From patchwork Tue Oct 19 19:14:36 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [05/18] backdoor: [i386] Decode backdoor instructions Date: Tue, 19 Oct 2010 09:14:36 -0000 From: =?utf-8?Q?Llu=C3=ADs?= X-Patchwork-Id: 68958 Message-Id: <495cba98dfc4cc5c40cc1a572327729d8926c596.1287772676.git.vilanova@ac.upc.edu> To: qemu-devel@nongnu.org Decode backdoor instructions following "backdoor/guest.h" and call the user-defined backdoor helpers. Signed-off-by: LluĂ­s Vilanova --- target-i386/translate.c | 30 ++++++++++++++++++++++++++++++ 1 files changed, 30 insertions(+), 0 deletions(-) diff --git a/target-i386/translate.c b/target-i386/translate.c index 7b6e3c2..b54a823 100644 --- a/target-i386/translate.c +++ b/target-i386/translate.c @@ -4105,6 +4105,31 @@ static target_ulong disas_insn(DisasContext *s, target_ulong pc_start) x86_64_hregs = 0; #endif s->rip_offset = 0; /* for relative ip address */ + +#if defined(CONFIG_BACKDOOR) + if (ldub_code(s->pc) == 0x0f && ldub_code(s->pc + 1) == 0x04) { + uint8_t type = ldub_code(s->pc + 2); + TCGv_i32 cmd; + /* TODO: should break TB, but gen_eob generates an infinite loop */ + switch (type) { + case 0x00: /* i8 */ + cmd = tcg_const_i32((uint32_t)ldub_code(s->pc + 3)); + gen_helper_backdoor_i8(cmd); + break; + case 0x01: /* i8 v */ + cmd = tcg_const_i32(ldub_code(s->pc + 3)); + gen_helper_backdoor_i8_v(cmd, cpu_regs[R_EAX]); + break; + default: + goto illegal_op; + } + s->pc += 4; + gen_jmp_im(s->pc); + gen_eob(s); + goto backdoor_done; + } +#endif + next_byte: b = ldub_code(s->pc); s->pc++; @@ -7636,6 +7661,11 @@ static target_ulong disas_insn(DisasContext *s, target_ulong pc_start) default: goto illegal_op; } + +#if defined(CONFIG_BACKDOOR) +backdoor_done: +#endif + /* lock generation */ if (s->prefix & PREFIX_LOCK) gen_helper_unlock();