libipt, ild: support jmpabs

Signed-off-by: Markus Metzger <[email protected]>
spicy-lime · Mar 12, 2024 · 31745fd · 31745fd
1 parent 427084b
commit 31745fd
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 0 deletions.
diff --git a/libipt/internal/include/pt_insn.h b/libipt/internal/include/pt_insn.h
@@ -87,6 +87,8 @@ typedef enum {
 	PTI_INST_ERETS,
 	PTI_INST_ERETU,
 
+	PTI_INST_JMPABS,
+
 	PTI_INST_LAST
 } pti_inst_enum_t;
 

diff --git a/libipt/src/pt_ild.c b/libipt/src/pt_ild.c
@@ -1151,6 +1151,11 @@ static int set_branch_target(struct pt_insn_ext *iext, const struct pt_ild *ild)
 		const int32_t *d = (const int32_t *)
 			get_byte_ptr(ild, ild->disp_pos);
 
+		iext->variant.branch.displacement = *d;
+	} else if (ild->disp_bytes == 8) {
+		const int64_t *d = (const int64_t *)
+			get_byte_ptr(ild, ild->disp_pos);
+
 		iext->variant.branch.displacement = *d;
 	} else
 		return -pte_bad_insn;
@@ -1457,6 +1462,16 @@ static int pt_instruction_decode(struct pt_insn *insn, struct pt_insn_ext *iext,
 		}
 		return 0;
 
+	case 0xa1:
+		if ((map == PTI_MAP_0) && mode_64b(ild) && ild->rex2 &&
+		    !ild->rex_w && !ild->asz && !ild->osz) {
+			insn->iclass = ptic_jump;
+			iext->iclass = PTI_INST_JMPABS;
+
+			return set_branch_target(iext, ild);
+		}
+		return 0;
+
 	default:
 		return 0;
 	}

diff --git a/libipt/test/src/ptunit-ild.c b/libipt/test/src/ptunit-ild.c
@@ -755,6 +755,16 @@ static struct ptunit_result rex2_mov_cr3(void)
 	return ptu_passed();
 }
 
+static struct ptunit_result jmpabs(void)
+{
+	uint8_t insn[] = { 0xd5, 0x00, 0xa1,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
+
+	ptu_classify_s(insn, ptem_64bit, ptic_jump, PTI_INST_JMPABS);
+
+	return ptu_passed();
+}
+
 int main(int argc, char **argv)
 {
 	struct ptunit_suite suite;
@@ -828,6 +838,7 @@ int main(int argc, char **argv)
 	ptu_run(suite, mov_cr3);
 	ptu_run(suite, rex_mov_cr3);
 	ptu_run(suite, rex2_mov_cr3);
+	ptu_run(suite, jmpabs);
 
 	return ptunit_report(&suite);
 }