jitter.h File Reference

Go to the source code of this file.

Data Structures

struct  binary_stream
 A stream of X86 binary code. More...
struct  JIT_BPF_Filter
 Structure describing a x86 filtering program created by the jitter. More...

Defines

#define EAX   0
#define ECX   1
#define EDX   2
#define EBX   3
#define ESP   4
#define EBP   5
#define ESI   6
#define EDI   7
#define AX   0
#define CX   1
#define DX   2
#define BX   3
#define SP   4
#define BP   5
#define SI   6
#define DI   7
#define AL   0
#define CL   1
#define DL   2
#define BL   3
#define MOVid(r32, i32)   emitm(&stream, 11 << 4 | 1 << 3 | r32 & 0x7, 1); emitm(&stream, i32, 4);
 mov r32,i32
#define MOVrd(dr32, sr32)   emitm(&stream, 8 << 4 | 3 | 1 << 3, 1); emitm(&stream, 3 << 6 | (dr32 & 0x7) << 3 | sr32 & 0x7, 1);
 mov dr32,sr32
#define MOVodd(dr32, sr32, off)
 mov dr32,sr32[off]
#define MOVobd(dr32, sr32, or32)
 mov dr32,sr32[or32]
#define MOVobw(dr32, sr32, or32)
 mov dr16,sr32[or32]
#define MOVobb(dr8, sr32, or32)
 mov dr8,sr32[or32]
#define MOVomd(dr32, or32, sr32)
 mov [dr32][or32],sr32
#define BSWAP(dr32)
 bswap dr32
#define SWAP_AX()
 xchg al,ah
#define PUSH(r32)   emitm(&stream, 5 << 4 | 0 << 3 | r32 & 0x7, 1);
 push r32
#define POP(r32)   emitm(&stream, 5 << 4 | 1 << 3 | r32 & 0x7, 1);
 pop r32
#define RET()   emitm(&stream, 12 << 4 | 0 << 3 | 3, 1);
 ret
#define ADDrd(dr32, sr32)
 add dr32,sr32
#define ADD_EAXi(i32)
 add eax,i32
#define ADDid(r32, i32)
 add r32,i32
#define ADDib(r32, i8)
 add r32,i8
#define SUBrd(dr32, sr32)
 sub dr32,sr32
#define SUB_EAXi(i32)
 sub eax,i32
#define MULrd(r32)
 mul r32
#define DIVrd(r32)
 div r32
#define ANDib(r8, i8)
 and r8,i8
#define ANDid(r32, i32)
 and r32,i32
#define ANDrd(dr32, sr32)
 and dr32,sr32
#define ORrd(dr32, sr32)
 or dr32,sr32
#define ORid(r32, i32)
 or r32,i32
#define SHLib(r32, i8)
 shl r32,i8
#define SHL_CLrb(dr32)
 shl dr32,cl
#define SHRib(r32, i8)
 shr r32,i8
#define SHR_CLrb(dr32)
 shr dr32,cl
#define NEGd(r32)
 neg r32
#define CMPodd(dr32, sr32, off)
 cmp dr32,sr32[off]
#define CMPrd(dr32, sr32)
 cmp dr32,sr32
#define CMPid(dr32, i32)
 cmp dr32,i32
#define JNEb(off8)
 jne off32
#define JE(off32)
 je off32
#define JLE(off32)
 jle off32
#define JLEb(off8)
 jle off8
#define JA(off32)
 ja off32
#define JAE(off32)
 jae off32
#define JG(off32)
 jg off32
#define JGE(off32)
 jge off32
#define JMP(off32)
 jmp off32

Typedefs

typedef UINT(__cdecl * BPF_filter_function )(PVOID *, ULONG, UINT)
 Prototype of a filtering function created by the jitter.
typedef void(* emit_func )(binary_stream *stream, ULONG value, UINT n)
 Prototype of the emit functions.

Functions

JIT_BPF_FilterBPF_jitter (struct bpf_insn *fp, INT nins)
 BPF jitter, builds an x86 function from a BPF program.
BPF_filter_function BPFtoX86 (struct bpf_insn *ins, UINT nins, INT *mem)
 Translates a set of BPF instructions in a set of x86 ones.
void BPF_Destroy_JIT_Filter (JIT_BPF_Filter *Filter)
 Deletes a filtering function that was previously created by BPF_jitter().


documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2009 CACE Technologies. All rights reserved.