Skip to content
/ IDAPython-MSR-Encoding-to-String Public

Decodes MSR/MRS encodings in IDA and adds a comment with their respective register names as listed in the ARM manual

License

GPL-3.0 license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Champ-Goblem/IDAPython-MSR-Encoding-to-String

BranchesTags

Repository files navigation

About

This decodes MSR/MRS instructions in IDA and adds a comment with their corresponding register name to make it easier to read the disassembly rather than names in the form op1, crn, crm, op2

It uses register definitions taken from the LLVM mirror AArch64SystemOperands.td

Usage

There is already an Aarch64.reg file provided in the repository but if it needs to be updated check Update heading

Firstly before running the script copy Aarch64.reg file to the current working directory where you will be disassembling your file with IDA

Then in IDA go to File->Script File and select ida_msr_string.py

This should import the module into ida as mes

Warning this will overwrite any comments you have already at any MSR/MRS instrcutions so be advised, any other instructions will not be touched though

Finally run the script via mes.process_msr()

Depending on file size this could take a few minutes so theres time to grab a hot drink

Reloading the module after changes

If you make any changes to the python file and have the module already loaded in IDA run File->Script File and select ida_msr_string_reload.py

Updating Aarch64.reg

Download AArch64SystemOperands.td from above and remove all the lines from the top until you reach

//===----------------------------------------------------------------------===//
// MRS/MSR (system register read/write) instruction options.
//===----------------------------------------------------------------------===//

Then after that remove all lines that do not start with def :

Finally you need to remove these strings and characters:

def :
ROSysReg
RWSysReg
WOSysReg
<
>
"
;
0b

You must also remove any space characters too

Easiest way to format this is to use the replace function of Sublime/Notepad++ or similar and put the characters in the Find box and nothing in the replace box so that the characters are removed.

The final register definitions should be of the format
string name,bits<2> op0,bits<3> op1,bits<4> crn,bits<4> crm,bits<3> op2
NOTE! there should be no spaces between commas and values

Comments are allowed in the Aarch64.reg file with format //

Adding IMPLEMENTATION DEFINED registers

Currently IMPLEMENTATION DEFINED registers will be shown as IMP_DEF in the comments section

In order to add a custom definition for these you can manual add a register defintion to Aarch64.reg file in the form
string name,bits<2> op0,bits<3> op1,bits<4> crn,bits<4> crm,bits<3> op2

Then to evalutate the file again you can run mes.process_msr() without needing to reload the python module

About

Decodes MSR/MRS encodings in IDA and adds a comment with their respective register names as listed in the ARM manual

Resources

Readme

License

GPL-3.0 license
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages