From patchwork Tue Oct 19 19:14:36 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?Q?Llu=C3=ADs?= <xscript@gmx.net>
X-Patchwork-Id: 68958
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [199.232.76.165])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id CAC781007F6
	for <incoming@patchwork.ozlabs.org>;
	Sat, 23 Oct 2010 07:16:06 +1100 (EST)
Received: from localhost ([127.0.0.1]:57559 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1P9O1y-0002zj-OS
	for incoming@patchwork.ozlabs.org; Fri, 22 Oct 2010 16:16:02 -0400
Received: from [140.186.70.92] (port=45310 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1P9Mt0-0001qD-Bc
	for qemu-devel@nongnu.org; Fri, 22 Oct 2010 15:02:44 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <xscript@gmx.net>) id 1P9MpI-0005XA-WD
	for qemu-devel@nongnu.org; Fri, 22 Oct 2010 14:58:54 -0400
Received: from mailout-de.gmx.net ([213.165.64.23]:60391 helo=mail.gmx.net)
	by eggs.gnu.org with smtp (Exim 4.71)
	(envelope-from <xscript@gmx.net>) id 1P9MpI-0005Wo-LA
	for qemu-devel@nongnu.org; Fri, 22 Oct 2010 14:58:52 -0400
Received: (qmail invoked by alias); 22 Oct 2010 18:58:50 -0000
Received: from unknown (EHLO localhost) [84.88.53.92]
	by mail.gmx.net (mp025) with SMTP; 22 Oct 2010 20:58:50 +0200
X-Authenticated: #12333383
X-Provags-ID: V01U2FsdGVkX18MND43UZsMJGTjvArRptvK0vsYnGdvabnCXXo0cU
	eeEOSm2LrYyM9x
From: xscript@gmx.net (=?utf-8?Q?Llu=C3=ADs?=)
To: qemu-devel@nongnu.org
In-Reply-To: <cover.1287772676.git.vilanova@ac.upc.edu>
Date: Tue, 19 Oct 2010 21:14:36 +0200
References: <cover.1287772676.git.vilanova@ac.upc.edu>
Message-Id: 
 <495cba98dfc4cc5c40cc1a572327729d8926c596.1287772676.git.vilanova@ac.upc.edu>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux)
MIME-Version: 1.0
X-Y-GMX-Trusted: 0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
Subject: [Qemu-devel] [PATCH 05/18] backdoor: [i386] Decode backdoor
	instructions
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Decode backdoor instructions following "backdoor/guest.h" and call the
user-defined backdoor helpers.

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
---
 target-i386/translate.c |   30 ++++++++++++++++++++++++++++++
 1 files changed, 30 insertions(+), 0 deletions(-)

diff --git a/target-i386/translate.c b/target-i386/translate.c
index 7b6e3c2..b54a823 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -4105,6 +4105,31 @@ static target_ulong disas_insn(DisasContext *s, target_ulong pc_start)
     x86_64_hregs = 0;
 #endif
     s->rip_offset = 0; /* for relative ip address */
+
+#if defined(CONFIG_BACKDOOR)
+    if (ldub_code(s->pc) == 0x0f &&  ldub_code(s->pc + 1) == 0x04) {
+        uint8_t type = ldub_code(s->pc + 2);
+        TCGv_i32 cmd;
+        /* TODO: should break TB, but gen_eob generates an infinite loop */
+        switch (type) {
+        case 0x00:                      /* i8 */
+            cmd = tcg_const_i32((uint32_t)ldub_code(s->pc + 3));
+            gen_helper_backdoor_i8(cmd);
+            break;
+        case 0x01:                      /* i8 v */
+            cmd = tcg_const_i32(ldub_code(s->pc + 3));
+            gen_helper_backdoor_i8_v(cmd, cpu_regs[R_EAX]);
+            break;
+        default:
+            goto illegal_op;
+        }
+        s->pc += 4;
+        gen_jmp_im(s->pc);
+        gen_eob(s);
+        goto backdoor_done;
+    }
+#endif
+
  next_byte:
     b = ldub_code(s->pc);
     s->pc++;
@@ -7636,6 +7661,11 @@ static target_ulong disas_insn(DisasContext *s, target_ulong pc_start)
     default:
         goto illegal_op;
     }
+
+#if defined(CONFIG_BACKDOOR)
+backdoor_done:
+#endif
+
     /* lock generation */
     if (s->prefix & PREFIX_LOCK)
         gen_helper_unlock();