1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
|
//===-- DynamicLoaderDarwinKernel.h -----------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
#ifndef liblldb_DynamicLoaderDarwinKernel_h_
#define liblldb_DynamicLoaderDarwinKernel_h_
// C Includes
// C++ Includes
#include <vector>
#include <string>
// Other libraries and framework includes
// Project includes
#include "lldb/Target/DynamicLoader.h"
#include "lldb/Host/FileSpec.h"
#include "lldb/Host/TimeValue.h"
#include "lldb/Core/UUID.h"
#include "lldb/Host/Mutex.h"
#include "lldb/Target/Process.h"
class DynamicLoaderDarwinKernel : public lldb_private::DynamicLoader
{
public:
DynamicLoaderDarwinKernel(lldb_private::Process *process, lldb::addr_t kernel_addr);
~DynamicLoaderDarwinKernel() override;
//------------------------------------------------------------------
// Static Functions
//------------------------------------------------------------------
static void
Initialize();
static void
Terminate();
static lldb_private::ConstString
GetPluginNameStatic();
static const char *
GetPluginDescriptionStatic();
static lldb_private::DynamicLoader *
CreateInstance (lldb_private::Process *process, bool force);
static void
DebuggerInitialize (lldb_private::Debugger &debugger);
//------------------------------------------------------------------
/// Called after attaching a process.
///
/// Allow DynamicLoader plug-ins to execute some code after
/// attaching to a process.
//------------------------------------------------------------------
void
DidAttach() override;
void
DidLaunch() override;
lldb::ThreadPlanSP
GetStepThroughTrampolinePlan(lldb_private::Thread &thread,
bool stop_others) override;
lldb_private::Error
CanLoadImage() override;
//------------------------------------------------------------------
// PluginInterface protocol
//------------------------------------------------------------------
lldb_private::ConstString
GetPluginName() override;
uint32_t
GetPluginVersion() override;
protected:
void
PrivateInitialize (lldb_private::Process *process);
void
PrivateProcessStateChanged (lldb_private::Process *process,
lldb::StateType state);
void
UpdateIfNeeded();
void
LoadKernelModuleIfNeeded ();
void
Clear (bool clear_process);
void
PutToLog (lldb_private::Log *log) const;
static bool
BreakpointHitCallback (void *baton,
lldb_private::StoppointCallbackContext *context,
lldb::user_id_t break_id,
lldb::user_id_t break_loc_id);
bool
BreakpointHit (lldb_private::StoppointCallbackContext *context,
lldb::user_id_t break_id,
lldb::user_id_t break_loc_id);
uint32_t
GetAddrByteSize()
{
return m_kernel.GetAddressByteSize();
}
static lldb::ByteOrder
GetByteOrderFromMagic (uint32_t magic);
enum
{
KERNEL_MODULE_MAX_NAME = 64u,
// Versions less than 2 didn't have an entry size,
// they had a 64 bit name, 16 byte UUID, 8 byte addr,
// 8 byte size, 8 byte version, 4 byte load tag, and
// 4 byte flags
KERNEL_MODULE_ENTRY_SIZE_VERSION_1 = 64u + 16u + 8u + 8u + 8u + 4u + 4u
};
// class KextImageInfo represents a single kext or kernel binary image.
// The class was designed to hold the information from the OSKextLoadedKextSummary
// structure (in libkern/libkern/OSKextLibPrivate.h from xnu). The kernel maintains
// a list of loded kexts in memory (the OSKextLoadedKextSummaryHeader structure,
// which points to an array of OSKextLoadedKextSummary's).
//
// A KextImageInfos may have -
//
// 1. The load address, name, UUID, and size of a kext/kernel binary in memory
// (read straight out of the kernel's list-of-kexts loaded)
// 2. A ModuleSP based on a MemoryModule read out of the kernel's memory
// (very unlikely to have any symbolic information)
// 3. A ModuleSP for an on-disk copy of the kext binary, possibly with debug info
// or a dSYM
//
// For performance reasons, the developer may prefer that lldb not load the kexts out
// of memory at the start of a kernel session. But we should build up / maintain a
// list of kexts that the kernel has told us about so we can relocate a kext module
// later if the user explicitly adds it to the target.
class KextImageInfo
{
public:
KextImageInfo () :
m_name (),
m_module_sp (),
m_memory_module_sp (),
m_load_process_stop_id (UINT32_MAX),
m_uuid (),
m_load_address (LLDB_INVALID_ADDRESS),
m_size (0),
m_kernel_image (false)
{ }
void
Clear ()
{
m_load_address = LLDB_INVALID_ADDRESS;
m_size = 0;
m_name.clear ();
m_uuid.Clear();
m_module_sp.reset();
m_memory_module_sp.reset();
m_load_process_stop_id = UINT32_MAX;
}
bool
LoadImageAtFileAddress (lldb_private::Process *process);
bool
LoadImageUsingMemoryModule (lldb_private::Process *process);
bool
IsLoaded ()
{
return m_load_process_stop_id != UINT32_MAX;
}
void
SetLoadAddress (lldb::addr_t load_addr); // Address of the Mach-O header for this binary
lldb::addr_t
GetLoadAddress () const; // Address of the Mach-O header for this binary
lldb_private::UUID
GetUUID () const;
void
SetUUID (const lldb_private::UUID &uuid);
void
SetName (const char *);
std::string
GetName () const;
void
SetModule (lldb::ModuleSP module);
lldb::ModuleSP
GetModule ();
// try to fill in m_memory_module_sp from memory based on the m_load_address
bool
ReadMemoryModule (lldb_private::Process *process);
bool
IsKernel () const; // true if this is the mach_kernel; false if this is a kext
void
SetIsKernel (bool is_kernel);
uint64_t
GetSize () const;
void
SetSize (uint64_t size);
uint32_t
GetProcessStopId () const; // the stop-id when this binary was first noticed
void
SetProcessStopId (uint32_t stop_id);
bool
operator== (const KextImageInfo &rhs);
uint32_t
GetAddressByteSize (); // as determined by Mach-O header
lldb::ByteOrder
GetByteOrder(); // as determined by Mach-O header
lldb_private::ArchSpec
GetArchitecture () const; // as determined by Mach-O header
void
PutToLog (lldb_private::Log *log) const;
typedef std::vector<KextImageInfo> collection;
typedef collection::iterator iterator;
typedef collection::const_iterator const_iterator;
private:
std::string m_name;
lldb::ModuleSP m_module_sp;
lldb::ModuleSP m_memory_module_sp;
uint32_t m_load_process_stop_id; // the stop-id when this module was added to the Target
lldb_private::UUID m_uuid; // UUID for this dylib if it has one, else all zeros
lldb::addr_t m_load_address;
uint64_t m_size;
bool m_kernel_image; // true if this is the kernel, false if this is a kext
};
struct OSKextLoadedKextSummaryHeader
{
uint32_t version;
uint32_t entry_size;
uint32_t entry_count;
lldb::addr_t image_infos_addr;
OSKextLoadedKextSummaryHeader() :
version (0),
entry_size (0),
entry_count (0),
image_infos_addr (LLDB_INVALID_ADDRESS)
{
}
uint32_t
GetSize()
{
switch (version)
{
case 0: return 0; // Can't know the size without a valid version
case 1: return 8; // Version 1 only had a version + entry_count
default: break;
}
// Version 2 and above has version, entry_size, entry_count, and reserved
return 16;
}
void
Clear()
{
version = 0;
entry_size = 0;
entry_count = 0;
image_infos_addr = LLDB_INVALID_ADDRESS;
}
bool
IsValid() const
{
return version >= 1 || version <= 2;
}
};
void
RegisterNotificationCallbacks();
void
UnregisterNotificationCallbacks();
void
SetNotificationBreakpointIfNeeded ();
bool
ReadAllKextSummaries ();
bool
ReadKextSummaryHeader ();
bool
ParseKextSummaries (const lldb_private::Address &kext_summary_addr,
uint32_t count);
void
UpdateImageInfosHeaderAndLoadCommands(KextImageInfo::collection &image_infos,
uint32_t infos_count,
bool update_executable);
uint32_t
ReadKextSummaries (const lldb_private::Address &kext_summary_addr,
uint32_t image_infos_count,
KextImageInfo::collection &image_infos);
static lldb::addr_t
SearchForDarwinKernel (lldb_private::Process *process);
static lldb::addr_t
SearchForKernelAtSameLoadAddr (lldb_private::Process *process);
static lldb::addr_t
SearchForKernelWithDebugHints (lldb_private::Process *process);
static lldb::addr_t
SearchForKernelNearPC (lldb_private::Process *process);
static lldb::addr_t
SearchForKernelViaExhaustiveSearch (lldb_private::Process *process);
static lldb_private::UUID
CheckForKernelImageAtAddress (lldb::addr_t addr, lldb_private::Process *process);
lldb::addr_t m_kernel_load_address;
KextImageInfo m_kernel; // Info about the current kernel image being used
lldb_private::Address m_kext_summary_header_ptr_addr;
lldb_private::Address m_kext_summary_header_addr;
OSKextLoadedKextSummaryHeader m_kext_summary_header;
KextImageInfo::collection m_known_kexts;
mutable lldb_private::Mutex m_mutex;
lldb::user_id_t m_break_id;
private:
DISALLOW_COPY_AND_ASSIGN (DynamicLoaderDarwinKernel);
};
#endif // liblldb_DynamicLoaderDarwinKernel_h_
|
