cpu

package
v0.0.0-...-fed3a35 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 20, 2019 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MEM_WRITE_UNMAPPED = uc.MEM_WRITE_UNMAPPED
	MEM_READ_UNMAPPED  = uc.MEM_READ_UNMAPPED
	MEM_FETCH_UNMAPPED = uc.MEM_FETCH_UNMAPPED
	MEM_WRITE_PROT     = uc.MEM_WRITE_PROT
	MEM_READ_PROT      = uc.MEM_READ_PROT
	MEM_FETCH_PROT     = uc.MEM_FETCH_PROT

	MEM_PROT     = MEM_WRITE_PROT | MEM_READ_PROT | MEM_FETCH_PROT
	MEM_UNMAPPED = MEM_READ_UNMAPPED | MEM_WRITE_UNMAPPED | MEM_FETCH_UNMAPPED
)

these errors are used for HOOK_MEM_ERR

View Source 
const (
	PROT_NONE  = uc.PROT_NONE
	PROT_READ  = uc.PROT_READ
	PROT_WRITE = uc.PROT_WRITE
	PROT_EXEC  = uc.PROT_EXEC
	PROT_ALL   = uc.PROT_ALL
)

these constants are used for memory protections

View Source 
const (
	MEM_WRITE = uc.MEM_WRITE
	MEM_READ  = uc.MEM_READ
	MEM_FETCH = uc.MEM_FETCH
)

these constants are used in a hook to specify the type of memory access

Variables

This section is empty.

Functions

func PackUint 

func PackUint(order binary.ByteOrder, size int, buf []byte, n uint64) ([]byte, error)

func UnpackUint 

func UnpackUint(order binary.ByteOrder, size int, buf []byte) (uint64, error)

Types

type Builder 

type Builder struct {
	Arch, Mode int
}

func (*Builder) New 

func (b *Builder) New() (*Cpu, error)

type CodeHook 

type CodeHook func(addr uint64, size uint32)

CodeHook is used to hook executed code

type Cpu 

type Cpu struct {
	*uc.Unicorn
}

func (*Cpu) Backend 

func (u *Cpu) Backend() interface{}

func (*Cpu) ContextRestore 

func (u *Cpu) ContextRestore(ctx interface{}) error

func (*Cpu) ContextSave 

func (u *Cpu) ContextSave(reuse interface{}) (interface{}, error)

func (*Cpu) HookAllMemErr 

func (u *Cpu) HookAllMemErr(cb MemErrHook, start, end uint64) (uc.Hook, error)

HookAllMemErr TODO figure out what it does

func (*Cpu) HookBlock 

func (u *Cpu) HookBlock(cb CodeHook, start, end uint64) (uc.Hook, error)

HookBlock TODO figure out what it does

func (*Cpu) HookCode 

func (u *Cpu) HookCode(cb CodeHook, start, end uint64) (uc.Hook, error)

HookCode TODO figure out what it does

func (*Cpu) HookInstruction 

func (u *Cpu) HookInstruction(cb InstructionHook, start, end uint64, instruction int) (uc.Hook, error)

HookInstruction TODO figure out what it does

func (*Cpu) HookInterrupt 

func (u *Cpu) HookInterrupt(cb InterruptHook, start, end uint64) (uc.Hook, error)

HookInterrupt TODO figure out what it does

func (*Cpu) HookMem 

func (u *Cpu) HookMem(kind int, cb MemHook, start, end uint64) (uc.Hook, error)

HookMem TODO figure out what it does

func (*Cpu) HookMemErr 

func (u *Cpu) HookMemErr(kind int, cb MemErrHook, start, end uint64) (uc.Hook, error)

HookMemErr TODO figure out what it does

func (*Cpu) Mem 

func (c *Cpu) Mem() io.ReadWriteSeeker

Mem gives access to the memory of the process.

func (*Cpu) MemMap 

func (u *Cpu) MemMap(addr, size uint64, prot int) error

func (*Cpu) MemProt 

func (u *Cpu) MemProt(addr, size uint64, prot int) error

func (*Cpu) MemRegions 

func (u *Cpu) MemRegions() ([]*uc.MemRegion, error)

type FileDesc 

type FileDesc struct {
	Name string
	Off  uint64
	Len  uint64
}

type InstructionHook 

type InstructionHook func()

InstructionHook is used to hook instructions

type InterruptHook 

type InterruptHook func(intno uint32)

InterruptHook is used to hook interrupts

type MemErrHook 

type MemErrHook func(access int, addr uint64, size int, val int64) bool

MemErrHook is used to hook memory access errors

type MemError 

type MemError struct {
	Addr uint64
	Size int
	Enum int
}

func (*MemError) Error 

func (m *MemError) Error() string

type MemHook 

type MemHook func(access int, addr uint64, size int, val int64)

MemHook is used to hook memory access (read/write)

type MemSim 

type MemSim struct {
	Mem Pages
}

func (*MemSim) Map 

func (m *MemSim) Map(addr, size uint64, prot int, zero bool) *Page

Maps <addr> - <addr>+<size> and protects with prot. If zero is false, it first copies any existing data in this range to the new mapping. Any overlapping regions will be unmapped, then then the mapping list will be sorted by address to allow binary search and simpler reads / bound checks.

func (*MemSim) Prot 

func (m *MemSim) Prot(addr, size uint64, prot int)

this is *exactly* unmap, but the "middle" pages of each split are re-protected

func (*MemSim) RangeValid 

func (m *MemSim) RangeValid(addr, size uint64, prot int) (mapGood bool, protGood bool)

Checks whether the address range exists in the currently-mapped memory. If prot > 0, ensures that each region has the entire protection mask provided.

func (*MemSim) Read 

func (m *MemSim) Read(addr uint64, p []byte, prot int) error

TODO: allow partial reads, and return amount read? alternatively, return the offset that failed so they can retry

func (*MemSim) Unmap 

func (m *MemSim) Unmap(addr, size uint64)

func (*MemSim) Write 

func (m *MemSim) Write(addr uint64, p []byte, prot int) error

TODO: allow partial writes on error, and return amount read? alternatively, return the offset that failed so they can retry

type Page 

type Page struct {
	Addr uint64
	Size uint64
	Prot int
	Data []byte

	Desc string
	File *FileDesc
}

func (*Page) Contains 

func (p *Page) Contains(addr uint64) bool

func (*Page) Intersect 

func (p *Page) Intersect(addr, size uint64) (uint64, uint64, bool)

start = max(s1, s2), end = min(e1, e2), ok = end > start

func (*Page) Overlaps 

func (p *Page) Overlaps(addr, size uint64) bool

func (*Page) Slice 

func (p *Page) Slice(addr, size uint64) *Page

// how to slice a page off1 len1 addr1 | size1 | | | [ page ] [ ] [ [ slice ] ] 

|       |
addr2   size2
off2    len2

delta = addr2 - addr1 

if delta < len1 {
    len2 = len1 - delta
    off2 = off1 + delta
}

func (*Page) Split 

func (p *Page) Split(addr, size uint64) (left, right *Page)

// how to split a page, simple edition // laddr rsize | lsize raddr | [------|----page---|-------] [-left-][---mid---][-right-] | | | | | addr size | paddr psize

laddr = paddr lsize = addr - paddr

raddr = addr + size rsize = (paddr + psize) - raddr

// how to split a page, overlap edition // addr size | | [--------mid---------] 

[--page--]
|        |
paddr    psize

pad(addr, paddr - addr, 0) pend = paddr + psize pad(pend, size - pend, 0)

func (*Page) String 

func (p *Page) String() string

func (*Page) Write 

func (pg *Page) Write(addr uint64, p []byte)

type Pages 

type Pages []*Page

func (Pages) Find 

func (p Pages) Find(addr uint64) *Page

func (Pages) FindRange 

func (p Pages) FindRange(start, size uint64) []*Page

func (Pages) Len 

func (p Pages) Len() int

func (Pages) Less 

func (p Pages) Less(i, j int) bool

func (Pages) String 

func (p Pages) String() string

func (Pages) Swap 

func (p Pages) Swap(i, j int)

type Regs 

type Regs struct {
	// contains filtered or unexported fields
}

implements register and context methods conforming to cpu.Cpu TODO: maps are slow. []uint64 would be faster, but enum lookups would require a second []bool (to check if an enum is valid) and the array size could become very large if someone uses a large enum another option would be to switch between map and array based on max enum and yet another would be to reject too-large enums (force uint16 in initialization?)

func NewRegs 

func NewRegs(bits uint, enums []int) *Regs

func (*Regs) ContextRestore 

func (r *Regs) ContextRestore(ctx interface{}) error

func (*Regs) ContextSave 

func (r *Regs) ContextSave(reuse interface{}) (interface{}, error)

handling ContextSave in the register file either requires you to store important cpu state (like flags) in registers or wrap ContextSave/ContextRestore with your own functions

func (*Regs) RegRead 

func (r *Regs) RegRead(enum int) (uint64, error)

func (*Regs) RegWrite 

func (r *Regs) RegWrite(enum int, val uint64) error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.