Skip to content

Extending the Parser to handle other Spectre versions and endbr instructions #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
XFabian wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Extending the Parser to handle other Spectre versions and endbr instructions #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions src/gas_parser.pl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,8 @@
process_directive('.asciz', direc(cons, String)).
process_directive('.ascii', direc(cons, String)) -->
blanks, string(String), ignore_rest.

process_directive('.quad', direc(init, label(Name))) --> blanks, idcodes(Cs), { atom_codes(Name, Cs) }, ignore_rest, !.
% Its not a label. its an identifier to a label similar to instruction
% TODO: how to process?
process_directive('.bss', '#') --> ignore_rest.
process_directive('.data', '#') --> ignore_rest.
Expand All @@ -223,7 +224,7 @@
skip_directive('.cfi_def_cfa').
skip_directive('.cfi_def_cfa_offset').
skip_directive('.cfi_def_cfa_register').
skip_directive('.quad').
%skip_directive('.quad').
skip_directive('.local').
skip_directive('.uleb128'). % TODO: Generate number unsigned
skip_directive('.sleb128'). % TODO: Generate signed number
Expand Down
3 changes: 3 additions & 0 deletions src/x86_table.pl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,9 @@
ins(lfence, o, 0, spbarr).
ins(mfence, o, 0, spbarr). % TODO: Different memory fence ?
ins(sfence, o, 0, spbarr). % TODO: Different store fence ?
% Intel CET endbr32 and endbr64 instructions
ins(endbr32, o, 0, endbr).
ins(endbr64, o, 0, endbr).
ins(leave, o, 0, leave).
ins(clflush, o, 0, clflush).
% ins(bt, o, 2, skip). % TODO: Set the carry flag to the select bit (2 operands)
Expand Down
23 changes: 19 additions & 4 deletions src/x86_to_muasm.pl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,16 @@
( Ign = true -> H = H1, M1 = M0 % TODO: wrong!
; fill_mem([N], InitMem, H1, H, M1, M0)
).
% If labels are written to memory. Happens for example for a jump table
% Set_mem is used because load(ax,8+jump_table). Notice the idx into the table is 8. Next would be 16. If we use
% fill_mem without specifying where to start, there would be a mismatch. So we just fill the whole memory for 8 bytes
% Since this is generated from quads directive this should generally be fine
emit_(direc(init, label(Id)), Xs, Dic, (Name, Ign), IgnNames, InitMem, (H0, H1, H2), memlocs(M0,A), MemLocs) :=
~emit(Xs, Dic, (Name, Ign), IgnNames, InitMem, (H0 ,H, H2), memlocs(M1,A), MemLocs) :- !,
( Ign = true -> H = H1, M1 = M0 % TODO: wrong!
; set_mem(8, Id, InitMem, H1, H, M1, M0)%, fill_mem([Id], InitMem, H1, H, M1, M0)
).

emit_(direc(cons, Values), Xs, Dic, (Name, Ign), IgnNames, InitMem, (H0, H1, H2), memlocs(M0, A), MemLocs) :=
~emit(Xs, Dic, (Name, Ign), IgnNames, InitMem, (H0, H, H2), memlocs(M1, A), MemLocs) :- !,
( Ign = true -> H = H1, M1 = M0 % TODO: wrong!
Expand All @@ -106,6 +116,9 @@

% Translate one instruction (or label)
tr_ins(symbol(N)) := symbol(N).
% For a label in memory
tr_ins(direc(init, label(Label0))) := R :- !, R = [lookup_label(Label0, Label), direc(init, label(Label))],
assertz_fact(label(Label0)).
tr_ins(direc(A, N)) := direc(A, N).
tr_ins(symbol_direc(A, N)) := symbol_direc(A, N).
tr_ins(label_ins(Label0,Ins_x86)) := R :- !, R = ~append(~tr_ins(label(Label0)), ~tr_ins(Ins_x86)).
Expand Down Expand Up @@ -244,11 +257,11 @@
tr_in([A],[A1],R,R0),
R0 = [load(A1, sp/\ (~spmask)), (sp<-sp+8)].
% Return from call
tr_ins_(ret, [void]) := R :- !, R = [~tr_ins_(pop, [tmp]), jmp(tmp)].
tr_ins_(ret, [0]) := R :- !, R = [~tr_ins_(pop, [tmp]), jmp(tmp)].
tr_ins_(ret, []) := R :- !, R = [~tr_ins_(pop, [tmp]), jmp(tmp)].
tr_ins_(ret, [void]) := R :- !, R = [retstart, ~tr_ins_(pop, [tmp]), jmp(tmp)].
tr_ins_(ret, [0]) := R :- !, R = [retstart, ~tr_ins_(pop, [tmp]), jmp(tmp)].
tr_ins_(ret, []) := R :- !, R = [retstart, ~tr_ins_(pop, [tmp]), jmp(tmp)].
% Do a call % TODO: Support if a register is given, by jumping to the number that it points to
tr_ins_(call, [A]) := R :- !, R = [~tr_ins_(push, [pc+2]), ~tr_ins_(jmp, [A])].
tr_ins_(call, [A]) := R :- !, R = [callstart, ~tr_ins_(push, [pc+2]), ~tr_ins_(jmp, [A])].
% Restore stack pointer from BP and pop BP
tr_ins_(leave, []) := R :- !, R = [(sp <- bp), ~tr_ins_(pop, [bp])].
%
Expand All @@ -258,6 +271,8 @@
tr_ins_(skip, []) := skip :- !.
% Speculative barrier
tr_ins_(spbarr, []) := spbarr :- !.
% Endbranch instruction
tr_ins_(endbr, []) := endbr :- !.
% Stop
tr_ins_(stop_ins, []) := stop_ins :- !.
% Jump (to a register or label)
Expand Down