Rizin
unix-like reverse engineering framework and cli tools
io_rzk.c
Go to the documentation of this file.
1 // SPDX-FileCopyrightText: 2016-2018 SkUaTeR <skuater@hotmail.com>
2 // SPDX-FileCopyrightText: 2016-2018 panda
3 // SPDX-License-Identifier: LGPL-3.0-only
4 
5 #include <rz_io.h>
6 #include <rz_lib.h>
7 #include <rz_types.h>
8 #include <rz_util.h>
9 #include <sys/types.h>
10 
11 #if __WINDOWS__
12 #include "io_rzk_windows.h"
13 #elif defined(__linux__) && !defined(__GNU__)
14 #include "io_rzk_linux.h"
15 struct io_rzk_linux rzk_struct; // TODO: move this into desc->data
16 #endif
17 
18 int rzk__write(RzIO *io, RzIODesc *fd, const ut8 *buf, int count) {
19 #if __WINDOWS__
20  // eprintf("writing to: 0x%"PFMT64x" len: %x\n",io->off, count);
21  return WriteKernelMemory(io->off, buf, count);
22 #elif defined(__linux__) && !defined(__GNU__)
23  switch (rzk_struct.beid) {
24  case 0:
25  return WriteMemory(io, fd, IOCTL_WRITE_KERNEL_MEMORY, rzk_struct.pid, io->off, buf, count);
26  case 1:
27  return WriteMemory(io, fd, IOCTL_WRITE_PROCESS_ADDR, rzk_struct.pid, io->off, buf, count);
28  case 2:
29  return WriteMemory(io, fd, IOCTL_WRITE_PHYSICAL_ADDR, rzk_struct.pid, io->off, buf, count);
30  default:
31  io->cb_printf("ERROR: Undefined beid in rzk__write.\n");
32  return -1;
33  }
34 #else
35  io->cb_printf("TODO: rzk not implemented for this plataform.\n");
36  return -1;
37 #endif
38 }
39 
40 static int rzk__read(RzIO *io, RzIODesc *fd, ut8 *buf, int count) {
41 #if __WINDOWS__
42  return ReadKernelMemory(io->off, buf, count);
43 #elif defined(__linux__) && !defined(__GNU__)
44  switch (rzk_struct.beid) {
45  case 0:
46  return ReadMemory(io, fd, IOCTL_READ_KERNEL_MEMORY, rzk_struct.pid, io->off, buf, count);
47  case 1:
48  return ReadMemory(io, fd, IOCTL_READ_PROCESS_ADDR, rzk_struct.pid, io->off, buf, count);
49  case 2:
50  return ReadMemory(io, fd, IOCTL_READ_PHYSICAL_ADDR, rzk_struct.pid, io->off, buf, count);
51  default:
52  io->cb_printf("ERROR: Undefined beid in rzk__read.\n");
53  memset(buf, 0xff, count);
54  return count;
55  }
56 #else
57  io->cb_printf("TODO: rzk not implemented for this plataform.\n");
58  memset(buf, 0xff, count);
59  return count;
60 #endif
61 }
62 
63 static int rzk__close(RzIODesc *fd) {
64 #if __WINDOWS__
65  if (gHandleDriver) {
66  CloseHandle(gHandleDriver);
67  StartStopService(TEXT("rzk"), TRUE);
68  }
69 #elif defined(__linux__) && !defined(__GNU__)
70  if (fd) {
71  close((int)(size_t)fd->data);
72  }
73 #else
74  eprintf("TODO: rzk not implemented for this plataform.\n");
75 #endif
76  return 0;
77 }
78 
79 static ut64 rzk__lseek(RzIO *io, RzIODesc *fd, ut64 offset, int whence) {
80  return (!whence) ? offset : whence == 1 ? io->off + offset
81  : UT64_MAX;
82 }
83 
84 static bool rzk__plugin_open(RzIO *io, const char *pathname, bool many) {
85  return (!strncmp(pathname, "rzk://", 6));
86 }
87 
88 static char *rzk__system(RzIO *io, RzIODesc *fd, const char *cmd) {
89  if (!strcmp(cmd, "")) {
90  return NULL;
91  }
92  if (!strncmp(cmd, "mod", 3)) {
93 #if __WINDOWS__
94  GetSystemModules(io);
95 #endif
96  } else {
97 #if defined(__linux__) && !defined(__GNU__)
98  (void)run_ioctl_command(io, fd, cmd);
99  return NULL;
100 #else
101  eprintf("Try: 'R!mod'\n '.R!mod'\n");
102 #endif
103  }
104  return NULL;
105 }
106 
107 static RzIODesc *rzk__open(RzIO *io, const char *pathname, int rw, int mode) {
108  if (!strncmp(pathname, "rzk://", 6)) {
109  rw |= RZ_PERM_WX;
110 #if __WINDOWS__
111  RzIOW32 *w32 = RZ_NEW0(RzIOW32);
112  if (Init(&pathname[6]) == FALSE) {
113  eprintf("rzk__open: Error cant init driver: %s\n", &pathname[6]);
114  free(w32);
115  return NULL;
116  }
117  // return rz_io_desc_new (&rz_io_plugin_rzk, -1, pathname, rw, mode, w32);
118  return rz_io_desc_new(io, &rz_io_plugin_rzk, pathname, rw, mode, w32);
119 #elif defined(__linux__) && !defined(__GNU__)
120  int fd = open("/dev/rzk", O_RDONLY);
121  if (fd == -1) {
122  io->cb_printf("rzk__open: Error in opening /dev/rzk.");
123  return NULL;
124  }
125 
126  rzk_struct.beid = 0;
127  rzk_struct.pid = 0;
128  rzk_struct.wp = 1;
129  return rz_io_desc_new(io, &rz_io_plugin_rzk, pathname, rw, mode, (void *)(size_t)fd);
130 #else
131  io->cb_printf("Not supported on this platform\n");
132 #endif
133  }
134  return NULL;
135 }
136 
137 RzIOPlugin rz_io_plugin_rzk = {
138  .name = "rzk",
139  .desc = "Kernel access API io",
140  .uris = "rzk://",
141  .license = "LGPL3",
142  .open = rzk__open,
143  .close = rzk__close,
144  .read = rzk__read,
145  .check = rzk__plugin_open,
146  .lseek = rzk__lseek,
147  .system = rzk__system,
148  .write = rzk__write,
149 };
150 
151 #ifndef RZ_PLUGIN_INCORE
152 RZ_API RzLibStruct rizin_plugin = {
153  .type = RZ_LIB_TYPE_IO,
154  .data = &rz_io_plugin_rzk,
155  .version = RZ_VERSION
156 };
157 #endif
RZ_API
#define RZ_API
Definition: core_plugin_example.c:36
NULL
#define NULL
Definition: cris-opc.c:27
close
static static fork const void static count close
Definition: sflib.h:33
count
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void count
Definition: sflib.h:98
cmd
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags cmd
Definition: sflib.h:79
free
RZ_API void Ht_() free(HtName_(Ht) *ht)
Definition: ht_inc.c:130
rzk__system
static char * rzk__system(RzIO *io, RzIODesc *fd, const char *cmd)
Definition: io_rzk.c:88
rzk__lseek
static ut64 rzk__lseek(RzIO *io, RzIODesc *fd, ut64 offset, int whence)
Definition: io_rzk.c:79
rz_io_plugin_rzk
RzIOPlugin rz_io_plugin_rzk
Definition: io_rzk.c:137
rizin_plugin
RZ_API RzLibStruct rizin_plugin
Definition: io_rzk.c:152
rzk__close
static int rzk__close(RzIODesc *fd)
Definition: io_rzk.c:63
rzk__plugin_open
static bool rzk__plugin_open(RzIO *io, const char *pathname, bool many)
Definition: io_rzk.c:84
rzk__write
int rzk__write(RzIO *io, RzIODesc *fd, const ut8 *buf, int count)
Definition: io_rzk.c:18
rzk__open
static RzIODesc * rzk__open(RzIO *io, const char *pathname, int rw, int mode)
Definition: io_rzk.c:107
rzk__read
static int rzk__read(RzIO *io, RzIODesc *fd, ut8 *buf, int count)
Definition: io_rzk.c:40
WriteMemory
int WriteMemory(RzIO *io, RzIODesc *iodesc, int ioctl_n, size_t pid, ut64 address, const ut8 *buf, int len)
Definition: io_rzk_linux.c:351
ReadMemory
int ReadMemory(RzIO *io, RzIODesc *iodesc, int ioctl_n, size_t pid, size_t address, ut8 *buf, int len)
Definition: io_rzk_linux.c:272
run_ioctl_command
int run_ioctl_command(RzIO *io, RzIODesc *iodesc, const char *buf)
Definition: io_rzk_linux.c:842
io_rzk_linux.h
IOCTL_READ_KERNEL_MEMORY
#define IOCTL_READ_KERNEL_MEMORY
Definition: io_rzk_linux.h:110
IOCTL_READ_PHYSICAL_ADDR
#define IOCTL_READ_PHYSICAL_ADDR
Definition: io_rzk_linux.h:114
rzk_struct
struct io_rzk_linux rzk_struct
IOCTL_WRITE_PHYSICAL_ADDR
#define IOCTL_WRITE_PHYSICAL_ADDR
Definition: io_rzk_linux.h:115
IOCTL_WRITE_PROCESS_ADDR
#define IOCTL_WRITE_PROCESS_ADDR
Definition: io_rzk_linux.h:113
IOCTL_WRITE_KERNEL_MEMORY
#define IOCTL_WRITE_KERNEL_MEMORY
Definition: io_rzk_linux.h:111
IOCTL_READ_PROCESS_ADDR
#define IOCTL_READ_PROCESS_ADDR
Definition: io_rzk_linux.h:112
gHandleDriver
HANDLE gHandleDriver
Definition: io_rzk_windows.c:8
GetSystemModules
int GetSystemModules(RzIO *io)
Definition: io_rzk_windows.c:94
ReadKernelMemory
int ReadKernelMemory(ut64 address, ut8 *buf, int len)
Definition: io_rzk_windows.c:118
StartStopService
BOOL StartStopService(LPCTSTR lpServiceName, BOOL bStop)
Definition: io_rzk_windows.c:43
WriteKernelMemory
int WriteKernelMemory(ut64 address, const ut8 *buf, int len)
Definition: io_rzk_windows.c:147
Init
int Init(const char *driverPath)
Definition: io_rzk_windows.c:175
io_rzk_windows.h
offset
voidpf uLong offset
Definition: ioapi.h:144
mode
const char int mode
Definition: ioapi.h:137
buf
voidpf void * buf
Definition: ioapi.h:138
ut8
uint8_t ut8
Definition: lh5801.h:11
memset
return memset(p, 0, total)
pathname
static static fork const void static count static fd const char const char static newpath char char char static envp time_t static t const char static mode static whence const char static dir time_t static t unsigned static seconds const char struct utimbuf static buf static inc static sig const char pathname
Definition: sflib.h:66
TRUE
#define TRUE
Definition: mybfd.h:103
FALSE
#define FALSE
Definition: mybfd.h:102
eprintf
#define eprintf(x, y...)
Definition: rlcc.c:7
rz_io.h
rz_io_desc_new
RZ_API RzIODesc * rz_io_desc_new(RzIO *io, RzIOPlugin *plugin, const char *uri, int flags, int mode, void *data)
Definition: io_desc.c:11
rz_lib.h
RZ_LIB_TYPE_IO
@ RZ_LIB_TYPE_IO
Definition: rz_lib.h:69
rz_types.h
RZ_NEW0
#define RZ_NEW0(x)
Definition: rz_types.h:284
RZ_PERM_WX
#define RZ_PERM_WX
Definition: rz_types.h:99
UT64_MAX
#define UT64_MAX
Definition: rz_types_base.h:86
rz_util.h
RZ_VERSION
#define RZ_VERSION
Definition: rz_version.h:8
O_RDONLY
#define O_RDONLY
Definition: sftypes.h:486
io_rzk_linux
Definition: io_rzk_linux.h:27
io_rzk_linux::pid
int pid
Definition: io_rzk_linux.h:29
io_rzk_linux::wp
ut8 wp
Definition: io_rzk_linux.h:30
io_rzk_linux::beid
int beid
Definition: io_rzk_linux.h:28
rz_io_desc_t
Definition: rz_io.h:95
rz_io_plugin_t
Definition: rz_io.h:114
rz_io_plugin_t::name
const char * name
Definition: rz_io.h:115
rz_io_plugin_t::version
const char * version
Definition: rz_io.h:117
rz_io_t
Definition: rz_io.h:59
rz_io_t::off
ut64 off
Definition: rz_io.h:61
rz_io_t::cb_printf
PrintfCallback cb_printf
Definition: rz_io.h:91
rz_lib_struct_t
Definition: rz_lib.h:57
rz_lib_struct_t::type
int type
Definition: rz_lib.h:58
ut64
ut64(WINAPI *w32_GetEnabledXStateFeatures)()
fd
static const z80_opcode fd[]
Definition: z80_tab.h:997