documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2009
CACE Technologies. All rights reserved.Go to the source code of this file.
Data Structures | |
| struct | binary_stream |
| A stream of X86 binary code. More... | |
| struct | JIT_BPF_Filter |
| Structure describing a x86 filtering program created by the jitter. More... | |
Defines | |
| #define | EAX 0 |
| #define | ECX 1 |
| #define | EDX 2 |
| #define | EBX 3 |
| #define | ESP 4 |
| #define | EBP 5 |
| #define | ESI 6 |
| #define | EDI 7 |
| #define | AX 0 |
| #define | CX 1 |
| #define | DX 2 |
| #define | BX 3 |
| #define | SP 4 |
| #define | BP 5 |
| #define | SI 6 |
| #define | DI 7 |
| #define | AL 0 |
| #define | CL 1 |
| #define | DL 2 |
| #define | BL 3 |
| #define | MOVid(r32, i32) emitm(&stream, 11 << 4 | 1 << 3 | r32 & 0x7, 1); emitm(&stream, i32, 4); |
| mov r32,i32 | |
| #define | MOVrd(dr32, sr32) emitm(&stream, 8 << 4 | 3 | 1 << 3, 1); emitm(&stream, 3 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1); |
| mov dr32,sr32 | |
| #define | MOVodd(dr32, sr32, off) |
| mov dr32,sr32[off] | |
| #define | MOVobd(dr32, sr32, or32) |
| mov dr32,sr32[or32] | |
| #define | MOVobw(dr32, sr32, or32) |
| mov dr16,sr32[or32] | |
| #define | MOVobb(dr8, sr32, or32) |
| mov dr8,sr32[or32] | |
| #define | MOVomd(dr32, or32, sr32) |
| mov [dr32][or32],sr32 | |
| #define | BSWAP(dr32) |
| bswap dr32 | |
| #define | SWAP_AX() |
| xchg al,ah | |
| #define | PUSH(r32) emitm(&stream, 5 << 4 | 0 << 3 | r32 & 0x7, 1); |
| push r32 | |
| #define | POP(r32) emitm(&stream, 5 << 4 | 1 << 3 | r32 & 0x7, 1); |
| pop r32 | |
| #define | RET() emitm(&stream, 12 << 4 | 0 << 3 | 3, 1); |
| ret | |
| #define | ADDrd(dr32, sr32) |
| add dr32,sr32 | |
| #define | ADD_EAXi(i32) |
| add eax,i32 | |
| #define | ADDid(r32, i32) |
| add r32,i32 | |
| #define | ADDib(r32, i8) |
| add r32,i8 | |
| #define | SUBrd(dr32, sr32) |
| sub dr32,sr32 | |
| #define | SUB_EAXi(i32) |
| sub eax,i32 | |
| #define | MULrd(r32) |
| mul r32 | |
| #define | DIVrd(r32) |
| div r32 | |
| #define | ANDib(r8, i8) |
| and r8,i8 | |
| #define | ANDid(r32, i32) |
| and r32,i32 | |
| #define | ANDrd(dr32, sr32) |
| and dr32,sr32 | |
| #define | ORrd(dr32, sr32) |
| or dr32,sr32 | |
| #define | ORid(r32, i32) |
| or r32,i32 | |
| #define | SHLib(r32, i8) |
| shl r32,i8 | |
| #define | SHL_CLrb(dr32) |
| shl dr32,cl | |
| #define | SHRib(r32, i8) |
| shr r32,i8 | |
| #define | SHR_CLrb(dr32) |
| shr dr32,cl | |
| #define | NEGd(r32) |
| neg r32 | |
| #define | CMPodd(dr32, sr32, off) |
| cmp dr32,sr32[off] | |
| #define | CMPrd(dr32, sr32) |
| cmp dr32,sr32 | |
| #define | CMPid(dr32, i32) |
| cmp dr32,i32 | |
| #define | JNEb(off8) |
| jne off32 | |
| #define | JE(off32) |
| je off32 | |
| #define | JLE(off32) |
| jle off32 | |
| #define | JLEb(off8) |
| jle off8 | |
| #define | JA(off32) |
| ja off32 | |
| #define | JAE(off32) |
| jae off32 | |
| #define | JG(off32) |
| jg off32 | |
| #define | JGE(off32) |
| jge off32 | |
| #define | JMP(off32) |
| jmp off32 | |
Typedefs | |
| typedef UINT(__cdecl * | BPF_filter_function )(PVOID *, ULONG, UINT) |
| Prototype of a filtering function created by the jitter. | |
| typedef void(* | emit_func )(binary_stream *stream, ULONG value, UINT n) |
| Prototype of the emit functions. | |
Functions | |
| JIT_BPF_Filter * | BPF_jitter (struct bpf_insn *fp, INT nins) |
| BPF jitter, builds an x86 function from a BPF program. | |
| BPF_filter_function | BPFtoX86 (struct bpf_insn *ins, UINT nins, INT *mem) |
| Translates a set of BPF instructions in a set of x86 ones. | |
| void | BPF_Destroy_JIT_Filter (JIT_BPF_Filter *Filter) |
| Deletes a filtering function that was previously created by BPF_jitter(). | |
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2009
CACE Technologies. All rights reserved.