Merge pull request #903 from elicn/arch-refactor

Arch Refactor

Author: xwings

qiling/arch/a8086.py

@@ -3,52 +3,92 @@
 # Cross Platform and Multi Architecture Advanced Binary Emulation Framework
 #
 
-from abc import ABC, abstractmethod
+from abc import ABC
+from typing import Optional
 
+from unicorn import Uc
+from unicorn.unicorn import UcContext
 from capstone import Cs
 from keystone import Ks
 
 from qiling import Qiling
-from .utils import QlArchUtils, ql_create_disassembler, ql_create_assembler
-from qiling.const import QL_ARCH
+from .utils import QlArchUtils
 
 class QlArch(ABC):
     def __init__(self, ql: Qiling):
         self.ql = ql
         self.utils = QlArchUtils(ql)
 
+        self._disasm: Optional[Cs] = None
+        self._asm: Optional[Ks] = None
+
     # ql.init_Uc - initialized unicorn engine
     @property
-    def init_uc(self):
-        return self.ql.arch.get_init_uc()
+    def init_uc(self) -> Uc:
+        return self.get_init_uc()
+
+
+    def stack_push(self, value: int) -> int:
+        """Push a value onto the architectural stack.
+
+        Args:
+            value: a numeric value to push
+
+        Returns: the top of stack after pushing the value
+        """
 
+        self.ql.reg.arch_sp -= self.ql.pointersize
+        self.ql.mem.write(self.ql.reg.arch_sp, self.ql.pack(value))
 
-    # push value to stack
-    @abstractmethod
-    def stack_push(self, data: int) -> int:
-        pass
+        return self.ql.reg.arch_sp
 
 
-    # pop value to stack
-    @abstractmethod
     def stack_pop(self) -> int:
-        pass
+        """Pop a value from the architectural stack.
 
+        Returns: the value at the top of stack
+        """
 
-    # write stack value
-    @abstractmethod
-    def stack_write(self, offset: int, data: int) -> None:
-        pass
+        data = self.ql.unpack(self.ql.mem.read(self.ql.reg.arch_sp, self.ql.pointersize))
+        self.ql.reg.arch_sp += self.ql.pointersize
+
+        return data
 
 
-    #  read stack value
-    @abstractmethod
     def stack_read(self, offset: int) -> int:
-        pass
- 
+        """Peek the architectural stack at a specified offset from its top, without affecting
+        the top of the stack.
+
+        Note that this operation violates the FIFO property of the stack and may be used cautiously.
+
+        Args:
+            offset: offset in bytes from the top of the stack, not necessarily aligned to the
+                    native stack item size. the offset may be either positive or netagive, where
+                    a 0 value means overwriting the value at the top of the stack
+
+        Returns: the value at the specified address
+        """
 
-       # set PC
-    def set_pc(self, address: int):
+        return self.ql.unpack(self.ql.mem.read(self.ql.reg.arch_sp + offset, self.ql.pointersize))
+
+
+    def stack_write(self, offset: int, value: int) -> None:
+        """Write a value to the architectural stack at a specified offset from its top, without
+        affecting the top of the stack.
+
+        Note that this operation violates the FIFO property of the stack and may be used cautiously.
+
+        Args:
+            offset: offset in bytes from the top of the stack, not necessarily aligned to the
+                    native stack item size. the offset may be either positive or netagive, where
+                    a 0 value means overwriting the value at the top of the stack
+        """
+
+        self.ql.mem.write(self.ql.reg.arch_sp + offset, self.ql.pack(value))
+
+
+    # set PC
+    def set_pc(self, address: int) -> None:
         self.ql.reg.arch_pc = address
 
 
@@ -58,7 +98,7 @@ def get_pc(self) -> int:
 
 
     # set stack pointer
-    def set_sp(self, address: int):
+    def set_sp(self, address: int) -> None:
         self.ql.reg.arch_sp = address
 
 
@@ -68,26 +108,24 @@ def get_sp(self) -> int:
 
 
     # Unicorn's CPU state save
-    def context_save(self):
+    def context_save(self) -> UcContext:
         return self.ql.uc.context_save()
 
 
     # Unicorn's CPU state restore method
-    def context_restore(self, saved_context):
+    def context_restore(self, saved_context: UcContext):
         self.ql.uc.context_restore(saved_context)
 
 
     def create_disassembler(self) -> Cs:
-        if self.ql.archtype in (QL_ARCH.ARM, QL_ARCH.ARM_THUMB):
-            reg_cpsr = self.ql.reg.cpsr
-        else:
-            reg_cpsr = None
-        return ql_create_disassembler(self.ql.archtype, self.ql.archendian, reg_cpsr)
+        """Get disassembler insatnce bound to arch.
+        """
+
+        raise NotImplementedError(self.__class__.__name__)
 
 
     def create_assembler(self) -> Ks:
-        if self.ql.archtype in (QL_ARCH.ARM, QL_ARCH.ARM_THUMB):
-            reg_cpsr = self.ql.reg.cpsr
-        else:
-            reg_cpsr = None
-        return ql_create_assembler(self.ql.archtype, self.ql.archendian, reg_cpsr)
+        """Get assembler insatnce bound to arch.
+        """
+
+        raise NotImplementedError(self.__class__.__name__)

qiling/arch/arch.py

@@ -3,94 +3,105 @@
 # Cross Platform and Multi Architecture Advanced Binary Emulation Framework
 #
 
-from unicorn import *
-from unicorn.arm_const import *
-
-from qiling.const import *
-from .arch import QlArch
-from .arm_const import *
+from unicorn import Uc, UC_ARCH_ARM, UC_MODE_ARM, UC_MODE_THUMB, UC_MODE_BIG_ENDIAN
+from capstone import Cs, CS_ARCH_ARM, CS_MODE_ARM, CS_MODE_THUMB
+from keystone import Ks, KS_ARCH_ARM, KS_MODE_ARM, KS_MODE_THUMB
 
+from qiling import Qiling
+from qiling.const import QL_ARCH, QL_ENDIAN
+from qiling.arch.arch import QlArch
+from qiling.arch.arm_const import *
+from qiling.exception import QlErrorArch
 
 class QlArchARM(QlArch):
-    def __init__(self, ql):
-        super(QlArchARM, self).__init__(ql)
-        register_mappings = [
-            reg_map
-        ]
+    def __init__(self, ql: Qiling):
+        super().__init__(ql)
+
+        reg_maps = (
+            reg_map,
+        )
 
-        for reg_maper in register_mappings:
+        for reg_maper in reg_maps:
             self.ql.reg.expand_mapping(reg_maper)
 
         self.ql.reg.create_reverse_mapping()
-
         self.ql.reg.register_sp(reg_map["sp"])
         self.ql.reg.register_pc(reg_map["pc"])
+
         self.arm_get_tls_addr = 0xFFFF0FE0
 
-    def stack_push(self, value):
-        self.ql.reg.sp -= 4
-        self.ql.mem.write(self.ql.reg.sp, self.ql.pack32(value))
-        return self.ql.reg.sp
+    # get initialized unicorn engine
+    def get_init_uc(self) -> Uc:
+        if self.ql.archendian == QL_ENDIAN.EB:
+            mode = UC_MODE_ARM + UC_MODE_BIG_ENDIAN
 
+        elif self.ql.archtype == QL_ARCH.ARM_THUMB:
+            mode = UC_MODE_THUMB
 
-    def stack_pop(self):
-        data = self.ql.unpack32(self.ql.mem.read(self.ql.reg.sp, 4))
-        self.ql.reg.sp += 4
-        return data
+        elif self.ql.archtype == QL_ARCH.ARM:
+            mode = UC_MODE_ARM
 
+        else:
+            raise QlErrorArch(f'unsupported arch type {self.ql.archtype}')
 
-    def stack_read(self, offset):
-        return self.ql.unpack32(self.ql.mem.read(self.ql.reg.sp + offset, 4))
+        return Uc(UC_ARCH_ARM, mode)
 
 
-    def stack_write(self, offset, data):
-        return self.ql.mem.write(self.ql.reg.sp + offset, self.ql.pack32(data))
+    # get PC
+    def get_pc(self) -> int:
+        append = 1 if self.check_thumb() == UC_MODE_THUMB else 0
 
+        return self.ql.reg.pc + append
+
+    def __is_thumb(self) -> bool:
+        cpsr_v = {
+            QL_ENDIAN.EL : 0b100000,
+            QL_ENDIAN.EB : 0b100000   # FIXME: should be: 0b000000
+        }[self.ql.archendian]
+
+        return bool(self.ql.reg.cpsr & cpsr_v)
+
+    def create_disassembler(self) -> Cs:
+        # note: we do not cache the disassembler instance; rather we refresh it
+        # each time to make sure thumb mode is taken into account
+
+        if self.ql.archtype == QL_ARCH.ARM:
+            # FIXME: mode should take endianess into account
+            mode = CS_MODE_THUMB if self.__is_thumb() else CS_MODE_ARM
 
-    # get initialized unicorn engine
-    def get_init_uc(self):
-        if self.ql.archendian == QL_ENDIAN.EB:
-            uc = Uc(UC_ARCH_ARM, UC_MODE_ARM + UC_MODE_BIG_ENDIAN)
         elif self.ql.archtype == QL_ARCH.ARM_THUMB:
-            uc = Uc(UC_ARCH_ARM, UC_MODE_THUMB)
-        elif self.ql.archtype == QL_ARCH.ARM:
-            uc = Uc(UC_ARCH_ARM, UC_MODE_ARM)
+            mode = CS_MODE_THUMB
+
         else:
-            uc = None
-        return uc
+            raise QlErrorArch(f'unexpected arch type {self.ql.archtype}')
 
+        return Cs(CS_ARCH_ARM, mode)
+
+
+    def create_assembler(self) -> Ks:
+        # note: we do not cache the assembler instance; rather we refresh it
+        # each time to make sure thumb mode is taken into account
+
+        if self.ql.archtype == QL_ARCH.ARM:
+            # FIXME: mode should take endianess into account
+            mode = KS_MODE_THUMB if self.__is_thumb() else KS_MODE_ARM
+
+        elif self.ql.archtype == QL_ARCH.ARM_THUMB:
+            mode = KS_MODE_THUMB
 
-    # get PC
-    def get_pc(self):
-        mode = self.ql.arch.check_thumb()
-        if mode == UC_MODE_THUMB:
-            append = 1
         else:
-            append = 0
-            
-        return self.ql.reg.pc + append
+            raise QlErrorArch(f'unexpected arch type {self.ql.archtype}')
 
+        return Ks(KS_ARCH_ARM, mode)
 
-    def enable_vfp(self):
+    def enable_vfp(self) -> None:
         self.ql.reg.c1_c0_2 = self.ql.reg.c1_c0_2 | (0xf << 20)
+
         if self.ql.archendian == QL_ENDIAN.EB:
             self.ql.reg.fpexc = 0x40000000
             #self.ql.reg.fpexc = 0x00000040
         else:
             self.ql.reg.fpexc = 0x40000000
-        self.ql.log.debug("Enable ARM VFP")
-
 
     def check_thumb(self):
-        reg_cpsr = self.ql.reg.cpsr
-        if self.ql.archendian == QL_ENDIAN.EB:
-            reg_cpsr_v = 0b100000
-            # reg_cpsr_v = 0b000000
-        else:
-            reg_cpsr_v = 0b100000
-
-        mode = UC_MODE_ARM
-        if (reg_cpsr & reg_cpsr_v) != 0:
-            mode = UC_MODE_THUMB
-            self.ql.log.debug("Enable ARM THUMB")
-        return mode
+        return UC_MODE_THUMB if self.__is_thumb() else UC_MODE_ARM