Supporting GNU Linux for MIPS (as well as ARM and PowerPC) is good to help reverse engineering for routers & etc IoT non Android. From the malicious injected program to check the firmware. Below ate the list of routers using GNU Linux base OS in the market today:
https://openwrt.org/
https://en.wikipedia.org/wiki/DD-WRT
https://en.wikipedia.org/wiki/Ubiquiti_Networks
https://en.wikipedia.org/wiki/Linksys
https://en.wikipedia.org/wiki/Melco
I am picking the most popular platform used for debugging malware
with CPU & architecture: MIPS x32
CPU revision is : 00019300 (MIPS 24Kc)
FPU revision is : 00739300
:
system type : MIPS Malta
cpu model : MIPS 24Kc V0.0 FPU V0.0
BogoMIPS : 1136.64
tlb_entries : 16
extra interrupt vector : yes
hardware watchpoint : yes, count: 1, address/irw mask: [0x0ff8]
ASEs implemented : mips16
FPU libraries location
$ pwd
/usr/include/mips-linux-gnu
$ ls -alF
total 72
drwxr-xr-x 6 root root 4096 Feb 23 05:46 ./
drwxr-xr-x 31 root root 16384 Feb 23 05:46 ../
-rw-r--r-- 1 root root 4351 Feb 12 05:39 a.out.h
drwxr-xr-x 2 root root 4096 Apr 4 08:21 asm/
drwxr-xr-x 2 root root 12288 Feb 23 05:46 bits/
-rw-r--r-- 1 root root 3994 Feb 12 05:37 fpu_control.h
drwxr-xr-x 2 root root 4096 Feb 23 05:46 gnu/
-rw-r--r-- 1 root root 8150 Feb 12 05:37 ieee754.h
drwxr-xr-x 2 root root 12288 Feb 23 05:46 sys/
GNU Linux/MIPS FPU information (incl FP register bits)
$ cat fpu_control.h
/* FPU control word bits. Mips version.
Copyright (C) 1996, 1997, 1998, 1999, 2000, 2006, 2008
Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Olaf Flebbe and Ralf Baechle.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA. */
#ifndef _FPU_CONTROL_H
#define _FPU_CONTROL_H
/* MIPS FPU floating point control register bits.
*
* 31-25 -> floating point conditions code bits 7-1. These bits are only
* available in MIPS IV.
* 24 -> flush denormalized results to zero instead of
* causing unimplemented operation exception. This bit is only
* available for MIPS III and newer.
* 23 -> Condition bit
* 22-18 -> reserved (read as 0, write with 0)
* 17 -> cause bit for unimplemented operation
* 16 -> cause bit for invalid exception
* 15 -> cause bit for division by zero exception
* 14 -> cause bit for overflow exception
* 13 -> cause bit for underflow exception
* 12 -> cause bit for inexact exception
* 11 -> enable exception for invalid exception
* 10 -> enable exception for division by zero exception
* 9 -> enable exception for overflow exception
* 8 -> enable exception for underflow exception
* 7 -> enable exception for inexact exception
* 6 -> flag invalid exception
* 5 -> flag division by zero exception
* 4 -> flag overflow exception
* 3 -> flag underflow exception
* 2 -> flag inexact exception
* 1-0 -> rounding control
*
*
* Rounding Control:
* 00 - rounding to nearest (RN)
* 01 - rounding toward zero (RZ)
* 10 - rounding (up) toward plus infinity (RP)
* 11 - rounding (down)toward minus infinity (RM)
*/
#include <features.h>
#ifdef __mips_soft_float
#define _FPU_RESERVED 0xffffffff
#define _FPU_DEFAULT 0x00000000
typedef unsigned int fpu_control_t;
#define _FPU_GETCW(cw) 0
#define _FPU_SETCW(cw) do { } while (0)
extern fpu_control_t __fpu_control;
#else /* __mips_soft_float */
/* masking of interrupts */
#define _FPU_MASK_V 0x0800 /* Invalid operation */
#define _FPU_MASK_Z 0x0400 /* Division by zero */
#define _FPU_MASK_O 0x0200 /* Overflow */
#define _FPU_MASK_U 0x0100 /* Underflow */
#define _FPU_MASK_I 0x0080 /* Inexact operation */
/* flush denormalized numbers to zero */
#define _FPU_FLUSH_TZ 0x1000000
/* rounding control */
#define _FPU_RC_NEAREST 0x0 /* RECOMMENDED */
#define _FPU_RC_ZERO 0x1
#define _FPU_RC_UP 0x2
#define _FPU_RC_DOWN 0x3
#define _FPU_RESERVED 0xfe3c0000 /* Reserved bits in cw */
/* The fdlibm code requires strict IEEE double precision arithmetic,
and no interrupts for exceptions, rounding to nearest. */
#define _FPU_DEFAULT 0x00000000
/* IEEE: same as above, but exceptions */
#define _FPU_IEEE 0x00000F80
/* Type of the control word. */
typedef unsigned int fpu_control_t __attribute__ ((__mode__ (__SI__)));
/* Macros for accessing the hardware control word. */
#define _FPU_GETCW(cw) __asm__ volatile ("cfc1 %0,$31" : "=r" (cw))
#define _FPU_SETCW(cw) __asm__ volatile ("ctc1 %0,$31" : : "r" (cw))
/* Default control word set at startup. */
extern fpu_control_t __fpu_control;
#endif /* __mips_soft_float */
#endif /* fpu_control.h */
Test build using below r2 git version:
heads/master-0-g53f9783
Errors during build:
## linux_debug compilation errors:
p/native/linux/linux_debug.c: In function 'linux_reg_write':
p/native/linux/linux_debug.c:437:43: error: 'struct user' has no member named 'u_debugreg'
p/native/linux/linux_coredump.c: In function 'linux_get_prstatus':
p/native/linux/linux_coredump.c:163:34: error: invalid application of 'sizeof' to incomplete type 'struct user_regs_struct'
p/native/linux/linux_coredump.c: In function 'linux_get_fp_regset':
p/native/linux/linux_coredump.c:199:25: error: invalid application of 'sizeof' to incomplete type 'struct user_fpregs_struct'
## linux_coredump compilation errors:
p/native/linux/linux_coredump.c: In function 'get_nt_data':
p/native/linux/linux_coredump.c:690:2: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c: In function 'dump_elf_pheaders':
p/native/linux/linux_coredump.c:879:2: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c: In function 'dump_elf_map_content':
p/native/linux/linux_coredump.c:966:4: warning: format '%ld' expects argument of type 'long int', but argument 6 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c:970:22: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
p/native/linux/linux_coredump.c:973:4: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c: At top level:
p/native/linux/linux_coredump.c:935:13: warning: 'show_maps' defined but not used [-Wunused-function]
make[4]: *** [p/native/linux/linux_coredump.o] Error 1
## GNU Linux predefined MIPS arch MACRO
Working predefined used compiler MACRO:
__mips
__mips__
Has tests:
$ cat test.c
#include <sys/syscall.h>
#if __MIPS__
main ()
{
syscall (SYS_write,1,"\nHello\n\r\n",9);
}
#endif
$ gcc -o test3 test.c
/usr/lib/gcc/mips-linux-gnu/4.6/../../../mips-linux-gnu/crt1.o: In function `__start':
(.text+0x18): undefined reference to `main'
collect2: ld returned 1 exit status
$
$ cat test.c
#include <sys/syscall.h>
#if __mips
main ()
{
syscall (SYS_write,1,"\nHello\n\r\n",9);
}
#endif
$ gcc -o test1 test.c
$ ./test1
Hello
$
$ cat test.c
#include <sys/syscall.h>
#if __mips__
main ()
{
syscall (SYS_write,1,"\nHello\n\r\n",9);
}
#endif
$ gcc -o test2 test.c
$ ./test2
Hello
$
https://github.com/radare/radare2/issues/4720 https://github.com/radare/radare2/issues/4720#issuecomment-220792106
https://github.com/radare/radare2/pull/4870#issuecomment-219352856 https://github.com/radare/radare2/pull/4870#issuecomment-220518350
https://sourceforge.net/p/predef/wiki/Architectures/
http://stackoverflow.com/a/18117016/5967376
$ date
Sun May 22 11:51:35 UTC 2016
$ #@unixfreaxjp
looks like the same issue as the ppc one
Try again. It builds fine in android-mips
On 22 May 2016, at 13:52, unixfreaxjp [email protected] wrote:
CPU & architecture: MIPS x32
CPU revision is : 00019300 (MIPS 24Kc)
FPU revision is : 00739300
:
system type : MIPS Malta
cpu model : MIPS 24Kc V0.0 FPU V0.0
BogoMIPS : 1136.64
tlb_entries : 16
extra interrupt vector : yes
hardware watchpoint : yes, count: 1, address/irw mask: [0x0ff8]
ASEs implemented : mips16
FPU libraries location$ pwd
/usr/include/mips-linux-gnu
$ ls -alF
total 72
drwxr-xr-x 6 root root 4096 Feb 23 05:46 ./
drwxr-xr-x 31 root root 16384 Feb 23 05:46 ../
-rw-r--r-- 1 root root 4351 Feb 12 05:39 a.out.h
drwxr-xr-x 2 root root 4096 Apr 4 08:21 asm/
drwxr-xr-x 2 root root 12288 Feb 23 05:46 bits/
-rw-r--r-- 1 root root 3994 Feb 12 05:37 fpu_control.h
drwxr-xr-x 2 root root 4096 Feb 23 05:46 gnu/
-rw-r--r-- 1 root root 8150 Feb 12 05:37 ieee754.h
drwxr-xr-x 2 root root 12288 Feb 23 05:46 sys/
FPU information:$ cat fpu_control.h
/* FPU control word bits. Mips version.
Copyright (C) 1996, 1997, 1998, 1999, 2000, 2006, 2008
Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Olaf Flebbe and Ralf Baechle.The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA. */ifndef _FPU_CONTROL_H
define _FPU_CONTROL_H
/* MIPS FPU floating point control register bits.
*
- 31-25 -> floating point conditions code bits 7-1. These bits are only
- available in MIPS IV.
- 24 -> flush denormalized results to zero instead of
- causing unimplemented operation exception. This bit is only
- available for MIPS III and newer.
- 23 -> Condition bit
- 22-18 -> reserved (read as 0, write with 0)
- 17 -> cause bit for unimplemented operation
- 16 -> cause bit for invalid exception
- 15 -> cause bit for division by zero exception
- 14 -> cause bit for overflow exception
- 13 -> cause bit for underflow exception
- 12 -> cause bit for inexact exception
- 11 -> enable exception for invalid exception
- 10 -> enable exception for division by zero exception
- 9 -> enable exception for overflow exception
- 8 -> enable exception for underflow exception
- 7 -> enable exception for inexact exception
- 6 -> flag invalid exception
- 5 -> flag division by zero exception
- 4 -> flag overflow exception
- 3 -> flag underflow exception
- 2 -> flag inexact exception
- 1-0 -> rounding control
*
*- Rounding Control:
- 00 - rounding to nearest (RN)
- 01 - rounding toward zero (RZ)
- 10 - rounding (up) toward plus infinity (RP)
- 11 - rounding (down)toward minus infinity (RM)
*/include
ifdef __mips_soft_float
define _FPU_RESERVED 0xffffffff
define _FPU_DEFAULT 0x00000000
typedef unsigned int fpu_control_t;
define _FPU_GETCW(cw) 0
define _FPU_SETCW(cw) do { } while (0)
extern fpu_control_t __fpu_control;
else /* __mips_soft_float */
/* masking of interrupts _/
define _FPU_MASK_V 0x0800 /_ Invalid operation _/
define _FPU_MASK_Z 0x0400 /_ Division by zero _/
define _FPU_MASK_O 0x0200 /_ Overflow _/
define _FPU_MASK_U 0x0100 /_ Underflow _/
define _FPU_MASK_I 0x0080 /_ Inexact operation */
/* flush denormalized numbers to zero */
define _FPU_FLUSH_TZ 0x1000000
/* rounding control _/
define _FPU_RC_NEAREST 0x0 /_ RECOMMENDED */
define _FPU_RC_ZERO 0x1
define _FPU_RC_UP 0x2
define _FPU_RC_DOWN 0x3
define _FPU_RESERVED 0xfe3c0000 /* Reserved bits in cw */
/* The fdlibm code requires strict IEEE double precision arithmetic,
and no interrupts for exceptions, rounding to nearest. */define _FPU_DEFAULT 0x00000000
/* IEEE: same as above, but exceptions */
define _FPU_IEEE 0x00000F80
/* Type of the control word. */
typedef unsigned int fpu_control_t attribute ((mode (SI)));/* Macros for accessing the hardware control word. */
define _FPU_GETCW(cw) __asm__ volatile ("cfc1 %0,$31" : "=r" (cw))
define _FPU_SETCW(cw) __asm__ volatile ("ctc1 %0,$31" : : "r" (cw))
/* Default control word set at startup. */
extern fpu_control_t __fpu_control;endif /* __mips_soft_float */
endif /* fpu_control.h */
Test build using below r2 git version:
heads/master-0-g53f9783
Errors during build:linux_debug compilation errors:
p/native/linux/linux_debug.c: In function 'linux_reg_write':
p/native/linux/linux_debug.c:437:43: error: 'struct user' has no member named 'u_debugreg'
p/native/linux/linux_coredump.c: In function 'linux_get_prstatus':
p/native/linux/linux_coredump.c:163:34: error: invalid application of 'sizeof' to incomplete type 'struct user_regs_struct'
p/native/linux/linux_coredump.c: In function 'linux_get_fp_regset':
p/native/linux/linux_coredump.c:199:25: error: invalid application of 'sizeof' to incomplete type 'struct user_fpregs_struct'linux_coredump compilation errors:
p/native/linux/linux_coredump.c: In function 'get_nt_data':
p/native/linux/linux_coredump.c:690:2: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c: In function 'dump_elf_pheaders':
p/native/linux/linux_coredump.c:879:2: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c: In function 'dump_elf_map_content':
p/native/linux/linux_coredump.c:966:4: warning: format '%ld' expects argument of type 'long int', but argument 6 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c:970:22: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
p/native/linux/linux_coredump.c:973:4: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c: At top level:
p/native/linux/linux_coredump.c:935:13: warning: 'show_maps' defined but not used [-Wunused-function]
make[4]: *** [p/native/linux/linux_coredump.o] Error 1
Tested predefined used compiler MACRO:mips
__mips
Has tests:$ cat test.c
include
if __mips
main ()
{
syscall (SYS_write,1,"\nHello\n\r\n",9);
}endif
$ gcc -o test1 test.c
$ ./test1Hello
$
$ cat test.c
include
if mips
main ()
{
syscall (SYS_write,1,"\nHello\n\r\n",9);
}endif
$ gcc -o test2 test.c
$ ./test2Hello
$
$ date
Sun May 22 11:51:35 UTC 2016
$ #@unixfreaxjp—
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub
@radare @XVilka @Maijin
Failed still, now pulling https://github.com/radare/radare2/commit/45c36da9c3930d3660b4f5211dc434ced09989eb (I know it's unrelated, just want to pull all last build for thorough feature checking on this arch & OS)
Build-report (2)
:
CC linux_debug.c
CC linux_coredump.c
p/native/linux/linux_debug.c: In function 'linux_handle_signals':
p/native/linux/linux_debug.c:47:2: warning: #warning DO MORE RDEBUGREASON HERE [-Wcpp]
p/native/linux/linux_debug.c: In function 'print_fpu':
p/native/linux/linux_debug.c:295:2: warning: #warning not implemented for this platform [-Wcpp]
p/native/linux/linux_debug.c: In function 'linux_reg_read':
p/native/linux/linux_debug.c:385:3: warning: #warning not implemented for this platform [-Wcpp]
p/native/linux/linux_debug.c:300:7: warning: variable 'showfpu' set but not used [-Wunused-but-set-variable]
p/native/linux/linux_debug.c: In function 'linux_reg_write':
p/native/linux/linux_debug.c:437:43: error: 'struct user' has no member named 'u_debugreg'
p/native/linux/linux_debug.c: At top level:
p/native/linux/linux_debug.c:207:13: warning: 'print_fpu' defined but not used [-Wunused-function]
make[4]: *** [p/native/linux/linux_debug.o] Error 1
make[4]: *** Waiting for unfinished jobs....
p/native/linux/linux_coredump.c: In function 'debug_print_prpsinfo':
p/native/linux/linux_coredump.c:67:2: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
p/native/linux/linux_coredump.c:68:2: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
p/native/linux/linux_coredump.c: In function 'linux_get_prstatus':
p/native/linux/linux_coredump.c:155:34: error: invalid application of 'sizeof' to incomplete type 'struct user_regs_struct'
p/native/linux/linux_coredump.c: In function 'linux_get_fp_regset':
p/native/linux/linux_coredump.c:191:25: error: invalid application of 'sizeof' to incomplete type 'struct user_fpregs_struct'
p/native/linux/linux_coredump.c: In function 'get_nt_data':
p/native/linux/linux_coredump.c:708:2: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c: In function 'dump_elf_pheaders':
p/native/linux/linux_coredump.c:895:2: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'size_t' [-Wformat]
p/native/linux/linux_coredump.c: At top level:
p/native/linux/linux_coredump.c:950:13: warning: 'show_maps' defined but not used [-Wunused-function]
make[4]: *** [p/native/linux/linux_coredump.o] Error 1
make[3]: *** [foo] Error 2
make[2]: *** [debug] Error 2
make[2]: *** Waiting for unfinished jobs....
:
It builds fine in
android-mips
The predef compiler MACRO for MIPS processor on androidand linuxcould be different? And it seems android MIPS != GNU Linux MIPS. OpenWRT is on GNU Linux, on some known routers, and Ubuntu MIPS desktop also exists.
__MIPS__ ; the __mips seems work.PRINT_FPU (fpregs) for MIPS, this just as the same as powerpccase in here.is this mipsbe or mipsel?
It doesnt matters. Both are supported and building fine here. Just waiitng for confirmation. About big endianness, there are some issues still to fix in here. But those are generic to armbe, ppcbe and mipsbe
On 30 Jun 2016, at 07:14, Jeffrey Crowell [email protected] wrote:
is this mipsbe or mipsel?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
on testing mode now.. but during check last code heads/master-0-g2f5ead1 before start tests this error came up, it seems like the latest modification is killing freebsd, and mostly all bsd will be affected in that same broken links https://github.com/radare/radare2/issues/5279
Please help to check and kindly let me know if you want to keep on testing arm/mips/ppc anyway
is this mipsbe or mipsel?
mipsel
I tested anyway. Build test are OKAY now...
mips:~/radare2$ r2 -v
radare2 0.10.4-git 11827 @ linux-mips-32 git.0.10.3-403-g2f5ead1
commit: 2f5ead1efd481af5864acad26fc7307d2555e8f3 build: 2016-07-04
...but!!! the running test has problems, same problem also occurred in the PPC platform too.
e asm.arch) correctly while run in architecture MIPS+ opening MIPS ELFbut on x86 instead, workaround is command line e asm.arch=mips, works.pd& pxresult still shows invalid data.is this mips thing big endian? can you share bins?
is this mips thing big endian? can you share bins?
It's BigEndian of course :) proof:
Magic: 7f 45 4c 46 01 02 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, big endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: MIPS R3000
and
Magic: 7f 45 4c 46 01 02 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, big endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: PowerPC
Well, I guess just in case you want to check the ls and nc bins for MIPS and PPC , below is the link to download them, nc and ls in each architecture (4 files in a zip file).
http://www.mediafire.com/download/c1owfff2c6oeulh/BigEndian.zip
Let me know if you need further tests. I am freezing the vm now.
@unixfreaxjp
Due to: https://github.com/radare/radare2/issues/4969#issuecomment-230260879 < compilation is fixed
Ref to: https://github.com/radare/radare2/issues/4720#issuecomment-230424723 < separate BigEndian issue
This case is closed. Will refer to new issue (for BigEndian parsing, see below link).