def bpf_jmp_(obj, s, jt, jf, k):
tst = env.cst(k.int(-1), 32)
tst.sf = True
offjt = env.cst(jt.int(-1), 64)
offjf = env.cst(jf.int(-1), 64)
obj.operands = [tst, offjt, offjf]
obj.type = type_control_flow
def bpf_alu_(obj, s, jt, jf, k):
dst = env.A
src = env.cst(k.int(-1), 32) if s == 0 else env.X
src.sf = True
if obj.mnemonic in ("or", "and", "xor", "neg"):
src.sf = False
obj.operands = [dst, src]
obj.type = type_data_processing
def ebpf_alu_(obj, s, dreg, sreg, off, imm):
dst = env.R[dreg]
src = env.cst(imm.int(-1), 32).zeroextend(64) if s == 0 else env.R[sreg]
src.sf = True
if obj.mnemonic in ("or", "and", "xor", "neg", "end"):
src.sf = False
obj.operands = [dst, src]
obj.type = type_data_processing
def ebpf_alu_(obj,s,dreg,sreg,off,imm):
dst = env.E[dreg]
src = env.cst(imm.int(-1),32) if s==0 else env.E[sreg]
src.sf = True
if obj.mnemonic in ('or','and','xor','neg','end'):
src.sf = False
obj.operands = [dst,src]
obj.type = type_data_processing
def ebpf_st_(obj, sz, dreg, sreg, off, imm):
size = {0: 32, 1: 16, 2: 8, 3: 64}[sz]
dst = env.mem(env.R[dreg] + off.int(-1), size)
if obj.mnemonic == "stx":
src = env.R[sreg]
if imm != 0:
raise InstructionError(obj)
else:
src = env.cst(imm.int(-1), 32).zeroextend(64)
src = src[0:size]
obj.operands = [dst, src]
obj.type = type_data_processing
def bpf_ldx_(obj,sz,md,jt,jf,k):
if sz==3: raise InstructionError(obj)
size = 32>>sz
dst = env.X
adr = env.skb()
if md==0 and size==32: #IMM
src = env.cst(k.int(-1),32)
elif md==3 and size==32 and k.int()<16: #MEM
src = env.M[k.int()]
elif md==6 and size==8: #MSH
src = env.mem(adr,size,disp=k.int(-1))*4
else:
raise InstructionError(obj)
obj.operands = [dst,src]
obj.type = type_data_processing
def bpf_ld_(obj, sz, md, jt, jf, k):
if sz == 3:
raise InstructionError(obj)
size = 32 >> sz
dst = env.A
adr = env.skb()
if md == 0: # IMM
src = env.cst(k.int(-1), 32)
elif md == 1: # ABS
src = env.mem(adr, size, disp=k.int(-1))
elif md == 2: # IND
src = env.mem(adr + env.X + k.int(-1), size)
elif md == 3 and k.int() < 16: # MEM
src = env.M[k.int()]
elif md == 4: # LEN
src = env.skb("len")
else:
raise InstructionError(obj)
obj.operands = [dst, src]
obj.type = type_data_processing
def bpf_ret_(obj, s, jt, jf, k):
src = (env.cst(k.int(-1), 32), env.X, env.A)[s]
obj.operands = [src]
obj.type = type_control_flow
def ebpf_call_(obj, s, dreg, sreg, off, imm):
obj.operands = [env.cst(imm, 32)]
obj.type = type_other
def ebpf_jmp_(obj, s, dreg, sreg, off, imm):
dst = env.R[dreg]
src = env.cst(imm.int(-1), 64) if s == 0 else env.R[sreg]
offset = env.cst(off.int(-1), 64)
obj.operands = [dst, src, offset]
obj.type = type_control_flow
def ebpf_ld64_(obj, dreg, sreg, off, imm, unused, imm2):
dst = env.R[dreg]
src = env.cst(imm | (imm2 << 32), 64)
obj.operands = [dst, src]
obj.type = type_data_processing
