Added nvidia turing instructions set (#162)

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

Author: prabhu

blint/config.py

@@ -1399,20 +1399,62 @@ def __post_init__(self):
                     'npxor', 'vpxor', 'vpxord', 'vpxorq',
                     'pshufb', 'vpshufb',
                     'pclmulqdq', 'vpclmulqdq',
-                    'movdqa', 'movdqu', 'vmovdqa', 'vmovdqu',
-                    'padd', 'psub', 'pmul',
-                    'psll', 'psrl', 'psra',
                     'vpaddd', 'vpsubd', 'vpmulld', 'pmaddwd'
                 ]
+
+# https://docs.nvidia.com/cuda/cuda-binary-utilities/index.html#turing-turing-instruction-set-table
 GPU_INDICATORS = [
-                    'glbind', 'glvertex', 'glcolor', 'glbegin', 'glend', 'glenable', 'gldisable', 'glget', 'glset', 'glload', 'glsave', 'gluniform', 'gluseprogram', 'glattachshader', 'gldraw', 'glclear', 'glviewport', 'glmatrix', 'glpushmatrix', 'glpopmatrix',
-                    'cuda', 'cuinit', 'cucontext', 'cudriver', 'cugpu', 'cudevice', 'cumem', 'cuptr', 'cukernel', 'culaunch', 'cugrid', 'cublock', 'cuthread', 'cufree', 'cucopy',
-                    'clgetplatform', 'clgetdevice', 'clcreatecontext', 'clcreatecommandqueue', 'clcreateshared', 'clcreatekernel', 'clsetkernelarg', 'clenqueuendrange', 'clfinish', 'clrelease', 'clbuildprogram',
-                    'd3d', 'd3d11', 'd3d12', 'create', 'device', 'swapchain', 'rendertarget', 'shaders', 'ps_', 'vs_', 'gs_', 'cs_', 'hs_', 'ds_',
-                    'vkcreate', 'vkdestroy', 'vkallocate', 'vkfree', 'vkqueue', 'vksubmit', 'vkwait', 'vkacquire', 'vkpresent', 'vkcmd', 'vkbegin', 'vkend', 'vkbind', 'vkdraw', 'vkdispatch', 'vkcopy', 'vkblit', 'vkclear', 'vkfill', 'vkupdate',
-                    'mtl', 'metal', 'mtldevice', 'mtlcommand', 'mtlrender', 'mtlcompute', 'mtlbuffer', 'mtltexture', 'mtlfunction', 'mtllibrary', 'mtlencoder', 'mtlpass',
-                    'gpu', 'compute', 'shader', 'vertex', 'fragment', 'pixel', 'kernel', 'workgroup', 'local', 'global', 'buffer', 'texture', 'surface',
-                ]
+    'acqbulk', 'acqshminit', 'atom', 'atomg', 'atoms', 'b2r', 'bgmma',
+    'bmov', 'bmma', 'bmsk', 'bpt', 'brx', 'brxu',
+    'bssy', 'bsync', 'bvote', 'cctl', 'cctll', 'cctlt',
+    'cgaerrbar', 'clclear', 'clcolor', 'clcreatecommandqueue',
+    'clcreatecontext', 'clcreatekernel', 'clcreateshared', 'cldevice',
+    'clenqueuendrange', 'clfinish', 'clgetdevice', 'clgetplatform', 'clcopy',
+    'clrelease', 'clsetkernelarg', 'compute', 'credux', 'cs2r',
+    'cs2ur', 'cuda', 'cublock', 'cucontext', 'cucopy', 'cudevice',
+    'cudriver', 'cufree', 'cugpu', 'cugrid', 'cuinit', 'cukernel', 'culaunch',
+    'cumem', 'cuptr', 'cuthread', 'd3d', 'd3d11', 'd3d12', 'depbar',
+    'dfma', 'dmma', 'elect', 'endcollective',
+    'errbar', 'fadd32i',
+    'fchk', 'ffma2', 'ffma32i', 'fhfma', 'fmnmx',
+    'fmnmx3', 'fmul2', 'fmul32i', 'fragment',
+    'fswzadd', 'getlmembase', 'glattachshader', 'glbegin', 'glbind',
+    'glclear', 'glcolor', 'gldisable', 'gldraw', 'glend', 'glenable', 'glget',
+    'glload', 'glmatrix', 'glpopmatrix', 'glpushmatrix', 'glsave', 'glset',
+    'gluniform', 'gluseprogram', 'glvertex', 'glviewport', 'gpu',
+    'gs_', 'hadd2', 'hadd2_32i', 'hfma2', 'hfma2_32i', 'hgmma', 'hmma',
+    'hmnmx2', 'hmul2', 'hmul2_32i',
+    'iadd3', 'iadd32i', 'idp4a', 'igmma',
+    'imma', 'imnmx', 'imul32i', 'iscadd', 'iscadd32i',
+    'jmxu', 'ldcu',
+    'ldgdepbar', 'ldgmc', 'ldgsts' 'ldsm', 'ldtm',
+    'lepc', 'lop3', 'lop32i', 'metal',
+    'mov32i', 'movm', 'mtl', 'mtlbuffer', 'mtlcommand', 'mtlcompute',
+    'mtldevice', 'mtlencoder', 'mtlfunction', 'mtllibrary', 'mtlpass',
+    'mtlrender', 'mtltexture', 'mufu', 'omma', 'p2r',
+    'plop3', 'pmtrig', 'preexit',
+    'qgmma', 'qspc', 'r2b', 'r2p', 'r2ur', 'redas', 'redg', 'redux',
+    'rendertarget', 'rpcmov', 'rtt', 's2r', 's2ur', 'setctaid',
+    'setlmembase', 'shader', 'shaders', 'shf', 'shfl', 'sgxt',
+    'stas', 'stg', 'stsm', 'sttm', 'suatom', 'suld',
+    'sured', 'sust', 'swapchain', 'syncs', 'tex', 'texture', 'tld',
+    'tld4', 'tmml', 'txd', 'txq', 'ublkcp', 'ublkpf', 'ublkred', 'ubmsk',
+    'ubrev', 'ucgabar_arv', 'ucgabar_wait', 'uclea', 'uf2f', 'uf2fp', 'uf2i',
+    'uf2ip', 'ufadd', 'uffma', 'uflo', 'ufmnmx', 'ufmul', 'ufrnd', 'ufsel',
+    'ugetnextworkid', 'ui2f', 'ui2fp', 'ui2i', 'ui2ip',
+    'uiabs', 'uiadd3', 'uiadd3.64', 'uimad', 'uimnmx', 'uldc', 'ulea',
+    'ulepc', 'ulop', 'ulop3', 'ulop32i', 'umemsets', 'up2ur', 'uplop3',
+    'upopc', 'ur2up', 'uredgr', 'usel', 'usetmaxreg',
+    'usgxt', 'ushf', 'ushl', 'ushr', 'ustgr', 'utcatomsws', 'utcbar', 'utccp',
+    'utchmma', 'utcimma', 'utcomma', 'utcqmma', 'utcshift', 'utmacctl',
+    'utmacmdflush', 'utmaldg', 'utmapf', 'utmaredg', 'utmastg', 'uviadd',
+    'uvimnmx', 'uvirtcount', 'vabsdiff4', 'vertex', 'vhmnmx',
+    'viadd', 'viaddmnmx', 'vimnmx', 'vimnmx3', 'vkacquire', 'vkallocate',
+    'vkbegin', 'vkbind', 'vkblit', 'vkclear', 'vkcmd', 'vkcopy', 'vkcreate',
+    'vkdestroy', 'vkdispatch', 'vkdraw', 'vkend', 'vkfill', 'vkfree',
+    'vkpresent', 'vkqueue', 'vksubmit', 'vkupdate', 'vkwait',
+    'warpgroup', 'warpgroupset', 'warpsync', 'vote'
+]
 
 IMPLICIT_REGS_X86 = {
     'mul':    {'read': {'ax', 'eax', 'rax'}, 'write': {'dx', 'ax', 'edx', 'eax', 'rdx', 'rax'}},

blint/lib/disassembler.py

@@ -715,6 +715,8 @@ def disassemble_functions(parsed_obj, metadata, arch_target="", cpu="", features
         arch_target = machine_type
     if arch_target == "arm64" or (metadata.get("binary_type", "") == "MachO" and not arch_target):
         arch_target = "aarch64"
+    if arch_target == "riscv":
+        arch_target = "riscv64"
     if not arch_target:
         arch_target = "x86_64"
     try:
@@ -797,8 +799,8 @@ def disassemble_functions(parsed_obj, metadata, arch_target="", cpu="", features
                 instruction_hash = hashlib.sha256(joined_mnemonics.encode('utf-8')).hexdigest()
                 has_system_call = any(syscall_pattern in lower_assembly for syscall_pattern in SYSCALL_INDICATORS)
                 has_security_feature = any(feature_pattern in lower_assembly for feature_pattern in SECURITY_INDICATORS)
-                has_crypto_call = any(indicator in lower_assembly for indicator in CRYPTO_INDICATORS)
-                has_gpu_call = any(indicator in lower_assembly for indicator in GPU_INDICATORS)
+                has_crypto_call = any(f"{indicator} " in lower_assembly for indicator in CRYPTO_INDICATORS if len(indicator) > 3)
+                has_gpu_call = any(f"{indicator} " in lower_assembly for indicator in GPU_INDICATORS if len(indicator) > 3)
                 function_type = _classify_function(instruction_metrics, instruction_count, plain_assembly_text, has_system_call, has_indirect_call)
                 disassembly_results[f"{func_addr_va_hex}::{func_name}"] = {
                     "name": func_name,

blint/lib/utils.py

@@ -653,6 +653,8 @@ def extract_ar(ar_file: str, to_dir: str | None = None) -> list[str]:
                 for entry in archive:
                     # This workarounds a bug in ar that returns multiple names
                     file_name = entry.name.split("\n")[0].removesuffix("/")
+                    if os.path.sep in file_name:
+                        file_name = file_name.rsplit(os.path.sep, 1)[-1]
                     afile = os.path.join(to_dir, file_name)
                     with open(afile, "wb") as output:
                         output.write(archive.open(entry, "rb").read())