Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

qemu/tcg: fix UC_HOOK_MEM_READ on aarch64. #2028

Merged
merged 4 commits into from
Jan 4, 2025
+31 −8
Merged

qemu/tcg: fix UC_HOOK_MEM_READ on aarch64. #2028

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
376c169
qemu/tcg: fix UC_HOOK_MEM_READ on aarch64.
glennsec Oct 11, 2024
bfe3acb
qemu/tcg: fix UC_HOOK_MEM_READ on ppc64.
glennsec Oct 14, 2024
d84208e
qemu/tcg: check for UC_HOOK_MEM_READ_AFTER.
glennsec Oct 22, 2024
7a5711c
qemu/tcg: factor out has_hookmem().
glennsec Oct 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions qemu/include/tcg/tcg.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1577,4 +1577,11 @@ struct jit_code_entry {
void uc_del_inline_hook(uc_engine *uc, struct hook *hk);
void uc_add_inline_hook(uc_engine *uc, struct hook *hk, void** args, int args_len);

static inline bool tcg_uc_has_hookmem(TCGContext *s)
{
return HOOK_EXISTS(s->uc, UC_HOOK_MEM_READ) ||
HOOK_EXISTS(s->uc, UC_HOOK_MEM_READ_AFTER) ||
HOOK_EXISTS(s->uc, UC_HOOK_MEM_WRITE);
}

#endif /* TCG_H */
12 changes: 9 additions & 3 deletions qemu/tcg/aarch64/tcg-target.inc.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1587,7 +1587,8 @@ static bool tcg_out_qemu_ld_slow_path(TCGContext *s, TCGLabelQemuLdst *lb)
MemOp opc = get_memop(oi);
MemOp size = opc & MO_SIZE;

if (!reloc_pc19(lb->label_ptr[0], s->code_ptr)) {
const int type = tcg_uc_has_hookmem(s) ? R_AARCH64_JUMP26 : R_AARCH64_CONDBR19;
if (!patch_reloc(lb->label_ptr[0], type, (intptr_t)s->code_ptr, 0)) {
return false;
}

Expand All @@ -1612,7 +1613,8 @@ static bool tcg_out_qemu_st_slow_path(TCGContext *s, TCGLabelQemuLdst *lb)
MemOp opc = get_memop(oi);
MemOp size = opc & MO_SIZE;

if (!reloc_pc19(lb->label_ptr[0], s->code_ptr)) {
const int type = tcg_uc_has_hookmem(s) ? R_AARCH64_JUMP26 : R_AARCH64_CONDBR19;
if (!patch_reloc(lb->label_ptr[0], type, (intptr_t)s->code_ptr, 0)) {
return false;
}

Expand Down Expand Up @@ -1711,7 +1713,11 @@ static void tcg_out_tlb_read(TCGContext *s, TCGReg addr_reg, MemOp opc,

/* If not equal, we jump to the slow path. */
*label_ptr = s->code_ptr;
tcg_out_insn(s, 3202, B_C, TCG_COND_NE, 0);
// Unicorn: fast path if hookmem is not enabled
if (!tcg_uc_has_hookmem(s))
tcg_out_insn(s, 3202, B_C, TCG_COND_NE, 0);
else
tcg_out_insn(s, 3206, B, 0);
}

#endif /* CONFIG_SOFTMMU */
Expand Down
2 changes: 1 addition & 1 deletion qemu/tcg/i386/tcg-target.inc.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1763,7 +1763,7 @@ static inline void tcg_out_tlb_load(TCGContext *s, TCGReg addrlo, TCGReg addrhi,
tcg_out_mov(s, ttype, r1, addrlo);

// Unicorn: fast path if hookmem is not enable
if (!HOOK_EXISTS(s->uc, UC_HOOK_MEM_READ) && !HOOK_EXISTS(s->uc, UC_HOOK_MEM_WRITE))
if (!tcg_uc_has_hookmem(s))
tcg_out_opc(s, OPC_JCC_long + JCC_JNE, 0, 0, 0);
else
/* slow_path, so data access will go via load_helper() */
Expand Down
18 changes: 14 additions & 4 deletions qemu/tcg/ppc/tcg-target.inc.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2014,7 +2014,8 @@ static bool tcg_out_qemu_ld_slow_path(TCGContext *s, TCGLabelQemuLdst *lb)
MemOp opc = get_memop(oi);
TCGReg hi, lo, arg = TCG_REG_R3;

if (!reloc_pc14(lb->label_ptr[0], s->code_ptr)) {
const int type = tcg_uc_has_hookmem(s) ? R_PPC_REL24 : R_PPC_REL14;
if (!patch_reloc(lb->label_ptr[0], type, (intptr_t)s->code_ptr, 0)) {
return false;
}

Expand Down Expand Up @@ -2062,7 +2063,8 @@ static bool tcg_out_qemu_st_slow_path(TCGContext *s, TCGLabelQemuLdst *lb)
MemOp s_bits = opc & MO_SIZE;
TCGReg hi, lo, arg = TCG_REG_R3;

if (!reloc_pc14(lb->label_ptr[0], s->code_ptr)) {
const int type = tcg_uc_has_hookmem(s) ? R_PPC_REL24 : R_PPC_REL14;
if (!patch_reloc(lb->label_ptr[0], type, (intptr_t)s->code_ptr, 0)) {
return false;
}

Expand Down Expand Up @@ -2142,7 +2144,11 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg *args, bool is_64)

/* Load a pointer into the current opcode w/conditional branch-link. */
label_ptr = s->code_ptr;
tcg_out32(s, BC | BI(7, CR_EQ) | BO_COND_FALSE | LK);
// Unicorn: fast path if hookmem is not enabled
if (!tcg_uc_has_hookmem(s))
tcg_out32(s, BC | BI(7, CR_EQ) | BO_COND_FALSE | LK);
else
tcg_out32(s, B | LK);

rbase = TCG_REG_R3;
#else /* !CONFIG_SOFTMMU */
Expand Down Expand Up @@ -2217,7 +2223,11 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg *args, bool is_64)

/* Load a pointer into the current opcode w/conditional branch-link. */
label_ptr = s->code_ptr;
tcg_out32(s, BC | BI(7, CR_EQ) | BO_COND_FALSE | LK);
// Unicorn: fast path if hookmem is not enabled
if (!tcg_uc_has_hookmem(s))
tcg_out32(s, BC | BI(7, CR_EQ) | BO_COND_FALSE | LK);
else
tcg_out32(s, B | LK);

rbase = TCG_REG_R3;
#else /* !CONFIG_SOFTMMU */
Expand Down
Loading