linux_coredump.h File Reference

#include "elf_specs.h"
#include <sys/procfs.h>

Go to the source code of this file.

Classes
struct	proc_per_process
struct	proc_per_thread
struct	proc_content
struct	map_file
struct	linux_map_entry
struct	auxv_buff
struct	thread_elf_note
struct	proc_elf_note
struct	elf_note_types

Macros
#define	SIZE_PR_FNAME   16
#define	RZ_DEBUG_REG_T   struct user_regs_struct
#define	SIZE_NT_FILE_DESCSZ   sizeof(unsigned long) * 3 /* start_address * end_address * offset_address */
#define	X_MEM   0x1
#define	W_MEM   0x2
#define	RZ_MEM   0x4
#define	P_MEM   0x8
#define	S_MEM   0x10
#define	WRG_PERM   0x20
#define	MAP_ANON_PRIV   0x1
#define	MAP_ANON_SHR   0x2
#define	MAP_FILE_PRIV   0x4
#define	MAP_FILE_SHR   0x8
#define	MAP_ELF_HDR   0x10
#define	MAP_HUG_PRIV   0x20
#define	MAP_HUG_SHR   0x40
#define	SH_FLAG   0x1
#define	IO_FLAG   0x2
#define	DD_FLAG   0x4
#define	HT_FLAG   0x8
#define	PV_FLAG   0x10 /* just for us */
#define	ADD_MAP_NODE(p)

Typedefs
typedef struct proc_per_process	proc_per_process_t
typedef struct proc_per_thread	proc_per_thread_t
typedef struct proc_content	proc_content_t
typedef struct map_file	map_file_t
typedef struct linux_map_entry	linux_map_entry_t
typedef struct auxv_buff	auxv_buff_t
typedef struct thread_elf_note	thread_elf_note_t
typedef struct proc_elf_note	elf_proc_note_t
typedef struct elf_note_types	note_info_t

Enumerations
enum	note_type_t {   NT_PRPSINFO_T = 0 , NT_AUXV_T , NT_FILE_T , NT_PRSTATUS_T ,   NT_SIGINFO_T , NT_FPREGSET_T , NT_LENGHT_T }
enum	MAPS_FIELD {   ADDR , PERM , OFFSET , DEV ,   INODE , NAME }

Functions
ssize_t	process_vm_readv (pid_t pid, const struct iovec *local_iov, unsigned long liovcnt, const struct iovec *remote_iov, unsigned long riovcnt, unsigned long flags)
bool	linux_generate_corefile (RzDebug *dbg, RzBuffer *dest)
int	linux_reg_read (RzDebug *dbg, int type, ut8 *buf, int size)

Macro Definition Documentation

ADD_MAP_NODE

#define ADD_MAP_NODE

(

p

)

Value:

    { \
        if (me_head) { \
            p->n = NULL; \
            me_tail->n = p; \
            me_tail = p; \
        } else { \
            me_head = p; \
            me_tail = p; \
        } \
    }

Definition at line 147 of file linux_coredump.h.

DD_FLAG

#define DD_FLAG   0x4

Definition at line 94 of file linux_coredump.h.

HT_FLAG

#define HT_FLAG   0x8

Definition at line 95 of file linux_coredump.h.

IO_FLAG

#define IO_FLAG   0x2

Definition at line 93 of file linux_coredump.h.

MAP_ANON_PRIV

#define MAP_ANON_PRIV   0x1

Definition at line 84 of file linux_coredump.h.

MAP_ANON_SHR

#define MAP_ANON_SHR   0x2

Definition at line 85 of file linux_coredump.h.

MAP_ELF_HDR

#define MAP_ELF_HDR   0x10

Definition at line 88 of file linux_coredump.h.

MAP_FILE_PRIV

#define MAP_FILE_PRIV   0x4

Definition at line 86 of file linux_coredump.h.

MAP_FILE_SHR

#define MAP_FILE_SHR   0x8

Definition at line 87 of file linux_coredump.h.

MAP_HUG_PRIV

#define MAP_HUG_PRIV   0x20

Definition at line 89 of file linux_coredump.h.

MAP_HUG_SHR

#define MAP_HUG_SHR   0x40

Definition at line 90 of file linux_coredump.h.

P_MEM

#define P_MEM   0x8

Definition at line 80 of file linux_coredump.h.

PV_FLAG

#define PV_FLAG   0x10 /* just for us */

Definition at line 96 of file linux_coredump.h.

RZ_DEBUG_REG_T

#define RZ_DEBUG_REG_T   struct user_regs_struct

Definition at line 63 of file linux_coredump.h.

RZ_MEM

#define RZ_MEM   0x4

Definition at line 79 of file linux_coredump.h.

S_MEM

#define S_MEM   0x10

Definition at line 81 of file linux_coredump.h.

SH_FLAG

#define SH_FLAG   0x1

Definition at line 92 of file linux_coredump.h.

SIZE_NT_FILE_DESCSZ

#define SIZE_NT_FILE_DESCSZ   sizeof(unsigned long) * 3 /* start_address * end_address * offset_address */

Definition at line 65 of file linux_coredump.h.

SIZE_PR_FNAME

#define SIZE_PR_FNAME   16

Definition at line 61 of file linux_coredump.h.

W_MEM

#define W_MEM   0x2

Definition at line 78 of file linux_coredump.h.

WRG_PERM

#define WRG_PERM   0x20

Definition at line 82 of file linux_coredump.h.

X_MEM

#define X_MEM   0x1

Definition at line 77 of file linux_coredump.h.

Typedef Documentation

auxv_buff_t

typedef struct auxv_buff auxv_buff_t

elf_proc_note_t

typedef struct proc_elf_note elf_proc_note_t

linux_map_entry_t

typedef struct linux_map_entry linux_map_entry_t

map_file_t

typedef struct map_file map_file_t

note_info_t

typedef struct elf_note_types note_info_t

proc_content_t

typedef struct proc_content proc_content_t

proc_per_process_t

typedef struct proc_per_process proc_per_process_t

proc_per_thread_t

typedef struct proc_per_thread proc_per_thread_t

thread_elf_note_t

typedef struct thread_elf_note thread_elf_note_t

Enumeration Type Documentation

MAPS_FIELD

enum MAPS_FIELD

Enumerator
ADDR
PERM
OFFSET
DEV
INODE
NAME

Definition at line 214 of file linux_coredump.h.

             {
    ADDR,
    PERM,
    OFFSET,
    DEV,
    INODE,
    NAME
} MAPS_FIELD;

note_type_t

enum note_type_t

Enumerator
NT_PRPSINFO_T
NT_AUXV_T
NT_FILE_T
NT_PRSTATUS_T
NT_SIGINFO_T
NT_FPREGSET_T
NT_LENGHT_T

Definition at line 189 of file linux_coredump.h.

             {
    NT_PRPSINFO_T = 0,
    NT_AUXV_T,
    NT_FILE_T,
    NT_PRSTATUS_T,
    NT_SIGINFO_T,
    NT_FPREGSET_T,
#if __i386__
    NT_PRXFPREG_T,
#endif
#if __i386__ || __x86_64__
    NT_X86_XSTATE_T,
#elif __arm__ || __arm64__
    NT_ARM_VFP_T,
#endif
    NT_LENGHT_T
} note_type_t;

Function Documentation

linux_generate_corefile()

bool linux_generate_corefile	(	RzDebug *	dbg,
		RzBuffer *	dest
	)

linux_reg_read()

int linux_reg_read	(	RzDebug *	dbg,
		int	type,
		ut8 *	buf,
		int	size
	)

Definition at line 1090 of file linux_debug.c.

                                                               {
    bool showfpu = false;
    int pid = dbg->tid;
    int ret = 0;
    if (type < -1) {
        showfpu = true;
        type = -type;
    }
    switch (type) {
    case RZ_REG_TYPE_DRX:
#if __POWERPC__
        // no drx for powerpc
        return false;
#elif __i386__ || __x86_64__
#if !__ANDROID__
    {
        int i;
        for (i = 0; i < 8; i++) { // DR0-DR7
            if (i == 4 || i == 5) {
                continue;
            }
            long ret = rz_debug_ptrace(dbg, PTRACE_PEEKUSER, pid,
                (void *)rz_offsetof(struct user, u_debugreg[i]), 0);
            if ((i + 1) * sizeof(ret) > size) {
                eprintf("linux_reg_get: Buffer too small %d\n", size);
                break;
            }
            memcpy(buf + (i * sizeof(ret)), &ret, sizeof(ret));
        }
        struct user a;
        return sizeof(a.u_debugreg);
    }
#else
#warning Android X86 does not support DRX
#endif
#endif
        return true;
        break;
    case RZ_REG_TYPE_FPU:
    case RZ_REG_TYPE_MMX:
    case RZ_REG_TYPE_XMM:
#if __POWERPC__
        return false;
#elif __x86_64__ || __i386__
    {
        struct user_fpregs_struct fpregs;
        if (type == RZ_REG_TYPE_FPU) {
#if __x86_64__
            ret = rz_debug_ptrace(dbg, PTRACE_GETFPREGS, pid, NULL, &fpregs);
            if (ret != 0) {
                rz_sys_perror("PTRACE_GETFPREGS");
                return false;
            }
            if (showfpu) {
                print_fpu((void *)&fpregs);
            }
            size = RZ_MIN(sizeof(fpregs), size);
            memcpy(buf, &fpregs, size);
            return size;
#elif __i386__
#if !__ANDROID__
            struct user_fpxregs_struct fpxregs;
            ret = rz_debug_ptrace(dbg, PTRACE_GETFPXREGS, pid, NULL, &fpxregs);
            if (ret == 0) {
                if (showfpu) {
                    print_fpu((void *)&fpxregs);
                }
                size = RZ_MIN(sizeof(fpxregs), size);
                memcpy(buf, &fpxregs, size);
                return size;
            } else {
                ret = rz_debug_ptrace(dbg, PTRACE_GETFPREGS, pid, NULL, &fpregs);
                if (showfpu) {
                    print_fpu((void *)&fpregs);
                }
                if (ret != 0) {
                    rz_sys_perror("PTRACE_GETFPREGS");
                    return false;
                }
                size = RZ_MIN(sizeof(fpregs), size);
                memcpy(buf, &fpregs, size);
                return size;
            }
#else
            ret = rz_debug_ptrace(dbg, PTRACE_GETFPREGS, pid, NULL, &fpregs);
            if (showfpu) {
                print_fpu((void *)&fpregs);
            }
            if (ret != 0) {
                rz_sys_perror("PTRACE_GETFPREGS");
                return false;
            }
            size = RZ_MIN(sizeof(fpregs), size);
            memcpy(buf, &fpregs, size);
            return size;
#endif // !__ANDROID__
#endif // __i386__
        }
    }
#else
#warning getfpregs not implemented for this platform
#endif
        break;
    case RZ_REG_TYPE_SEG:
    case RZ_REG_TYPE_FLG:
    case RZ_REG_TYPE_GPR: {
        RZ_DEBUG_REG_T regs;
        memset(&regs, 0, sizeof(regs));
        memset(buf, 0, size);
#if (__arm64__ || __aarch64__ || __s390x__) && defined(PTRACE_GETREGSET)
        struct iovec io = {
            .iov_base = &regs,
            .iov_len = sizeof(regs)
        };
        ret = rz_debug_ptrace(dbg, PTRACE_GETREGSET, pid, 1, &io);
        // ret = ptrace (PTRACE_GETREGSET, pid, (void*)(size_t)(NT_PRSTATUS), NULL); // &io);
        if (ret != 0) {
            rz_sys_perror("PTRACE_GETREGSET");
            return false;
        }
#elif __BSD__ && (__POWERPC__ || __sparc__)
        ret = rz_debug_ptrace(dbg, PTRACE_GETREGS, pid, &regs, NULL);
#else
        /* linux -{arm/mips/riscv/x86/x86_64} */
        ret = rz_debug_ptrace(dbg, PTRACE_GETREGS, pid, NULL, &regs);
#endif
        /*
         * if perror here says 'no such process' and the
         * process exists still.. is because there's a missing call
         * to 'wait'. and the process is not yet available to accept
         * more ptrace queries.
         */
        if (ret != 0) {
            rz_sys_perror("PTRACE_GETREGS");
            return false;
        }
        size = RZ_MIN(sizeof(regs), size);
        memcpy(buf, &regs, size);
        return size;
    } break;
    case RZ_REG_TYPE_YMM: {
#if HAVE_YMM && __x86_64__ && defined(PTRACE_GETREGSET)
        ut32 ymm_space[128]; // full ymm registers
        struct _xstate xstate;
        struct iovec iov;
        iov.iov_base = &xstate;
        iov.iov_len = sizeof(struct _xstate);
        ret = rz_debug_ptrace_get_x86_xstate(dbg, pid, &iov);
        if (ret == -1) {
            return false;
        }
        // stitch together xstate.fpstate._xmm and xstate.ymmh assuming LE
        int ri, rj;
        for (ri = 0; ri < 16; ri++) {
            for (rj = 0; rj < 4; rj++) {
#ifdef __ANDROID__
                ymm_space[ri * 8 + rj] = ((struct _libc_fpstate *)&xstate.fpstate)->_xmm[ri].element[rj];
#else
                ymm_space[ri * 8 + rj] = xstate.fpstate._xmm[ri].element[rj];
#endif
            }
            for (rj = 0; rj < 4; rj++) {
                ymm_space[ri * 8 + (rj + 4)] = xstate.ymmh.ymmh_space[ri * 4 + rj];
            }
        }
        size = RZ_MIN(sizeof(ymm_space), size);
        memcpy(buf, &ymm_space, size);
        return size;
#endif
        return false;
    } break;
    }
    return false;
}

References a, dbg, eprintf, i, iov, memcpy(), memset(), NULL, pid, print_fpu(), PTRACE_GETFPREGS, PTRACE_GETFPXREGS, PTRACE_GETREGS, PTRACE_PEEKUSER, regs, rz_debug_ptrace_get_x86_xstate(), RZ_DEBUG_REG_T, RZ_MIN, rz_offsetof, RZ_REG_TYPE_DRX, RZ_REG_TYPE_FLG, RZ_REG_TYPE_FPU, RZ_REG_TYPE_GPR, RZ_REG_TYPE_MMX, RZ_REG_TYPE_SEG, RZ_REG_TYPE_XMM, RZ_REG_TYPE_YMM, rz_sys_perror, rz_debug_t::tid, and type.

process_vm_readv()

ssize_t process_vm_readv	(	pid_t	pid,
		const struct iovec *	local_iov,
		unsigned long	liovcnt,
		const struct iovec *	remote_iov,
		unsigned long	riovcnt,
		unsigned long	flags
	)