/* * push_shack() * Push next guest eip into shadow stack. */ void push_shack(CPUState *env, TCGv_ptr cpu_env, target_ulong next_eip) { TCGv_ptr temp_shack_top = tcg_temp_new_ptr(); TCGv_ptr temp_shack_end = tcg_temp_new_ptr(); TCGv_ptr temp_entry_ptr = tcg_temp_new_ptr(); TCGv temp_next_eip = tcg_temp_local_new_i32(); // int flush_label = gen_new_label(); shack_hash_entry *entry; //Load the entry. Entry is the constant for each next_eip int table_index = next_eip & (SHACK_SIZE-1); entry = &shadow_hash_list[table_index]; // load to temp tcg_gen_ld_ptr(temp_shack_top, cpu_env, offsetof(CPUState, shack_top)); tcg_gen_ld_ptr(temp_shack_end, cpu_env, offsetof(CPUState, shack_end)); tcg_gen_movi_i32(temp_next_eip, next_eip); tcg_gen_movi_i32(temp_entry_ptr ,entry); //- branch to flush // tcg_gen_brcond_ptr(TCG_COND_EQ, temp_shack_top, temp_shack_end, flush_label); // push to stack tcg_gen_st_ptr(temp_entry_ptr, temp_shack_top, 0); tcg_gen_addi_ptr(temp_shack_top, temp_shack_top, sizeof(uint64_t)); tcg_gen_st_ptr(temp_shack_top, cpu_env, offsetof(CPUState, shack_top)); // gen_set_label(flush_label); // printf("");//do nothing // // flush stack // helper_shack_flush(env); // tcg_gen_mov_tl(temp_shack_top, tcg_const_tl((int32_t)(env->shack + 1))); }
/* * push_shack() * Push next guest eip into shadow stack. */ void push_shack(CPUState *env, TCGv_ptr cpu_env, target_ulong next_eip) { // label int label_do_push = gen_new_label(); // prepare registers TCGv_ptr temp_shack_end = tcg_temp_local_new_ptr(); // store shack end TCGv_ptr temp_shack_top = tcg_temp_local_new_ptr(); // store shack top TCGv temp_next_eip = tcg_temp_local_new(); // store eip // load common values tcg_gen_ld_ptr(temp_shack_end, cpu_env, offsetof(CPUState, shack_end)); tcg_gen_ld_ptr(temp_shack_top, cpu_env, offsetof(CPUState, shack_top)); tcg_gen_mov_tl(temp_next_eip, tcg_const_tl(next_eip)); // check shack full? tcg_gen_brcond_ptr(TCG_COND_NE,temp_shack_top,temp_shack_end,label_do_push); // if not full // flush here TCGv_ptr temp_shack_start = tcg_temp_new_ptr(); // store shack start //tcg_en_st_tl(tcg_const_tl(0), cpu_env, offsetof(CPUState, shadow_ret_count)); // reset ret count tcg_gen_ld_ptr(temp_shack_start, cpu_env, offsetof(CPUState, shack)); tcg_gen_mov_tl(temp_shack_top, temp_shack_start); tcg_temp_free_ptr(temp_shack_start); // call helper: flush the hash gen_helper_shack_flush(cpu_env); // end of flush gen_set_label(label_do_push); // do push here // push guest eip tcg_gen_st_ptr(temp_next_eip, temp_shack_top, 0); // store guest eip tcg_gen_addi_ptr(temp_shack_top, temp_shack_top, sizeof(uint64_t)); // increase top // call helper: check if we can fill the ret directly, or need to add hash-pair gen_helper_shack_push(cpu_env, temp_next_eip); // store back top tcg_gen_st_ptr(temp_shack_top, cpu_env, offsetof(CPUState, shack_top)); // clean up tcg_temp_free(temp_next_eip); tcg_temp_free_ptr(temp_shack_top); tcg_temp_free_ptr(temp_shack_end); }
/* * push_shack() * Push next guest eip into shadow stack. */ void push_shack(CPUState *env, TCGv_ptr cpu_env, target_ulong next_eip) //next_eip contains the guest return address { #ifdef OPT_SHACK /* find the corresponding slot */ struct shadow_pair *pair_ptr = find_hash_pair(env, next_eip); /* declare variables */ TCGv_ptr tcg_shack_top = tcg_temp_new_ptr(); TCGv_ptr tcg_shack_end = tcg_temp_new_ptr(); int lab_push = gen_new_label(); /* check if need flush * if(env->shack_top == env->shack_end) * env->shack_top = env->shack; */ tcg_gen_ld_ptr(tcg_shack_top, cpu_env, offsetof(CPUState, shack_top)); //load shack top tcg_gen_ld_ptr(tcg_shack_end, cpu_env, offsetof(CPUState, shack_end)); //load shack end tcg_gen_brcond_i32(TCG_COND_NE, tcg_shack_top, tcg_shack_end, lab_push); //if(env->shack_top != env->shack_end): jmp to lab_push tcg_gen_ld_ptr(tcg_shack_top, cpu_env, offsetof(CPUState, shack)); //env->shack_top = env->shack (flush) tcg_gen_st_tl(tcg_shack_top, cpu_env, offsetof(CPUState, shack_top)); // store shack top /* push the slot addr onto shack * env->shack_top = pair_ptr; * env->shack_top++; */ gen_set_label(lab_push); tcg_gen_ld_ptr(tcg_shack_top, cpu_env, offsetof(CPUState, shack_top)); //load shack top tcg_gen_st_tl(tcg_const_ptr(pair_ptr), tcg_shack_top, 0); // env->shack_top = pair_ptr tcg_gen_addi_ptr(tcg_shack_top, tcg_shack_top, sizeof (void *)); //shack_top++ tcg_gen_st_tl(tcg_shack_top, cpu_env, offsetof(CPUState, shack_top)); // store shack top /* clean up */ tcg_temp_free_ptr(tcg_shack_top); tcg_temp_free_ptr(tcg_shack_end); #endif }
static inline TCGv_ptr gen_avr_ptr(int reg) { TCGv_ptr r = tcg_temp_new_ptr(); tcg_gen_addi_ptr(r, cpu_env, offsetof(CPUPPCState, avr[reg])); return r; }