mirror of
https://github.com/NationalSecurityAgency/ghidra.git
synced 2026-05-20 23:08:31 +08:00
Merge remote-tracking branch 'origin/GP-6079_emteere_ARM_CPY_PC_asCall' into Ghidra_12.0
This commit is contained in:
Ryan Kurtz
@@ -5,7 +5,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v8"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM8_le.sla"
|
||||
processorspec="ARMt.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -29,7 +29,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v8T"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM8_le.sla"
|
||||
processorspec="ARMtTHUMB.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -52,7 +52,7 @@
|
||||
instructionEndian="little"
|
||||
size="32"
|
||||
variant="v8LEInstruction"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM8_le.sla"
|
||||
processorspec="ARMt.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -68,7 +68,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v8"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM8_be.sla"
|
||||
processorspec="ARMt.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -91,7 +91,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v8T"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM8_be.sla"
|
||||
processorspec="ARMtTHUMB.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -111,7 +111,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v7"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM7_le.sla"
|
||||
processorspec="ARMt.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -134,7 +134,7 @@
|
||||
instructionEndian="little"
|
||||
size="32"
|
||||
variant="v7LEInstruction"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM7_le.sla"
|
||||
processorspec="ARMt.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -150,7 +150,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v7"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM7_be.sla"
|
||||
processorspec="ARMt.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -171,7 +171,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="Cortex"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM7_le.sla"
|
||||
processorspec="ARMCortex.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -195,7 +195,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="Cortex"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM7_be.sla"
|
||||
processorspec="ARMCortex.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -218,7 +218,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v8-m"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM8m_le.sla"
|
||||
processorspec="ARMCortex.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -236,7 +236,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v8-m"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM8m_be.sla"
|
||||
processorspec="ARMCortex.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -255,7 +255,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v6"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM6_le.sla"
|
||||
processorspec="ARMt_v6.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -278,7 +278,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v6"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM6_be.sla"
|
||||
processorspec="ARMt_v6.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -301,7 +301,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v5t"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM5t_le.sla"
|
||||
processorspec="ARMt_v45.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -322,7 +322,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v5t"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM5t_be.sla"
|
||||
processorspec="ARMt_v45.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -343,7 +343,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v5"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM5_le.sla"
|
||||
processorspec="ARM_v45.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -362,7 +362,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v5"
|
||||
version="1.101"
|
||||
version="1.108"
|
||||
slafile="ARM5_be.sla"
|
||||
processorspec="ARM_v45.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -381,7 +381,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v4t"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM4t_le.sla"
|
||||
processorspec="ARMt_v45.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -401,7 +401,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v4t"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM4t_be.sla"
|
||||
processorspec="ARMt_v45.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -421,7 +421,7 @@
|
||||
endian="little"
|
||||
size="32"
|
||||
variant="v4"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM4_le.sla"
|
||||
processorspec="ARM_v45.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
@@ -444,7 +444,7 @@
|
||||
endian="big"
|
||||
size="32"
|
||||
variant="v4"
|
||||
version="1.107"
|
||||
version="1.108"
|
||||
slafile="ARM4_be.sla"
|
||||
processorspec="ARM_v45.pspec"
|
||||
manualindexfile="../manuals/ARM.idx"
|
||||
|
||||
@@ -2565,7 +2565,7 @@ ArmPCRelImmed12: reloff is U23=0 & immed & rotate
|
||||
@if defined(VERSION_6)
|
||||
|
||||
# cpy is a pre-UAL synonym for mov
|
||||
:cpy^COND pc,rm is $(AMODE) & ARMcond=1 & COND & pc & c2027=0x1a & c1619=0 & c0411=0 & Rd=15 & rm
|
||||
:cpy^COND pc,rm is $(AMODE) & ARMcond=1 & LRset=0 & COND & pc & c2027=0x1a & c1619=0 & c0411=0 & Rd=15 & rm
|
||||
{
|
||||
build COND;
|
||||
build rm;
|
||||
@@ -2573,6 +2573,14 @@ ArmPCRelImmed12: reloff is U23=0 & immed & rotate
|
||||
goto [pc];
|
||||
}
|
||||
|
||||
:cpy^COND pc,rm is $(AMODE) & ARMcond=1 & LRset=1 & COND & pc & c2027=0x1a & c1619=0 & c0411=0 & Rd=15 & rm
|
||||
{
|
||||
build COND;
|
||||
build rm;
|
||||
BXWritePC(rm);
|
||||
call [pc];
|
||||
}
|
||||
|
||||
:cpy^COND lr,rm is $(AMODE) & ARMcond=1 & COND & c2027=0x1a & c1619=0 & c0411=0 & Rd=14 & lr & rm & Rm2=15
|
||||
[ LRset=1; globalset(inst_next,LRset); ]
|
||||
{
|
||||
|
||||
@@ -67,7 +67,7 @@
|
||||
<data> 11100101 00101101 1110.... ........ 0xe24dd... </data> <!-- str lr,[sp,#...]; sub sp,sp; -->
|
||||
<data> 11100101 00101101 1110.... ........ 0x........ 0xe24dd... </data> <!-- str lr,[sp,#...]; <instr>; sub sp,sp; -->
|
||||
<data> 0xe5 0x2d 0xe0 0x08 </data> <!-- str lr,[sp,#-0x8] -->
|
||||
<data> 0xe1a0c00d 0xe92d.... </data> <!-- cpy ip,sp; stmdb sp!,{} -->
|
||||
<data> 0xe1a0c00d 0xe9 0x2. 11...... 0x.0 </data> <!-- cpy ip,sp; stmdb sp!,{} -->
|
||||
<align mark="0" bits="2"/>
|
||||
<setcontext name="TMode" value="0"/>
|
||||
<funcstart validcode="3"/>
|
||||
@@ -140,7 +140,7 @@
|
||||
</pattern>
|
||||
|
||||
<pattern> <!-- 32 bit ARM -->
|
||||
<data>0xe1a0c00d 0xe92d.... </data> <!-- cpy ip,sp; stmdb sp!,{} -->
|
||||
<data>0xe1a0c00d 0xe9 0x2. 11...... 0x.0 </data> <!-- cpy ip,sp; stmdb sp!,{} -->
|
||||
<align mark="0" bits="2"/>
|
||||
<setcontext name="TMode" value="0"/>
|
||||
<codeboundary /> <!-- can't say it is a function yet, have seen instructions before -->
|
||||
@@ -157,7 +157,7 @@
|
||||
<data> 0xe92d 0100.... ........ </data> <!-- push { rlist, lr !sp !pc !r12 } -->
|
||||
<align mark="0" bits="1"/>
|
||||
<setcontext name="TMode" value="1"/>
|
||||
<funcstart after="defined" validcode="10" contiguous="true" /> <!-- must be something defined right before this, && at least n valid instructions -->
|
||||
<funcstart after="defined" validcode="20" contiguous="true" /> <!-- must be something defined right before this, && at least n valid instructions -->
|
||||
</pattern>
|
||||
|
||||
<pattern> <!-- 16 bit Thumb -->
|
||||
|
||||
@@ -68,7 +68,7 @@
|
||||
<data> ........ 1110.... 00101101 11100101 0x..d.4de2 </data> <!-- str lr,[sp,#...]; sub sp,sp; -->
|
||||
<data> ........ 1110.... 00101101 11100101 0x........ 0x..d.4de2 </data> <!-- str lr,[sp,#...]; <instr>; sub sp,sp; -->
|
||||
<data>0x08 0xe0 0x2d 0xe5 </data> <!-- str lr,[sp,#-0x8] -->
|
||||
<data>0x0dc0a0e1 0x....2de9 </data> <!-- cpy ip,sp; stmdb sp!,{} -->
|
||||
<data>0x0dc0a0e1 0x.0 11...... 0x2. 0xe9 </data> <!-- cpy ip,sp; stmdb sp!,{} -->
|
||||
<data> ........ 0100.... 00101101 11101001 </data> <!-- stmdb sp!,{r0+, lr !sp !pc !r12}; -->
|
||||
<align mark="0" bits="2"/>
|
||||
<setcontext name="TMode" value="0"/>
|
||||
@@ -156,7 +156,7 @@
|
||||
</pattern>
|
||||
|
||||
<pattern> <!-- 32 bit ARM -->
|
||||
<data>0x0dc0a0e1 0x....2de9 </data> <!-- cpy ip,sp; stmdb sp!,{} -->
|
||||
<data>0x0dc0a0e1 0x.0 11...... 0x2. 0xe9 </data> <!-- cpy ip,sp; stmdb sp!,{} -->
|
||||
<align mark="0" bits="2"/>
|
||||
<setcontext name="TMode" value="0"/>
|
||||
<codeboundary /> <!-- can't say it is a function yet, have seen instructions before -->
|
||||
@@ -173,7 +173,7 @@
|
||||
<data> 0x2de9 ........ 010..... </data> <!-- push { rlist, lr !pc !sp } -->
|
||||
<align mark="0" bits="1"/>
|
||||
<setcontext name="TMode" value="1"/>
|
||||
<possiblefuncstart after="defined" validcode="4" contiguous="true" /> <!-- must be something defined right before this -->
|
||||
<possiblefuncstart after="defined" validcode="20" contiguous="true" /> <!-- must be something defined right before this -->
|
||||
</pattern>
|
||||
|
||||
<pattern> <!-- 16 bit Thumb -->
|
||||
|
||||
@@ -30,6 +30,7 @@ import ghidra.program.model.data.*;
|
||||
import ghidra.program.model.lang.*;
|
||||
import ghidra.program.model.listing.*;
|
||||
import ghidra.program.model.mem.MemoryBlock;
|
||||
import ghidra.program.model.pcode.PcodeOp;
|
||||
import ghidra.program.model.pcode.Varnode;
|
||||
import ghidra.program.model.scalar.Scalar;
|
||||
import ghidra.program.model.symbol.*;
|
||||
@@ -200,6 +201,11 @@ public class ArmAnalyzer extends ConstantPropagationAnalyzer {
|
||||
}
|
||||
return true;
|
||||
}
|
||||
else if (pcodeop == PcodeOp.STORE && instr.getMinAddress().add(8).equals(address)) {
|
||||
// Most likely a store of the PC to the stack
|
||||
// ARM PC is curInst+8
|
||||
return false;
|
||||
}
|
||||
}
|
||||
else if (refType.isCall() && refType.isComputed() && !address.isExternalAddress()) {
|
||||
// must disassemble right now, because TB flag could get set back at end of blx
|
||||
|
||||
Reference in New Issue
Block a user