From 0d53a1f595a568166b1496a1c7bc0f7cb1184c05 Mon Sep 17 00:00:00 2001 From: Peter Bex Date: Thu, 9 May 2013 22:17:56 +0200 Subject: Add another real-world example code. Rename ldx to ldxb for the MSH hack, to more closely match tcpdump-generated output --- bpf-assembler.scm | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'bpf-assembler.scm') diff --git a/bpf-assembler.scm b/bpf-assembler.scm index 9614fac..c626bee 100644 --- a/bpf-assembler.scm +++ b/bpf-assembler.scm @@ -43,7 +43,7 @@ ;; XXX TODO: Use the constants from net/bpf.h? ;; Ordered by complexity - (defaddrmode no-operands #x80 (() => 0) (_ => ())) + (defaddrmode no-operands #x00 (() => 0) (_ => ())) (defaddrmode packet-length #x80 (('len) => 0) (_ => (len))) (defaddrmode index-register #x08 (('x) => 0) (_ => (x))) (defaddrmode accumulator-register #x10 (('a) => 0) (_ => (a))) @@ -53,6 +53,9 @@ (defaddrmode memory-ref #x60 ((('mem (and k (? uint?)))) => k) (k => ((mem ,k)))) + (defaddrmode memory-set! #x00 ; No corresponding definition in bpf.h + ((('mem (and k (? uint?)))) => k) + (k => ((mem ,k)))) (defaddrmode packet-ref #x20 ((('pkt (and k (? uint?)))) => k) (k => ((pkt ,k)))) @@ -81,9 +84,10 @@ packet-length immediate memory-ref packet-ref packet-ref/index-register) (defop ldh #x08 packet-ref packet-ref/index-register) (defop ldb #x10 packet-ref packet-ref/index-register) - (defop ldx #x01 packet-length immediate memory-ref packet-ref/hack) - (defop st #x02 memory-ref) - (defop stx #x03 memory-ref) + (defop ldx #x01 packet-length immediate memory-ref) + (defop ldxb #x11 packet-ref/hack) ; This is how tcpdump prints ldx/msh + (defop st #x02 memory-set!) + (defop stx #x03 memory-set!) (defop jmp #x05 immediate) ; aka JA (defop jeq #x15 conditional-jump-immediate conditional-jump-index-register) (defop jgt #x25 conditional-jump-immediate conditional-jump-index-register) -- cgit v1.2.3