Skip to content

Commit

Permalink
Add lfi-ret on arm64
Browse files Browse the repository at this point in the history
  • Loading branch information
@zyedidia
zyedidia committed Dec 24, 2024
1 parent 2fbe93b commit eb3e906
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 2 deletions.
12 changes: 12 additions & 0 deletions lfi-leg/arm64/syscall.leg
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@
} \
%}

Top = Syscall | Retcall

Syscall = < 'svc' - (!EOL .)* > - {
if (!args.poc)
mkinsn("mov x22, x30");
Expand All @@ -21,6 +23,16 @@ Syscall = < 'svc' - (!EOL .)* > - {
mkinsn("add x30, x21, w22, uxtw");
}

Retcall = 'libret' - {
if (!args.poc)
mkinsn("mov x22, x30");
else
mkinsn("mov w22, w30");
mkinsn("ldr x30, [%s, #24]", args.sysexternal ? "x25" : "x21");
mkinsn("blr x30");
mkinsn("add x30, x21, w22, uxtw");
}

%%

void
Expand Down
18 changes: 16 additions & 2 deletions liblfi/arch/arm64/runtime.S
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,22 @@ lfi_set_tp:
.p2align 4
.globl lfi_ret
lfi_ret:
// TODO
brk #0
GET_PROC
// restore kernel stack
ldr x22, [x21]
mov sp, x22
// restore callee-saved registers
ldp x29, x30, [sp], 16
ldp x27, x28, [sp], 16
ldp x25, x26, [sp], 16
ldp x23, x24, [sp], 16
ldp x21, x22, [sp], 16
ldp x19, x20, [sp], 16
ldp d14, d15, [sp], 16
ldp d12, d13, [sp], 16
ldp d10, d11, [sp], 16
ldp d8, d9, [sp], 16
ret

// lfi_asm_invoke(Proc* p, void* fn, void** kstackp)
.p2align 4
Expand Down

0 comments on commit eb3e906

Please sign in to comment.