Geek Answers Handbook

How to create x86 binary with fake instructions in it

I am working on a project where I would like to add some op op codes to x86 and run them in QEMU. I somehow figured out how to change the code generation in QEMU to take assembly instructions with a โ€œfakeโ€ operation code and do something with it in QEMU.

However, the part I'm having problems with is how I'm actually going to create a binary file with fake instructions. The only way I was thinking about is to add db statements to some operators, and then just write the manual manually. For instance:

 xor EAX, EBX db 0xf1,0x32,0x55,0x00 mov EBX, EAX

(suppose db has enough bytes to be the actual instruction). Will it actually compile the binary, where the I bytes defined in the second line are treated as instructions?

Is there an even more elegant approach to this? Since I will modify QEMU to support these changes, I am not tied to the command format - I just need the OP code to be recognized by the QEMU code generator, and I can formulate the rest, but I want to.

+4
source share
2 answers

The db approach is a standard procedure when a new CPU model is released, for which there are no immediate updates for current tools to support additional addressing modes and / or instructions.

Note that it is now quite difficult to find holes in the x86 instruction set to define new instructions. Check out the latest Intel processor architecture docs : there is always a set of tables in the application that display the operation code display. This would be the easiest way to find an unused sequence of operations with instructions.

+8
source

db excellent and will produce a given sequence of bytes immediately after the first command and to the last.

You might consider creating a bunch of assembler macros for new instructions that will take the appropriate arguments and emit magic bytecodes.

+5
source

More articles:


All Articles