diff options
author | Jon Medhurst <tixy@yxit.co.uk> | 2011-07-02 11:13:29 -0400 |
---|---|---|
committer | Tixy <tixy@medhuaa1.miniserver.com> | 2011-07-13 13:32:44 -0400 |
commit | fd0c8d8a48c57cb8a3f1fbbe46a2b208b57ff477 (patch) | |
tree | bbd1a7e1064a7e0be52ed8ba7cb2fab3a5c1d820 /arch/arm/kernel/kprobes-thumb.c | |
parent | 32818f31f8ed811ea7ef924f24642580a63a7c85 (diff) |
ARM: kprobes: Decode 16-bit Thumb PUSH and POP instructions
These instructions are equivalent to
stmdb sp!,{r0-r7,lr}
ldmdb sp!,{r0-r7,pc}
and we emulate them by transforming them into the 32-bit Thumb
instructions
stmdb r9!,{r0-r7,r8}
ldmdb r9!,{r0-r7,r8}
This is simpler, and almost certainly executes faster, than writing
simulation functions.
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
Diffstat (limited to 'arch/arm/kernel/kprobes-thumb.c')
-rw-r--r-- | arch/arm/kernel/kprobes-thumb.c | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/arch/arm/kernel/kprobes-thumb.c b/arch/arm/kernel/kprobes-thumb.c index a5bdb2dc39e7..e0289493b4c6 100644 --- a/arch/arm/kernel/kprobes-thumb.c +++ b/arch/arm/kernel/kprobes-thumb.c | |||
@@ -187,6 +187,87 @@ t16_decode_hiregs(kprobe_opcode_t insn, struct arch_specific_insn *asi) | |||
187 | return INSN_GOOD; | 187 | return INSN_GOOD; |
188 | } | 188 | } |
189 | 189 | ||
190 | static void __kprobes | ||
191 | t16_emulate_push(struct kprobe *p, struct pt_regs *regs) | ||
192 | { | ||
193 | __asm__ __volatile__ ( | ||
194 | "ldr r9, [%[regs], #13*4] \n\t" | ||
195 | "ldr r8, [%[regs], #14*4] \n\t" | ||
196 | "ldmia %[regs], {r0-r7} \n\t" | ||
197 | "blx %[fn] \n\t" | ||
198 | "str r9, [%[regs], #13*4] \n\t" | ||
199 | : | ||
200 | : [regs] "r" (regs), [fn] "r" (p->ainsn.insn_fn) | ||
201 | : "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", | ||
202 | "lr", "memory", "cc" | ||
203 | ); | ||
204 | } | ||
205 | |||
206 | static enum kprobe_insn __kprobes | ||
207 | t16_decode_push(kprobe_opcode_t insn, struct arch_specific_insn *asi) | ||
208 | { | ||
209 | /* | ||
210 | * To simulate a PUSH we use a Thumb-2 "STMDB R9!, {registers}" | ||
211 | * and call it with R9=SP and LR in the register list represented | ||
212 | * by R8. | ||
213 | */ | ||
214 | ((u16 *)asi->insn)[0] = 0xe929; /* 1st half STMDB R9!,{} */ | ||
215 | ((u16 *)asi->insn)[1] = insn & 0x1ff; /* 2nd half (register list) */ | ||
216 | asi->insn_handler = t16_emulate_push; | ||
217 | return INSN_GOOD; | ||
218 | } | ||
219 | |||
220 | static void __kprobes | ||
221 | t16_emulate_pop_nopc(struct kprobe *p, struct pt_regs *regs) | ||
222 | { | ||
223 | __asm__ __volatile__ ( | ||
224 | "ldr r9, [%[regs], #13*4] \n\t" | ||
225 | "ldmia %[regs], {r0-r7} \n\t" | ||
226 | "blx %[fn] \n\t" | ||
227 | "stmia %[regs], {r0-r7} \n\t" | ||
228 | "str r9, [%[regs], #13*4] \n\t" | ||
229 | : | ||
230 | : [regs] "r" (regs), [fn] "r" (p->ainsn.insn_fn) | ||
231 | : "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r9", | ||
232 | "lr", "memory", "cc" | ||
233 | ); | ||
234 | } | ||
235 | |||
236 | static void __kprobes | ||
237 | t16_emulate_pop_pc(struct kprobe *p, struct pt_regs *regs) | ||
238 | { | ||
239 | register unsigned long pc asm("r8"); | ||
240 | |||
241 | __asm__ __volatile__ ( | ||
242 | "ldr r9, [%[regs], #13*4] \n\t" | ||
243 | "ldmia %[regs], {r0-r7} \n\t" | ||
244 | "blx %[fn] \n\t" | ||
245 | "stmia %[regs], {r0-r7} \n\t" | ||
246 | "str r9, [%[regs], #13*4] \n\t" | ||
247 | : "=r" (pc) | ||
248 | : [regs] "r" (regs), [fn] "r" (p->ainsn.insn_fn) | ||
249 | : "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r9", | ||
250 | "lr", "memory", "cc" | ||
251 | ); | ||
252 | |||
253 | bx_write_pc(pc, regs); | ||
254 | } | ||
255 | |||
256 | static enum kprobe_insn __kprobes | ||
257 | t16_decode_pop(kprobe_opcode_t insn, struct arch_specific_insn *asi) | ||
258 | { | ||
259 | /* | ||
260 | * To simulate a POP we use a Thumb-2 "LDMDB R9!, {registers}" | ||
261 | * and call it with R9=SP and PC in the register list represented | ||
262 | * by R8. | ||
263 | */ | ||
264 | ((u16 *)asi->insn)[0] = 0xe8b9; /* 1st half LDMIA R9!,{} */ | ||
265 | ((u16 *)asi->insn)[1] = insn & 0x1ff; /* 2nd half (register list) */ | ||
266 | asi->insn_handler = insn & 0x100 ? t16_emulate_pop_pc | ||
267 | : t16_emulate_pop_nopc; | ||
268 | return INSN_GOOD; | ||
269 | } | ||
270 | |||
190 | static const union decode_item t16_table_1011[] = { | 271 | static const union decode_item t16_table_1011[] = { |
191 | /* Miscellaneous 16-bit instructions */ | 272 | /* Miscellaneous 16-bit instructions */ |
192 | 273 | ||
@@ -209,6 +290,11 @@ static const union decode_item t16_table_1011[] = { | |||
209 | DECODE_REJECT (0xffc0, 0xba80), | 290 | DECODE_REJECT (0xffc0, 0xba80), |
210 | DECODE_EMULATE (0xf500, 0xb000, t16_emulate_loregs_rwflags), | 291 | DECODE_EMULATE (0xf500, 0xb000, t16_emulate_loregs_rwflags), |
211 | 292 | ||
293 | /* PUSH 1011 010x xxxx xxxx */ | ||
294 | DECODE_CUSTOM (0xfe00, 0xb400, t16_decode_push), | ||
295 | /* POP 1011 110x xxxx xxxx */ | ||
296 | DECODE_CUSTOM (0xfe00, 0xbc00, t16_decode_pop), | ||
297 | |||
212 | /* | 298 | /* |
213 | * If-Then, and hints | 299 | * If-Then, and hints |
214 | * 1011 1111 xxxx xxxx | 300 | * 1011 1111 xxxx xxxx |