Enable the MCU feature

Author: cla7aye15I4nd

qiling/const.py

@@ -30,6 +30,7 @@ class QL_OS(IntEnum):
     DOS = 206
     EVM = 207
     QNX = 208
+    CORTEX_M = 109
 
 class QL_VERBOSE(IntEnum):
     OFF = 0
@@ -50,13 +51,17 @@ class QL_INTERCEPT(IntEnum):
 
 QL_DEBUGGER_ALL = (QL_DEBUGGER.IDAPRO, QL_DEBUGGER.GDB, QL_DEBUGGER.QDB)
 
+QL_ARCH_MCU32   = (QL_ARCH.CORTEX_M,)
 QL_ARCH_ENDIAN = (QL_ARCH.MIPS, QL_ARCH.ARM)
 QL_ARCH_1BIT   = (QL_ARCH.EVM,)
 QL_ARCH_16BIT  = (QL_ARCH.A8086,)
-QL_ARCH_32BIT  = (QL_ARCH.ARM, QL_ARCH.ARM_THUMB, QL_ARCH.MIPS, QL_ARCH.X86)
+QL_ARCH_32BIT  = (QL_ARCH.ARM, QL_ARCH.ARM_THUMB, QL_ARCH.MIPS, QL_ARCH.X86) + QL_ARCH_MCU32
 QL_ARCH_64BIT  = (QL_ARCH.ARM64, QL_ARCH.X8664)
+QL_ARCH_MCU32   = (QL_ARCH.CORTEX_M,)
+QL_ARCH_MCU    = QL_ARCH_MCU32
 
 QL_OS_NONPID        = (QL_OS.DOS, QL_OS.UEFI)
+QL_ARCH_HARDWARE    = QL_ARCH_MCU
 QL_ARCH_NONEOS      = (QL_ARCH.EVM,)
 QL_OS_POSIX         = (QL_OS.LINUX, QL_OS.FREEBSD, QL_OS.MACOS, QL_OS.QNX)
 QL_OS_ALL           = QL_OS_POSIX + QL_OS_NONPID + (QL_OS.WINDOWS,)
@@ -85,9 +90,11 @@ def __reverse_enum(e: EnumMeta) -> Mapping[str, __QL_CE]:
     QL_OS.WINDOWS : "PE",
     QL_OS.UEFI    : "PE_UEFI",
     QL_OS.DOS     : "DOS",
-    QL_OS.EVM     : "EVM"
+    QL_OS.EVM     : "EVM",
+    QL_ARCH.CORTEX_M  : "MCU",
 }
 
 arch_os_map = {
-    QL_ARCH.EVM: QL_OS.EVM
+    QL_ARCH.EVM: QL_OS.EVM,
+    QL_ARCH.CORTEX_M: QL_OS.CORTEX_M,
 }

qiling/core.py

@@ -16,9 +16,10 @@
     from .arch.arch import QlArch
     from .os.os import QlOs
     from .os.memory import QlMemoryManager
+    from .hw.hw import QlHwManager
     from .loader.loader import QlLoader
 
-from .const import QL_ARCH_ENDIAN, QL_ENDIAN, QL_OS, QL_VERBOSE, QL_ARCH_NONEOS
+from .const import QL_ARCH_ENDIAN, QL_ENDIAN, QL_OS, QL_VERBOSE, QL_ARCH_NONEOS, QL_ARCH_HARDWARE
 from .exception import QlErrorFileNotFound, QlErrorArch, QlErrorOsType, QlErrorOutput
 from .utils import *
 from .core_struct import QlCoreStructs
@@ -170,7 +171,7 @@ def __init__(
         #####################
         # Profile & Logging #
         #####################
-        self._profile, debugmsg = profile_setup(self.ostype, self.profile, self)
+        self._profile, debugmsg = profile_setup(self)
 
         # Log's configuration
 
@@ -208,6 +209,9 @@ def __init__(
         if self.archtype not in QL_ARCH_NONEOS:
             self._mem = component_setup("os", "memory", self)
             self._reg = component_setup("arch", "register", self)
+        
+        if self.archtype in QL_ARCH_HARDWARE:   
+            self._hw  = component_setup("hw", "hw", self)
 
         self._arch = arch_setup(self.archtype, self)
 
@@ -220,23 +224,25 @@ def __init__(
             self.arch.utils.setup_output()
 
         if (self.archtype not in QL_ARCH_NONEOS):
-            self._os = os_setup(self.archtype, self.ostype, self)
+            if (self.archtype not in QL_ARCH_HARDWARE):
+                self._os = os_setup(self.archtype, self.ostype, self)
 
-            if stdin is not None:
-                self._os.stdin = stdin
+                if stdin is not None:
+                    self._os.stdin = stdin
 
-            if stdout is not None:
-                self._os.stdout = stdout
+                if stdout is not None:
+                    self._os.stdout = stdout
 
-            if stderr is not None:
-                self._os.stderr = stderr
+                if stderr is not None:
+                    self._os.stderr = stderr
 
         # Run the loader
         self.loader.run()
 
         if (self.archtype not in QL_ARCH_NONEOS):
-            # Add extra guard options when configured to do so
-            self._init_stop_guard()    
+            if (self.archtype not in QL_ARCH_HARDWARE):
+                # Add extra guard options when configured to do so
+                self._init_stop_guard()    
 
     #####################
     # Qiling Components #
@@ -258,6 +264,14 @@ def reg(self) -> "QlRegisterManager":
         """
         return self._reg
 
+    @property
+    def hw(self) -> "QlHwManager":
+        """ Qiling hardware manager.
+
+            Example: 
+        """
+        return self._hw
+
 
     @property
     def arch(self) -> "QlArch":
@@ -630,6 +644,7 @@ def stop_options(self) -> "QlStopOptions":
         return self._stop_options
 
     def __enable_bin_patch(self):
+        
         for addr, code in self.patch_bin:
             self.mem.write(self.loader.load_address + addr, code)
 
@@ -692,13 +707,20 @@ def run(self, begin=None, end=None, timeout=0, count=0, code = None):
         self.exit_point = end
         self.timeout = timeout
         self.count = count
+        self.end = end
 
         if self.archtype in QL_ARCH_NONEOS:
             if code == None:
                 return self.arch.run(self._code)
             else:
                 return self.arch.run(code) 
 
+        if self.archtype in QL_ARCH_HARDWARE:
+            self.__enable_bin_patch()
+            if self.count == 0:
+                self.count = -1
+            return self.arch.run(count=self.count, end=self.end)
+
         self.write_exit_trap()
 
         # init debugger
@@ -859,7 +881,4 @@ def emu_start(self, begin, end, timeout=0, count=0):
         self.uc.emu_start(begin, end, timeout, count)
 
         if self._internal_exception != None:
-            raise self._internal_exception
-    
-    def __del__(self):
-        del self._uc
+            raise self._internal_exception

qiling/utils.py

@@ -15,8 +15,13 @@
 from unicorn import UC_ERR_READ_UNMAPPED, UC_ERR_FETCH_UNMAPPED
 
 from .exception import *
-from .const import QL_ARCH_NONEOS, QL_VERBOSE, QL_ARCH, QL_ENDIAN, QL_OS, QL_DEBUGGER, QL_ARCH_1BIT, QL_ARCH_16BIT, QL_ARCH_32BIT, QL_ARCH_64BIT
-from .const import debugger_map, arch_map, os_map, arch_os_map, loader_map
+from .const import (
+    QL_VERBOSE, QL_ENDIAN,
+    QL_ARCH,  QL_OS, QL_DEBUGGER, 
+    QL_ARCH_HARDWARE, QL_ARCH_NONEOS,
+    QL_ARCH_1BIT, QL_ARCH_16BIT, QL_ARCH_32BIT, QL_ARCH_64BIT,     
+    debugger_map, arch_map, os_map, arch_os_map, loader_map
+)
 
 FMT_STR = "%(levelname)s\t%(message)s"
 
@@ -157,7 +162,7 @@ def wrapper(*args, **kw):
             try:
                 return func(*args, **kw)
             except BaseException as e:
-                ql.os.stop()
+                ql.stop()
                 ql._internal_exception = e
 
         return wrapper
@@ -208,9 +213,9 @@ def ostype_convert(ostype: str) -> Optional[QL_OS]:
 def arch_convert_str(arch: QL_ARCH) -> Optional[str]:
     return __reverse_mapping(arch_map).get(arch)
 
-def arch_convert(arch: str) -> Optional[QL_ARCH]:
+def arch_convert(arch: str)  -> Optional[QL_ARCH]:
     return arch_map.get(arch)
-
+    
 def arch_os_convert(arch):
     adapter = {}
     adapter.update(arch_os_map)
@@ -480,22 +485,40 @@ def os_setup(archtype: QL_ARCH, ostype: QL_OS, ql):
     return ql_get_module_function(f"qiling.os.{ostype_str.lower()}.{ostype_str.lower()}", function_name)(ql)
 
 
-def profile_setup(ostype, profile, ql):
+def profile_setup(ql):
+    if ql.archtype in QL_ARCH_HARDWARE:
+        return ql_hw_profile_setup(ql)
+
     _profile = "Default"
-    if profile != None:
-        _profile = profile
-        
+    
+    if ql.profile != None:
+        _profile = ql.profile
     debugmsg = "Profile: %s" % _profile
 
-    os_profile = os.path.join(os.path.dirname(os.path.abspath(__file__)), "profiles", ostype_convert_str(ostype) + ".ql")
+    os_profile = os.path.join(os.path.dirname(os.path.abspath(__file__)), "profiles", ostype_convert_str(ql.ostype) + ".ql")
 
-    if profile:
-        profiles = [os_profile, profile]
+    if ql.profile:
+        profiles = [os_profile, ql.profile]
     else:
         profiles = [os_profile]
 
     config = configparser.ConfigParser()
     config.read(profiles)
+    
+    return config, debugmsg
+
+def ql_hw_profile_setup(ql):
+    config = configparser.ConfigParser()
+    debugmsg = "Profile: %s" % ql.profile
+
+    profile_name = '%s.ql' % ql.profile
+    profile_dir  = os.path.join(os.path.dirname(os.path.abspath(__file__)), "profiles")
+
+    for path, _, files in os.walk(profile_dir):
+        if profile_name in files:            
+            config.read(os.path.join(profile_dir, path, profile_name))
+            break
+
     return config, debugmsg
 
 def ql_resolve_logger_level(verbose: QL_VERBOSE) -> int:
@@ -592,4 +615,4 @@ def verify_ret(ql, err):
             else:
                 raise
     else:
-        raise        
+        raise