Add more priviledged arm64 instruction types and opcode descriptions

2025-02-26 09:06:02 +00:00 · 2018-01-08 11:21:48 +01:00 · 2018-01-08 11:21:48 +01:00 · 6b00784cb1
commit 6b00784cb1
parent 6379d18894
3 changed files with 37 additions and 2 deletions
--- a/libr/anal/op.c
+++ b/libr/anal/op.c
@ -219,6 +219,7 @@ R_API const char *r_anal_optype_to_string(int t) {
 	case R_ANAL_OP_TYPE_IO    : return "io";
 	case R_ANAL_OP_TYPE_ACMP  : return "acmp";
 	case R_ANAL_OP_TYPE_ADD   : return "add";
+	case R_ANAL_OP_TYPE_SYNC  : return "sync";
 	case R_ANAL_OP_TYPE_AND   : return "and";
 	case R_ANAL_OP_TYPE_CALL  : return "call";
 	case R_ANAL_OP_TYPE_CCALL : return "ccall";
--- a/libr/anal/p/anal_arm_cs.c
+++ b/libr/anal/p/anal_arm_cs.c
@ -906,12 +906,28 @@ static int analop64_esil(RAnal *a, RAnalOp *op, ut64 addr, const ut8 *buf, int l
 		r_strbuf_setf (&op->esil, "%s,%s,*,%s,-,%s,=",
 			REG64 (2), REG64 (1), REG64 (3), REG64 (0));
 		break;
+	case ARM64_INS_UBFX: // Unsigned bitfield extract.
+	case ARM64_INS_UXTW:
+	case ARM64_INS_UBFM:
+	case ARM64_INS_UBFIZ:
+		op->type = R_ANAL_OP_TYPE_MOV;
+		break;
 	case ARM64_INS_DMB:
 	case ARM64_INS_DSB:
 	case ARM64_INS_ISB:
-		op->type = R_ANAL_OP_TYPE_SYNC;
+	case ARM64_INS_IC: // instruction cache invalidate
+	case ARM64_INS_DC: // data cache invalidate
+		op->type = R_ANAL_OP_TYPE_SYNC; // or cache
+		break;
+	case ARM64_INS_CLS: // Count leading sign bits.
+	case ARM64_INS_CLZ: // Count leading zero bits.
+		op->type = R_ANAL_OP_TYPE_MOV; // XXX
+		break;
+	case ARM64_INS_BIC:
+		op->type = R_ANAL_OP_TYPE_MOV;
 		break;
 	case ARM64_INS_ADD:
+	case ARM64_INS_ADC: // Add with carry.
 		op->cycles = 1;
 		op->type = R_ANAL_OP_TYPE_ADD;
 		OPCALL("+");
@ -1293,6 +1309,9 @@ static int analop64_esil(RAnal *a, RAnalOp *op, ut64 addr, const ut8 *buf, int l
 	case ARM64_INS_RET:
 		r_strbuf_setf (&op->esil, "lr,pc,=");
 		break;
+	case ARM64_INS_ERET:
+		r_strbuf_setf (&op->esil, "lr,pc,=");
+		break;
 	case ARM64_INS_BFI: // bfi w8, w8, 2, 1
 	case ARM64_INS_BFXIL:
 	{
@ -2225,6 +2244,10 @@ static void anop64 (csh handle, RAnalOp *op, cs_insn *insn) {
 			}
 		}
 		break;
+	case ARM64_INS_ERET:
+		op->type = R_ANAL_OP_TYPE_RET;
+		op->family = R_ANAL_OP_FAMILY_PRIV;
+		break;
 	case ARM64_INS_RET:
 		op->type = R_ANAL_OP_TYPE_RET;
 		break;
--- a/libr/asm/d/arm.sdb.txt
+++ b/libr/asm/d/arm.sdb.txt
@ -14,7 +14,6 @@ beq=branches if equal (see 'b') Z is set
 bge=branch if N clear and V clear
 bgt=branch if Z, N and V clear
 bhi=branch if C set and Z clear
-bic=logical bit clear
 bl=branches and link, similar to call in i386, set lr(r14) = pc, changes pc (r15) )
 ble=branch if (Z || (N && V)) or !N && V) or !N && V
 bls=branch if C clear or Z set
@ -102,10 +101,12 @@ uxth=extracts bits[15:0] and zero extends to 32 bits.
 sxth=extracts bits[15:0] and sign extends to 32 bits.
 uxtb=extracts bits[7:0] and zero extends to 32 bits.
 sxtb=extracts bits[7:0] and sign extends to 32 bits.
+sxtw=signed extend word
 pop=load N elements from stack into given registers
 vldmia=vector load memory into paired registers
 pop.w=load N words from stack into registers
 it=if then
+bic=logical bit clear
 bics=Bitwise bit clear (shifted register), setting the condition flags.
 bics.w=word bitwise bit clear and update flags
 udiv=unsigned division
@ -120,3 +121,13 @@ uxtb.w=zero textend word and add, extend to 32bit value
 wfi=wait for interrupt
 wfe=wait for event
 yield=alias for hint instructrion
+dc=data cache operation (alias of sys)
+ic=instruction cache operation (alias of sys)
+dsb=data synchronization barrier.
+isb=instruction synchronization barrier.
+lsl=logical shift left
+lsr=logical shift right
+movz=move shifted 16-bit immediate to register.
+hlt=external debug breakpoint.
+hvc=hypervisor call
+eret=return from exception