From 47cf13e8429e813aa2fd2b1f41f87722bc616d19 Mon Sep 17 00:00:00 2001
From: Malfurious <m@lfurio.us>
Date: Sat, 4 May 2024 07:32:18 -0400
Subject: Parameterize architecture-specific details

Abstract architecture details into architecture.h and add x86 constants.
This is slightly complicated by the fact that 64-bit hosts can run
32-bit code, so we do still need to resolve some values dynamically.

The architecture_info() function is intented to address this, and
performs parameter lookups based on the current state of the guest
process.

Resolving values on a per-process-state basis is important due to the
process model under Linux.  If we fork to debug a 32-bit program, the
forked process will be native 64-bit until the execve system call.  And
of course, the process is then free to exec anything it likes later on
as well.

Signed-off-by: Malfurious <m@lfurio.us>
---
 architecture.h | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100644 architecture.h

(limited to 'architecture.h')

diff --git a/architecture.h b/architecture.h
new file mode 100644
index 0000000..27cec2d
--- /dev/null
+++ b/architecture.h
@@ -0,0 +1,60 @@
+#pragma once
+
+#include <sys/uio.h>
+#include <capstone/capstone.h>
+
+struct archinfo {
+    unsigned long progmctr;
+    unsigned long stackptr;
+    unsigned long bp_insn;
+    unsigned long bp_mask;
+    unsigned long bp_adjust;
+    int cs_arch;
+    int cs_mode;
+    unsigned cs_call;
+    unsigned wordsize;
+};
+
+extern void architecture_info(struct archinfo *ai, const struct iovec *regs);
+
+/* Architecture Definitions */
+#if defined(__x86_64__) || defined(i386) || defined(__i386__)
+
+typedef union {
+    struct user_regs_64 {
+        unsigned long long int r15, r14, r13, r12, rbp, rbx, r11, r10, r9, r8,
+                      rax, rcx, rdx, rsi, rdi, orig_rax, rip, cs, eflags, rsp,
+                      ss, fs_base, gs_base, ds, es, fs, gs;
+    } x86_64;
+
+    struct user_regs_32 {
+        unsigned int ebx, ecx, edx, esi, edi, ebp, eax, xds, xes, xfs, xgs,
+                     orig_eax, eip, xcs, eflags, esp, xss;
+    } x86_32;
+} user_regs_t;
+
+#define ARCH_X86
+
+#define PROGMCTR_64             x86_64.rip
+#define STACKPTR_64             x86_64.rsp
+#define BREAKPOINT_INSN_64      0xccul
+#define BREAKPOINT_MASK_64      0xfful
+#define BREAKPOINT_ADJS_64      0x1
+#define CAPSTONE_ARCH_64        CS_ARCH_X86
+#define CAPSTONE_MODE_64        CS_MODE_64
+#define CAPSTONE_CALL_64        X86_INS_CALL
+#define WORDSIZE_64             8
+
+#define PROGMCTR_32             x86_32.eip
+#define STACKPTR_32             x86_32.esp
+#define BREAKPOINT_INSN_32      0xccul
+#define BREAKPOINT_MASK_32      0xfful
+#define BREAKPOINT_ADJS_32      0x1
+#define CAPSTONE_ARCH_32        CS_ARCH_X86
+#define CAPSTONE_MODE_32        CS_MODE_32
+#define CAPSTONE_CALL_32        X86_INS_CALL
+#define WORDSIZE_32             4
+
+#else
+#error Detected architecture is not supported!
+#endif
-- 
cgit v1.2.3