Data Structures |
| struct | binary_stream |
| | A stream of X86 binary code. More...
|
| struct | JIT_BPF_Filter |
| | Structure describing a x86 filtering program created by the jitter. More...
|
Defines |
| #define | EAX 0 |
| #define | ECX 1 |
| #define | EDX 2 |
| #define | EBX 3 |
| #define | ESP 4 |
| #define | EBP 5 |
| #define | ESI 6 |
| #define | EDI 7 |
| #define | AX 0 |
| #define | CX 1 |
| #define | DX 2 |
| #define | BX 3 |
| #define | SP 4 |
| #define | BP 5 |
| #define | SI 6 |
| #define | DI 7 |
| #define | AL 0 |
| #define | CL 1 |
| #define | DL 2 |
| #define | BL 3 |
| #define | MOVid(r32, i32) emitm(&stream, 11 << 4 | 1 << 3 | r32 & 0x7, 1); emitm(&stream, i32, 4); |
| | mov r32,i32
|
| #define | MOVrd(dr32, sr32) emitm(&stream, 8 << 4 | 3 | 1 << 3, 1); emitm(&stream, 3 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1); |
| | mov dr32,sr32
|
| #define | MOVodd(dr32, sr32, off) |
| | mov dr32,sr32[off]
|
| #define | MOVobd(dr32, sr32, or32) |
| | mov dr32,sr32[or32]
|
| #define | MOVobw(dr32, sr32, or32) |
| | mov dr16,sr32[or32]
|
| #define | MOVobb(dr8, sr32, or32) |
| | mov dr8,sr32[or32]
|
| #define | MOVomd(dr32, or32, sr32) |
| | mov [dr32][or32],sr32
|
| #define | BSWAP(dr32) |
| | bswap dr32
|
| #define | SWAP_AX() |
| | xchg al,ah
|
| #define | PUSH(r32) emitm(&stream, 5 << 4 | 0 << 3 | r32 & 0x7, 1); |
| | push r32
|
| #define | POP(r32) emitm(&stream, 5 << 4 | 1 << 3 | r32 & 0x7, 1); |
| | pop r32
|
| #define | RET() emitm(&stream, 12 << 4 | 0 << 3 | 3, 1); |
| | ret
|
| #define | ADDrd(dr32, sr32) |
| | add dr32,sr32
|
| #define | ADD_EAXi(i32) |
| | add eax,i32
|
| #define | ADDid(r32, i32) |
| | add r32,i32
|
| #define | ADDib(r32, i8) |
| | add r32,i8
|
| #define | SUBrd(dr32, sr32) |
| | sub dr32,sr32
|
| #define | SUB_EAXi(i32) |
| | sub eax,i32
|
| #define | MULrd(r32) |
| | mul r32
|
| #define | DIVrd(r32) |
| | div r32
|
| #define | ANDib(r8, i8) |
| | and r8,i8
|
| #define | ANDid(r32, i32) |
| | and r32,i32
|
| #define | ANDrd(dr32, sr32) |
| | and dr32,sr32
|
| #define | ORrd(dr32, sr32) |
| | or dr32,sr32
|
| #define | ORid(r32, i32) |
| | or r32,i32
|
| #define | SHLib(r32, i8) |
| | shl r32,i8
|
| #define | SHL_CLrb(dr32) |
| | shl dr32,cl
|
| #define | SHRib(r32, i8) |
| | shr r32,i8
|
| #define | SHR_CLrb(dr32) |
| | shr dr32,cl
|
| #define | NEGd(r32) |
| | neg r32
|
| #define | CMPodd(dr32, sr32, off) |
| | cmp dr32,sr32[off]
|
| #define | CMPrd(dr32, sr32) |
| | cmp dr32,sr32
|
| #define | CMPid(dr32, i32) |
| | cmp dr32,i32
|
| #define | JNEb(off8) |
| | jne off32
|
| #define | JE(off32) |
| | je off32
|
| #define | JLE(off32) |
| | jle off32
|
| #define | JLEb(off8) |
| | jle off8
|
| #define | JA(off32) |
| | ja off32
|
| #define | JAE(off32) |
| | jae off32
|
| #define | JG(off32) |
| | jg off32
|
| #define | JGE(off32) |
| | jge off32
|
| #define | JMP(off32) |
| | jmp off32
|
Typedefs |
| typedef UINT(__cdecl * | BPF_filter_function )(PVOID *, ULONG, UINT) |
| | Prototype of a filtering function created by the jitter.
|
| typedef void(* | emit_func )(binary_stream *stream, ULONG value, UINT n) |
| | Prototype of the emit functions.
|
Prototype of the emit functions.
Different emit functions are used to create the reference table and to generate the actual filtering code. This allows to have simpler instruction macros. The first parameter is the stream that will receive the data. The secon one is a variable containing the data, the third one is the length, that can be 1,2 or 4 since it is possible to emit a byte, a short or a work at a time.
Definition at line 92 of file jitter.h.
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2009
CACE Technologies. All rights reserved.