Rot127
diff --git a/Diff for: ‎Mapping.c
+1 b/Diff for: ‎Mapping.c
+1
diff --git a/Diff for: ‎Mapping.h
+5 b/Diff for: ‎Mapping.h
+5
diff --git a/Diff for: ‎SStream.c
+46 b/Diff for: ‎SStream.c
+46
diff --git a/Diff for: ‎SStream.h
+4 b/Diff for: ‎SStream.h
+4
diff --git a/Diff for: ‎arch/BPF/BPFConstants.h
+70-55 b/Diff for: ‎arch/BPF/BPFConstants.h
+70-55
@@ -353,6 +353,7 @@ DEFINE_get_detail_op(mips, Mips);
 DEFINE_get_detail_op(riscv, RISCV);
 DEFINE_get_detail_op(systemz, SystemZ);
 DEFINE_get_detail_op(xtensa, Xtensa);
+DEFINE_get_detail_op(bpf, BPF);
 
 /// Returns true if for this architecture the
 /// alias operands should be filled.
 
@@ -145,6 +145,7 @@ DECL_get_detail_op(mips, Mips);
 DECL_get_detail_op(riscv, RISCV);
 DECL_get_detail_op(systemz, SystemZ);
 DECL_get_detail_op(xtensa, Xtensa);
+DECL_get_detail_op(bpf, BPF);
 
 /// Increments the detail->arch.op_count by one.
 #define DEFINE_inc_detail_op_count(arch, ARCH) \
@@ -182,6 +183,8 @@ DEFINE_inc_detail_op_count(systemz, SystemZ);
 DEFINE_dec_detail_op_count(systemz, SystemZ);
 DEFINE_inc_detail_op_count(xtensa, Xtensa);
 DEFINE_dec_detail_op_count(xtensa, Xtensa);
+DEFINE_inc_detail_op_count(bpf, BPF);
+DEFINE_dec_detail_op_count(bpf, BPF);
 
 /// Returns true if a memory operand is currently edited.
 static inline bool doing_mem(const MCInst *MI)
@@ -214,6 +217,7 @@ DEFINE_get_arch_detail(mips, Mips);
 DEFINE_get_arch_detail(riscv, RISCV);
 DEFINE_get_arch_detail(systemz, SystemZ);
 DEFINE_get_arch_detail(xtensa, Xtensa);
+DEFINE_get_arch_detail(bpf, BPF);
 
 #define DEFINE_check_safe_inc(Arch, ARCH) \
 	static inline void Arch##_check_safe_inc(const MCInst *MI) { \
@@ -230,6 +234,7 @@ DEFINE_check_safe_inc(LoongArch, LOONGARCH);
 DEFINE_check_safe_inc(RISCV, RISCV);
 DEFINE_check_safe_inc(SystemZ, SYSTEMZ);
 DEFINE_check_safe_inc(Mips, MIPS);
+DEFINE_check_safe_inc(BPF, BPF);
 
 static inline bool detail_is_set(const MCInst *MI)
 {
 
@@ -331,6 +331,22 @@ void printInt16(SStream *ss, int16_t val)
 	}
 }
 
+void printInt16HexOffset(SStream *ss, int16_t val)
+{
+	assert(ss);
+	SSTREAM_RETURN_IF_CLOSED(ss);
+	if (val >= 0) {
+		SStream_concat(ss, "+0x%" PRIx16, val);
+	} else {
+		if (val == INT16_MIN)
+			SStream_concat(ss, "-0x%" PRIx16,
+				       (uint16_t)INT16_MAX + 1);
+		else
+			SStream_concat(ss, "-0x%" PRIx16, (int16_t)-val);
+	}
+}
+
+
 void printInt32(SStream *ss, int32_t val)
 {
 	assert(ss);
@@ -352,6 +368,36 @@ void printInt32(SStream *ss, int32_t val)
 	}
 }
 
+void printInt32HexOffset(SStream *ss, int32_t val)
+{
+	assert(ss);
+	SSTREAM_RETURN_IF_CLOSED(ss);
+	if (val >= 0) {
+		SStream_concat(ss, "+0x%" PRIx32, val);
+	} else {
+		if (val == INT32_MIN)
+			SStream_concat(ss, "-0x%" PRIx32,
+				       (uint32_t)INT32_MAX + 1);
+		else
+			SStream_concat(ss, "-0x%" PRIx32, (int32_t)-val);
+	}
+}
+
+void printInt32Hex(SStream *ss, int32_t val)
+{
+	assert(ss);
+	SSTREAM_RETURN_IF_CLOSED(ss);
+	if (val >= 0) {
+		SStream_concat(ss, "0x%" PRIx32, val);
+	} else {
+		if (val == INT32_MIN)
+			SStream_concat(ss, "-0x%" PRIx32,
+				       (uint32_t)INT32_MAX + 1);
+		else
+			SStream_concat(ss, "-0x%" PRIx32, (int32_t)-val);
+	}
+}
+
 void printUInt32Bang(SStream *ss, uint32_t val)
 {
 	assert(ss);
 
@@ -73,7 +73,11 @@ void printInt32Bang(SStream *O, int32_t val);
 
 void printInt8(SStream *O, int8_t val);
 void printInt16(SStream *O, int16_t val);
+void printInt16HexOffset(SStream *O, int16_t val);
+
 void printInt32(SStream *O, int32_t val);
+void printInt32Hex(SStream *ss, int32_t val);
+void printInt32HexOffset(SStream *ss, int32_t val);
 
 void printUInt32Bang(SStream *O, uint32_t val);
 
 
@@ -1,5 +1,7 @@
 /* Capstone Disassembly Engine */
 /* BPF Backend by david942j <[email protected]>, 2019 */
+/* SPDX-FileCopyrightText: 2024 Roee Toledano <[email protected]> */
+/* SPDX-License-Identifier: BSD-3 */
 
 /* This file defines constants and macros used for parsing a BPF instruction */
 
@@ -9,80 +11,93 @@
 #define BPF_CLASS(code) ((code) & 0x7)
 
 ///< Instruction classes
-#define BPF_CLASS_LD	0x00
-#define BPF_CLASS_LDX	0x01
-#define BPF_CLASS_ST	0x02
-#define BPF_CLASS_STX	0x03
-#define BPF_CLASS_ALU	0x04
-#define BPF_CLASS_JMP	0x05
-#define BPF_CLASS_RET	0x06	///< cBPF only
-#define BPF_CLASS_MISC	0x07	///< cBPF only
-#define BPF_CLASS_ALU64	0x07	///< eBPF only
+#define BPF_CLASS_LD 0x00
+#define BPF_CLASS_LDX 0x01
+#define BPF_CLASS_ST 0x02
+#define BPF_CLASS_STX 0x03
+#define BPF_CLASS_ALU 0x04
+#define BPF_CLASS_JMP 0x05
+#define BPF_CLASS_RET 0x06   ///< cBPF only
+#define BPF_CLASS_JMP32 0x06 ///< eBPF only
+#define BPF_CLASS_MISC 0x07  ///< cBPF only
+#define BPF_CLASS_ALU64 0x07 ///< eBPF only
 
 #define BPF_OP(code) ((code) & 0xf0)
 
 ///< Types of ALU instruction
-#define BPF_ALU_ADD	0x00
-#define BPF_ALU_SUB	0x10
-#define BPF_ALU_MUL	0x20
-#define BPF_ALU_DIV	0x30
-#define BPF_ALU_OR	0x40
-#define BPF_ALU_AND	0x50
-#define BPF_ALU_LSH	0x60
-#define BPF_ALU_RSH	0x70
-#define BPF_ALU_NEG	0x80
-#define BPF_ALU_MOD	0x90
-#define BPF_ALU_XOR	0xa0
-#define BPF_ALU_MOV	0xb0  ///< eBPF only: mov reg to reg
-#define BPF_ALU_ARSH	0xc0  ///< eBPF only: sign extending shift right
-#define BPF_ALU_END	0xd0  ///< eBPF only: endianness conversion
+#define BPF_ALU_ADD 0x00
+#define BPF_ALU_SUB 0x10
+#define BPF_ALU_MUL 0x20
+#define BPF_ALU_DIV 0x30
+#define BPF_ALU_OR 0x40
+#define BPF_ALU_AND 0x50
+#define BPF_ALU_LSH 0x60
+#define BPF_ALU_RSH 0x70
+#define BPF_ALU_NEG 0x80
+#define BPF_ALU_MOD 0x90
+#define BPF_ALU_XOR 0xa0
+#define BPF_ALU_MOV 0xb0  ///< eBPF only: mov reg to reg
+#define BPF_ALU_ARSH 0xc0 ///< eBPF only: sign extending shift right
+#define BPF_ALU_END 0xd0  ///< eBPF only: endianness conversion
 
 ///< Types of jmp instruction
-#define BPF_JUMP_JA	0x00	///< goto
-#define BPF_JUMP_JEQ	0x10	///< '=='
-#define BPF_JUMP_JGT	0x20	///< unsigned '>'
-#define BPF_JUMP_JGE	0x30	///< unsigned '>='
-#define BPF_JUMP_JSET	0x40	///< '&'
-#define BPF_JUMP_JNE	0x50	///< eBPF only: '!=' */
-#define BPF_JUMP_JSGT	0x60	///< eBPF only: signed '>'
-#define BPF_JUMP_JSGE	0x70	///< eBPF only: signed '>='
-#define BPF_JUMP_CALL	0x80	///< eBPF only: function call
-#define BPF_JUMP_EXIT	0x90	///< eBPF only: exit
-#define BPF_JUMP_JLT	0xa0	///< eBPF only: unsigned '<'
-#define BPF_JUMP_JLE	0xb0	///< eBPF only: unsigned '<='
-#define BPF_JUMP_JSLT	0xc0	///< eBPF only: signed '<'
-#define BPF_JUMP_JSLE	0xd0	///< eBPF only: signed '<='
+#define BPF_JUMP_JA 0x00   ///< goto
+#define BPF_JUMP_JEQ 0x10  ///< '=='
+#define BPF_JUMP_JGT 0x20  ///< unsigned '>'
+#define BPF_JUMP_JGE 0x30  ///< unsigned '>='
+#define BPF_JUMP_JSET 0x40 ///< '&'
+#define BPF_JUMP_JNE 0x50  ///< eBPF only: '!=' */
+#define BPF_JUMP_JSGT 0x60 ///< eBPF only: signed '>'
+#define BPF_JUMP_JSGE 0x70 ///< eBPF only: signed '>='
+#define BPF_JUMP_CALL 0x80 ///< eBPF only: function call
+#define BPF_JUMP_EXIT 0x90 ///< eBPF only: exit
+#define BPF_JUMP_JLT 0xa0  ///< eBPF only: unsigned '<'
+#define BPF_JUMP_JLE 0xb0  ///< eBPF only: unsigned '<='
+#define BPF_JUMP_JSLT 0xc0 ///< eBPF only: signed '<'
+#define BPF_JUMP_JSLE 0xd0 ///< eBPF only: signed '<='
+
+///< Types of complex atomic instructions
+#define BPF_ATOMIC_XCHG 0xe0	///< eBPF only: atomic exchange
+#define BPF_ATOMIC_CMPXCHG 0xf0 ///< eBPF only: atomic compare and exchange
 
 #define BPF_SRC(code) ((code) & 0x08)
 #define BPF_RVAL(code) ((code) & 0x18) /* cBPF only: for return types */
 ///< Source operand
-#define BPF_SRC_K	0x00
-#define BPF_SRC_X	0x08
-#define BPF_SRC_A	0x10 /* cBPF only */
+#define BPF_SRC_K 0x00
+#define BPF_SRC_X 0x08
+#define BPF_SRC_A 0x10 /* cBPF only */
 
-#define BPF_SRC_LITTLE	BPF_SRC_K
-#define BPF_SRC_BIG	BPF_SRC_X
+#define BPF_SRC_LITTLE BPF_SRC_K
+#define BPF_SRC_BIG BPF_SRC_X
 
 #define BPF_SIZE(code) ((code) & 0x18)
 ///< Size modifier
-#define BPF_SIZE_W   0x00	///< word
-#define BPF_SIZE_H   0x08	///< half word
-#define BPF_SIZE_B   0x10	///< byte
-#define BPF_SIZE_DW  0x18	///< eBPF only: double word
+#define BPF_SIZE_W 0x00	 ///< word
+#define BPF_SIZE_H 0x08	 ///< half word
+#define BPF_SIZE_B 0x10	 ///< byte
+#define BPF_SIZE_DW 0x18 ///< eBPF only: double word
 
 #define BPF_MODE(code) ((code) & 0xe0)
 ///< Mode modifier
-#define BPF_MODE_IMM	0x00	///< used for 32-bit mov in cBPF and 64-bit in eBPF
-#define BPF_MODE_ABS	0x20
-#define BPF_MODE_IND	0x40
-#define BPF_MODE_MEM	0x60
-#define BPF_MODE_LEN	0x80	///< cBPF only, reserved in eBPF
-#define BPF_MODE_MSH	0xa0	///< cBPF only, reserved in eBPF
-#define BPF_MODE_XADD	0xc0	///< eBPF only: exclusive add
+#define BPF_MODE_IMM 0x00 ///< used for 32-bit mov in cBPF and 64-bit in eBPF
+#define BPF_MODE_ABS \
+	0x20 ///< absolute indexing of socket buffer. eBPF only, but deprecated in new versions
+#define BPF_MODE_IND \
+	0x40 ///< indirect indexing of socket buffer. eBPF only, but deprecated in new versions
+#define BPF_MODE_MEM 0x60
+#define BPF_MODE_LEN 0x80 ///< cBPF only, reserved in eBPF
+#define BPF_MODE_MSH 0xa0 ///< cBPF only, reserved in eBPF
+#define BPF_MODE_ATOMIC \
+	0xc0 ///< eBPF only: atomic operations. Originally BPF_MODE_XADD
+
+#define BPF_MODE_FETCH \
+	0x01 /* eBPF only: overwrite 'src' with what was in the modified mem address before it was modified.
+		NOTE: in contrast to regular modifiers, this one is encoded in the 'imm' field, not opcode!
+		Must be used for BPF_XCHG and BPF_CMPXCHG. Optional for the other atomic operations. */
 
 #define BPF_MISCOP(code) ((code) & 0x80)
 ///< Operation of misc
-#define BPF_MISCOP_TAX	0x00
-#define BPF_MISCOP_TXA	0x80
+#define BPF_MISCOP_TAX 0x00
+#define BPF_MISCOP_TXA 0x80
 
 #endif