From 6ed221439916f7d7019047afd7552434308ef658 Mon Sep 17 00:00:00 2001 From: lazymio Date: Fri, 14 Jan 2022 19:37:48 +0100 Subject: [PATCH 1/2] Rebuilt hflags when swithing modes Or we may get the wrong mode during translation --- qemu/target/arm/unicorn_arm.c | 3 ++ tests/unit/test_arm.c | 59 +++++++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+) diff --git a/qemu/target/arm/unicorn_arm.c b/qemu/target/arm/unicorn_arm.c index f98a61bb..04c19b37 100644 --- a/qemu/target/arm/unicorn_arm.c +++ b/qemu/target/arm/unicorn_arm.c @@ -252,6 +252,7 @@ static void reg_write(CPUARMState *env, unsigned int regid, const void *value) if (!arm_feature(env, ARM_FEATURE_M)) { cpsr_write(env, *(uint32_t *)value, (CPSR_NZCV | CPSR_Q | CPSR_GE), CPSRWriteByUnicorn); + arm_rebuild_hflags(env); } else { // Same with UC_ARM_REG_APSR_NZCVQ v7m_msr_xpsr(env, 0b1000, 0, *(uint32_t *)value); @@ -259,9 +260,11 @@ static void reg_write(CPUARMState *env, unsigned int regid, const void *value) break; case UC_ARM_REG_APSR_NZCV: cpsr_write(env, *(uint32_t *)value, CPSR_NZCV, CPSRWriteByUnicorn); + arm_rebuild_hflags(env); break; case UC_ARM_REG_CPSR: cpsr_write(env, *(uint32_t *)value, ~0, CPSRWriteByUnicorn); + arm_rebuild_hflags(env); break; case UC_ARM_REG_SPSR: env->spsr = *(uint32_t *)value; diff --git a/tests/unit/test_arm.c b/tests/unit/test_arm.c index 100f8b5c..072d130f 100644 --- a/tests/unit/test_arm.c +++ b/tests/unit/test_arm.c @@ -471,6 +471,64 @@ static void test_arm_mrc() OK(uc_close(uc)); } +static void test_arm_hflags_rebuilt() +{ + // MRS r6, apsr + // BIC r6, r6, #&1F + // ORR r6, r6, #&10 + // MSR cpsr_c, r6 + // SWI OS_EnterOS + // MSR cpsr_c, r6 + char code[] = "\x00\x60\x0f\xe1\x1f\x60\xc6\xe3\x10\x60\x86\xe3\x06\xf0\x21" + "\xe1\x16\x00\x02\xef\x06\xf0\x21\xe1"; + uc_engine *uc; + uint32_t r_cpsr, r_spsr, r_r13, r_r14, r_pc; + + uc_common_setup(&uc, UC_ARCH_ARM, UC_MODE_ARM, code, sizeof(code) - 1, + UC_CPU_ARM_CORTEX_A9); + + r_cpsr = 0x40000013; // SVC32 + OK(uc_reg_write(uc, UC_ARM_REG_CPSR, &r_cpsr)); + r_spsr = 0x40000013; + OK(uc_reg_write(uc, UC_ARM_REG_SPSR, &r_spsr)); + r_r13 = 0x12345678; // SP + OK(uc_reg_write(uc, UC_ARM_REG_R13, &r_r13)); + r_r14 = 0x00102220; // LR + OK(uc_reg_write(uc, UC_ARM_REG_R14, &r_r14)); + + r_cpsr = 0x40000010; // USR32 + OK(uc_reg_write(uc, UC_ARM_REG_CPSR, &r_cpsr)); + r_r13 = 0x0010000; // SP + OK(uc_reg_write(uc, UC_ARM_REG_R13, &r_r13)); + r_r14 = 0x0001234; // LR + OK(uc_reg_write(uc, UC_ARM_REG_R14, &r_r14)); + + uc_assert_err( + UC_ERR_EXCEPTION, + uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0)); + + r_cpsr = 0x60000013; + OK(uc_reg_write(uc, UC_ARM_REG_CPSR, &r_cpsr)); + r_cpsr = 0x60000010; + OK(uc_reg_write(uc, UC_ARM_REG_CPSR, &r_cpsr)); + r_cpsr = 0x60000013; + OK(uc_reg_write(uc, UC_ARM_REG_CPSR, &r_cpsr)); + + OK(uc_reg_read(uc, UC_ARM_REG_PC, &r_pc)); + + OK(uc_emu_start(uc, r_pc, code_start + sizeof(code) - 1, 0, 0)); + + OK(uc_reg_read(uc, UC_ARM_REG_CPSR, &r_cpsr)); + OK(uc_reg_read(uc, UC_ARM_REG_R13, &r_r13)); + OK(uc_reg_read(uc, UC_ARM_REG_R14, &r_r14)); + + TEST_CHECK(r_cpsr == 0x60000010); + TEST_CHECK(r_r13 == 0x00010000); + TEST_CHECK(r_r14 == 0x00001234); + + OK(uc_close(uc)); +} + TEST_LIST = {{"test_arm_nop", test_arm_nop}, {"test_arm_thumb_sub", test_arm_thumb_sub}, {"test_armeb_sub", test_armeb_sub}, @@ -486,4 +544,5 @@ TEST_LIST = {{"test_arm_nop", test_arm_nop}, {"test_arm_not_allow_privilege_escalation", test_arm_not_allow_privilege_escalation}, {"test_arm_mrc", test_arm_mrc}, + {"test_arm_hflags_rebuilt", test_arm_hflags_rebuilt}, {NULL, NULL}}; \ No newline at end of file From dfb0446137db52420a44ed74bac3b5bd7884bf7e Mon Sep 17 00:00:00 2001 From: lazymio Date: Sat, 15 Jan 2022 20:56:24 +0100 Subject: [PATCH 2/2] Update bindings --- bindings/dotnet/UnicornManaged/Const/Ppc.fs | 45 +++++++++++++++++++ bindings/go/unicorn/ppc_const.go | 45 +++++++++++++++++++ bindings/java/unicorn/PpcConst.java | 45 +++++++++++++++++++ bindings/pascal/unicorn/PpcConst.pas | 45 +++++++++++++++++++ bindings/python/unicorn/ppc_const.py | 45 +++++++++++++++++++ .../lib/unicorn_engine/ppc_const.rb | 45 +++++++++++++++++++ 6 files changed, 270 insertions(+) diff --git a/bindings/dotnet/UnicornManaged/Const/Ppc.fs b/bindings/dotnet/UnicornManaged/Const/Ppc.fs index 2bc55c44..ca5330f9 100644 --- a/bindings/dotnet/UnicornManaged/Const/Ppc.fs +++ b/bindings/dotnet/UnicornManaged/Const/Ppc.fs @@ -360,4 +360,49 @@ module Ppc = let UC_PPC_REG_29 = 31 let UC_PPC_REG_30 = 32 let UC_PPC_REG_31 = 33 + let UC_PPC_REG_CR0 = 34 + let UC_PPC_REG_CR1 = 35 + let UC_PPC_REG_CR2 = 36 + let UC_PPC_REG_CR3 = 37 + let UC_PPC_REG_CR4 = 38 + let UC_PPC_REG_CR5 = 39 + let UC_PPC_REG_CR6 = 40 + let UC_PPC_REG_CR7 = 41 + let UC_PPC_REG_FPR0 = 42 + let UC_PPC_REG_FPR1 = 43 + let UC_PPC_REG_FPR2 = 44 + let UC_PPC_REG_FPR3 = 45 + let UC_PPC_REG_FPR4 = 46 + let UC_PPC_REG_FPR5 = 47 + let UC_PPC_REG_FPR6 = 48 + let UC_PPC_REG_FPR7 = 49 + let UC_PPC_REG_FPR8 = 50 + let UC_PPC_REG_FPR9 = 51 + let UC_PPC_REG_FPR10 = 52 + let UC_PPC_REG_FPR11 = 53 + let UC_PPC_REG_FPR12 = 54 + let UC_PPC_REG_FPR13 = 55 + let UC_PPC_REG_FPR14 = 56 + let UC_PPC_REG_FPR15 = 57 + let UC_PPC_REG_FPR16 = 58 + let UC_PPC_REG_FPR17 = 59 + let UC_PPC_REG_FPR18 = 60 + let UC_PPC_REG_FPR19 = 61 + let UC_PPC_REG_FPR20 = 62 + let UC_PPC_REG_FPR21 = 63 + let UC_PPC_REG_FPR22 = 64 + let UC_PPC_REG_FPR23 = 65 + let UC_PPC_REG_FPR24 = 66 + let UC_PPC_REG_FPR25 = 67 + let UC_PPC_REG_FPR26 = 68 + let UC_PPC_REG_FPR27 = 69 + let UC_PPC_REG_FPR28 = 70 + let UC_PPC_REG_FPR29 = 71 + let UC_PPC_REG_FPR30 = 72 + let UC_PPC_REG_FPR31 = 73 + let UC_PPC_REG_LR = 74 + let UC_PPC_REG_XER = 75 + let UC_PPC_REG_CTR = 76 + let UC_PPC_REG_MSR = 77 + let UC_PPC_REG_FPSCR = 78 diff --git a/bindings/go/unicorn/ppc_const.go b/bindings/go/unicorn/ppc_const.go index e18e103e..afddcfcf 100644 --- a/bindings/go/unicorn/ppc_const.go +++ b/bindings/go/unicorn/ppc_const.go @@ -355,4 +355,49 @@ const ( PPC_REG_29 = 31 PPC_REG_30 = 32 PPC_REG_31 = 33 + PPC_REG_CR0 = 34 + PPC_REG_CR1 = 35 + PPC_REG_CR2 = 36 + PPC_REG_CR3 = 37 + PPC_REG_CR4 = 38 + PPC_REG_CR5 = 39 + PPC_REG_CR6 = 40 + PPC_REG_CR7 = 41 + PPC_REG_FPR0 = 42 + PPC_REG_FPR1 = 43 + PPC_REG_FPR2 = 44 + PPC_REG_FPR3 = 45 + PPC_REG_FPR4 = 46 + PPC_REG_FPR5 = 47 + PPC_REG_FPR6 = 48 + PPC_REG_FPR7 = 49 + PPC_REG_FPR8 = 50 + PPC_REG_FPR9 = 51 + PPC_REG_FPR10 = 52 + PPC_REG_FPR11 = 53 + PPC_REG_FPR12 = 54 + PPC_REG_FPR13 = 55 + PPC_REG_FPR14 = 56 + PPC_REG_FPR15 = 57 + PPC_REG_FPR16 = 58 + PPC_REG_FPR17 = 59 + PPC_REG_FPR18 = 60 + PPC_REG_FPR19 = 61 + PPC_REG_FPR20 = 62 + PPC_REG_FPR21 = 63 + PPC_REG_FPR22 = 64 + PPC_REG_FPR23 = 65 + PPC_REG_FPR24 = 66 + PPC_REG_FPR25 = 67 + PPC_REG_FPR26 = 68 + PPC_REG_FPR27 = 69 + PPC_REG_FPR28 = 70 + PPC_REG_FPR29 = 71 + PPC_REG_FPR30 = 72 + PPC_REG_FPR31 = 73 + PPC_REG_LR = 74 + PPC_REG_XER = 75 + PPC_REG_CTR = 76 + PPC_REG_MSR = 77 + PPC_REG_FPSCR = 78 ) \ No newline at end of file diff --git a/bindings/java/unicorn/PpcConst.java b/bindings/java/unicorn/PpcConst.java index b5b343ee..4d2a26a9 100644 --- a/bindings/java/unicorn/PpcConst.java +++ b/bindings/java/unicorn/PpcConst.java @@ -357,5 +357,50 @@ public interface PpcConst { public static final int UC_PPC_REG_29 = 31; public static final int UC_PPC_REG_30 = 32; public static final int UC_PPC_REG_31 = 33; + public static final int UC_PPC_REG_CR0 = 34; + public static final int UC_PPC_REG_CR1 = 35; + public static final int UC_PPC_REG_CR2 = 36; + public static final int UC_PPC_REG_CR3 = 37; + public static final int UC_PPC_REG_CR4 = 38; + public static final int UC_PPC_REG_CR5 = 39; + public static final int UC_PPC_REG_CR6 = 40; + public static final int UC_PPC_REG_CR7 = 41; + public static final int UC_PPC_REG_FPR0 = 42; + public static final int UC_PPC_REG_FPR1 = 43; + public static final int UC_PPC_REG_FPR2 = 44; + public static final int UC_PPC_REG_FPR3 = 45; + public static final int UC_PPC_REG_FPR4 = 46; + public static final int UC_PPC_REG_FPR5 = 47; + public static final int UC_PPC_REG_FPR6 = 48; + public static final int UC_PPC_REG_FPR7 = 49; + public static final int UC_PPC_REG_FPR8 = 50; + public static final int UC_PPC_REG_FPR9 = 51; + public static final int UC_PPC_REG_FPR10 = 52; + public static final int UC_PPC_REG_FPR11 = 53; + public static final int UC_PPC_REG_FPR12 = 54; + public static final int UC_PPC_REG_FPR13 = 55; + public static final int UC_PPC_REG_FPR14 = 56; + public static final int UC_PPC_REG_FPR15 = 57; + public static final int UC_PPC_REG_FPR16 = 58; + public static final int UC_PPC_REG_FPR17 = 59; + public static final int UC_PPC_REG_FPR18 = 60; + public static final int UC_PPC_REG_FPR19 = 61; + public static final int UC_PPC_REG_FPR20 = 62; + public static final int UC_PPC_REG_FPR21 = 63; + public static final int UC_PPC_REG_FPR22 = 64; + public static final int UC_PPC_REG_FPR23 = 65; + public static final int UC_PPC_REG_FPR24 = 66; + public static final int UC_PPC_REG_FPR25 = 67; + public static final int UC_PPC_REG_FPR26 = 68; + public static final int UC_PPC_REG_FPR27 = 69; + public static final int UC_PPC_REG_FPR28 = 70; + public static final int UC_PPC_REG_FPR29 = 71; + public static final int UC_PPC_REG_FPR30 = 72; + public static final int UC_PPC_REG_FPR31 = 73; + public static final int UC_PPC_REG_LR = 74; + public static final int UC_PPC_REG_XER = 75; + public static final int UC_PPC_REG_CTR = 76; + public static final int UC_PPC_REG_MSR = 77; + public static final int UC_PPC_REG_FPSCR = 78; } diff --git a/bindings/pascal/unicorn/PpcConst.pas b/bindings/pascal/unicorn/PpcConst.pas index 158f9e77..4e571f8e 100644 --- a/bindings/pascal/unicorn/PpcConst.pas +++ b/bindings/pascal/unicorn/PpcConst.pas @@ -358,6 +358,51 @@ const UC_PPC_REG_29 = 31; UC_PPC_REG_30 = 32; UC_PPC_REG_31 = 33; + UC_PPC_REG_CR0 = 34; + UC_PPC_REG_CR1 = 35; + UC_PPC_REG_CR2 = 36; + UC_PPC_REG_CR3 = 37; + UC_PPC_REG_CR4 = 38; + UC_PPC_REG_CR5 = 39; + UC_PPC_REG_CR6 = 40; + UC_PPC_REG_CR7 = 41; + UC_PPC_REG_FPR0 = 42; + UC_PPC_REG_FPR1 = 43; + UC_PPC_REG_FPR2 = 44; + UC_PPC_REG_FPR3 = 45; + UC_PPC_REG_FPR4 = 46; + UC_PPC_REG_FPR5 = 47; + UC_PPC_REG_FPR6 = 48; + UC_PPC_REG_FPR7 = 49; + UC_PPC_REG_FPR8 = 50; + UC_PPC_REG_FPR9 = 51; + UC_PPC_REG_FPR10 = 52; + UC_PPC_REG_FPR11 = 53; + UC_PPC_REG_FPR12 = 54; + UC_PPC_REG_FPR13 = 55; + UC_PPC_REG_FPR14 = 56; + UC_PPC_REG_FPR15 = 57; + UC_PPC_REG_FPR16 = 58; + UC_PPC_REG_FPR17 = 59; + UC_PPC_REG_FPR18 = 60; + UC_PPC_REG_FPR19 = 61; + UC_PPC_REG_FPR20 = 62; + UC_PPC_REG_FPR21 = 63; + UC_PPC_REG_FPR22 = 64; + UC_PPC_REG_FPR23 = 65; + UC_PPC_REG_FPR24 = 66; + UC_PPC_REG_FPR25 = 67; + UC_PPC_REG_FPR26 = 68; + UC_PPC_REG_FPR27 = 69; + UC_PPC_REG_FPR28 = 70; + UC_PPC_REG_FPR29 = 71; + UC_PPC_REG_FPR30 = 72; + UC_PPC_REG_FPR31 = 73; + UC_PPC_REG_LR = 74; + UC_PPC_REG_XER = 75; + UC_PPC_REG_CTR = 76; + UC_PPC_REG_MSR = 77; + UC_PPC_REG_FPSCR = 78; implementation end. \ No newline at end of file diff --git a/bindings/python/unicorn/ppc_const.py b/bindings/python/unicorn/ppc_const.py index 2b2616ff..ff007a49 100644 --- a/bindings/python/unicorn/ppc_const.py +++ b/bindings/python/unicorn/ppc_const.py @@ -353,3 +353,48 @@ UC_PPC_REG_28 = 30 UC_PPC_REG_29 = 31 UC_PPC_REG_30 = 32 UC_PPC_REG_31 = 33 +UC_PPC_REG_CR0 = 34 +UC_PPC_REG_CR1 = 35 +UC_PPC_REG_CR2 = 36 +UC_PPC_REG_CR3 = 37 +UC_PPC_REG_CR4 = 38 +UC_PPC_REG_CR5 = 39 +UC_PPC_REG_CR6 = 40 +UC_PPC_REG_CR7 = 41 +UC_PPC_REG_FPR0 = 42 +UC_PPC_REG_FPR1 = 43 +UC_PPC_REG_FPR2 = 44 +UC_PPC_REG_FPR3 = 45 +UC_PPC_REG_FPR4 = 46 +UC_PPC_REG_FPR5 = 47 +UC_PPC_REG_FPR6 = 48 +UC_PPC_REG_FPR7 = 49 +UC_PPC_REG_FPR8 = 50 +UC_PPC_REG_FPR9 = 51 +UC_PPC_REG_FPR10 = 52 +UC_PPC_REG_FPR11 = 53 +UC_PPC_REG_FPR12 = 54 +UC_PPC_REG_FPR13 = 55 +UC_PPC_REG_FPR14 = 56 +UC_PPC_REG_FPR15 = 57 +UC_PPC_REG_FPR16 = 58 +UC_PPC_REG_FPR17 = 59 +UC_PPC_REG_FPR18 = 60 +UC_PPC_REG_FPR19 = 61 +UC_PPC_REG_FPR20 = 62 +UC_PPC_REG_FPR21 = 63 +UC_PPC_REG_FPR22 = 64 +UC_PPC_REG_FPR23 = 65 +UC_PPC_REG_FPR24 = 66 +UC_PPC_REG_FPR25 = 67 +UC_PPC_REG_FPR26 = 68 +UC_PPC_REG_FPR27 = 69 +UC_PPC_REG_FPR28 = 70 +UC_PPC_REG_FPR29 = 71 +UC_PPC_REG_FPR30 = 72 +UC_PPC_REG_FPR31 = 73 +UC_PPC_REG_LR = 74 +UC_PPC_REG_XER = 75 +UC_PPC_REG_CTR = 76 +UC_PPC_REG_MSR = 77 +UC_PPC_REG_FPSCR = 78 diff --git a/bindings/ruby/unicorn_gem/lib/unicorn_engine/ppc_const.rb b/bindings/ruby/unicorn_gem/lib/unicorn_engine/ppc_const.rb index a1d2fcac..35698b65 100644 --- a/bindings/ruby/unicorn_gem/lib/unicorn_engine/ppc_const.rb +++ b/bindings/ruby/unicorn_gem/lib/unicorn_engine/ppc_const.rb @@ -355,4 +355,49 @@ module UnicornEngine UC_PPC_REG_29 = 31 UC_PPC_REG_30 = 32 UC_PPC_REG_31 = 33 + UC_PPC_REG_CR0 = 34 + UC_PPC_REG_CR1 = 35 + UC_PPC_REG_CR2 = 36 + UC_PPC_REG_CR3 = 37 + UC_PPC_REG_CR4 = 38 + UC_PPC_REG_CR5 = 39 + UC_PPC_REG_CR6 = 40 + UC_PPC_REG_CR7 = 41 + UC_PPC_REG_FPR0 = 42 + UC_PPC_REG_FPR1 = 43 + UC_PPC_REG_FPR2 = 44 + UC_PPC_REG_FPR3 = 45 + UC_PPC_REG_FPR4 = 46 + UC_PPC_REG_FPR5 = 47 + UC_PPC_REG_FPR6 = 48 + UC_PPC_REG_FPR7 = 49 + UC_PPC_REG_FPR8 = 50 + UC_PPC_REG_FPR9 = 51 + UC_PPC_REG_FPR10 = 52 + UC_PPC_REG_FPR11 = 53 + UC_PPC_REG_FPR12 = 54 + UC_PPC_REG_FPR13 = 55 + UC_PPC_REG_FPR14 = 56 + UC_PPC_REG_FPR15 = 57 + UC_PPC_REG_FPR16 = 58 + UC_PPC_REG_FPR17 = 59 + UC_PPC_REG_FPR18 = 60 + UC_PPC_REG_FPR19 = 61 + UC_PPC_REG_FPR20 = 62 + UC_PPC_REG_FPR21 = 63 + UC_PPC_REG_FPR22 = 64 + UC_PPC_REG_FPR23 = 65 + UC_PPC_REG_FPR24 = 66 + UC_PPC_REG_FPR25 = 67 + UC_PPC_REG_FPR26 = 68 + UC_PPC_REG_FPR27 = 69 + UC_PPC_REG_FPR28 = 70 + UC_PPC_REG_FPR29 = 71 + UC_PPC_REG_FPR30 = 72 + UC_PPC_REG_FPR31 = 73 + UC_PPC_REG_LR = 74 + UC_PPC_REG_XER = 75 + UC_PPC_REG_CTR = 76 + UC_PPC_REG_MSR = 77 + UC_PPC_REG_FPSCR = 78 end \ No newline at end of file