Skip to content

Commit

Permalink
Add JMP32 class to dissassembler (#451)
Browse files Browse the repository at this point in the history
Signed-off-by: Alan Jowett <[email protected]>
Co-authored-by: Alan Jowett <[email protected]>
  • Loading branch information
Alan-Jowett and Alan Jowett authored May 7, 2024
1 parent 5d4d78d commit a2f230d
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions ubpf/disassembler.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
3: "stx",
4: "alu",
5: "jmp",
6: "jmp32",
7: "alu64",
}

Expand Down Expand Up @@ -71,6 +72,7 @@
BPF_CLASS_STX = 3
BPF_CLASS_ALU = 4
BPF_CLASS_JMP = 5
BPF_CLASS_JMP32 = 6
BPF_CLASS_ALU64 = 7

BPF_ALU_NEG = 8
Expand Down Expand Up @@ -123,6 +125,21 @@ def disassemble_one(data, offset):
opcode = (code >> 4) & 0xf
opcode_name = JMP_OPCODES.get(opcode)

if opcode_name == "exit":
return opcode_name
elif opcode_name == "call":
return "%s %s" % (opcode_name, I(imm))
elif opcode_name == "ja":
return "%s %s" % (opcode_name, O(off))
elif source == 0:
return "%s %s, %s, %s" % (opcode_name, R(dst_reg), I(imm), O(off))
else:
return "%s %s, %s, %s" % (opcode_name, R(dst_reg), R(src_reg), O(off))
elif cls == BPF_CLASS_JMP32:
source = (code >> 3) & 1
opcode = (code >> 4) & 0xf
opcode_name = JMP_OPCODES.get(opcode) + "32"

if opcode_name == "exit":
return opcode_name
elif opcode_name == "call":
Expand Down

0 comments on commit a2f230d

Please sign in to comment.