Add initial anal.bpf.cs plugin + disasm tests ##arch

2025-02-26 17:15:38 +00:00 · 2022-06-03 01:35:05 +02:00 · 2022-06-03 01:35:05 +02:00 · 4162fe8079
commit 4162fe8079
parent 9bf310203a
11 changed files with 217 additions and 1 deletions
--- a/dist/plugins-cfg/plugins.def.cfg
+++ b/dist/plugins-cfg/plugins.def.cfg
@ -9,6 +9,7 @@ anal.jdh8
 anal.avr
 anal.i4004
 anal.bf
+anal.bpf_cs
 anal.chip8
 anal.cr16
 anal.cris
--- a/libr/anal/meson.build
+++ b/libr/anal/meson.build
@ -51,6 +51,7 @@ r_anal_sources = [
  join_paths('p','anal_arm_gnu.c'),
  join_paths('p','anal_avr.c'),
  join_paths('p','anal_bf.c'),
+  join_paths('p','anal_bpf_cs.c'),
  join_paths('p','anal_chip8.c'),
  join_paths('p','anal_cr16.c'),
  join_paths('p','anal_cris.c'),
--- a/libr/anal/p/Makefile
+++ b/libr/anal/p/Makefile
@ -12,7 +12,7 @@ all: ${ALL_TARGETS}

 ALL_TARGETS=
 # TODO: rename to enabled plugins
-ARCHS=null.mk arc.mk ppc_gnu.mk ppc_cs.mk arm_gnu.mk avr.mk xap.mk dalvik.mk sh.mk ebc.mk gb.mk malbolge.mk ws.mk h8300.mk cr16.mk v850.mk v850_np.mk msp430.mk sparc_gnu.mk sparc_cs.mk x86_cs.mk cris.mk 6502.mk snes.mk riscv.mk vax.mk xtensa.mk rsp.mk mcore.mk tricore.mk s390_cs.mk
+ARCHS=null.mk arc.mk ppc_gnu.mk ppc_cs.mk arm_gnu.mk avr.mk xap.mk bpf.mk dalvik.mk sh.mk ebc.mk gb.mk malbolge.mk ws.mk h8300.mk cr16.mk v850.mk v850_np.mk msp430.mk sparc_gnu.mk sparc_cs.mk x86_cs.mk cris.mk 6502.mk snes.mk riscv.mk vax.mk xtensa.mk rsp.mk mcore.mk tricore.mk s390_cs.mk
 include $(ARCHS)

 clean:
--- a/libr/anal/p/anal_bpf_cs.c
+++ b/libr/anal/p/anal_bpf_cs.c
@ -0,0 +1,84 @@
+/* radare2 - LGPL - Copyright 2022 - terorie */
+
+#include <r_anal.h>
+#include <r_lib.h>
+
+#include <capstone/capstone.h>
+#if CS_API_MAJOR >= 5
+
+static R_TH_LOCAL csh cd = 0;
+
+static int analop(RAnal *a, RAnalOp *op, ut64 addr, const ut8 *buf, int len, RAnalOpMask mask) {
+	static R_TH_LOCAL csh handle = 0;
+	static R_TH_LOCAL int omode = -1;
+	static R_TH_LOCAL int obits = 32;
+	cs_insn *insn = NULL;
+	int mode = (a->config->bits == 32)? CS_MODE_BPF_CLASSIC: CS_MODE_BPF_EXTENDED;
+	int n, ret;
+	mode |= (a->config->big_endian)? CS_MODE_BIG_ENDIAN: CS_MODE_LITTLE_ENDIAN;
+	if (mode != omode || a->config->bits != obits) {
+		if (handle != 0) {
+			cs_close (&handle);
+			handle = 0; // unnecessary
+		}
+		omode = mode;
+		obits = a->config->bits;
+	}
+	op->size = 8;
+	op->addr = addr;
+	if (handle == 0) {
+		ret = cs_open (CS_ARCH_BPF, mode, &handle);
+		if (ret != CS_ERR_OK) {
+			handle = 0;
+			return -1;
+		}
+	}
+
+	n = cs_disasm (handle, (ut8*)buf, len, addr, 1, &insn);
+	if (n < 1) {
+		op->type = R_ANAL_OP_TYPE_ILL;
+		if (mask & R_ANAL_OP_MASK_DISASM) {
+			op->mnemonic = strdup ("invalid");
+		}
+	} else {
+		if (mask & R_ANAL_OP_MASK_DISASM) {
+			op->mnemonic = r_str_newf ("%s%s%s",
+				insn->mnemonic,
+				insn->op_str[0]? " ": "",
+				insn->op_str);
+		}
+		op->size = insn->size;
+		op->id = insn->id;
+		cs_free (insn, n);
+	}
+	return op->size;
+}
+
+RAnalPlugin r_anal_plugin_bpf_cs = {
+	.name = "bpf.cs",
+	.desc = "Capstone BPF arch plugin",
+	.license = "BSD",
+	.author = "terorie",
+	.arch = "bpf",
+	.endian = R_SYS_ENDIAN_LITTLE | R_SYS_ENDIAN_BIG,
+	.bits = 32 | 64,
+	.op = &analop,
+};
+
+#ifndef R2_PLUGIN_INCORE
+R_API RLibStruct radare_plugin = {
+	.type = R_LIB_TYPE_ANAL,
+	.data = &r_anal_plugin_bpf_cs,
+	.version = R2_VERSION
+};
+#endif
+
+#else
+RAnalPlugin r_anal_plugin_bpf_cs = {0};
+#ifndef R2_PLUGIN_INCORE
+R_API RLibStruct radare_plugin = {
+	.type = R_LIB_TYPE_ANAL,
+	.version = R2_VERSION
+};
+#endif
+#endif
--- a/libr/anal/p/bpf_cs.mk
+++ b/libr/anal/p/bpf_cs.mk
@ -0,0 +1,12 @@
+OBJ_BPF_CS=anal_bpf_cs.o
+
+include $(CURDIR)capstone.mk
+
+STATIC_OBJ+=$(OBJ_BPF_CS)
+TARGET_BPF_CS=anal_bpf_cs.${EXT_SO}
+
+ALL_TARGETS+=${TARGET_BPF_CS}
+
+${TARGET_BPF_CS}: ${OBJ_BPF_CS}
+	${CC} ${CFLAGS} $(call libname,anal_bpf_cs) $(CS_CFLAGS) \
+		-o anal_bpf_cs.${EXT_SO} ${OBJ_BPF_CS} $(CS_LDFLAGS)
--- a/libr/bin/format/elf/elf.c
+++ b/libr/bin/format/elf/elf.c
@ -2121,6 +2121,7 @@ char* Elf_(r_bin_elf_get_arch)(ELFOBJ *bin) {
 	case EM_AVR: return strdup ("avr");
 	case EM_BA2_NON_STANDARD:
 	case EM_BA2: return strdup ("ba2");
+	case EM_BPF: return strdup ("bpf");
 	case EM_CRIS: return strdup ("cris");
 	case EM_68K: return strdup ("m68k");
 	case EM_MIPS:
@ -2397,6 +2398,7 @@ char* Elf_(r_bin_elf_get_machine_name)(ELFOBJ *bin) {
 	case EM_FT32:          return strdup ("FTDI Chip FT32 high performance 32-bit RISC architecture");
 	case EM_MOXIE:         return strdup ("Moxie processor family");
 	case EM_AMDGPU:        return strdup ("AMD GPU architecture");
+	case EM_BPF:           return strdup ("Berkeley Packet Filter");
 	case EM_LOONGARCH:     return strdup ("Loongson Loongarch");

 	default:             return r_str_newf ("<unknown>: 0x%x", bin->ehdr.e_machine);
--- a/libr/include/r_anal.h
+++ b/libr/include/r_anal.h
@ -2228,6 +2228,7 @@ extern RAnalPlugin r_anal_plugin_arm_cs;
 extern RAnalPlugin r_anal_plugin_arm_gnu;
 extern RAnalPlugin r_anal_plugin_avr;
 extern RAnalPlugin r_anal_plugin_bf;
+extern RAnalPlugin r_anal_plugin_bpf_cs;
 extern RAnalPlugin r_anal_plugin_chip8;
 extern RAnalPlugin r_anal_plugin_cr16;
 extern RAnalPlugin r_anal_plugin_cris;
--- a/libr/include/r_types.h
+++ b/libr/include/r_types.h
@ -647,6 +647,7 @@ typedef enum {
 	R_SYS_ARCH_LM32,
 	R_SYS_ARCH_RISCV,
 	R_SYS_ARCH_ESIL,
+	R_SYS_ARCH_BPF,
 } RSysArch;

 #define MONOTONIC_LINUX (__linux__ && _POSIX_C_SOURCE >= 199309L)
--- a/libr/util/sys.c
+++ b/libr/util/sys.c
@ -136,6 +136,7 @@ static const struct {const char* name; ut64 bit;} arch_bit_array[] = {
    {"rar", R_SYS_ARCH_RAR},
    {"lm32", R_SYS_ARCH_LM32},
    {"v850", R_SYS_ARCH_V850},
+    {"bpf", R_SYS_ARCH_BPF},
    {NULL, 0}
 };

--- a/test/db/asm/bpf_32
+++ b/test/db/asm/bpf_32
@ -0,0 +1,3 @@
+d "ldb [0x0]" 3000000000000000
+d "ldh [0x2]" 2800000002000000
+d "ld [0x4]" 2000000004000000
--- a/test/db/asm/bpf_64
+++ b/test/db/asm/bpf_64
@ -0,0 +1,110 @@
+d "ldb [0x0]" 3000000000000000
+d "ldh [0x2]" 2800000002000000
+d "ldw [0x4]" 2000000004000000
+
+d "ldb [r0]" 5000000000000000
+d "ldh [r1]" 4810000000000000
+d "ldw [r2]" 4020000000000000
+
+d "lddw 0xffffffff" 18090000ffffffff0000000000000000
+d "lddw 0x1ffffffff" 18090000ffffffff0000000001000000
+d "lddw 0x200000001" 18000000010000000000000002000000
+d "lddw 0x0" 18090000000000000000000000000000
+
+d "ldxb r5, [r0]" 7105000000000000
+d "ldxh r6, [r1+0x8]" 6916080000000000
+d "ldxw r7, [r2+0x10]" 6127100000000000
+
+d "stxb [r0], r7" 7370000000000000
+d "stxh [r1+0x8], r8" 6b81080000000000
+d "stxw [r2+0x10], r9" 6392100000000000
+
+d "xaddw [r2+0x10], r9" c392100000000000
+
+d "jmp +0x1b" 05001b0000000000
+d "call 0x1" 8500000001000000
+d "exit" 9500000000000000
+
+d "jeq r0, r1, +0x18" 1d10180000000000
+d "jne r3, r4, +0x17" 5d43170000000000
+
+d "jgt r1, r2, +0x16" 2d21160000000000
+d "jge r2, r3, +0x15" 3d32150000000000
+d "jsgt r4, r5, +0x14" 6d54140000000000
+d "jsge r5, r6, +0x13" 7d65130000000000
+
+d "jlt r6, r7, +0x12" ad76120000000000
+d "jle r7, r8, +0x11" bd87110000000000
+d "jslt r8, r9, +0x10" cd98100000000000
+d "jsle r9, r10, +0xf" dda90f0000000000
+
+d "jeq r0, 0x0, +0xe" 15000e0000000000
+d "jne r3, 0xffffffff, +0xd" 55030d00ffffffff
+
+d "jgt r1, 0x40, +0xc" 25010c0040000000
+d "jge r2, 0xffffffff, +0xb" 35020b00ffffffff
+d "jsgt r4, 0xffffffff, +0xa" 65040a00ffffffff
+d "jsge r5, 0x7fffffff, +0x9" 75050900ffffff7f
+
+d "jlt r6, 0xff, +0x8" a5060800ff000000
+d "jle r7, 0xffff, +0x7" b5070700ffff0000
+d "jslt r8, 0x0, +0x6" c508060000000000
+d "jsle r9, 0xffffffff, +0x5" d5090500ffffffff
+
+d "add64 r0, r1" 0f10000000000000
+d "sub64 r1, r2" 1f21000000000000
+d "mul64 r2, r3" 2f32000000000000
+d "div64 r3, r4" 3f43000000000000
+d "mod64 r4, r5" 9f54000000000000
+
+d "neg64 r2" 8702000000000000
+d "or64 r4, r5" 4f54000000000000
+d "and64 r5, r6" 5f65000000000000
+d "lsh64 r6, r7" 6f76000000000000
+d "rsh64 r7, r8" 7f87000000000000
+d "xor64 r8, r9" af98000000000000
+d "mov64 r9, r10" bfa9000000000000
+
+d "be16 r1" dc01000010000000
+d "be32 r2" dc02000020000000
+d "be64 r3" dc03000040000000
+
+d "add64 r0, 0x1" 0700000001000000
+d "sub64 r1, 0x1" 1701000001000000
+d "mul64 r2, 0xfffffffc" 27020000fcffffff
+d "div64 r3, 0x5" 3703000005000000
+d "mod64 r4, 0x5" 9704000005000000
+
+d "or64 r4, 0xff" 47040000ff000000
+d "and64 r5, 0xff" 57050000ff000000
+d "lsh64 r6, 0x3f" 670600003f000000
+d "rsh64 r7, 0x20" 7707000020000000
+d "xor64 r8, 0x0" a708000000000000
+d "mov64 r9, 0x1" b709000001000000
+d "mov64 r9, 0xffffffff" b7090000ffffffff
+
+d "neg r1" 8401000000000000
+d "add r0, r1" 0c10000000000000
+d "sub r1, r2" 1c21000000000000
+d "mul r2, r3" 2c32000000000000
+d "div r3, r4" 3c43000000000000
+
+d "or r4, r5" 4c54000000000000
+d "and r5, r6" 5c65000000000000
+d "lsh r6, r7" 6c76000000000000
+d "rsh r7, r8" 7c87000000000000
+d "xor r8, r9" ac98000000000000
+d "mov r9, r10" bca9000000000000
+
+d "add r0, 0x1" 0400000001000000
+d "sub r1, 0x1" 1401000001000000
+d "mul r2, 0xfffffffc" 24020000fcffffff
+d "div r3, 0x5" 3403000005000000
+
+d "or r4, 0xff" 44040000ff000000
+d "and r5, 0xff" 54050000ff000000
+d "lsh r6, 0x3f" 640600003f000000
+d "rsh r7, 0x20" 7407000020000000
+d "xor r8, 0x0" a408000000000000
+d "mov r9, 0x1" b409000001000000
+d "mov r9, 0xffffffff" b4090000ffffffff