diff options
| author | Malfurious <m@lfurio.us> | 2024-05-04 07:32:18 -0400 |
|---|---|---|
| committer | Malfurious <m@lfurio.us> | 2024-05-08 05:57:59 -0400 |
| commit | 47cf13e8429e813aa2fd2b1f41f87722bc616d19 (patch) | |
| tree | 9c994ceef54c8141fa40d6924be88160c7c8e19d /architecture.h | |
| parent | d187dfc3c81d987ef851b3806fc0ba372c8a3348 (diff) | |
| download | misplays-47cf13e8429e813aa2fd2b1f41f87722bc616d19.tar.gz misplays-47cf13e8429e813aa2fd2b1f41f87722bc616d19.zip | |
Parameterize architecture-specific details
Abstract architecture details into architecture.h and add x86 constants.
This is slightly complicated by the fact that 64-bit hosts can run
32-bit code, so we do still need to resolve some values dynamically.
The architecture_info() function is intented to address this, and
performs parameter lookups based on the current state of the guest
process.
Resolving values on a per-process-state basis is important due to the
process model under Linux. If we fork to debug a 32-bit program, the
forked process will be native 64-bit until the execve system call. And
of course, the process is then free to exec anything it likes later on
as well.
Signed-off-by: Malfurious <m@lfurio.us>
Diffstat (limited to 'architecture.h')
| -rw-r--r-- | architecture.h | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/architecture.h b/architecture.h new file mode 100644 index 0000000..27cec2d --- /dev/null +++ b/architecture.h @@ -0,0 +1,60 @@ +#pragma once + +#include <sys/uio.h> +#include <capstone/capstone.h> + +struct archinfo { + unsigned long progmctr; + unsigned long stackptr; + unsigned long bp_insn; + unsigned long bp_mask; + unsigned long bp_adjust; + int cs_arch; + int cs_mode; + unsigned cs_call; + unsigned wordsize; +}; + +extern void architecture_info(struct archinfo *ai, const struct iovec *regs); + +/* Architecture Definitions */ +#if defined(__x86_64__) || defined(i386) || defined(__i386__) + +typedef union { + struct user_regs_64 { + unsigned long long int r15, r14, r13, r12, rbp, rbx, r11, r10, r9, r8, + rax, rcx, rdx, rsi, rdi, orig_rax, rip, cs, eflags, rsp, + ss, fs_base, gs_base, ds, es, fs, gs; + } x86_64; + + struct user_regs_32 { + unsigned int ebx, ecx, edx, esi, edi, ebp, eax, xds, xes, xfs, xgs, + orig_eax, eip, xcs, eflags, esp, xss; + } x86_32; +} user_regs_t; + +#define ARCH_X86 + +#define PROGMCTR_64 x86_64.rip +#define STACKPTR_64 x86_64.rsp +#define BREAKPOINT_INSN_64 0xccul +#define BREAKPOINT_MASK_64 0xfful +#define BREAKPOINT_ADJS_64 0x1 +#define CAPSTONE_ARCH_64 CS_ARCH_X86 +#define CAPSTONE_MODE_64 CS_MODE_64 +#define CAPSTONE_CALL_64 X86_INS_CALL +#define WORDSIZE_64 8 + +#define PROGMCTR_32 x86_32.eip +#define STACKPTR_32 x86_32.esp +#define BREAKPOINT_INSN_32 0xccul +#define BREAKPOINT_MASK_32 0xfful +#define BREAKPOINT_ADJS_32 0x1 +#define CAPSTONE_ARCH_32 CS_ARCH_X86 +#define CAPSTONE_MODE_32 CS_MODE_32 +#define CAPSTONE_CALL_32 X86_INS_CALL +#define WORDSIZE_32 4 + +#else +#error Detected architecture is not supported! +#endif |