Finalizer minimal ipin disassembly
This commit is contained in:
parent
a7382f9efe
commit
17596aff05
@ -15,6 +15,8 @@ Notes:
|
|||||||
To begin with, anonymous types are not allowed for randomization (later solved with hash(type) instead of name)!
|
To begin with, anonymous types are not allowed for randomization (later solved with hash(type) instead of name)!
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
static bool disassemble_ipin(const LIEF::ELF::Section* text, IPIN::HIT& pin);
|
||||||
|
|
||||||
int main(int argc, char** argv) {
|
int main(int argc, char** argv) {
|
||||||
static option long_options[] = {
|
static option long_options[] = {
|
||||||
{ "help", no_argument, 0, 0 },
|
{ "help", no_argument, 0, 0 },
|
||||||
@ -94,16 +96,63 @@ int main(int argc, char** argv) {
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// For each ipin, disassemble instruction and find immediate offset
|
||||||
|
const LIEF::ELF::Section* text = bin->get_section(".text");
|
||||||
|
if (!text) {
|
||||||
|
std::cerr << "Unable to locate .text section for ipin disassembly!" << std::endl;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (auto& [cu_uid, cu] : units) {
|
||||||
|
for (auto& [_, ipin] : cu.ipins) {
|
||||||
|
if (!ipin.hit.has_value()) {
|
||||||
|
std::cerr << "Encountered ipin without vaddr!" << std::endl;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!disassemble_ipin(text, ipin.hit.value())) {
|
||||||
|
std::cerr << "Failed to disassemble ipin!" << std::endl;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// TODO
|
// TODO
|
||||||
/*
|
/*
|
||||||
1. For each ipin, disassemble instruction and find immediate offset
|
1. Find __spslr_program
|
||||||
2. Find __spslr_program
|
2. Serialize entire patcher program
|
||||||
3. Serialize entire patcher program
|
|
||||||
-> all pin addresses relative to &__spslr_program
|
-> all pin addresses relative to &__spslr_program
|
||||||
-> dpatch entry components ordered by level
|
-> dpatch entry components ordered by level
|
||||||
4. Add new section .spslr with patcher program
|
3. Add new section .spslr with patcher program
|
||||||
5. Set __spslr_program to (&.spslr - &__spslr_program)
|
4. Set __spslr_program to (&.spslr - &__spslr_program)
|
||||||
6. Output final program
|
5. Output final program
|
||||||
*/
|
*/
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool disassemble_ipin(const LIEF::ELF::Section* text, IPIN::HIT& pin) {
|
||||||
|
if (!text)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
uint64_t text_begin = text->virtual_address();
|
||||||
|
uint64_t text_size = text->size();
|
||||||
|
auto text_data = text->content();
|
||||||
|
|
||||||
|
uint64_t pin_addr = pin.vaddr;
|
||||||
|
|
||||||
|
if (pin_addr < text_begin || pin_addr >= text_begin + text_size)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
uint64_t pin_offset = pin_addr - text_begin;
|
||||||
|
|
||||||
|
// 32 bit mov of immediate to 64 bit register: 0x48 0xc7 [8 bit reg] [32 bit immediate]
|
||||||
|
|
||||||
|
if (text_data[pin_offset] != 0x48 || text_data[pin_offset + 1] != 0xc7) {
|
||||||
|
std::cerr << "Ipin uses not yet handled instruction!" << std::endl;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
pin.imm_offset = 3;
|
||||||
|
pin.imm_size = 4;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user