Skip to content

New architecture: BPF#1388

Merged
aquynh merged 36 commits intocapstone-engine:nextfrom
david942j:bpf
Feb 18, 2019
Merged

New architecture: BPF#1388
aquynh merged 36 commits intocapstone-engine:nextfrom
david942j:bpf

Conversation

@david942j
Copy link
Copy Markdown
Contributor

@david942j david942j commented Feb 17, 2019
edited
Loading

closes #838

Berkeley Packet Filter

  • Supports both classic and extended BPF (CS_MODE_BPF_CLASSIC, CS_MODE_BPF_EXTENDED)
  • Fully tested
  • Python bindings

references:

@david942j
Basic changes of new arch - BPF
c6b10b2
@david942j
Define some constants
baf9a01
@david942j
defined some API methods
1250b09
@david942j
Able to print MISC instruction
ae2678d
@david942j
Follow Linux coding style
a1fca0a
@david942j
Ability to show ALU insn names
929a190
@david942j
decode return
af47651
@david942j
Add suite/MC/BPF
9b7970a
@david942j
decode jump
fe683b4
@david942j
decode store
1592c16
@david942j
decode load
84d7122
@david942j
print instruction done
5041285
@david942j
try to implement BPF_reg_access
ef0732d
@david942j
Implements explicit accessed registers and fix some tiny bugs
b607b57
@david942j
Fix unhandled ja case
763d5e7
@david942j
Added BPF_REG_OFF do fix wrong display in jump class
4acdfe3
@david942j
Great I'm able to decode cBPF with eyes
8cb68e9
@david942j
Fix: misunderstood the 16-byte instruction's imm
f6438cc
@david942j
Add ldxdw
546cf1d
@david942j
Add extended-all.cs
501e99a
@david942j
Implements cstest/bpf_getdetail.c
a7b633f
@david942j
Fix memory leak
251adca
@david942j
Add BPF to fuzz
ee1306f
@david942j
Implemented regs_read and regs_write
1a1431c
@david942j
Fix missing write-access on ALU's dst
6b97b43
@david942j
Updated cstool/, test_basic.c, test_detail.c, and test_iter.c
105934d
@david942j
Updated docs
ae81e84
@david942j
Fix type of cs_bpf#operands
cddecd6
@david942j
Implements python bindings
af37247
@david942j
Fix some bugs found by self code review
24936ca
@aquynh
Copy link
Copy Markdown
Collaborator

aquynh commented Feb 17, 2019

wow nice work! let me go thru the code & give some comments

aquynh
aquynh reviewed Feb 17, 2019
View reviewed changes
Comment thread cstool/cstool_bpf.c Outdated
aquynh
aquynh reviewed Feb 17, 2019
View reviewed changes
Comment thread arch/BPF/BPFInstPrinter.c Outdated
@aquynh
Copy link
Copy Markdown
Collaborator

aquynh commented Feb 17, 2019

the code looks very clean, you did an amazing job!

@HarDToBelieve @catenacyber this also updates your regression testsuite & fuzzer, please ack.

@aquynh
Copy link
Copy Markdown
Collaborator

aquynh commented Feb 17, 2019

Few more comments:

catenacyber
catenacyber suggested changes Feb 18, 2019
View reviewed changes
Comment thread suite/fuzz/fuzz_disasm.c
CS_MODE_BIG_ENDIAN,
"tms320c64x"
},
#if CS_NEXT_VERSION >= 5
Copy link
Copy Markdown
Contributor

@catenacyber catenacyber Feb 18, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the ifdef needs to remain so that both next and master branch can be fuzzed

Copy link
Copy Markdown
Contributor Author

@david942j david942j Feb 18, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh I found both master and next branch has the same CS_NEXT_VERSION = 5, that's why I removed it.

Copy link
Copy Markdown
Contributor

@catenacyber catenacyber Feb 18, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok thanks @david942j so your code is good

@aquynh how can a program know at compile time which architectures are supported by the current capstone ie branch master and branch next ?

@catenacyber
Copy link
Copy Markdown
Contributor

catenacyber commented Feb 18, 2019

Great !

Cheers @david942j
PS : if you know about BPF, could you take a look at the-tcpdump-group/libpcap#777

@aquynh aquynh merged commit cac94cc into capstone-engine:next Feb 18, 2019
@aquynh
Copy link
Copy Markdown
Collaborator

aquynh commented Feb 18, 2019

merged, thanks for this amazing work!

@aquynh
Copy link
Copy Markdown
Collaborator

aquynh commented Feb 18, 2019

@david942j, i had a commit to print out BPF for cstool -v at 7ed49b3

@david942j
Copy link
Copy Markdown
Contributor Author

david942j commented Feb 18, 2019

Oops I missed it, thanks!

@david942j david942j deleted the bpf branch February 18, 2019 12:30
@riptl riptl mentioned this pull request Jul 22, 2022
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aquynh aquynh aquynh left review comments

+1 more reviewer

@catenacyber catenacyber catenacyber approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@david942j @aquynh @catenacyber