@Leeky pointed out some of the issues. After looking a bit into
ftrace, you will really have to change quite some code. Most of the ELF related stuff should be fine, but in addition to the
jump opcodes you may also have to rework the break points (that uses a different instruction on ARM) and specially the
getargs function that will be pretty different.
The ARM ABI is actually closer to x86_64 than to the 32bits counterpart, in the sense that parameters are passed in registers (in the normal case), but the way to resolve pointer is a bit different. For example, this is a call to a
puts function on an ARM 32 bits (not Thumb).
00008604: ldr r0, [pc, #0x68]
00008608: bl <[email protected]>
The first instruction load on
r0 the first parameters (for x86_64
rdi is used instead), then it uses PC relative addressing, to load the pointer to the actual string to print. This translates in calculating the position of that pointer (PC + 0x68 + 4 = 0x8608 + 0x68 + 4 = 0x8670) and use the content of that position.
Summing up, it looks like quite some work to port the tool to ARM… but I would say you will learn a ton doing it
At first glance I think using capstone will simplify a bit the parsing. For instance, it already classifies some mnemonics as jumps or calls automatically. However I have had issues working with Thumb code and specially when Thumb and ARM32 code is mixed.