18 #include <asm/insn.h>
23 /* Adjust IP back to vicinity of actual insn */
26 /* Adjust the return address of a call insn */
41 #define OPCODE1(insn)		((insn)->opcode.bytes[0])
42 #define OPCODE2(insn)		((insn)->opcode.bytes[1])
43 #define OPCODE3(insn)		((insn)->opcode.bytes[2])
44 #define MODRM_REG(insn)		X86_MODRM_REG((insn)->modrm.value)
181  * 0f 06 - clts (CPL0 insn)
183  * 0f 08 - invd (CPL0 insn)
184  * 0f 09 - wbinvd (CPL0 insn)
186  * 0f 30 - wrmsr (CPL0 insn) (then why rdmsr is allowed, it's also CPL0 insn?)
190  * 0f 78 - vmread (Intel VMX. CPL0 insn)
191  * 0f 79 - vmwrite (Intel VMX. CPL0 insn)
256 static bool is_prefix_bad(struct insn *insn)
261 	for_each_insn_prefix(insn, i, p) {
277 static int uprobe_init_insn(struct arch_uprobe *auprobe, struct insn *insn, bool x86_64)
283 	ret = insn_decode(insn, auprobe->insn, sizeof(auprobe->insn), m);
287 	if (is_prefix_bad(insn))
291 	if (insn_masking_exception(insn))
299 	if (test_bit(OPCODE1(insn), (unsigned long *)good_insns))
302 	if (insn->opcode.nbytes == 2) {
303 		if (test_bit(OPCODE2(insn), (unsigned long *)good_2byte_insns))
312  * If arch_uprobe->insn doesn't use rip-relative addressing, return
335 static void riprel_analyze(struct arch_uprobe *auprobe, struct insn *insn)
341 	if (!insn_rip_relative(insn))
349 	if (insn->rex_prefix.nbytes) {
350 		cursor = auprobe->insn + insn_offset_rex_prefix(insn);
356 	 * TODO: add XOP treatment when insn decoder supports them
358 	if (insn->vex_prefix.nbytes >= 3) {
369 		cursor = auprobe->insn + insn_offset_vex_prefix(insn) + 1;
386 	 *   First appeared in Haswell (BMI2 insn). It is vex-encoded.
405 	 * by one insn (maskmovq) and BX register is used
410 	 * also, rsp+disp32 needs sib encoding -> insn length change).
413 	reg = MODRM_REG(insn);	/* Fetch modrm.reg */
415 	if (insn->vex_prefix.nbytes)
416 		reg2 = insn->vex_prefix.bytes[2];
447 	cursor = auprobe->insn + insn_offset_modrm(insn);
494 static void riprel_analyze(struct arch_uprobe *auprobe, struct insn *insn)
646 		 * branch_clear_offset) insn out-of-line. In the likely case
648 		 * should die or restart the same insn after it handles the
679 	 * "call" insn was executed out-of-line. Just restore ->sp and restart.
686 static void branch_clear_offset(struct arch_uprobe *auprobe, struct insn *insn)
689 	 * Turn this insn into "call 1f; 1:", this is what we will execute
699 	 * divorce ->insn[] and ->ixol[]. We need to preserve the 1st byte
700 	 * of ->insn[] for set_orig_insn().
702 	memset(auprobe->insn + insn_offset_immediate(insn),
703 		0, insn->immediate.nbytes);
715 /* Returns -ENOSYS if branch_xol_ops doesn't handle this insn */
716 static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
718 	u8 opc1 = OPCODE1(insn);
730 		branch_clear_offset(auprobe, insn);
734 		if (insn->opcode.nbytes != 2)
740 		opc1 = OPCODE2(insn) - 0x10;
752 	for_each_insn_prefix(insn, i, p) {
759 	auprobe->branch.ilen = insn->length;
760 	auprobe->branch.offs = insn->immediate.value;
766 /* Returns -ENOSYS if push_xol_ops doesn't handle this insn */
767 static int push_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
769 	u8 opc1 = OPCODE1(insn), reg_offset = 0;
774 	if (insn->length > 2)
776 	if (insn->length == 2) {
779 		if (insn->rex_prefix.nbytes != 1 ||
780 		    insn->rex_prefix.bytes[0] != 0x41)
842 	auprobe->push.ilen = insn->length;
856 	struct insn insn;
860 	ret = uprobe_init_insn(auprobe, &insn, is_64bit_mm(mm));
864 	ret = branch_setup_xol_ops(auprobe, &insn);
868 	ret = push_setup_xol_ops(auprobe, &insn);
876 	switch (OPCODE1(&insn)) {
891 		switch (MODRM_REG(&insn)) {
901 		riprel_analyze(auprobe, &insn);
904 	auprobe->defparam.ilen = insn.length;
939  * If xol insn itself traps and generates a signal(Say,
1095 	if (ctx == RP_CHECK_CALL) /* sp was just decremented by "call" insn */

Indexes created Fri Apr 26 00:00:17 MDT 2024