Add ability to specify more parameters to asm() function to specify target architecture

[OBarronCS]

The pwntools asm and make_elf_from_assembly functions are really amazing - they are great for really quickly testing out small snippets of assembly instructions. It would be great to be able to have more fine grained control with the arguments that are passed to the assembler and linker inside of the asm function.

This was spurred by testing a 32-bit RISC-V script that had an assembly instruction that required a RISC-V ISA extension that can be enabled via an assembler flag.

For example, the following RISC-V assembly snippet uses the bset instruction specified in the RISC-V zbs extension (I tested this with the apt gcc-14-riscv64-linux-gnu package installed):

#!/usr/bin/env python3

from pwn import *

context.arch = "riscv32"

RISCV=f"""
li a2, 4
bset a2,zero,a2
"""
out = make_elf_from_assembly(RISCV)

print(out)
print("-"*80)
gdb.debug(out)

pause()

These extensions are typically enabled by appending strings to the -march flag passed to the assembler. For example, to enable the zbs extension, you can change the following line:

pwntools/pwnlib/asm.py

Line 277 in 3eb690b

'riscv32': [gas, '-march=rv32gc', '-mabi=ilp32'],

to

'riscv32': [gas, '-march=rv32gc_zbs', '-mabi=ilp32'],

(note the _zbs)

Perhaps there could be new named parameters such extensions that are passed to the assembler, and similarly another parameter to modify/(override?) the binary format.

[Arusekk]

IMO it should be possible to just enable all the extensions without losing any generality (the only problem is the C extension that forces itself on non-compressed insns; I tried hard to avoid them in a recent PR, and I am mostly satisfied with the result). We can just pass rv32imacfbdvqwerty (or whatever the full extended isa is) and hope the user knows what he or she is doing. I think general custom flags do not bring much benefit to the user, but I am open to that, I just think this particular case can be solved with a simpler solution. Would you mind sketching a preliminary PR so we can start discussing there? Email z wtorku 4 lutego 2025 od OBarronCS:

…

The pwntools `asm` and `make_elf_from_assembly` functions are really amazing - they are great for really quickly testing out small snippets of assembly instructions. It would be great to be able to have more fine grained control with the arguments that are passed to the assembler and linker inside of the `asm` function. This was spurred by testing a 32-bit RISC-V script that had an assembly instruction that required a RISC-V ISA extension that can be enabled via an assembler flag. For example, the following RISC-V assembly snippet uses the `bset` instruction specified in the RISC-V `zbs` extension (I tested this with the apt `gcc-14-riscv64-linux-gnu` package installed): ```python #!/usr/bin/env python3 from pwn import * context.arch = "riscv32" RISCV=f""" li a2, 4 bset a2,zero,a2 """ out = make_elf_from_assembly(RISCV) print(out) print("-"*80) gdb.debug(out) pause() ``` These extensions are typically enabled by appending strings to the `-march` flag passed to the assembler. For example, to enable the `zbs` extension, you can change the following line: https://github.com/Gallopsled/pwntools/blob/3eb690bd38c3311b0e6ce79a45310f80c2b5222e/pwnlib/asm.py#L277 to ```python 'riscv32': [gas, '-march=rv32gc_zbs', '-mabi=ilp32'], ``` (note the `_zbs`) Perhaps there could be new named parameters such `extensions` that are passed to the assembler, and similarly another parameter to modify/(override?) the binary format. -- Reply to this email directly or view it on GitHub: #2539 You are receiving this because you are subscribed to this thread. Message ID: ***@***.***

-- Wysłane z mojego urządzenia Sailfish