Context Navigation

source: neercs/trunk/src/mytrace.c @ 3497
Tweet

Last change on this file since 3497 was 3326, checked in by Sam Hocevar, 12 years ago
mytrace.c: disambiguate error messages and use perror() instead of fprintf().
Property svn:eol-style set to `native`
File size: 16.5 KB

Line
1	/*
2	* neercs console-based window manager
3	* Copyright (c) 2008 Pascal Terjan
4	* (c) 2008 Sam Hocevar <sam@zoy.org>
5	* All Rights Reserved
6	*
7	* $Id$
8	*
9	* This program is free software. It comes without any warranty, to
10	* the extent permitted by applicable law. You can redistribute it
11	* and/or modify it under the terms of the Do What The Fuck You Want
12	* To Public License, Version 2, as published by Sam Hocevar. See
13	* http://sam.zoy.org/wtfpl/COPYING for more details.
14	*/
15
16	#include "config.h"
17
18	#include <errno.h>
19	#include <fcntl.h>
20	#include <limits.h>
21	#include <stdio.h>
22	#include <stdlib.h>
23	#include <string.h>
24
25	#if defined USE_GRAB
26	# include <sys/ptrace.h>
27	# include <sys/stat.h>
28	# include <sys/syscall.h>
29	# include <sys/user.h>
30	# include <sys/wait.h>
31	#endif
32
33	#include "neercs.h"
34	#include "mytrace.h"
35
36	#if defined USE_GRAB
37	static int memcpy_from_target(struct mytrace *t,
38	char* dest, long src, size_t n);
39	static int memcpy_into_target(struct mytrace *t,
40	long dest, char const *src, size_t n);
41	static long remote_syscall(struct mytrace *t, long call,
42	long arg1, long arg2, long arg3);
43	# if defined DEBUG
44	static void print_registers(pid_t pid);
45	# else
46	# define print_registers(x) do {} while(0)
47	# endif
48
49	#define X(x) #x
50	#define STRINGIFY(x) X(x)
51
52	#define SYSCALL_X86 0x80cd /* CD 80 = int $0x80 */
53	#define SYSCALL_X86_NEW 0xf3eb /* EB F3 = jmp <__kernel_vsyscall+0x3> */
54	#define SYSENTER 0x340f /* 0F 34 = sysenter */
55	#define SYSCALL_AMD64 0x050fL /* 0F 05 = syscall */
56
57	#if defined __x86_64__
58	# define RAX rax
59	# define RBX rbx
60	# define RCX rcx
61	# define RDX rdx
62	# define RSP rsp
63	# define RBP rbp
64	# define RIP rip
65	# define RDI rdi
66	# define RSI rsi
67	# define FMT "%016lx"
68	#else
69	# define RAX eax
70	# define RBX ebx
71	# define RCX ecx
72	# define RDX edx
73	# define RSP esp
74	# define RBP ebp
75	# define RIP eip
76	# define RDI edi
77	# define RSI esi
78	# define FMT "%08lx"
79	#endif
80
81	#define MYCALL_OPEN 0
82	#define MYCALL_CLOSE 1
83	#define MYCALL_WRITE 2
84	#define MYCALL_DUP2 3
85	#define MYCALL_SETPGID 4
86	#define MYCALL_SETSID 5
87	#define MYCALL_KILL 6
88	#define MYCALL_FORK 7
89	#define MYCALL_EXIT 8
90	#define MYCALL_EXECVE 9
91
92	#if defined __x86_64__
93	/* from unistd_32.h on an amd64 system */
94	int syscalls32[] = { 5, 6, 4, 63, 57, 66, 37, 2, 1, 11 };
95	int syscalls64[] =
96	#else
97	int syscalls32[] =
98	#endif
99	{ SYS_open, SYS_close, SYS_write, SYS_dup2, SYS_setpgid, SYS_setsid,
100	SYS_kill, SYS_fork, SYS_exit, SYS_execve };
101
102	char const *syscallnames[] =
103	{ "open", "close", "write", "dup2", "setpgid", "setsid", "kill", "fork",
104	"exit", "execve" };
105
106	#endif /* USE_GRAB */
107
108	struct mytrace
109	{
110	pid_t pid, child;
111	};
112
113	struct mytrace* mytrace_attach(long int pid)
114	{
115	#if defined USE_GRAB
116	struct mytrace *t;
117	int status;
118
119	if(ptrace(PTRACE_ATTACH, pid, 0, 0) < 0)
120	{
121	perror("PTRACE_ATTACH (attach)");
122	return NULL;
123	}
124	if(waitpid(pid, &status, 0) < 0)
125	{
126	perror("waitpid");
127	return NULL;
128	}
129	if(!WIFSTOPPED(status))
130	{
131	fprintf(stderr, "traced process was not stopped\n");
132	ptrace(PTRACE_DETACH, pid, 0, 0);
133	return NULL;
134	}
135
136	t = malloc(sizeof(struct mytrace));
137	t->pid = pid;
138	t->child = 0;
139
140	return t;
141	#else
142	errno = ENOSYS;
143	return NULL;
144	#endif
145	}
146
147	struct mytrace* mytrace_fork(struct mytrace *t)
148	{
149	#if defined USE_GRAB
150	struct mytrace *child;
151
152	ptrace(PTRACE_SETOPTIONS, t->pid, NULL, PTRACE_O_TRACEFORK);
153	remote_syscall(t, MYCALL_FORK, 0, 0, 0);
154	waitpid(t->child, NULL, 0);
155
156	child = malloc(sizeof(struct mytrace));
157	child->pid = t->child;
158	child->child = 0;
159
160	return child;
161	#else
162	errno = ENOSYS;
163	return NULL;
164	#endif
165	}
166
167	int mytrace_detach(struct mytrace *t)
168	{
169	#if defined USE_GRAB
170	ptrace(PTRACE_DETACH, t->pid, 0, 0);
171	free(t);
172
173	return 0;
174	#else
175	errno = ENOSYS;
176	return -1;
177	#endif
178	}
179
180	long mytrace_getpid(struct mytrace *t)
181	{
182	#if defined USE_GRAB
183	return t->pid;
184	#else
185	errno = ENOSYS;
186	return -1;
187	#endif
188	}
189
190	int mytrace_open(struct mytrace t, char const path, int mode)
191	{
192	#if defined USE_GRAB
193	char backup_data[4096];
194	struct user_regs_struct regs;
195	size_t size = strlen(path) + 1;
196	int ret;
197
198	if(ptrace(PTRACE_GETREGS, t->pid, NULL, &regs) < 0)
199	{
200	perror("PTRACE_GETREGS (open)\n");
201	return errno;
202	}
203
204	/* Backup the data that we will use */
205	if(memcpy_from_target(t, backup_data, regs.RSP, size) < 0)
206	return -1;
207
208	memcpy_into_target(t, regs.RSP, path, size);
209
210	ret = remote_syscall(t, MYCALL_OPEN, regs.RSP, O_RDWR, 0755);
211
212	/* Restore the data */
213	memcpy_into_target(t, regs.RSP, backup_data, size);
214
215	if(ret < 0)
216	{
217	errno = ret;
218	return -1;
219	}
220
221	return ret;
222	#else
223	errno = ENOSYS;
224	return -1;
225	#endif
226	}
227
228	int mytrace_close(struct mytrace *t, int fd)
229	{
230	#if defined USE_GRAB
231	return remote_syscall(t, MYCALL_CLOSE, fd, 0, 0);
232	#else
233	errno = ENOSYS;
234	return -1;
235	#endif
236	}
237
238	int mytrace_write(struct mytrace t, int fd, char const data, size_t len)
239	{
240	#if defined USE_GRAB
241	struct user_regs_struct regs;
242	char *backup_data;
243	int ret;
244
245	if(ptrace(PTRACE_GETREGS, t->pid, NULL, &regs) < 0)
246	{
247	perror("PTRACE_GETREGS (write)\n");
248	return errno;
249	}
250
251	backup_data = malloc(len);
252
253	/* Backup the data that we will use */
254	if(memcpy_from_target(t, backup_data, regs.RSP, len) < 0)
255	return -1;
256
257	memcpy_into_target(t, regs.RSP, data, len);
258
259	ret = remote_syscall(t, MYCALL_WRITE, fd, regs.RSP, len);
260
261	/* Restore the data */
262	memcpy_into_target(t, regs.RSP, backup_data, len);
263
264	if(ret < 0)
265	{
266	errno = ret;
267	return -1;
268	}
269
270	return ret;
271	#else
272	errno = ENOSYS;
273	return -1;
274	#endif
275	}
276
277	int mytrace_dup2(struct mytrace *t, int oldfd, int newfd)
278	{
279	#if defined USE_GRAB
280	return remote_syscall(t, MYCALL_DUP2, oldfd, newfd, 0);
281	#else
282	errno = ENOSYS;
283	return -1;
284	#endif
285	}
286
287	int mytrace_setpgid(struct mytrace *t, long pid, long pgid)
288	{
289	#if defined USE_GRAB
290	return remote_syscall(t, MYCALL_SETPGID, pid, pgid, 0);
291	#else
292	errno = ENOSYS;
293	return -1;
294	#endif
295	}
296
297	int mytrace_setsid(struct mytrace *t)
298	{
299	#if defined USE_GRAB
300	return remote_syscall(t, MYCALL_SETSID, 0, 0, 0);
301	#else
302	errno = ENOSYS;
303	return -1;
304	#endif
305	}
306
307	int mytrace_kill(struct mytrace *t, long pid, int sig)
308	{
309	#if defined USE_GRAB
310	return remote_syscall(t, MYCALL_KILL, pid, sig, 0);
311	#else
312	errno = ENOSYS;
313	return -1;
314	#endif
315	}
316
317	int mytrace_exit(struct mytrace *t, int status)
318	{
319	#if defined USE_GRAB
320	ptrace(PTRACE_SETOPTIONS, t->pid, NULL, PTRACE_O_TRACEEXIT);
321	return remote_syscall(t, MYCALL_EXIT, status, 0, 0);
322	#else
323	errno = ENOSYS;
324	return -1;
325	#endif
326	}
327
328	int mytrace_exec(struct mytrace t, char const command)
329	{
330	#if defined USE_GRAB
331	struct user_regs_struct regs;
332	char env, p;
333	long p2, envaddr, argvaddr, envptraddr;
334	char envpath[PATH_MAX+1];
335	ssize_t envsize = 16*1024;
336	int ret, fd, l, l2;
337	char *nullp = NULL;
338	ssize_t r;
339
340	ptrace(PTRACE_SETOPTIONS, t->pid, NULL, PTRACE_O_TRACEEXEC);
341
342	if(ptrace(PTRACE_GETREGS, t->pid, NULL, &regs) < 0)
343	{
344	perror("PTRACE_GETREGS (exec)\n");
345	return errno;
346	}
347
348	debug("PTRACE_GETREGS done");
349	env = malloc(envsize);
350	if (!env)
351	return -1;
352
353	snprintf(envpath, PATH_MAX, "/proc/%d/environ", t->pid);
354
355	fd = open(envpath, O_RDONLY);
356	if (fd == -1)
357	return -1;
358	r = read(fd, env, envsize);
359	close(fd);
360	if (r == -1)
361	return -1;
362	while (r == envsize)
363	{
364	free(env);
365	env = malloc(envsize);
366	if (!env)
367	return -1;
368	fd = open(envpath, O_RDONLY);
369	r = read(fd, env, envsize);
370	close(fd);
371	if (r == -1)
372	return -1;
373	}
374	envsize = r;
375	l2 = sizeof(char ); / Size of a pointer */
376	p2 = regs.RSP;
377
378	/* First argument is the command string */
379	l = strlen(command)+1;
380	memcpy_into_target(t, p2, command, l);
381	p2 += l;
382
383	/* Second argument is argv */
384	argvaddr = p2;
385	/* argv[0] is a pointer to the command string */
386	memcpy_into_target(t, p2, (char *)&regs.RSP, l2);
387	p2 += l2;
388	/* Then follows a NULL pointer */
389	memcpy_into_target(t, p2, (char *)&nullp, l2);
390	p2 += l2;
391
392	/* Third argument is the environment */
393	/* First, copy all the strings */
394	memcpy_into_target(t, p2, env, envsize);
395	envaddr = p2;
396	p2 += envsize;
397	/* Then write an array of pointers to the strings */
398	envptraddr = p2;
399	p = env;
400	while (p < env+envsize)
401	{
402	long diffp = p - env + envaddr;
403	memcpy_into_target(t, p2, (char *)&diffp, l2);
404	p2 += l2;
405	p += strlen(p)+1;
406	}
407	/* And have a NULL pointer at the end of the array */
408	memcpy_into_target(t, p2, (char *)&nullp, l2);
409	free(env);
410
411	ret = remote_syscall(t, MYCALL_EXECVE, regs.RSP, argvaddr, envptraddr);
412
413	if(ret < 0)
414	{
415	errno = ret;
416	return -1;
417	}
418
419	return ret;
420	#else
421	errno = ENOSYS;
422	return -1;
423	#endif
424	}
425
426	/*
427	* XXX: the following functions are local
428	*/
429
430	#if defined USE_GRAB
431	static int memcpy_from_target(struct mytrace *t,
432	char* dest, long src, size_t n)
433	{
434	static int const align = sizeof(long) - 1;
435
436	while(n)
437	{
438	long data;
439	size_t todo = sizeof(long) - (src & align);
440
441	if(n < todo)
442	todo = n;
443
444	data = ptrace(PTRACE_PEEKTEXT, t->pid, src - (src & align), 0);
445	if(errno)
446	{
447	perror("ptrace_peektext (memcpy_from_target)");
448	return -1;
449	}
450	memcpy(dest, (char *)&data + (src & align), todo);
451
452	dest += todo;
453	src += todo;
454	n -= todo;
455	}
456
457	return 0;
458	}
459
460	static int memcpy_into_target(struct mytrace *t,
461	long dest, char const *src, size_t n)
462	{
463	static int const align = sizeof(long) - 1;
464
465	while(n)
466	{
467	long data;
468	size_t todo = sizeof(long) - (dest & align);
469
470	if(n < todo)
471	todo = n;
472	if(todo != sizeof(long))
473	{
474	data = ptrace(PTRACE_PEEKTEXT, t->pid, dest - (dest & align), 0);
475	if(errno)
476	{
477	perror("ptrace_peektext (memcpy_into_target)");
478	return -1;
479	}
480	}
481
482	memcpy((char *)&data + (dest & align), src, todo);
483	ptrace(PTRACE_POKETEXT, t->pid, dest - (dest & align), data);
484	if(errno)
485	{
486	perror("ptrace_poketext (memcpy_into_target)");
487	return -1;
488	}
489
490	src += todo;
491	dest += todo;
492	n -= todo;
493	}
494
495	return 0;
496	}
497
498	static long remote_syscall(struct mytrace *t, long call,
499	long arg1, long arg2, long arg3)
500	{
501	/* Method for remote syscall:
502	* - wait until the traced application exits from a syscall
503	* - save registers
504	* - rewind eip/rip to point on the syscall instruction
505	* - single step: execute syscall instruction
506	* - retrieve resulting registers
507	* - restore registers */
508	struct user_regs_struct regs, oldregs;
509	long oinst;
510	int bits;
511	int offset = 2;
512
513	if(call < 0 \|\| call >= (long)(sizeof(syscallnames)/sizeof(*syscallnames)))
514	{
515	fprintf(stderr, "unknown remote syscall %li\n", call);
516	return -1;
517	}
518
519	debug("remote syscall %s(0x%lx, 0x%lx, 0x%lx)",
520	syscallnames[call], arg1, arg2, arg3);
521
522	#if defined __x86_64__
523	bits = 64;
524	#else
525	bits = 32;
526	#endif
527
528	for(;;)
529	{
530	if(ptrace(PTRACE_GETREGS, t->pid, NULL, &oldregs) < 0)
531	{
532	perror("PTRACE_GETREGS (syscall 1)\n");
533	return -1;
534	}
535
536	oinst = ptrace(PTRACE_PEEKTEXT, t->pid, oldregs.RIP - 2, 0) & 0xffff;
537
538	#if defined __x86_64__
539	if(oinst == SYSCALL_AMD64)
540	break;
541	#endif
542	if(oinst == SYSCALL_X86 \|\| oinst == SYSCALL_X86_NEW)
543	{
544	bits = 32;
545	break;
546	}
547
548	if(ptrace(PTRACE_SYSCALL, t->pid, NULL, 0) < 0)
549	{
550	perror("ptrace_syscall (1)");
551	return -1;
552	}
553	waitpid(t->pid, NULL, 0);
554	if(ptrace(PTRACE_SYSCALL, t->pid, NULL, 0) < 0)
555	{
556	perror("ptrace_syscall (2)");
557	return -1;
558	}
559	waitpid(t->pid, NULL, 0);
560	}
561
562	print_registers(t->pid);
563
564	if(oinst == SYSCALL_X86_NEW)
565	{
566	/* Get back to sysenter */
567	while((ptrace(PTRACE_PEEKTEXT, t->pid, oldregs.RIP - offset, 0) & 0xffff) != 0x340f)
568	offset++;
569	oldregs.RBP = oldregs.RSP;
570	}
571
572	regs = oldregs;
573	regs.RIP = regs.RIP - offset;
574	#if defined __x86_64__
575	if(bits == 64)
576	{
577	regs.RAX = syscalls64[call];
578	regs.RDI = arg1;
579	regs.RSI = arg2;
580	regs.RDX = arg3;
581	}
582	else
583	#endif
584	{
585	regs.RAX = syscalls32[call];
586	regs.RBX = arg1;
587	regs.RCX = arg2;
588	regs.RDX = arg3;
589	}
590
591	if(ptrace(PTRACE_SETREGS, t->pid, NULL, &regs) < 0)
592	{
593	perror("PTRACE_SETREGS (syscall 1)\n");
594	return -1;
595	}
596
597	for(;;)
598	{
599	int status;
600
601	print_registers(t->pid);
602
603	if(ptrace(PTRACE_SINGLESTEP, t->pid, NULL, NULL) < 0)
604	{
605	perror("PTRACE_SINGLESTEP (syscall)\n");
606	return -1;
607	}
608	waitpid(t->pid, &status, 0);
609
610	if(WIFEXITED(status))
611	return 0;
612
613	if(!WIFSTOPPED(status) \|\| WSTOPSIG(status) != SIGTRAP)
614	continue;
615
616	/* Fuck Linux: there is no macro for this */
617	switch((status >> 16) & 0xffff)
618	{
619	case PTRACE_EVENT_FORK:
620	if(ptrace(PTRACE_GETEVENTMSG, t->pid, 0, &t->child) < 0)
621	{
622	perror("PTRACE_GETEVENTMSG (syscall)\n");
623	return -1;
624	}
625	debug("PTRACE_GETEVENTMSG %d", t->child);
626	continue;
627	case PTRACE_EVENT_EXIT:
628	debug("PTRACE_EVENT_EXIT");
629	/* The process is about to exit, don't do anything else */
630	return 0;
631	case PTRACE_EVENT_EXEC:
632	debug("PTRACE_EVENT_EXEC");
633	return 0;
634	}
635
636	break;
637	}
638
639	print_registers(t->pid);
640
641	if(ptrace(PTRACE_GETREGS, t->pid, NULL, &regs) < 0)
642	{
643	perror("PTRACE_GETREGS (syscall 2)\n");
644	return -1;
645	}
646
647	if(ptrace(PTRACE_SETREGS, t->pid, NULL, &oldregs) < 0)
648	{
649	perror("PTRACE_SETREGS (syscall 2)\n");
650	return -1;
651	}
652	print_registers(t->pid);
653
654	debug("syscall %s returned %ld", syscallnames[call], regs.RAX);
655
656	if((long)regs.RAX < 0)
657	{
658	errno = -(long)regs.RAX;
659	perror("syscall");
660	return -1;
661	}
662
663	return regs.RAX;
664	}
665
666	/* For debugging purposes only. Prints register and stack information. */
667	#if defined DEBUG
668	static void print_registers(pid_t pid)
669	{
670	union { long int l; unsigned char data[sizeof(long int)]; } inst;
671	struct user_regs_struct regs;
672	int i;
673
674	if(ptrace(PTRACE_GETREGS, pid, NULL, &regs) < 0)
675	{
676	perror("PTRACE_GETREGS (syscall 2)");
677	exit(errno);
678	}
679
680	fprintf(stderr, " / %s: "FMT" ", STRINGIFY(RAX), regs.RAX);
681	fprintf(stderr, "%s: "FMT"\n", STRINGIFY(RBX), regs.RBX);
682	fprintf(stderr, " \| %s: "FMT" ", STRINGIFY(RCX), regs.RCX);
683	fprintf(stderr, "%s: "FMT"\n", STRINGIFY(RDX), regs.RDX);
684	fprintf(stderr, " \| %s: "FMT" ", STRINGIFY(RDI), regs.RDI);
685	fprintf(stderr, "%s: "FMT"\n", STRINGIFY(RSI), regs.RSI);
686	fprintf(stderr, " \| %s: "FMT" ", STRINGIFY(RSP), regs.RSP);
687	fprintf(stderr, "%s: "FMT"\n", STRINGIFY(RIP), regs.RIP);
688
689	inst.l = ptrace(PTRACE_PEEKTEXT, pid, regs.RIP - 4, 0);
690	fprintf(stderr, " \| code: ... %02x %02x %02x %02x <---> ",
691	inst.data[0], inst.data[1], inst.data[2], inst.data[3]);
692	inst.l = ptrace(PTRACE_PEEKTEXT, pid, regs.RIP, 0);
693	fprintf(stderr, "%02x %02x %02x %02x ...\n",
694	inst.data[0], inst.data[1], inst.data[2], inst.data[3]);
695
696	fprintf(stderr, " \\ stack: ... ");
697	for(i = -16; i < 24; i += sizeof(long))
698	{
699	inst.l = ptrace(PTRACE_PEEKDATA, pid, regs.RSP + i, 0);
700	#if defined __x86_64__
701	fprintf(stderr, "%02x %02x %02x %02x %02x %02x %02x %02x ",
702	inst.data[0], inst.data[1], inst.data[2], inst.data[3],
703	inst.data[4], inst.data[5], inst.data[6], inst.data[7]);
704	#else
705	fprintf(stderr, "%02x %02x %02x %02x ",
706	inst.data[0], inst.data[1], inst.data[2], inst.data[3]);
707	#endif
708	if(i == 0)
709	fprintf(stderr, "[%s] ", STRINGIFY(RSP));
710	}
711	fprintf(stderr, "...\n");
712	}
713	#endif /* DEBUG */
714
715	#endif /* USE_GRAB */

Note: See TracBrowser for help on using the repository browser.

Download in other formats: