From 29804c50159c61b47c389e1986b42b391c3a3963 Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Sun, 15 Aug 2021 22:50:58 -0700 Subject: [PATCH] updated vmprofiler and also have the first vmp2 v4 serializing... --- dependencies/vmprofiler | 2 +- include/vmp_rtn.hpp | 1 + src/main.cpp | 63 +++++++++++++++++++++++++++-------------- 3 files changed, 43 insertions(+), 23 deletions(-) diff --git a/dependencies/vmprofiler b/dependencies/vmprofiler index f06bf5f..05c98b1 160000 --- a/dependencies/vmprofiler +++ b/dependencies/vmprofiler @@ -1 +1 @@ -Subproject commit f06bf5f6b72b1d52a6156d6828675c77ceaee7e2 +Subproject commit 05c98b1ef57c3375ffd455221a3be1be6110d4eb diff --git a/include/vmp_rtn.hpp b/include/vmp_rtn.hpp index e9f816b..97a2ee4 100644 --- a/include/vmp_rtn.hpp +++ b/include/vmp_rtn.hpp @@ -21,6 +21,7 @@ #include "X86TargetMachine.h" #include "llvm/Pass.h" +#include "llvm/Passes/PassBuilder.h" #include "llvm/Support/FileSystem.h" #include "llvm/Support/Host.h" #include "llvm/Support/TargetRegistry.h" diff --git a/src/main.cpp b/src/main.cpp index dbf3909..b3e2716 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -35,30 +35,47 @@ int main( int argc, const char *argv[] ) return -1; } - const auto file_header = reinterpret_cast< vmp2::v3::file_header * >( vmp2file.data() ); + const auto file_header = reinterpret_cast< vmp2::v4::file_header * >( vmp2file.data() ); - if ( file_header->version != vmp2::version_t::v3 ) + if ( file_header->version != vmp2::version_t::v4 ) { std::printf( "[!] invalid vmp2 file version... this build uses v3...\n" ); return -1; } - auto first_block = reinterpret_cast< vmp2::v3::code_block_t * >( reinterpret_cast< std::uintptr_t >( file_header ) + - file_header->code_block_offset ); + auto first_rtn = reinterpret_cast< vmp2::v4::rtn_t * >( reinterpret_cast< std::uintptr_t >( file_header ) + + file_header->rtn_offset ); - std::vector< vm::instrs::code_block_t > vmp_code_blocks; - // convert code blocks back to vm::instrs::code_block_t form... - for ( auto [ code_block, code_block_num ] = std::tuple{ first_block, 0u }; - code_block_num < file_header->code_block_count; - code_block = reinterpret_cast< vmp2::v3::code_block_t * >( reinterpret_cast< std::uintptr_t >( code_block ) + - code_block->next_block_offset ), - ++code_block_num ) + std::vector< std::pair< std::uint32_t, std::vector< vm::instrs::code_block_t > > > virt_rtns; + for ( auto [ rtn_block, rtn_idx ] = std::pair{ first_rtn, 0ull }; rtn_idx < file_header->rtn_count; + ++rtn_idx, rtn_block = reinterpret_cast< vmp2::v4::rtn_t * >( + reinterpret_cast< std::uintptr_t >( rtn_block ) + rtn_block->size ) ) { - vm::instrs::code_block_t _code_block{ code_block->vip_begin, code_block->jcc }; - std::for_each( code_block->vinstr, code_block->vinstr + code_block->vinstr_count, - [ & ]( const vm::instrs::virt_instr_t &vinstr ) { _code_block.vinstrs.push_back( vinstr ); } ); - - vmp_code_blocks.push_back( _code_block ); + virt_rtns.push_back( { rtn_block->vm_enter_offset, {} } ); + for ( auto [ code_block, block_idx ] = std::pair{ &rtn_block->code_blocks[ 0 ], 0ull }; + block_idx < rtn_block->code_block_count; + ++block_idx, code_block = reinterpret_cast< vmp2::v4::code_block_t * >( + reinterpret_cast< std::uintptr_t >( code_block ) + code_block->next_block_offset ) ) + { + auto block_vinstrs = reinterpret_cast< vm::instrs::virt_instr_t * >( + reinterpret_cast< std::uintptr_t >( code_block ) + sizeof vmp2::v4::code_block_t + + ( code_block->num_block_addrs * 8 ) ); + + vm::instrs::code_block_t _code_block{ code_block->vip_begin }; + _code_block.jcc.has_jcc = code_block->has_jcc; + _code_block.jcc.type = code_block->jcc_type; + + for ( auto idx = 0u; idx < code_block->num_block_addrs; ++idx ) + { + std::printf( "> branch addr = 0x%p\n", code_block->branch_addr[ idx ] ); + _code_block.jcc.block_addr.push_back( code_block->branch_addr[ idx ] ); + } + + for ( auto idx = 0u; idx < code_block->vinstr_count; ++idx ) + _code_block.vinstrs.push_back( block_vinstrs[ idx ] ); + + virt_rtns.back().second.push_back( _code_block ); + } } LLVMContext llvm_ctx; @@ -75,7 +92,9 @@ int main( int argc, const char *argv[] ) return false; } - vm::vmp_rtn_t vmp_rtn( &llvm_ctx, &llvm_module, &vm_ctx, first_block->vip_begin, vmp_code_blocks ); + vm::vmp_rtn_t vmp_rtn( &llvm_ctx, &llvm_module, &vm_ctx, virt_rtns[ 0 ].second[ 0 ].vip_begin, + virt_rtns[ 0 ].second ); + auto func = vmp_rtn.lift(); llvm_module.print( llvm::outs(), nullptr ); @@ -90,14 +109,14 @@ int main( int argc, const char *argv[] ) llvm::raw_svector_ostream dest( buff ); legacy::PassManager pass; - auto TargetTriple = sys::getDefaultTargetTriple(); - llvm_module.setTargetTriple( TargetTriple ); + auto target_triple = sys::getDefaultTargetTriple(); + llvm_module.setTargetTriple( target_triple ); - std::string Error; - auto Target = TargetRegistry::lookupTarget( TargetTriple, Error ); + std::string error; + auto Target = TargetRegistry::lookupTarget( target_triple, error ); auto reloc_model = Optional< Reloc::Model >(); - auto target_machine = Target->createTargetMachine( TargetTriple, "generic", "", opt, reloc_model ); + auto target_machine = Target->createTargetMachine( target_triple, "generic", "", opt, reloc_model ); llvm_module.setDataLayout( target_machine->createDataLayout() ); target_machine->addPassesToEmitFile( pass, dest, nullptr, CGFT_ObjectFile ); pass.run( llvm_module );