summaryrefslogtreecommitdiffstats
path: root/architecture.h
blob: af98ce322a89b948fc2b620e009be08e1c0e43b6 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#pragma once

#include <sys/uio.h>
#include <capstone/capstone.h>

struct archinfo {
    unsigned long progmctr;
    unsigned long stackptr;
    unsigned long bp_insn;
    unsigned long bp_mask;
    unsigned long bp_adjust;
    int cs_arch;
    int cs_mode;
    unsigned cs_call;
    unsigned wordsize;
};

extern void architecture_info(struct archinfo *ai, const struct iovec *regs);

/* Architecture Definitions */
#if defined(__x86_64__) || defined(i386) || defined(__i386__)

typedef union {
    struct user_regs_64 {
        unsigned long long int r15, r14, r13, r12, rbp, rbx, r11, r10, r9, r8,
                      rax, rcx, rdx, rsi, rdi, orig_rax, rip, cs, eflags, rsp,
                      ss, fs_base, gs_base, ds, es, fs, gs;
    } x86_64;

    struct user_regs_32 {
        unsigned int ebx, ecx, edx, esi, edi, ebp, eax, xds, xes, xfs, xgs,
                     orig_eax, eip, xcs, eflags, esp, xss;
    } x86_32;
} user_regs_t;

#define ARCH_X86

#define PROGMCTR_64             x86_64.rip
#define STACKPTR_64             x86_64.rsp
#define BREAKPOINT_INSN_64      0xccul
#define BREAKPOINT_MASK_64      0xfful
#define BREAKPOINT_ADJS_64      0x1
#define CAPSTONE_ARCH_64        CS_ARCH_X86
#define CAPSTONE_MODE_64        CS_MODE_64
#define CAPSTONE_CALL_64        X86_INS_CALL
#define WORDSIZE_64             8

#define PROGMCTR_32             x86_32.eip
#define STACKPTR_32             x86_32.esp
#define BREAKPOINT_INSN_32      0xccul
#define BREAKPOINT_MASK_32      0xfful
#define BREAKPOINT_ADJS_32      0x1
#define CAPSTONE_ARCH_32        CS_ARCH_X86
#define CAPSTONE_MODE_32        CS_MODE_32
#define CAPSTONE_CALL_32        X86_INS_CALL
#define WORDSIZE_32             4

#elif defined(__aarch64__) || defined(_M_ARM64)

typedef union {
    struct user_regs_64 {
        unsigned long long regs[31];
        unsigned long long sp, pc, pstate;
    } arm64;

    struct user_regs_32 {
        unsigned int x;
    } arm32;
} user_regs_t;

#define ARCH_AARCH64

#define PROGMCTR_64             arm64.pc
#define STACKPTR_64             arm64.sp
#define BREAKPOINT_INSN_64      0xd4200000ul
#define BREAKPOINT_MASK_64      0xfffffffful
#define BREAKPOINT_ADJS_64      0x0
#define CAPSTONE_ARCH_64        CS_ARCH_ARM64
#define CAPSTONE_MODE_64        CS_MODE_ARM
#define CAPSTONE_CALL_64        ARM64_INS_BL
#define WORDSIZE_64             8

#define PROGMCTR_32             arm32.x
#define STACKPTR_32             arm32.x
#define BREAKPOINT_INSN_32      0
#define BREAKPOINT_MASK_32      0
#define BREAKPOINT_ADJS_32      0
#define CAPSTONE_ARCH_32        0
#define CAPSTONE_MODE_32        0
#define CAPSTONE_CALL_32        0
#define WORDSIZE_32             4

#else
#error Detected architecture is not supported!
#endif