Merge branch '_xeroxz' into 'master'

adding more lifters

See merge request vmp2/vmdevirt!11
merge-requests/12/merge
_xeroxz 3 years ago
commit ebbe93f278

@ -58,6 +58,7 @@ list(APPEND vmdevirt_SOURCES
"src/lifters/shr.cpp"
"src/lifters/sreg.cpp"
"src/lifters/vmexit.cpp"
"src/lifters/write.cpp"
"src/main.cpp"
"src/vmp_rtn_t.cpp"
"include/devirt_t.hpp"

@ -1 +1 @@
Subproject commit 90106b0f5e748f1e67e108800ee0463bae5755e3
Subproject commit 7b1f815a73096ac33f41133b63d991019622de49

@ -32,13 +32,14 @@ namespace vm
lconstbsxdw;
static lifter_callback_t addq, adddw, addw;
static lifter_callback_t sregq, sregdw;
static lifter_callback_t sregq, sregdw, sregb;
static lifter_callback_t lregq, lregdw;
static lifter_callback_t pushvsp;
static lifter_callback_t popvsp;
static lifter_callback_t writeq;
static lifter_callback_t readq, readdw;
static lifter_callback_t nandq, nanddw;
static lifter_callback_t nandq, nanddw, nandb;
static lifter_callback_t shrq;
static lifter_callback_t jmp;
static lifter_callback_t lflagsq;
@ -60,12 +61,15 @@ namespace vm
{ vm::handler::POPVSP, &popvsp },
{ vm::handler::SREGQ, &sregq },
{ vm::handler::SREGDW, &sregdw },
{ vm::handler::SREGB, &sregb },
{ vm::handler::LREGQ, &lregq },
{ vm::handler::LREGDW, &lregdw },
{ vm::handler::READQ, &readq },
{ vm::handler::READDW, &readdw },
{ vm::handler::WRITEQ, &writeq },
{ vm::handler::NANDQ, &nandq },
{ vm::handler::NANDDW, &nanddw },
{ vm::handler::NANDB, &nandb },
{ vm::handler::LFLAGSQ, &lflagsq },
{ vm::handler::JMP, &jmp },
{ vm::handler::VMEXIT, &vmexit } };

@ -85,23 +85,6 @@ namespace vm
bool devirt_t::compile( std::vector< std::uint8_t > &obj )
{
llvm::legacy::FunctionPassManager pass_mgr( llvm_module );
pass_mgr.add( llvm::createPromoteMemoryToRegisterPass() );
pass_mgr.add( llvm::createCFGSimplificationPass() );
pass_mgr.add( llvm::createSROAPass() );
pass_mgr.add( llvm::createLoopSimplifyCFGPass() );
pass_mgr.add( llvm::createNewGVNPass() );
pass_mgr.add( llvm::createReassociatePass() );
pass_mgr.add( llvm::createPartiallyInlineLibCallsPass() );
pass_mgr.add( llvm::createDeadCodeEliminationPass() );
pass_mgr.add( llvm::createCFGSimplificationPass() );
pass_mgr.add( llvm::createInstructionCombiningPass() );
pass_mgr.add( llvm::createFlattenCFGPass() );
for ( auto vmp_rtn : vmp_rtns )
pass_mgr.run( *vmp_rtn->llvm_fptr );
// compile to native x86_64....
llvm::TargetOptions opt;
llvm::SmallVector< char, 128 > buff;
llvm::raw_svector_ostream dest( buff );

@ -12,7 +12,7 @@ namespace devirt
if ( file_header->version != vmp2::version_t::v4 )
{
std::printf( "[!] invalid vmp2 file version... this build uses v3...\n" );
std::printf( "[!] invalid vmp2 file version... this build uses v4...\n" );
return false;
}

@ -11,13 +11,13 @@ namespace vm
auto zf = rtn->zf( byte_size, result );
auto pf = llvm::ConstantInt::get( llvm::IntegerType::get( *rtn->llvm_ctx, 64 ), 0 );
return rtn->flags( cf, pf, llvm::ConstantInt::get( llvm::IntegerType::get( *rtn->llvm_ctx, 64 ), 0 ),
zf, sf, of );
return rtn->flags( cf, pf, llvm::ConstantInt::get( llvm::IntegerType::get( *rtn->llvm_ctx, 64 ), 0 ), zf, sf,
of );
}
lifters_t::lifter_callback_t lifters_t::nandq =
[ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block,
const vm::instrs::virt_instr_t &vinstr, llvm::IRBuilder<> *ir_builder ) {
[ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block, const vm::instrs::virt_instr_t &vinstr,
llvm::IRBuilder<> *ir_builder ) {
auto t1 = rtn->pop( 8 );
auto t2 = rtn->pop( 8 );
@ -34,8 +34,8 @@ namespace vm
};
lifters_t::lifter_callback_t lifters_t::nanddw =
[ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block,
const vm::instrs::virt_instr_t &vinstr, llvm::IRBuilder<> *ir_builder ) {
[ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block, const vm::instrs::virt_instr_t &vinstr,
llvm::IRBuilder<> *ir_builder ) {
auto t1 = rtn->pop( 4 );
auto t2 = rtn->pop( 4 );
@ -51,4 +51,26 @@ namespace vm
rtn->push( 8, rtn->load_value( 8, vmp_rtn->flags ) );
};
lifters_t::lifter_callback_t lifters_t::nandb =
[ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block, const vm::instrs::virt_instr_t &vinstr,
llvm::IRBuilder<> *ir_builder ) {
auto t1 = rtn->pop( 2 );
auto t2 = rtn->pop( 2 );
auto t1_b = ir_builder->CreateIntCast( t1, ir_builder->getInt8Ty(), false );
auto t2_b = ir_builder->CreateIntCast( t2, ir_builder->getInt8Ty(), false );
auto t1_not = ir_builder->CreateNot( t1_b );
auto t2_not = ir_builder->CreateNot( t2_b );
auto t3 = ir_builder->CreateAnd( { t1_not, t2_not } );
auto t3_w = ir_builder->CreateIntCast( t3, ir_builder->getInt16Ty(), false );
rtn->push( 2, t3_w );
auto &vmp_rtn = rtn->vmp_rtns.back();
auto flags = and_flags( rtn, 1, t3 );
ir_builder->CreateStore( flags, vmp_rtn->flags );
rtn->push( 8, rtn->load_value( 8, vmp_rtn->flags ) );
};
} // namespace vm

@ -19,4 +19,15 @@ namespace vm
auto vreg = vmp_rtn->virtual_registers[ vinstr.operand.imm.u ? vinstr.operand.imm.u / 8 : 0 ];
ir_builder->CreateStore( ir_builder->CreateIntCast( t1, ir_builder->getInt64Ty(), false ), vreg );
};
lifters_t::lifter_callback_t lifters_t::sregb =
[ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block, const vm::instrs::virt_instr_t &vinstr,
llvm::IRBuilder<> *ir_builder ) {
auto t1 = rtn->pop( 2 );
auto &vmp_rtn = rtn->vmp_rtns.back();
auto vreg = vmp_rtn->virtual_registers[ vinstr.operand.imm.u ? vinstr.operand.imm.u / 8 : 0 ];
ir_builder->CreateStore(
ir_builder->CreateIntCast( t1, ir_builder->getInt8Ty(), false ),
ir_builder->CreatePointerCast( vreg, llvm::PointerType::get( ir_builder->getInt8Ty(), 0ull ) ) );
};
} // namespace vm

@ -8,8 +8,8 @@ namespace vm
llvm::IRBuilder<> *ir_builder ) {
std::stringstream rtn_name;
llvm::Function *exit_func = nullptr;
rtn_name << "vmexit_" << std::hex << vinstr.trace_data.vm_handler_rva + rtn->vmp2_file->image_base;
if ( !( exit_func = rtn->llvm_module->getFunction( rtn_name.str() ) ) )
{
auto vmexit_func_type = llvm::FunctionType::get(
@ -58,4 +58,4 @@ namespace vm
ir_builder->CreateCall( exit_func, stack_ptr );
ir_builder->CreateRet( stack_ptr );
};
}
} // namespace vm

@ -0,0 +1,13 @@
#include <vm_lifters.hpp>
namespace vm
{
lifters_t::lifter_callback_t lifters_t::writeq =
[ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block, const vm::instrs::virt_instr_t &vinstr,
llvm::IRBuilder<> *ir_builder ) {
auto t1 = rtn->pop( 8 );
auto t2 = rtn->pop( 8 );
auto t3 = ir_builder->CreateIntToPtr( t1, llvm::PointerType::get( ir_builder->getInt64Ty(), 0ull ) );
ir_builder->CreateStore( t2, t3 );
};
} // namespace vm

@ -64,6 +64,7 @@ int main( int argc, const char *argv[] )
{
std::printf( "[!] failed to lift rtn_0x%p, please review the console...\n",
vm_enter_offset + file_header->image_base );
return -1;
}
}

Loading…
Cancel
Save