static int mpx_insn_decode(struct insn *insn,
struct pt_regs *regs)
{
unsigned char buf[MAX_INSN_SIZE];
int x86_64 = !test_thread_flag(TIF_IA32);
int not_copied;
int nr_copied;
not_copied = copy_from_user(buf, (void __user *)regs->ip, sizeof(buf));
nr_copied = sizeof(buf) - not_copied;
/*
* The decoder _should_ fail nicely if we pass it a short buffer.
* But, let's not depend on that implementation detail. If we
* did not get anything, just error out now.
*/
if (!nr_copied)
return -EFAULT;
insn_init(insn, buf, nr_copied, x86_64);
insn_get_length(insn);
/*
* copy_from_user() tries to get as many bytes as we could see in
* the largest possible instruction. If the instruction we are
* after is shorter than that _and_ we attempt to copy from
* something unreadable, we might get a short read. This is OK
* as long as the read did not stop in the middle of the
* instruction. Check to see if we got a partial instruction.
*/
if (nr_copied < insn->length)
return -EFAULT;
insn_get_opcode(insn);
/*
* We only _really_ need to decode bndcl/bndcn/bndcu
* Error out on anything else.
*/
if (insn->opcode.bytes[0] != 0x0f)
goto bad_opcode;
if ((insn->opcode.bytes[1] != 0x1a) &&
(insn->opcode.bytes[1] != 0x1b))
goto bad_opcode;
return 0;
bad_opcode:
return -EINVAL;
}
static int validate_insn_64bits(struct arch_uprobe *auprobe, struct insn *insn)
{
insn_init(insn, auprobe->insn, true);
/* Skip good instruction prefixes; reject "bad" ones. */
insn_get_opcode(insn);
if (is_prefix_bad(insn))
return -ENOTSUPP;
if (test_bit(OPCODE1(insn), (unsigned long *)good_insns_64))
return 0;
if (insn->opcode.nbytes == 2) {
if (test_bit(OPCODE2(insn), (unsigned long *)good_2byte_insns))
return 0;
}
return -ENOTSUPP;
}
int main(int argc, char **argv)
{
struct insn insn;
int insns = 0;
int errors = 0;
unsigned long i;
unsigned char insn_buf[MAX_INSN_SIZE * 2];
parse_args(argc, argv);
/* */
memset(insn_buf + MAX_INSN_SIZE, INSN_NOP, MAX_INSN_SIZE);
for (i = 0; i < iter_end; i++) {
if (generate_insn(insn_buf) <= 0)
break;
if (i < iter_start) /* */
continue;
/* */
insn_init(&insn, insn_buf, x86_64);
insn_get_length(&insn);
if (insn.next_byte <= insn.kaddr ||
insn.kaddr + MAX_INSN_SIZE < insn.next_byte) {
/* */
dump_stream(stderr, "Error: Found an access violation", i, insn_buf, &insn);
errors++;
} else if (verbose && !insn_complete(&insn))
dump_stream(stdout, "Info: Found an undecodable input", i, insn_buf, &insn);
else if (verbose >= 2)
dump_insn(stdout, &insn);
insns++;
}
fprintf(stdout, "%s: decoded and checked %d %s instructions with %d errors (seed:0x%x)\n", (errors) ? "Failure" : "Success", insns, (input_file) ? "given" : "random", errors, seed);
return errors ? 1 : 0;
}
int main(int argc, char **argv)
{
char line[BUFSIZE], sym[BUFSIZE] = "<unknown>";
unsigned char insn_buf[16];
struct insn insn;
int insns = 0;
int warnings = 0;
parse_args(argc, argv);
while (fgets(line, BUFSIZE, stdin)) {
char copy[BUFSIZE], *s, *tab1, *tab2;
int nb = 0;
unsigned int b;
if (line[0] == '<') {
/* Symbol line */
strcpy(sym, line);
continue;
}
insns++;
memset(insn_buf, 0, 16);
strcpy(copy, line);
tab1 = strchr(copy, '\t');
if (!tab1)
malformed_line(line, insns);
s = tab1 + 1;
s += strspn(s, " ");
tab2 = strchr(s, '\t');
if (!tab2)
malformed_line(line, insns);
*tab2 = '\0'; /* Characters beyond tab2 aren't examined */
while (s < tab2) {
if (sscanf(s, "%x", &b) == 1) {
insn_buf[nb++] = (unsigned char) b;
s += 3;
} else
break;
}
/* Decode an instruction */
insn_init(&insn, insn_buf, sizeof(insn_buf), x86_64);
insn_get_length(&insn);
if (insn.length != nb) {
warnings++;
pr_warn("Found an x86 instruction decoder bug, "
"please report this.\n", sym);
pr_warn("%s", line);
pr_warn("objdump says %d bytes, but insn_get_length() "
"says %d\n", nb, insn.length);
if (verbose)
dump_insn(stderr, &insn);
}
}
if (warnings)
pr_warn("Decoded and checked %d instructions with %d "
"failures\n", insns, warnings);
else
fprintf(stdout, "%s: success: Decoded and checked %d"
" instructions\n", prog, insns);
return 0;
}
