lazymio/unicorn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

make i386 instructions RDTSC and RDTSCP hookable (#2066)

Browse Source 
* instruction hooks for RDTSC and RDTSCP

Signed-off-by: Pedro Tôrres <t0rr3sp3dr0@gmail.com>

* update hookable instruction list

Signed-off-by: Pedro Tôrres <t0rr3sp3dr0@gmail.com>

* test RDTSC and RDTSCP instruction hooks

Signed-off-by: Pedro Tôrres <t0rr3sp3dr0@gmail.com>

---------

Signed-off-by: Pedro Tôrres <t0rr3sp3dr0@gmail.com>
Co-authored-by: mio <mio@lazym.io>
This commit is contained in:
Pedro Tôrres
2024-12-20 01:17:23 -08:00
committed by GitHub
parent 1cbb7b40b2
commit 7737e7b436
6 changed files with 167 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bindings/go/unicorn/hook.c
View File

@@ -40,3 +40,7 @@ void hookX86Out_cgo(uc_engine *handle, uint32_t port, uint32_t size, uint32_t va
void hookX86Syscall_cgo(uc_engine *handle, uintptr_t user) {
hookX86Syscall(handle, (void *)user);
}
int hookX86Cpuid_cgo(uc_engine *handle, uintptr_t user) {
return hookX86Cpuid(handle, (void *)user);
}

8
bindings/go/unicorn/hook.go
View File

@@ -98,6 +98,12 @@ func hookX86Syscall(handle unsafe.Pointer, user unsafe.Pointer) {
hook.Callback.(func(Unicorn))(hook.Uc)
}
//export hookX86Cpuid
func hookX86Cpuid(handle unsafe.Pointer, user unsafe.Pointer) bool {
hook := hookMap.get(user)
return hook.Callback.(func(Unicorn) bool)(hook.Uc)
}
func (u *uc) HookAdd(htype int, cb interface{}, begin, end uint64, extra ...int) (Hook, error) {
var callback unsafe.Pointer
var insn C.int
@@ -119,6 +125,8 @@ func (u *uc) HookAdd(htype int, cb interface{}, begin, end uint64, extra ...int)
callback = C.hookX86Out_cgo
case X86_INS_SYSCALL, X86_INS_SYSENTER:
callback = C.hookX86Syscall_cgo
case X86_INS_CPUID, X86_INS_RDTSC, X86_INS_RDTSCP:
callback = C.hookX86Cpuid_cgo
default:
return 0, errors.New("Unknown instruction type.")
}

1
bindings/go/unicorn/hook.h
View File

@@ -7,3 +7,4 @@ void hookInterrupt_cgo(uc_engine *handle, uint32_t intno, uintptr_t user);
uint32_t hookX86In_cgo(uc_engine *handle, uint32_t port, uint32_t size, uintptr_t user);
void hookX86Out_cgo(uc_engine *handle, uint32_t port, uint32_t size, uint32_t value, uintptr_t user);
void hookX86Syscall_cgo(uc_engine *handle, uintptr_t user);
int hookX86Cpuid_cgo(uc_engine *handle, uintptr_t user);