Changeset 2511 for neercsTweet

Timestamp:

Jul 1, 2008, 4:14:54 PM (13 years ago)

Author:

Sam Hocevar

Message:

• Allow to grab 32-bit applications from a 64-bit neercs process.

Location:

neercs/trunk/src

Files:

• mytrace.c (modified) (18 diffs)
• neercs.h (modified) (2 diffs)

neercs/trunk/src/mytrace.c

@@ -38 +38 @@
                               char* dest, long src, size_t n);
 static int memcpy_into_target(struct mytrace *t,
-                              long dest, char *src, size_t n);
+                              long dest, char const *src, size_t n);
 static long remote_syscall(pid_t pid, long call,
                            long arg1, long arg2, long arg3);
-#if 0
+#   if defined DEBUG
 static void print_registers(pid_t pid);
-#endif
+#   else
+#       define print_registers(x) do {} while(0)
+#   endif
 #endif
 
 #define X(x) #x
 #define STRINGIFY(x) X(x)
+
+#define SYSCALL_X86   0x80cd  /* CD 80 = int $0x80 */
+#define SYSCALL_AMD64 0x050fL /* 0F 05 = syscall */
+
+#define MYCALL_OPEN     0
+#define MYCALL_CLOSE    1
+#define MYCALL_DUP2     2
+#define MYCALL_SETPGID  3
+#define MYCALL_SETSID   4
 
 #if defined __x86_64__
@@ -58 +69 @@
 #   define RDI rdi
 #   define RSI rsi
-#   define SYSCALL 0x050fL /* 0F 05 = syscall */
 #   define FMT "%016lx"
+int syscalls64[] = { SYS_open, SYS_close, SYS_dup2, SYS_setpgid, SYS_setsid };
+int syscalls32[] = { 5, 6, 63, 57, 66 };
 #else
 #   define RAX eax
@@ -69 +81 @@
 #   define RDI edi
 #   define RSI esi
-#   define SYSCALL 0x80cd /* CD 80 = int $0x80 */
 #   define FMT "%08lx"
+int syscalls32[] = { SYS_open, SYS_close, SYS_dup2, SYS_setpgid, SYS_setsid };
 #endif
 
@@ -136 +148 @@
     memcpy_into_target(t, regs.RSP, path, size);
 
-    ret = remote_syscall(t->pid, SYS_open, regs.RSP, O_RDWR, 0755);
-
-    /* Restore the datas */
+    ret = remote_syscall(t->pid, MYCALL_OPEN, regs.RSP, O_RDWR, 0755);
+
+    /* Restore the data */
     memcpy_into_target(t, regs.RSP, backup_data, size);
 
@@ -157 +169 @@
 {
 #if defined USE_GRAB
-    return remote_syscall(t->pid, SYS_close, fd, 0, 0);
+    return remote_syscall(t->pid, MYCALL_CLOSE, fd, 0, 0);
 #else
     errno = ENOSYS;
@@ -167 +179 @@
 {
 #if defined USE_GRAB
-    return remote_syscall(t->pid, SYS_dup2, oldfd, newfd, 0);
+    return remote_syscall(t->pid, MYCALL_DUP2, oldfd, newfd, 0);
 #else
     errno = ENOSYS;
@@ -177 +189 @@
 {
 #if defined USE_GRAB
-    return remote_syscall(t->pid, SYS_setpgid, pid, pgid, 0);
+    return remote_syscall(t->pid, MYCALL_SETPGID, pid, pgid, 0);
 #else
     errno = ENOSYS;
@@ -187 +199 @@
 {
 #if defined USE_GRAB
-    return remote_syscall(t->pid, SYS_setsid, 0, 0, 0);
+    return remote_syscall(t->pid, MYCALL_SETSID, 0, 0, 0);
 #else
     errno = ENOSYS;
@@ -198 +210 @@
  */
 
+#if defined USE_GRAB
 static int memcpy_from_target(struct mytrace *t,
                               char* dest, long src, size_t n)
 {
+    static int const align = sizeof(long) - 1;
+
     while(n)
     {
         long data;
-        int align = sizeof(long) - 1;
         size_t todo = sizeof(long) - (src & align);
 
@@ -227 +241 @@
 
 static int memcpy_into_target(struct mytrace *t,
-                              long dest, char *src, size_t n)
-{
+                              long dest, char const *src, size_t n)
+{
+    static int const align = sizeof(long) - 1;
+
     while(n)
     {
         long data;
-        int align = sizeof(long) - 1;
         size_t todo = sizeof(long) - (dest & align);
 
@@ -271 +286 @@
      *  - rewind eip/rip to point on the syscall instruction
      *  - single step: execute syscall instruction
+     *  - retrieve resulting registers
      *  - restore registers */
     struct user_regs_struct regs, oldregs;
     long oinst;
+    int bits;
+
+print_registers(pid);
+#if defined __x86_64__
+    bits = 64;
+#else
+    bits = 32;
+#endif
 
     for(;;)
@@ -285 +309 @@
         oinst = ptrace(PTRACE_PEEKTEXT, pid, oldregs.RIP - 2, 0) & 0xffff;
 
-        if(oinst == SYSCALL)
+#if defined __x86_64__
+        if(oinst == SYSCALL_AMD64)
             break;
+        if(oinst == SYSCALL_X86)
+        {
+            bits = 32;
+            break;
+        }
+#else
+        if(oinst == SYSCALL_X86)
+            break;
+#endif
 
         if(ptrace(PTRACE_SYSCALL, pid, NULL, 0) < 0)
@@ -303 +337 @@
     }
 
+    print_registers(pid);
+
     regs = oldregs;
     regs.RIP = regs.RIP - 2;
-    regs.RAX = call;
 #if defined __x86_64__
-    regs.RDI = arg1;
-    regs.RSI = arg2;
-    regs.RDX = arg3;
-#else
-    regs.RBX = arg1;
-    regs.RCX = arg2;
-    regs.RDX = arg3;
-#endif
+    if(bits == 64)
+    {
+        regs.RAX = syscalls64[call];
+        regs.RDI = arg1;
+        regs.RSI = arg2;
+        regs.RDX = arg3;
+    }
+    else
+#endif
+    {
+        regs.RAX = syscalls32[call];
+        regs.RBX = arg1;
+        regs.RCX = arg2;
+        regs.RDX = arg3;
+    }
 
     if(ptrace(PTRACE_SETREGS, pid, NULL, &regs) < 0)
@@ -322 +364 @@
     }
 
+    print_registers(pid);
+
     if(ptrace(PTRACE_SINGLESTEP, pid, NULL, NULL) < 0)
     {
@@ -329 +373 @@
     waitpid(pid, NULL, 0);
 
+    print_registers(pid);
+
     if(ptrace(PTRACE_GETREGS, pid, NULL, &regs) < 0)
     {
@@ -340 +386 @@
         return -1;
     }
+    print_registers(pid);
 
     debug("syscall %ld returned %ld", call, regs.RAX);
@@ -354 +401 @@
 
 /* For debugging purposes only. Prints register and stack information. */
-#if 0
+#if defined DEBUG
 static void print_registers(pid_t pid)
 {
@@ -400 +447 @@
     fprintf(stderr, "...\n");
 }
-#endif
-
+#endif /* DEBUG */
+
+#endif /* USE_GRAB */
+

neercs/trunk/src/neercs.h

@@ -212 +212 @@
 static inline void debug(const char *format, ...)
 {
-    int saved_errno = geterrno();
     va_list args;
     va_start(args, format);
@@ -219 +218 @@
     fprintf(stderr, "\n");
     va_end(args);
-    seterrno(saved_errno);
 }
 #else