xreturn.py revision 9700
15433Sgblack@eecs.umich.edu# Copyright (c) 2007-2008 The Hewlett-Packard Development Company 25081Sgblack@eecs.umich.edu# All rights reserved. 35081Sgblack@eecs.umich.edu# 47087Snate@binkert.org# The license below extends only to copyright in the software and shall 57087Snate@binkert.org# not be construed as granting a license to any other intellectual 67087Snate@binkert.org# property including but not limited to intellectual property relating 77087Snate@binkert.org# to a hardware implementation of the functionality of the software 87087Snate@binkert.org# licensed hereunder. You may use the software subject to the license 97087Snate@binkert.org# terms below provided that you ensure that this notice is replicated 107087Snate@binkert.org# unmodified and in its entirety in all distributions of the software, 117087Snate@binkert.org# modified or unmodified, in source code or in binary form. 125081Sgblack@eecs.umich.edu# 137087Snate@binkert.org# Redistribution and use in source and binary forms, with or without 147087Snate@binkert.org# modification, are permitted provided that the following conditions are 157087Snate@binkert.org# met: redistributions of source code must retain the above copyright 167087Snate@binkert.org# notice, this list of conditions and the following disclaimer; 177087Snate@binkert.org# redistributions in binary form must reproduce the above copyright 187087Snate@binkert.org# notice, this list of conditions and the following disclaimer in the 197087Snate@binkert.org# documentation and/or other materials provided with the distribution; 207087Snate@binkert.org# neither the name of the copyright holders nor the names of its 215081Sgblack@eecs.umich.edu# contributors may be used to endorse or promote products derived from 227087Snate@binkert.org# this software without specific prior written permission. 235081Sgblack@eecs.umich.edu# 245081Sgblack@eecs.umich.edu# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 255081Sgblack@eecs.umich.edu# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 265081Sgblack@eecs.umich.edu# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 275081Sgblack@eecs.umich.edu# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 285081Sgblack@eecs.umich.edu# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 295081Sgblack@eecs.umich.edu# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 305081Sgblack@eecs.umich.edu# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 315081Sgblack@eecs.umich.edu# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 325081Sgblack@eecs.umich.edu# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 335081Sgblack@eecs.umich.edu# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 345081Sgblack@eecs.umich.edu# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 355081Sgblack@eecs.umich.edu# 365081Sgblack@eecs.umich.edu# Authors: Gabe Black 375081Sgblack@eecs.umich.edu 385081Sgblack@eecs.umich.edumicrocode = ''' 395081Sgblack@eecs.umich.edudef macroop RET_NEAR 405081Sgblack@eecs.umich.edu{ 415081Sgblack@eecs.umich.edu # Make the default data size of rets 64 bits in 64 bit mode 425081Sgblack@eecs.umich.edu .adjust_env oszIn64Override 439700Snilay@cs.wisc.edu .function_return 445081Sgblack@eecs.umich.edu 455081Sgblack@eecs.umich.edu ld t1, ss, [1, t0, rsp] 465119Sgblack@eecs.umich.edu # Check address of return 475081Sgblack@eecs.umich.edu addi rsp, rsp, dsz 485081Sgblack@eecs.umich.edu wripi t1, 0 495081Sgblack@eecs.umich.edu}; 505081Sgblack@eecs.umich.edu 515081Sgblack@eecs.umich.edudef macroop RET_NEAR_I 525081Sgblack@eecs.umich.edu{ 535081Sgblack@eecs.umich.edu # Make the default data size of rets 64 bits in 64 bit mode 545081Sgblack@eecs.umich.edu .adjust_env oszIn64Override 559700Snilay@cs.wisc.edu .function_return 565081Sgblack@eecs.umich.edu 575081Sgblack@eecs.umich.edu limm t2, imm 585081Sgblack@eecs.umich.edu ld t1, ss, [1, t0, rsp] 595119Sgblack@eecs.umich.edu # Check address of return 605081Sgblack@eecs.umich.edu addi rsp, rsp, dsz 615081Sgblack@eecs.umich.edu add rsp, rsp, t2 625081Sgblack@eecs.umich.edu wripi t1, 0 635081Sgblack@eecs.umich.edu}; 645295Sgblack@eecs.umich.edu 655295Sgblack@eecs.umich.edudef macroop RET_FAR { 665295Sgblack@eecs.umich.edu .adjust_env oszIn64Override 679700Snilay@cs.wisc.edu .function_return 685295Sgblack@eecs.umich.edu 695295Sgblack@eecs.umich.edu # Get the return RIP 705295Sgblack@eecs.umich.edu ld t1, ss, [1, t0, rsp] 715295Sgblack@eecs.umich.edu 725295Sgblack@eecs.umich.edu # Get the return CS 735433Sgblack@eecs.umich.edu ld t2, ss, [1, t0, rsp], ssz 745295Sgblack@eecs.umich.edu 759671SChristian.Menard@tu-dresden.de # increment the stack pointer to pop the instruction pointer 769671SChristian.Menard@tu-dresden.de # and the code segment from the stack. 779671SChristian.Menard@tu-dresden.de addi rsp, rsp, dsz 789671SChristian.Menard@tu-dresden.de addi rsp, rsp, dsz 799671SChristian.Menard@tu-dresden.de 805295Sgblack@eecs.umich.edu # Get the rpl 815295Sgblack@eecs.umich.edu andi t3, t2, 0x3 825295Sgblack@eecs.umich.edu 835295Sgblack@eecs.umich.edu # Get the cpl 845295Sgblack@eecs.umich.edu 855295Sgblack@eecs.umich.edu # Here we'd check if we're changing priviledge levels. We'll just hope 865295Sgblack@eecs.umich.edu # that doesn't happen yet. 875295Sgblack@eecs.umich.edu 885295Sgblack@eecs.umich.edu # Do stuff if they're equal 895433Sgblack@eecs.umich.edu andi t0, t2, 0xFC, flags=(EZF,), dataSize=2 905661Sgblack@eecs.umich.edu br label("processDescriptor"), flags=(CEZF,) 915433Sgblack@eecs.umich.edu andi t3, t2, 0xF8, dataSize=8 925433Sgblack@eecs.umich.edu andi t0, t2, 0x4, flags=(EZF,), dataSize=2 935661Sgblack@eecs.umich.edu br label("globalDescriptor"), flags=(CEZF,) 945433Sgblack@eecs.umich.edu ld t3, tsl, [1, t0, t3], dataSize=8 955661Sgblack@eecs.umich.edu br label("processDescriptor") 965433Sgblack@eecs.umich.eduglobalDescriptor: 975433Sgblack@eecs.umich.edu ld t3, tsg, [1, t0, t3], dataSize=8 985433Sgblack@eecs.umich.eduprocessDescriptor: 995433Sgblack@eecs.umich.edu chks t2, t3, IretCheck, dataSize=8 1005295Sgblack@eecs.umich.edu # There should be validity checks on the RIP checks here, but I'll do 1015295Sgblack@eecs.umich.edu # that later. 1025590Sgblack@eecs.umich.edu wrdl cs, t3, t2 1035590Sgblack@eecs.umich.edu wrsel cs, t2 1045295Sgblack@eecs.umich.edu wrip t0, t1 1059700Snilay@cs.wisc.edu# br label("end") 1065295Sgblack@eecs.umich.edu 1075295Sgblack@eecs.umich.edu # Do other stuff if they're not. 1089700Snilay@cs.wisc.edu#end: 1099700Snilay@cs.wisc.edu# fault "NoFault" 1105295Sgblack@eecs.umich.edu}; 1115081Sgblack@eecs.umich.edu''' 112