jitter.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (c) 2002 - 2005 NetGroup, Politecnico di Torino (Italy)
00003  * Copyright (c) 2005 - 2007 CACE Technologies, Davis (California)
00004  * All rights reserved.
00005  *
00006  * Redistribution and use in source and binary forms, with or without
00007  * modification, are permitted provided that the following conditions
00008  * are met:
00009  *
00010  * 1. Redistributions of source code must retain the above copyright
00011  * notice, this list of conditions and the following disclaimer.
00012  * 2. Redistributions in binary form must reproduce the above copyright
00013  * notice, this list of conditions and the following disclaimer in the
00014  * documentation and/or other materials provided with the distribution.
00015  * 3. Neither the name of the Politecnico di Torino, CACE Technologies 
00016  * nor the names of its contributors may be used to endorse or promote 
00017  * products derived from this software without specific prior written 
00018  * permission.
00019  *
00020  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
00021  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
00022  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
00023  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
00024  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
00025  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
00026  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
00027  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
00028  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
00029  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
00030  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
00031  *
00032  */
00033 
00042 //
00043 // Registers
00044 //
00045 #define EAX 0
00046 #define ECX 1
00047 #define EDX 2
00048 #define EBX 3
00049 #define ESP 4
00050 #define EBP 5
00051 #define ESI 6
00052 #define EDI 7
00053 
00054 #define AX 0
00055 #define CX 1
00056 #define DX 2
00057 #define BX 3
00058 #define SP 4
00059 #define BP 5
00060 #define SI 6
00061 #define DI 7
00062 
00063 #define AL 0
00064 #define CL 1
00065 #define DL 2
00066 #define BL 3
00067 
00069 typedef struct binary_stream{
00070     INT cur_ip;     
00071     INT bpf_pc;     
00072     PCHAR ibuf;     
00073     PUINT refs;     
00074 }binary_stream;
00075 
00076 
00082 typedef UINT (__cdecl *BPF_filter_function)( PVOID *, ULONG, UINT);
00083 
00092 typedef void (*emit_func)(binary_stream *stream, ULONG value, UINT n);
00093 
00095 typedef struct JIT_BPF_Filter{
00096     BPF_filter_function Function;   
00097     PINT mem;
00098 }
00099 JIT_BPF_Filter;
00100 
00101 
00102 
00103 
00104 /**************************/
00105 /* X86 INSTRUCTION MACROS */
00106 /**************************/
00107 
00109 #define MOVid(r32, i32) \
00110   emitm(&stream, 11 << 4 | 1 << 3 | r32 & 0x7, 1); emitm(&stream, i32, 4);
00111 
00113 #define MOVrd(dr32, sr32) \
00114   emitm(&stream, 8 << 4 | 3 | 1 << 3, 1); emitm(&stream,  3 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1);
00115 
00117 #define MOVodd(dr32, sr32, off) \
00118   emitm(&stream, 8 << 4 | 3 | 1 << 3, 1); \
00119   emitm(&stream,  1 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1);\
00120   emitm(&stream,  off, 1);
00121 
00123 #define MOVobd(dr32, sr32, or32) \
00124   emitm(&stream, 8 << 4 | 3 | 1 << 3, 1); \
00125   emitm(&stream,  (dr32 & 0x7) << 3 | 4 , 1);\
00126   emitm(&stream,  (or32 & 0x7) << 3 | (sr32 & 0x7) , 1);
00127 
00129 #define MOVobw(dr32, sr32, or32) \
00130   emitm(&stream, 0x66, 1); \
00131   emitm(&stream, 8 << 4 | 3 | 1 << 3, 1); \
00132   emitm(&stream,  (dr32 & 0x7) << 3 | 4 , 1);\
00133   emitm(&stream,  (or32 & 0x7) << 3 | (sr32 & 0x7) , 1);
00134 
00136 #define MOVobb(dr8, sr32, or32) \
00137   emitm(&stream, 0x8a, 1); \
00138   emitm(&stream,  (dr8 & 0x7) << 3 | 4 , 1);\
00139   emitm(&stream,  (or32 & 0x7) << 3 | (sr32 & 0x7) , 1);
00140 
00142 #define MOVomd(dr32, or32, sr32) \
00143   emitm(&stream, 0x89, 1); \
00144   emitm(&stream,  (sr32 & 0x7) << 3 | 4 , 1);\
00145   emitm(&stream,  (or32 & 0x7) << 3 | (dr32 & 0x7) , 1);
00146 
00148 #define BSWAP(dr32) \
00149   emitm(&stream, 0xf, 1); \
00150   emitm(&stream,  0x19 << 3 | dr32 , 1);
00151 
00153 #define SWAP_AX() \
00154   emitm(&stream, 0x86, 1); \
00155   emitm(&stream,  0xc4 , 1);
00156 
00158 #define PUSH(r32) \
00159   emitm(&stream, 5 << 4 | 0 << 3 | r32 & 0x7, 1);
00160 
00162 #define POP(r32) \
00163   emitm(&stream, 5 << 4 | 1 << 3 | r32 & 0x7, 1);
00164 
00166 #define RET() \
00167   emitm(&stream, 12 << 4 | 0 << 3 | 3, 1);
00168 
00170 #define ADDrd(dr32, sr32) \
00171   emitm(&stream, 0x03, 1);\
00172   emitm(&stream, 3 << 6 | (dr32 & 0x7) << 3 | (sr32 & 0x7), 1);
00173 
00175 #define ADD_EAXi(i32) \
00176   emitm(&stream, 0x05, 1);\
00177   emitm(&stream, i32, 4);
00178 
00180 #define ADDid(r32, i32) \
00181   emitm(&stream, 0x81, 1);\
00182   emitm(&stream, 24 << 3 | r32, 1);\
00183   emitm(&stream, i32, 4);
00184 
00186 #define ADDib(r32, i8) \
00187   emitm(&stream, 0x83, 1);\
00188   emitm(&stream, 24 << 3 | r32, 1);\
00189   emitm(&stream, i8, 1);
00190 
00192 #define SUBrd(dr32, sr32) \
00193   emitm(&stream, 0x2b, 1);\
00194   emitm(&stream, 3 << 6 | (dr32 & 0x7) << 3 | (sr32 & 0x7), 1);
00195 
00197 #define SUB_EAXi(i32) \
00198   emitm(&stream, 0x2d, 1);\
00199   emitm(&stream, i32, 4);
00200 
00202 #define MULrd(r32) \
00203   emitm(&stream, 0xf7, 1);\
00204   emitm(&stream, 7 << 5 | (r32 & 0x7), 1);
00205 
00207 #define DIVrd(r32) \
00208   emitm(&stream, 0xf7, 1);\
00209   emitm(&stream, 15 << 4 | (r32 & 0x7), 1);
00210 
00212 #define ANDib(r8, i8) \
00213   emitm(&stream, 0x80, 1);\
00214   emitm(&stream, 7 << 5 | r8, 1);\
00215   emitm(&stream, i8, 1);
00216 
00218 #define ANDid(r32, i32) \
00219   if (r32 == EAX){ \
00220   emitm(&stream, 0x25, 1);\
00221   emitm(&stream, i32, 4);}\
00222   else{ \
00223   emitm(&stream, 0x81, 1);\
00224   emitm(&stream, 7 << 5 | r32, 1);\
00225   emitm(&stream, i32, 4);}
00226 
00228 #define ANDrd(dr32, sr32) \
00229   emitm(&stream, 0x23, 1);\
00230   emitm(&stream,  3 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1);
00231 
00233 #define ORrd(dr32, sr32) \
00234   emitm(&stream, 0x0b, 1);\
00235   emitm(&stream,  3 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1);
00236 
00238 #define ORid(r32, i32) \
00239   if (r32 == EAX){ \
00240   emitm(&stream, 0x0d, 1);\
00241   emitm(&stream, i32, 4);}\
00242   else{ \
00243   emitm(&stream, 0x81, 1);\
00244   emitm(&stream, 25 << 3 | r32, 1);\
00245   emitm(&stream, i32, 4);}
00246 
00248 #define SHLib(r32, i8) \
00249   emitm(&stream, 0xc1, 1);\
00250   emitm(&stream, 7 << 5 | r32 & 0x7, 1);\
00251   emitm(&stream, i8, 1);
00252 
00254 #define SHL_CLrb(dr32) \
00255   emitm(&stream, 0xd3, 1);\
00256   emitm(&stream,  7 << 5 | dr32 & 0x7, 1);
00257 
00259 #define SHRib(r32, i8) \
00260   emitm(&stream, 0xc1, 1);\
00261   emitm(&stream, 29 << 3 | r32 & 0x7, 1);\
00262   emitm(&stream, i8, 1);
00263 
00265 #define SHR_CLrb(dr32) \
00266   emitm(&stream, 0xd3, 1);\
00267   emitm(&stream,  29 << 3 | dr32 & 0x7, 1);
00268 
00270 #define NEGd(r32) \
00271   emitm(&stream, 0xf7, 1);\
00272   emitm(&stream,  27 << 3 | r32 & 0x7, 1);
00273 
00275 #define CMPodd(dr32, sr32, off) \
00276   emitm(&stream, 3 << 4 | 3 | 1 << 3, 1); \
00277   emitm(&stream,  1 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1);\
00278   emitm(&stream,  off, 1);
00279 
00281 #define CMPrd(dr32, sr32) \
00282   emitm(&stream, 0x3b, 1); \
00283   emitm(&stream,  3 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1);
00284 
00286 #define CMPid(dr32, i32) \
00287   if (dr32 == EAX){ \
00288   emitm(&stream, 0x3d, 1); \
00289   emitm(&stream,  i32, 4);} \
00290   else{ \
00291   emitm(&stream, 0x81, 1); \
00292   emitm(&stream,  0x1f << 3 | (dr32 & 0x7), 1);\
00293   emitm(&stream,  i32, 4);}
00294 
00296 #define JNEb(off8) \
00297    emitm(&stream, 0x75, 1);\
00298    emitm(&stream, off8, 1);
00299 
00301 #define JE(off32) \
00302    emitm(&stream, 0x0f, 1);\
00303    emitm(&stream, 0x84, 1);\
00304    emitm(&stream, off32, 4);
00305 
00307 #define JLE(off32) \
00308    emitm(&stream, 0x0f, 1);\
00309    emitm(&stream, 0x8e, 1);\
00310    emitm(&stream, off32, 4);
00311 
00313 #define JLEb(off8) \
00314    emitm(&stream, 0x7e, 1);\
00315    emitm(&stream, off8, 1);
00316 
00318 #define JA(off32) \
00319    emitm(&stream, 0x0f, 1);\
00320    emitm(&stream, 0x87, 1);\
00321    emitm(&stream, off32, 4);
00322    
00324 #define JAE(off32) \
00325    emitm(&stream, 0x0f, 1);\
00326    emitm(&stream, 0x83, 1);\
00327    emitm(&stream, off32, 4);
00328 
00330 #define JG(off32) \
00331    emitm(&stream, 0x0f, 1);\
00332    emitm(&stream, 0x8f, 1);\
00333    emitm(&stream, off32, 4);
00334 
00336 #define JGE(off32) \
00337    emitm(&stream, 0x0f, 1);\
00338    emitm(&stream, 0x8d, 1);\
00339    emitm(&stream, off32, 4);
00340 
00342 #define JMP(off32) \
00343    emitm(&stream, 0xe9, 1);\
00344    emitm(&stream, off32, 4);
00345 
00350 /**************************/
00351 /* Prototypes             */
00352 /**************************/
00353 
00367 JIT_BPF_Filter* BPF_jitter(struct bpf_insn *fp, INT nins);
00368 
00380 BPF_filter_function BPFtoX86(struct bpf_insn *ins, UINT nins, INT *mem);
00387 void BPF_Destroy_JIT_Filter(JIT_BPF_Filter *Filter);
00388 

documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2008 CACE Technologies. All rights reserved.