x08, // movq 0x8(%rsp), %rax
}; };
uc_err err; uc_err err;
uint64_t stack_top = (uint64_t) MEM_STACK; uint64_t stack_top = (uint64_t)MEM_STACK;
uint64_t X64_NOP_OFFSET = 8; uint64_t X64_NOP_OFFSET = 8;
uint64_t value; uint64_t value;
uc_engine *uc; uc_engine *uc;
@ -1585,7 +1587,7 @@ static void test_fxsave_fpip_x64(void) {
OK(uc_reg_write(uc, UC_X86_REG_RSP, &stack_top)); OK(uc_reg_write(uc, UC_X86_REG_RSP, &stack_top));
OK(uc_emu_start(uc, MEM_TEXT, MEM_TEXT + sizeof(code_x64), 0, 0)); OK(uc_emu_start(uc, MEM_TEXT, MEM_TEXT + sizeof(code_x64), 0, 0));
OK(uc_reg_read(uc, UC_X86_REG_RAX, &value)); OK(uc_reg_read(uc, UC_X86_REG_RAX, &value));
TEST_CHECK(value == ((uint64_t) MEM_TEXT + X64_NOP_OFFSET)); TEST_CHECK(value == ((uint64_t)MEM_TEXT + X64_NOP_OFFSET));
OK(uc_mem_unmap(uc, MEM_BASE, MEM_SIZE)); OK(uc_mem_unmap(uc, MEM_BASE, MEM_SIZE));
OK(uc_close(uc)); OK(uc_close(uc));
} }