xtensa_analyze_op

rizinorg · Oct 21, 2024 · 06a1661 · 06a1661
1 parent 784ec6b
commit 06a1661
Show file tree

Hide file tree

Showing 3 changed files with 167 additions and 6 deletions.
diff --git a/librz/arch/isa/xtensa/xtensa.h b/librz/arch/isa/xtensa/xtensa.h
@@ -44,4 +44,10 @@ static inline int32_t xtensa_op_l32r(cs_insn *insn, unsigned int index) {
 	return op->imm;
 }
 
+#define REG(I)  cs_reg_name(ctx->handle, I)
+#define MEM(I)  xtensa_op_mem(ctx->insn, I)
+#define REGO(I) REG(xtensa_op_reg(ctx->insn, I))
+#define IMM(I)  xtensa_op_imm(ctx->insn, I)
+#define L32R(I) xtensa_op_l32r(ctx->insn, I)
+
 #endif // RIZIN_XTENSA_H
diff --git a/librz/arch/isa/xtensa/xtensa_esil.c b/librz/arch/isa/xtensa/xtensa_esil.c
@@ -9,11 +9,6 @@
 
 #define CM      ","
 #define opcode  (ctx->insn->id)
-#define REG(I)  cs_reg_name(ctx->handle, I)
-#define MEM(I)  xtensa_op_mem(ctx->insn, I)
-#define REGO(I) REG(xtensa_op_reg(ctx->insn, I))
-#define IMM(I)  xtensa_op_imm(ctx->insn, I)
-#define L32R(I) xtensa_op_l32r(ctx->insn, I)
 
 static void esil_push_signed_imm(RzStrBuf *esil, st32 imm) {
 	if (imm >= 0) {
@@ -850,7 +845,7 @@ void xtensa_analyze_op_esil(XtensaContext *ctx, RzAnalysisOp *op) {
 	case XTENSA_INS_J: /* j */
 		esil_call(ctx, op);
 		break;
-	case 81: /* jx */
+		//	case 81: /* jx */
 	case XTENSA_INS_CALLX0: /* callx0 */
 		esil_callx(ctx, op);
 		break;

diff --git a/librz/arch/p/analysis/analysis_xtensa_cs.c b/librz/arch/p/analysis/analysis_xtensa_cs.c
@@ -77,6 +77,164 @@ static RzList /*<RzSearchKeyword *>*/ *xtensa_preludes(RzAnalysis *analysis) {
 	return NULL;
 }
 
+static RzTypeCond xtensa_cond(xtensa_insn insn) {
+	switch (insn) {
+	case XTENSA_INS_BEQI: return RZ_TYPE_COND_EQ;
+	case XTENSA_INS_BNEI: return RZ_TYPE_COND_NE;
+	case XTENSA_INS_BGEI: return RZ_TYPE_COND_GE;
+	case XTENSA_INS_BLTI: return RZ_TYPE_COND_LT;
+	case XTENSA_INS_BGEUI: return RZ_TYPE_COND_GE;
+	case XTENSA_INS_BLTUI: return RZ_TYPE_COND_LT;
+	case XTENSA_INS_BBCI: return RZ_TYPE_COND_LT;
+	case XTENSA_INS_BBSI: return RZ_TYPE_COND_LT;
+	case XTENSA_INS_BEQ: return RZ_TYPE_COND_EQ;
+	case XTENSA_INS_BNE: return RZ_TYPE_COND_NE;
+	case XTENSA_INS_BGE: return RZ_TYPE_COND_GE;
+	case XTENSA_INS_BLT: return RZ_TYPE_COND_LT;
+	case XTENSA_INS_BGEU: return RZ_TYPE_COND_GE;
+	case XTENSA_INS_BLTU: return RZ_TYPE_COND_LT;
+	case XTENSA_INS_BANY:
+	case XTENSA_INS_BNONE:
+	case XTENSA_INS_BALL:
+	case XTENSA_INS_BNALL:
+	case XTENSA_INS_BBC:
+	case XTENSA_INS_BBS: break;
+	case XTENSA_INS_BEQZ: return RZ_TYPE_COND_EQ;
+	case XTENSA_INS_BNEZ: return RZ_TYPE_COND_NE;
+	case XTENSA_INS_BGEZ: return RZ_TYPE_COND_GE;
+	case XTENSA_INS_BLTZ: return RZ_TYPE_COND_LT;
+	default: break;
+	}
+	return RZ_TYPE_COND_AL;
+}
+
+static void xtensa_analyze_op(RzAnalysis *a, RzAnalysisOp *op, XtensaContext *ctx) {
+	switch (ctx->insn->id) {
+	case XTENSA_INS_ADD: /* add */
+	case XTENSA_INS_ADDX2: /* addx2 */
+	case XTENSA_INS_ADDX4: /* addx4 */
+	case XTENSA_INS_ADDX8: /* addx8 */
+		op->type = RZ_ANALYSIS_OP_TYPE_ADD;
+		break;
+	case XTENSA_INS_SUB: /* sub */
+	case XTENSA_INS_SUBX2: /* subx2 */
+	case XTENSA_INS_SUBX4: /* subx4 */
+	case XTENSA_INS_SUBX8: /* subx8 */
+		op->type = RZ_ANALYSIS_OP_TYPE_SUB;
+		break;
+	case XTENSA_INS_MOVI: /* movi */
+		op->type = RZ_ANALYSIS_OP_TYPE_MOV;
+		break;
+		//	case 0: /* excw */
+	case XTENSA_INS_NOP: /* nop.n */
+		op->type = RZ_ANALYSIS_OP_TYPE_NOP;
+		break;
+	case XTENSA_INS_S32I: /* s32i */
+	case XTENSA_INS_S16I: /* s16i */
+	case XTENSA_INS_S8I: /* s8i */
+		op->type = RZ_ANALYSIS_OP_TYPE_STORE;
+		break;
+	case XTENSA_INS_ADDI: /* addi */
+		op->type = RZ_ANALYSIS_OP_TYPE_ADD;
+		break;
+	case XTENSA_INS_RET: /* ret */
+		op->eob = true;
+		op->type = RZ_ANALYSIS_OP_TYPE_RET;
+		break;
+	case XTENSA_INS_L16UI: /* l16ui */
+	case XTENSA_INS_L16SI: /* l16si */
+	case XTENSA_INS_L32I: /* l32i */
+	case XTENSA_INS_L8UI: /* l8ui */
+		op->type = RZ_ANALYSIS_OP_TYPE_LOAD;
+		break;
+	case XTENSA_INS_L32R: /* l32r */
+		op->type = RZ_ANALYSIS_OP_TYPE_LOAD;
+		break;
+	case XTENSA_INS_ADDMI: /* addmi */
+		op->type = RZ_ANALYSIS_OP_TYPE_ADD;
+		break;
+	case XTENSA_INS_AND: /* and */
+	case XTENSA_INS_OR: /* or */
+	case XTENSA_INS_XOR: /* xor */
+		op->type = RZ_ANALYSIS_OP_TYPE_COND;
+		break;
+	case XTENSA_INS_BEQI: /* beqi */
+	case XTENSA_INS_BNEI: /* bnei */
+	case XTENSA_INS_BGEI: /* bgei */
+	case XTENSA_INS_BLTI: /* blti */
+	case XTENSA_INS_BGEUI: /* bgeui */
+	case XTENSA_INS_BLTUI: /* bltui */
+	case XTENSA_INS_BBCI: /* bbci */
+	case XTENSA_INS_BBSI: /* bbsi */
+	case XTENSA_INS_BEQ: /* beq */
+	case XTENSA_INS_BNE: /* bne */
+	case XTENSA_INS_BGE: /* bge */
+	case XTENSA_INS_BLT: /* blt */
+	case XTENSA_INS_BGEU: /* bgeu */
+	case XTENSA_INS_BLTU: /* bltu */
+	case XTENSA_INS_BANY: /* bany */
+	case XTENSA_INS_BNONE: /* bnone */
+	case XTENSA_INS_BALL: /* ball */
+	case XTENSA_INS_BNALL: /* bnall */
+	case XTENSA_INS_BBC: /* bbc */
+	case XTENSA_INS_BBS: /* bbs */
+	case XTENSA_INS_BEQZ: /* beqz */
+	case XTENSA_INS_BNEZ: /* bnez */
+	case XTENSA_INS_BGEZ: /* bgez */
+	case XTENSA_INS_BLTZ: /* bltz */
+		op->type = RZ_ANALYSIS_OP_TYPE_CJMP;
+		op->jump = ctx->insn->address + IMM(2);
+		op->fail = ctx->insn->address + ctx->insn->size;
+		op->cond = xtensa_cond(ctx->insn->id);
+		break;
+	case XTENSA_INS_EXTUI: /* extui */
+		op->type = RZ_ANALYSIS_OP_TYPE_CAST;
+		break;
+	case XTENSA_INS_J: /* j */
+		op->type = RZ_ANALYSIS_OP_TYPE_JMP;
+		op->jump = ctx->insn->address + IMM(0);
+		op->fail = ctx->insn->address + ctx->insn->size;
+		break;
+	case XTENSA_INS_CALLX0: /* callx0 */
+		op->type = RZ_ANALYSIS_OP_TYPE_RCALL;
+		op->reg = REGO(0);
+		break;
+	case XTENSA_INS_MOVEQZ: /* moveqz */
+	case XTENSA_INS_MOVNEZ: /* movnez */
+	case XTENSA_INS_MOVLTZ: /* movltz */
+	case XTENSA_INS_MOVGEZ: /* movgez */
+		op->type = RZ_ANALYSIS_OP_TYPE_CMOV;
+		break;
+	case XTENSA_INS_ABS: /* abs */
+		op->type = RZ_ANALYSIS_OP_TYPE_ABS;
+		break;
+	case XTENSA_INS_NEG: /* neg */
+		op->type = RZ_ANALYSIS_OP_TYPE_NULL;
+		break;
+	case XTENSA_INS_SSR: /* ssr */
+		op->type = RZ_ANALYSIS_OP_TYPE_SHR;
+		break;
+	case XTENSA_INS_SSL: /* ssl */
+		op->type = RZ_ANALYSIS_OP_TYPE_SHL;
+		break;
+	case XTENSA_INS_SLLI: /* slli */
+		op->type = RZ_ANALYSIS_OP_TYPE_SHL;
+		break;
+	case XTENSA_INS_SRLI: /* srli */
+		op->type = RZ_ANALYSIS_OP_TYPE_SHR;
+		break;
+	case XTENSA_INS_SSAI: /* ssai */
+		op->type = RZ_ANALYSIS_OP_TYPE_SAR;
+		break;
+	case XTENSA_INS_SLL: /* sll */
+		op->type = RZ_ANALYSIS_OP_TYPE_SHL;
+		break;
+	case XTENSA_INS_SRL: /* srl */
+		op->type = RZ_ANALYSIS_OP_TYPE_SHR;
+		break;
+	}
+}
+
 static int xtensa_op(RzAnalysis *analysis, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, RzAnalysisOpMask mask) {
 	XtensaContext *ctx = analysis->plugin_data;
 	if (!xtensa_open(ctx, analysis->cpu, analysis->big_endian)) {
@@ -86,6 +244,8 @@ static int xtensa_op(RzAnalysis *analysis, RzAnalysisOp *op, ut64 addr, const ut
 		goto beach;
 	}
 
+	xtensa_analyze_op(analysis, op, ctx);
+
 	if (mask & RZ_ANALYSIS_OP_MASK_DISASM) {
 		op->mnemonic = rz_str_newf(
 			"%s%s%s",