VirtualBox

source: vbox/trunk/src/VBox/Debugger/DBGPlugInFreeBsd.cpp@ 85629

Last change on this file since 85629 was 82968, checked in by vboxsync, 5 years ago

Copyright year updates by scm.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 39.4 KB
Line 
1/* $Id: DBGPlugInFreeBsd.cpp 82968 2020-02-04 10:35:17Z vboxsync $ */
2/** @file
3 * DBGPlugInFreeBsd - Debugger and Guest OS Digger Plugin For FreeBSD.
4 */
5
6/*
7 * Copyright (C) 2016-2020 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/*********************************************************************************************************************************
20* Header Files *
21*********************************************************************************************************************************/
22#define LOG_GROUP LOG_GROUP_DBGF /// @todo add new log group.
23#include "DBGPlugIns.h"
24#include "DBGPlugInCommonELF.h"
25#include <VBox/vmm/dbgf.h>
26#include <iprt/asm.h>
27#include <iprt/ctype.h>
28#include <iprt/err.h>
29#include <iprt/mem.h>
30#include <iprt/stream.h>
31#include <iprt/string.h>
32
33
34/*********************************************************************************************************************************
35* Defined Constants And Macros *
36*********************************************************************************************************************************/
37/** FreeBSD on little endian ASCII systems. */
38#define DIG_FBSD_MOD_TAG UINT64_C(0x0044534265657246)
39
40
41/*********************************************************************************************************************************
42* Structures and Typedefs *
43*********************************************************************************************************************************/
44
45/**
46 * FreeBSD .dynstr and .dynsym location probing state.
47 */
48typedef enum FBSDPROBESTATE
49{
50 /** Invalid state. */
51 FBSDPROBESTATE_INVALID = 0,
52 /** Searching for the end of the .dynstr section (terminator). */
53 FBSDPROBESTATE_DYNSTR_END,
54 /** Last symbol was a symbol terminator character. */
55 FBSDPROBESTATE_DYNSTR_SYM_TERMINATOR,
56 /** Last symbol was a symbol character. */
57 FBSDPROBESTATE_DYNSTR_SYM_CHAR
58} FBSDPROBESTATE;
59
60/**
61 * ELF headers union.
62 */
63typedef union ELFEHDRS
64{
65 /** 32bit version of the ELF header. */
66 Elf32_Ehdr Hdr32;
67 /** 64bit version of the ELF header. */
68 Elf64_Ehdr Hdr64;
69} ELFEHDRS;
70/** Pointer to a ELF header union. */
71typedef ELFEHDRS *PELFEHDRS;
72/** Pointer to const ELF header union. */
73typedef ELFEHDRS const *PCELFEHDRS;
74
75/**
76 * ELF symbol entry union.
77 */
78typedef union ELFSYMS
79{
80 /** 32bit version of the ELF section header. */
81 Elf32_Sym Hdr32;
82 /** 64bit version of the ELF section header. */
83 Elf64_Sym Hdr64;
84} ELFSYMS;
85/** Pointer to a ELF symbol entry union. */
86typedef ELFSYMS *PELFSYMS;
87/** Pointer to const ELF symbol entry union. */
88typedef ELFSYMS const *PCELFSYMS;
89
90/**
91 * Message buffer structure.
92 */
93typedef union FBSDMSGBUF
94{
95 /** 32bit version. */
96 struct
97 {
98 /** Message buffer pointer. */
99 uint32_t msg_ptr;
100 /** Magic value to identify the structure. */
101 uint32_t msg_magic;
102 /** Size of the buffer area. */
103 uint32_t msg_size;
104 /** Write sequence number. */
105 uint32_t msg_wseq;
106 /** Read sequence number. */
107 uint32_t msg_rseq;
108 /** @todo More fields which are not required atm. */
109 } Hdr32;
110 /** 64bit version. */
111 struct
112 {
113 /** Message buffer pointer. */
114 uint64_t msg_ptr;
115 /** Magic value to identify the structure. */
116 uint32_t msg_magic;
117 /** Size of the buffer area. */
118 uint32_t msg_size;
119 /** Write sequence number. */
120 uint32_t msg_wseq;
121 /** Read sequence number. */
122 uint32_t msg_rseq;
123 /** @todo More fields which are not required atm. */
124 } Hdr64;
125} FBSDMSGBUF;
126/** Pointer to a message buffer structure. */
127typedef FBSDMSGBUF *PFBSDMSGBUF;
128/** Pointer to a const message buffer structure. */
129typedef FBSDMSGBUF const *PCFBSDMSGBUF;
130
131/** Magic value to identify the message buffer structure. */
132#define FBSD_MSGBUF_MAGIC UINT32_C(0x063062)
133
134/**
135 * FreeBSD guest OS digger instance data.
136 */
137typedef struct DBGDIGGERFBSD
138{
139 /** Whether the information is valid or not.
140 * (For fending off illegal interface method calls.) */
141 bool fValid;
142 /** 64-bit/32-bit indicator. */
143 bool f64Bit;
144
145 /** Address of the start of the kernel ELF image,
146 * set during probing. */
147 DBGFADDRESS AddrKernelElfStart;
148 /** Address of the interpreter content aka "/red/herring". */
149 DBGFADDRESS AddrKernelInterp;
150 /** Address of the start of the text section. */
151 DBGFADDRESS AddrKernelText;
152
153 /** The kernel message log interface. */
154 DBGFOSIDMESG IDmesg;
155
156} DBGDIGGERFBSD;
157/** Pointer to the FreeBSD guest OS digger instance data. */
158typedef DBGDIGGERFBSD *PDBGDIGGERFBSD;
159
160
161/*********************************************************************************************************************************
162* Defined Constants And Macros *
163*********************************************************************************************************************************/
164/** Min kernel address (32bit). */
165#define FBSD32_MIN_KRNL_ADDR UINT32_C(0x80000000)
166/** Max kernel address (32bit). */
167#define FBSD32_MAX_KRNL_ADDR UINT32_C(0xfffff000)
168
169/** Min kernel address (64bit). */
170#define FBSD64_MIN_KRNL_ADDR UINT64_C(0xFFFFF80000000000)
171/** Max kernel address (64bit). */
172#define FBSD64_MAX_KRNL_ADDR UINT64_C(0xFFFFFFFFFFF00000)
173
174
175/** Validates a 32-bit FreeBSD kernel address */
176#define FBSD32_VALID_ADDRESS(Addr) ( (Addr) > FBSD32_MIN_KRNL_ADDR \
177 && (Addr) < FBSD32_MAX_KRNL_ADDR)
178/** Validates a 64-bit FreeBSD kernel address */
179#define FBSD64_VALID_ADDRESS(Addr) ( (Addr) > FBSD64_MIN_KRNL_ADDR \
180 && (Addr) < FBSD64_MAX_KRNL_ADDR)
181
182/** Validates a FreeBSD kernel address. */
183#define FBSD_VALID_ADDRESS(a_pThis, a_Addr) ((a_pThis)->f64Bit ? FBSD64_VALID_ADDRESS(a_Addr) : FBSD32_VALID_ADDRESS(a_Addr))
184
185/** Maximum offset from the start of the ELF image we look for the /red/herring .interp section content. */
186#define FBSD_MAX_INTERP_OFFSET _16K
187/** The max kernel size. */
188#define FBSD_MAX_KERNEL_SIZE UINT32_C(0x0f000000)
189
190/** Versioned and bitness wrapper. */
191#define FBSD_UNION(a_pThis, a_pUnion, a_Member) ((a_pThis)->f64Bit ? (a_pUnion)->Hdr64. a_Member : (a_pUnion)->Hdr32. a_Member )
192
193
194/*********************************************************************************************************************************
195* Internal Functions *
196*********************************************************************************************************************************/
197static DECLCALLBACK(int) dbgDiggerFreeBsdInit(PUVM pUVM, void *pvData);
198
199
200/*********************************************************************************************************************************
201* Global Variables *
202*********************************************************************************************************************************/
203/** Table of common FreeBSD kernel addresses. */
204static uint64_t g_au64FreeBsdKernelAddresses[] =
205{
206 UINT64_C(0xc0100000),
207 UINT64_C(0xffffffff80100000)
208};
209/** Magic string which resides in the .interp section of the image. */
210static const uint8_t g_abNeedleInterp[] = "/red/herring";
211
212
213/**
214 * Load the symbols from the .dynsym and .dynstr sections given
215 * by their address in guest memory.
216 *
217 * @returns VBox status code.
218 * @param pThis The instance data.
219 * @param pUVM The user mode VM handle.
220 * @param pszName The image name.
221 * @param uKernelStart The kernel start address.
222 * @param cbKernel Size of the kernel image.
223 * @param pAddrDynsym Start address of the .dynsym section.
224 * @param cSymbols Number of symbols in the .dynsym section.
225 * @param pAddrDynstr Start address of the .dynstr section containing the symbol names.
226 * @param cbDynstr Size of the .dynstr section.
227 */
228static int dbgDiggerFreeBsdLoadSymbols(PDBGDIGGERFBSD pThis, PUVM pUVM, const char *pszName, RTGCUINTPTR uKernelStart,
229 size_t cbKernel, PDBGFADDRESS pAddrDynsym, uint32_t cSymbols, PDBGFADDRESS pAddrDynstr,
230 size_t cbDynstr)
231{
232 LogFlowFunc(("pThis=%#p pszName=%s uKernelStart=%RGv cbKernel=%zu pAddrDynsym=%#p{%RGv} cSymbols=%u pAddrDynstr=%#p{%RGv} cbDynstr=%zu\n",
233 pThis, pszName, uKernelStart, cbKernel, pAddrDynsym, pAddrDynsym->FlatPtr, cSymbols, pAddrDynstr, pAddrDynstr->FlatPtr, cbDynstr));
234
235 char *pbDynstr = (char *)RTMemAllocZ(cbDynstr + 1); /* Extra terminator. */
236 int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, pAddrDynstr, pbDynstr, cbDynstr);
237 if (RT_SUCCESS(rc))
238 {
239 uint32_t cbDynsymEnt = pThis->f64Bit ? sizeof(Elf64_Sym) : sizeof(Elf32_Sym);
240 uint8_t *pbDynsym = (uint8_t *)RTMemAllocZ(cSymbols * cbDynsymEnt);
241 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, pAddrDynsym, pbDynsym, cSymbols * cbDynsymEnt);
242 if (RT_SUCCESS(rc))
243 {
244 /*
245 * Create a module for the kernel.
246 */
247 RTDBGMOD hMod;
248 rc = RTDbgModCreate(&hMod, pszName, cbKernel, 0 /*fFlags*/);
249 if (RT_SUCCESS(rc))
250 {
251 rc = RTDbgModSetTag(hMod, DIG_FBSD_MOD_TAG); AssertRC(rc);
252 rc = VINF_SUCCESS;
253
254 /*
255 * Enumerate the symbols.
256 */
257 uint32_t cLeft = cSymbols;
258 while (cLeft-- > 0 && RT_SUCCESS(rc))
259 {
260 PCELFSYMS pSym = (PCELFSYMS)&pbDynsym[cLeft * cbDynsymEnt];
261 uint32_t idxSymStr = FBSD_UNION(pThis, pSym, st_name);
262 uint8_t uType = FBSD_UNION(pThis, pSym, st_info);
263 RTGCUINTPTR AddrVal = FBSD_UNION(pThis, pSym, st_value);
264 size_t cbSymVal = FBSD_UNION(pThis, pSym, st_size);
265
266 /* Add it without the type char. */
267 RT_NOREF(uType);
268 if ( AddrVal <= uKernelStart + cbKernel
269 && idxSymStr < cbDynstr)
270 {
271 rc = RTDbgModSymbolAdd(hMod, &pbDynstr[idxSymStr], RTDBGSEGIDX_RVA, AddrVal - uKernelStart,
272 cbSymVal, 0 /*fFlags*/, NULL);
273 if (RT_FAILURE(rc))
274 {
275 if ( rc == VERR_DBG_SYMBOL_NAME_OUT_OF_RANGE
276 || rc == VERR_DBG_INVALID_RVA
277 || rc == VERR_DBG_ADDRESS_CONFLICT
278 || rc == VERR_DBG_DUPLICATE_SYMBOL)
279 {
280 Log2(("dbgDiggerFreeBsdLoadSymbols: RTDbgModSymbolAdd(,%s,) failed %Rrc (ignored)\n",
281 &pbDynstr[idxSymStr], rc));
282 rc = VINF_SUCCESS;
283 }
284 else
285 Log(("dbgDiggerFreeBsdLoadSymbols: RTDbgModSymbolAdd(,%s,) failed %Rrc\n",
286 &pbDynstr[idxSymStr], rc));
287 }
288 }
289 }
290
291 /*
292 * Link the module into the address space.
293 */
294 if (RT_SUCCESS(rc))
295 {
296 RTDBGAS hAs = DBGFR3AsResolveAndRetain(pUVM, DBGF_AS_KERNEL);
297 if (hAs != NIL_RTDBGAS)
298 rc = RTDbgAsModuleLink(hAs, hMod, uKernelStart, RTDBGASLINK_FLAGS_REPLACE);
299 else
300 rc = VERR_INTERNAL_ERROR;
301 RTDbgAsRelease(hAs);
302 }
303 else
304 Log(("dbgDiggerFreeBsdLoadSymbols: Failed: %Rrc\n", rc));
305 RTDbgModRelease(hMod);
306 }
307 else
308 Log(("dbgDiggerFreeBsdLoadSymbols: RTDbgModCreate failed: %Rrc\n", rc));
309 }
310 else
311 Log(("dbgDiggerFreeBsdLoadSymbols: Reading symbol table at %RGv failed: %Rrc\n",
312 pAddrDynsym->FlatPtr, rc));
313 RTMemFree(pbDynsym);
314 }
315 else
316 Log(("dbgDiggerFreeBsdLoadSymbols: Reading symbol string table at %RGv failed: %Rrc\n",
317 pAddrDynstr->FlatPtr, rc));
318 RTMemFree(pbDynstr);
319
320 LogFlowFunc(("returns %Rrc\n", rc));
321 return rc;
322}
323
324/**
325 * Process the kernel image.
326 *
327 * @param pThis The instance data.
328 * @param pUVM The user mode VM handle.
329 * @param pszName The image name.
330 */
331static void dbgDiggerFreeBsdProcessKernelImage(PDBGDIGGERFBSD pThis, PUVM pUVM, const char *pszName)
332{
333 /*
334 * FreeBSD has parts of the kernel ELF image in guest memory, starting with the
335 * ELF header and the content of the sections which are indicated to be loaded
336 * into memory (text, rodata, etc.) of course. Whats missing are the section headers
337 * which is understandable but unfortunate because it would make our life easier.
338 *
339 * All checked FreeBSD kernels so far have the following layout in the kernel:
340 * [.interp] - contains the /red/herring string we used for probing earlier
341 * [.hash] - contains the hashes of the symbol names, 8 byte alignment on 64bit, 4 byte on 32bit
342 * [.gnu.hash] - GNU hash section. (introduced somewhere between 10.0 and 12.0 @todo Find out when exactly)
343 * [.dynsym] - contains the ELF symbol descriptors, 8 byte alignment, 4 byte on 32bit
344 * [.dynstr] - contains the symbol names as a string table, 1 byte alignmnt
345 * [.text] - contains the executable code, 16 byte alignment.
346 *
347 * To find the start of the .dynsym and .dynstr sections we scan backwards from the start of the .text section
348 * and check for all characters allowed for symbol names and count the amount of symbols found. When the start of the
349 * .dynstr section is reached the number of entries in .dynsym is known and we can deduce the start address.
350 *
351 * This applied to the old code before the FreeBSD kernel introduced the .gnu.hash section
352 * (keeping it here for informational pruposes):
353 * The sections are always adjacent (sans alignment) so we just parse the .hash section right after
354 * .interp, ELF states that it can contain 32bit or 64bit words but all observed kernels
355 * always use 32bit words. It contains two counters at the beginning which we can use to
356 * deduct the .hash section size and the beginning of .dynsym.
357 * .dynsym contains an array of symbol descriptors which have a fixed size depending on the
358 * guest bitness.
359 * Finding the end of .dynsym is not easily doable as there is no counter available (it lives
360 * in the section headers) at this point so we just have to check whether the record is valid
361 * and if not check if it contains an ASCII string which marks the start of the .dynstr section.
362 */
363
364#if 0
365 DBGFADDRESS AddrInterpEnd = pThis->AddrKernelInterp;
366 DBGFR3AddrAdd(&AddrInterpEnd, sizeof(g_abNeedleInterp));
367
368 DBGFADDRESS AddrCur = pThis->AddrKernelText;
369 int rc = VINF_SUCCESS;
370 uint32_t cSymbols = 0;
371 size_t cbKernel = 512 * _1M;
372 RTGCUINTPTR uKernelStart = pThis->AddrKernelElfStart.FlatPtr;
373 FBSDPROBESTATE enmState = FBSDPROBESTATE_DYNSTR_END; /* Start searching for the end of the .dynstr section. */
374
375 while (AddrCur.FlatPtr > AddrInterpEnd.FlatPtr)
376 {
377 char achBuf[_16K];
378 size_t cbToRead = RT_MIN(sizeof(achBuf), AddrCur.FlatPtr - AddrInterpEnd.FlatPtr);
379
380 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, DBGFR3AddrSub(&AddrCur, cbToRead), &achBuf[0], cbToRead);
381 if (RT_FAILURE(rc))
382 break;
383
384 for (unsigned i = cbToRead; i > 0; i--)
385 {
386 char ch = achBuf[i - 1];
387
388 switch (enmState)
389 {
390 case FBSDPROBESTATE_DYNSTR_END:
391 {
392 if (ch != '\0')
393 enmState = FBSDPROBESTATE_DYNSTR_SYM_CHAR;
394 break;
395 }
396 case FBSDPROBESTATE_DYNSTR_SYM_TERMINATOR:
397 {
398 if ( RT_C_IS_ALNUM(ch)
399 || ch == '_'
400 || ch == '.')
401 enmState = FBSDPROBESTATE_DYNSTR_SYM_CHAR;
402 else
403 {
404 /* Two consecutive terminator symbols mean end of .dynstr section. */
405 DBGFR3AddrAdd(&AddrCur, i);
406 DBGFADDRESS AddrDynstrStart = AddrCur;
407 DBGFADDRESS AddrDynsymStart = AddrCur;
408 DBGFR3AddrSub(&AddrDynsymStart, cSymbols * (pThis->f64Bit ? sizeof(Elf64_Sym) : sizeof(Elf64_Sym)));
409 LogFlowFunc(("Found all required section start addresses (.dynsym=%RGv cSymbols=%u, .dynstr=%RGv cb=%u)\n",
410 AddrDynsymStart.FlatPtr, cSymbols, AddrDynstrStart.FlatPtr,
411 pThis->AddrKernelText.FlatPtr - AddrDynstrStart.FlatPtr));
412 dbgDiggerFreeBsdLoadSymbols(pThis, pUVM, pszName, uKernelStart, cbKernel, &AddrDynsymStart, cSymbols, &AddrDynstrStart,
413 pThis->AddrKernelText.FlatPtr - AddrDynstrStart.FlatPtr);
414 return;
415 }
416 break;
417 }
418 case FBSDPROBESTATE_DYNSTR_SYM_CHAR:
419 {
420 if ( !RT_C_IS_ALNUM(ch)
421 && ch != '_'
422 && ch != '.')
423 {
424 /* Non symbol character. */
425 if (ch == '\0')
426 {
427 enmState = FBSDPROBESTATE_DYNSTR_SYM_TERMINATOR;
428 cSymbols++;
429 }
430 else
431 {
432 /* Indicates the end of the .dynstr section. */
433 DBGFR3AddrAdd(&AddrCur, i);
434 DBGFADDRESS AddrDynstrStart = AddrCur;
435 DBGFADDRESS AddrDynsymStart = AddrCur;
436 DBGFR3AddrSub(&AddrDynsymStart, cSymbols * (pThis->f64Bit ? sizeof(Elf64_Sym) : sizeof(Elf32_Sym)));
437 LogFlowFunc(("Found all required section start addresses (.dynsym=%RGv cSymbols=%u, .dynstr=%RGv cb=%u)\n",
438 AddrDynsymStart.FlatPtr, cSymbols, AddrDynstrStart.FlatPtr,
439 pThis->AddrKernelText.FlatPtr - AddrDynstrStart.FlatPtr));
440 dbgDiggerFreeBsdLoadSymbols(pThis, pUVM, pszName, uKernelStart, cbKernel, &AddrDynsymStart, cSymbols, &AddrDynstrStart,
441 pThis->AddrKernelText.FlatPtr - AddrDynstrStart.FlatPtr);
442 return;
443 }
444 }
445 break;
446 }
447 default:
448 AssertFailedBreak();
449 }
450 }
451 }
452
453 LogFlow(("Failed to find valid .dynsym and .dynstr sections (%Rrc), can't load kernel symbols\n", rc));
454#else
455 /* Calculate the start of the .hash section. */
456 DBGFADDRESS AddrHashStart = pThis->AddrKernelInterp;
457 DBGFR3AddrAdd(&AddrHashStart, sizeof(g_abNeedleInterp));
458 AddrHashStart.FlatPtr = RT_ALIGN_GCPT(AddrHashStart.FlatPtr, pThis->f64Bit ? 8 : 4, RTGCUINTPTR);
459 uint32_t au32Counters[2];
460 int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &AddrHashStart, &au32Counters[0], sizeof(au32Counters));
461 if (RT_SUCCESS(rc))
462 {
463 size_t cbHash = (au32Counters[0] + au32Counters[1] + 2) * sizeof(uint32_t);
464 if (AddrHashStart.FlatPtr + cbHash < pThis->AddrKernelText.FlatPtr) /* Should be much smaller */
465 {
466 DBGFADDRESS AddrDynsymStart = AddrHashStart;
467 uint32_t cSymbols = 0;
468 size_t cbKernel = 0;
469 RTGCUINTPTR uKernelStart = pThis->AddrKernelElfStart.FlatPtr;
470
471 DBGFR3AddrAdd(&AddrDynsymStart, cbHash);
472 AddrDynsymStart.FlatPtr = RT_ALIGN_GCPT(AddrDynsymStart.FlatPtr, pThis->f64Bit ? 8 : 4, RTGCUINTPTR);
473
474 DBGFADDRESS AddrDynstrStart = AddrDynsymStart;
475 while (AddrDynstrStart.FlatPtr < pThis->AddrKernelText.FlatPtr)
476 {
477 size_t cbDynSymEnt = pThis->f64Bit ? sizeof(Elf64_Sym) : sizeof(Elf32_Sym);
478 uint8_t abBuf[_16K];
479 size_t cbToRead = RT_MIN(sizeof(abBuf), pThis->AddrKernelText.FlatPtr - AddrDynstrStart.FlatPtr);
480
481 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &AddrDynstrStart, &abBuf[0], cbToRead);
482 if (RT_FAILURE(rc))
483 break;
484
485 for (unsigned i = 0; i < cbToRead / cbDynSymEnt; i++)
486 {
487 PCELFSYMS pSym = (PCELFSYMS)&abBuf[i * cbDynSymEnt];
488 uint32_t idxSymStr = FBSD_UNION(pThis, pSym, st_name);
489 uint8_t uType = FBSD_UNION(pThis, pSym, st_info);
490 RTGCUINTPTR AddrVal = FBSD_UNION(pThis, pSym, st_value);
491 size_t cbSymVal = FBSD_UNION(pThis, pSym, st_size);
492
493 /*
494 * If the entry doesn't look valid check whether it contains an ASCII string,
495 * we then found the start of the .dynstr section.
496 */
497 RT_NOREF(uType);
498 if ( ELF32_ST_TYPE(uType) != STT_NOTYPE
499 && ( !FBSD_VALID_ADDRESS(pThis, AddrVal)
500 || cbSymVal > FBSD_MAX_KERNEL_SIZE
501 || idxSymStr > pThis->AddrKernelText.FlatPtr - AddrDynstrStart.FlatPtr))
502 {
503 LogFlowFunc(("Invalid symbol table entry found at %RGv\n",
504 AddrDynstrStart.FlatPtr + i * cbDynSymEnt));
505
506 uint8_t *pbBuf = &abBuf[i * cbDynSymEnt];
507 size_t cbLeft = cbToRead - i * cbDynSymEnt;
508 /*
509 * Check to the end of the buffer whether it contains only a certain set of
510 * ASCII characters and 0 terminators.
511 */
512 while ( cbLeft > 0
513 && ( RT_C_IS_ALNUM(*pbBuf)
514 || *pbBuf == '_'
515 || *pbBuf == '\0'
516 || *pbBuf == '.'))
517 {
518 cbLeft--;
519 pbBuf++;
520 }
521
522 if (!cbLeft)
523 {
524 DBGFR3AddrAdd(&AddrDynstrStart, i * cbDynSymEnt);
525 LogFlowFunc(("Found all required section start addresses (.dynsym=%RGv cSymbols=%u, .dynstr=%RGv cb=%u)\n",
526 AddrDynsymStart.FlatPtr, cSymbols, AddrDynstrStart.FlatPtr,
527 pThis->AddrKernelText.FlatPtr - AddrDynstrStart.FlatPtr));
528 dbgDiggerFreeBsdLoadSymbols(pThis, pUVM, pszName, uKernelStart, cbKernel, &AddrDynsymStart, cSymbols, &AddrDynstrStart,
529 pThis->AddrKernelText.FlatPtr - AddrDynstrStart.FlatPtr);
530 return;
531 }
532 else
533 LogFlowFunc(("Found invalid ASCII character in .dynstr section candidate: %#x\n", *pbBuf));
534 }
535 else
536 {
537 cSymbols++;
538 if ( ELF32_ST_TYPE(uType) != STT_NOTYPE
539 && FBSD_VALID_ADDRESS(pThis, AddrVal))
540 {
541 uKernelStart = RT_MIN(uKernelStart, AddrVal);
542 cbKernel = RT_MAX(cbKernel, AddrVal + cbSymVal - uKernelStart);
543 }
544 }
545 }
546
547 /* Don't account incomplete entries. */
548 DBGFR3AddrAdd(&AddrDynstrStart, (cbToRead / cbDynSymEnt) * cbDynSymEnt);
549 }
550 }
551 else
552 LogFlowFunc((".hash section overlaps with .text section: %zu (expected much less than %u)\n", cbHash,
553 pThis->AddrKernelText.FlatPtr - AddrHashStart.FlatPtr));
554 }
555#endif
556}
557
558
559/**
560 * @interface_method_impl{DBGFOSIDMESG,pfnQueryKernelLog}
561 */
562static DECLCALLBACK(int) dbgDiggerFreeBsdIDmsg_QueryKernelLog(PDBGFOSIDMESG pThis, PUVM pUVM, uint32_t fFlags, uint32_t cMessages,
563 char *pszBuf, size_t cbBuf, size_t *pcbActual)
564{
565 RT_NOREF1(fFlags);
566 PDBGDIGGERFBSD pData = RT_FROM_MEMBER(pThis, DBGDIGGERFBSD, IDmesg);
567
568 if (cMessages < 1)
569 return VERR_INVALID_PARAMETER;
570
571 /* Resolve the message buffer address from the msgbufp symbol. */
572 RTDBGSYMBOL SymInfo;
573 int rc = DBGFR3AsSymbolByName(pUVM, DBGF_AS_KERNEL, "kernel!msgbufp", &SymInfo, NULL);
574 if (RT_SUCCESS(rc))
575 {
576 DBGFADDRESS AddrMsgBuf;
577
578 /* Read the message buffer pointer. */
579 RTGCPTR GCPtrMsgBufP = 0;
580 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, DBGFR3AddrFromFlat(pUVM, &AddrMsgBuf, SymInfo.Value),
581 &GCPtrMsgBufP, pData->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t));
582 if (RT_FAILURE(rc))
583 {
584 Log(("dbgDiggerFreeBsdIDmsg_QueryKernelLog: failed to read msgbufp at %RGv: %Rrc\n", AddrMsgBuf.FlatPtr, rc));
585 return VERR_NOT_FOUND;
586 }
587 if (!FBSD_VALID_ADDRESS(pData, GCPtrMsgBufP))
588 {
589 Log(("dbgDiggerFreeBsdIDmsg_QueryKernelLog: Invalid address for msgbufp: %RGv\n", GCPtrMsgBufP));
590 return VERR_NOT_FOUND;
591 }
592
593 /* Read the structure. */
594 FBSDMSGBUF MsgBuf;
595 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, DBGFR3AddrFromFlat(pUVM, &AddrMsgBuf, GCPtrMsgBufP),
596 &MsgBuf, sizeof(MsgBuf));
597 if (RT_SUCCESS(rc))
598 {
599 RTGCUINTPTR AddrBuf = FBSD_UNION(pData, &MsgBuf, msg_ptr);
600 uint32_t cbMsgBuf = FBSD_UNION(pData, &MsgBuf, msg_size);
601 uint32_t uMsgBufSeqR = FBSD_UNION(pData, &MsgBuf, msg_rseq);
602 uint32_t uMsgBufSeqW = FBSD_UNION(pData, &MsgBuf, msg_wseq);
603
604 /*
605 * Validate the structure.
606 */
607 if ( FBSD_UNION(pData, &MsgBuf, msg_magic) != FBSD_MSGBUF_MAGIC
608 || cbMsgBuf < UINT32_C(4096)
609 || cbMsgBuf > 16*_1M
610 || FBSD_UNION(pData, &MsgBuf, msg_rseq) > cbMsgBuf
611 || FBSD_UNION(pData, &MsgBuf, msg_wseq) > cbMsgBuf
612 || !FBSD_VALID_ADDRESS(pData, AddrBuf) )
613 {
614 Log(("dbgDiggerFreeBsdIDmsg_QueryKernelLog: Invalid MsgBuf data: msg_magic=%#x msg_size=%#x msg_rseq=%#x msg_wseq=%#x msg_ptr=%RGv\n",
615 FBSD_UNION(pData, &MsgBuf, msg_magic), cbMsgBuf, uMsgBufSeqR, uMsgBufSeqW, AddrBuf));
616 return VERR_INVALID_STATE;
617 }
618
619 /*
620 * Read the buffer.
621 */
622 char *pchMsgBuf = (char *)RTMemAlloc(cbMsgBuf);
623 if (!pchMsgBuf)
624 {
625 Log(("dbgDiggerFreeBsdIDmsg_QueryKernelLog: Failed to allocate %#x bytes of memory for the log buffer\n",
626 cbMsgBuf));
627 return VERR_INVALID_STATE;
628 }
629 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, DBGFR3AddrFromFlat(pUVM, &AddrMsgBuf, AddrBuf), pchMsgBuf, cbMsgBuf);
630 if (RT_SUCCESS(rc))
631 {
632 /*
633 * Copy it out raw.
634 */
635 uint32_t offDst = 0;
636 if (uMsgBufSeqR < uMsgBufSeqW)
637 {
638 /* Single chunk between the read and write offsets. */
639 uint32_t cbToCopy = uMsgBufSeqW - uMsgBufSeqR;
640 if (cbToCopy < cbBuf)
641 {
642 memcpy(pszBuf, &pchMsgBuf[uMsgBufSeqR], cbToCopy);
643 pszBuf[cbToCopy] = '\0';
644 rc = VINF_SUCCESS;
645 }
646 else
647 {
648 if (cbBuf)
649 {
650 memcpy(pszBuf, &pchMsgBuf[uMsgBufSeqR], cbBuf - 1);
651 pszBuf[cbBuf - 1] = '\0';
652 }
653 rc = VERR_BUFFER_OVERFLOW;
654 }
655 offDst = cbToCopy + 1;
656 }
657 else
658 {
659 /* Two chunks, read offset to end, start to write offset. */
660 uint32_t cbFirst = cbMsgBuf - uMsgBufSeqR;
661 uint32_t cbSecond = uMsgBufSeqW;
662 if (cbFirst + cbSecond < cbBuf)
663 {
664 memcpy(pszBuf, &pchMsgBuf[uMsgBufSeqR], cbFirst);
665 memcpy(&pszBuf[cbFirst], pchMsgBuf, cbSecond);
666 offDst = cbFirst + cbSecond;
667 pszBuf[offDst++] = '\0';
668 rc = VINF_SUCCESS;
669 }
670 else
671 {
672 offDst = cbFirst + cbSecond + 1;
673 if (cbFirst < cbBuf)
674 {
675 memcpy(pszBuf, &pchMsgBuf[uMsgBufSeqR], cbFirst);
676 memcpy(&pszBuf[cbFirst], pchMsgBuf, cbBuf - cbFirst);
677 pszBuf[cbBuf - 1] = '\0';
678 }
679 else if (cbBuf)
680 {
681 memcpy(pszBuf, &pchMsgBuf[uMsgBufSeqR], cbBuf - 1);
682 pszBuf[cbBuf - 1] = '\0';
683 }
684 rc = VERR_BUFFER_OVERFLOW;
685 }
686 }
687
688 if (pcbActual)
689 *pcbActual = offDst;
690 }
691 else
692 Log(("dbgDiggerFreeBsdIDmsg_QueryKernelLog: Error reading %#x bytes at %RGv: %Rrc\n", cbBuf, AddrBuf, rc));
693 RTMemFree(pchMsgBuf);
694 }
695 else
696 LogFlowFunc(("Failed to read message buffer header: %Rrc\n", rc));
697 }
698
699 return rc;
700}
701
702
703/**
704 * @copydoc DBGFOSREG::pfnStackUnwindAssist
705 */
706static DECLCALLBACK(int) dbgDiggerFreeBsdStackUnwindAssist(PUVM pUVM, void *pvData, VMCPUID idCpu, PDBGFSTACKFRAME pFrame,
707 PRTDBGUNWINDSTATE pState, PCCPUMCTX pInitialCtx, RTDBGAS hAs,
708 uint64_t *puScratch)
709{
710 RT_NOREF(pUVM, pvData, idCpu, pFrame, pState, pInitialCtx, hAs, puScratch);
711 return VINF_SUCCESS;
712}
713
714
715/**
716 * @copydoc DBGFOSREG::pfnQueryInterface
717 */
718static DECLCALLBACK(void *) dbgDiggerFreeBsdQueryInterface(PUVM pUVM, void *pvData, DBGFOSINTERFACE enmIf)
719{
720 RT_NOREF1(pUVM);
721 PDBGDIGGERFBSD pThis = (PDBGDIGGERFBSD)pvData;
722 switch (enmIf)
723 {
724 case DBGFOSINTERFACE_DMESG:
725 return &pThis->IDmesg;
726
727 default:
728 return NULL;
729 }
730}
731
732
733/**
734 * @copydoc DBGFOSREG::pfnQueryVersion
735 */
736static DECLCALLBACK(int) dbgDiggerFreeBsdQueryVersion(PUVM pUVM, void *pvData, char *pszVersion, size_t cchVersion)
737{
738 PDBGDIGGERFBSD pThis = (PDBGDIGGERFBSD)pvData;
739 Assert(pThis->fValid); RT_NOREF(pThis);
740
741 RTDBGSYMBOL SymInfo;
742 int rc = DBGFR3AsSymbolByName(pUVM, DBGF_AS_KERNEL, "kernel!version", &SymInfo, NULL);
743 if (RT_SUCCESS(rc))
744 {
745 DBGFADDRESS AddrVersion;
746 DBGFR3AddrFromFlat(pUVM, &AddrVersion, SymInfo.Value);
747
748 rc = DBGFR3MemReadString(pUVM, 0, &AddrVersion, pszVersion, cchVersion);
749 if (RT_SUCCESS(rc))
750 {
751 char *pszEnd = RTStrEnd(pszVersion, cchVersion);
752 AssertReturn(pszEnd, VERR_BUFFER_OVERFLOW);
753 while ( pszEnd > pszVersion
754 && RT_C_IS_SPACE(pszEnd[-1]))
755 pszEnd--;
756 *pszEnd = '\0';
757 }
758 else
759 RTStrPrintf(pszVersion, cchVersion, "DBGFR3MemReadString -> %Rrc", rc);
760 }
761
762 return rc;
763}
764
765
766
767/**
768 * @copydoc DBGFOSREG::pfnTerm
769 */
770static DECLCALLBACK(void) dbgDiggerFreeBsdTerm(PUVM pUVM, void *pvData)
771{
772 RT_NOREF1(pUVM);
773 PDBGDIGGERFBSD pThis = (PDBGDIGGERFBSD)pvData;
774 Assert(pThis->fValid);
775
776 RT_NOREF1(pUVM);
777
778 pThis->fValid = false;
779}
780
781
782/**
783 * @copydoc DBGFOSREG::pfnRefresh
784 */
785static DECLCALLBACK(int) dbgDiggerFreeBsdRefresh(PUVM pUVM, void *pvData)
786{
787 PDBGDIGGERFBSD pThis = (PDBGDIGGERFBSD)pvData;
788 NOREF(pThis);
789 Assert(pThis->fValid);
790
791 dbgDiggerFreeBsdTerm(pUVM, pvData);
792 return dbgDiggerFreeBsdInit(pUVM, pvData);
793}
794
795
796/**
797 * @copydoc DBGFOSREG::pfnInit
798 */
799static DECLCALLBACK(int) dbgDiggerFreeBsdInit(PUVM pUVM, void *pvData)
800{
801 PDBGDIGGERFBSD pThis = (PDBGDIGGERFBSD)pvData;
802 Assert(!pThis->fValid);
803
804 RT_NOREF1(pUVM);
805
806 dbgDiggerFreeBsdProcessKernelImage(pThis, pUVM, "kernel");
807 pThis->fValid = true;
808 return VINF_SUCCESS;
809}
810
811
812/**
813 * @copydoc DBGFOSREG::pfnProbe
814 */
815static DECLCALLBACK(bool) dbgDiggerFreeBsdProbe(PUVM pUVM, void *pvData)
816{
817 PDBGDIGGERFBSD pThis = (PDBGDIGGERFBSD)pvData;
818
819 /*
820 * Look for the magic ELF header near the known start addresses.
821 * If one is found look for the magic "/red/herring" string which is in the
822 * "interp" section not far away and then validate the start of the ELF header
823 * to be sure.
824 */
825 for (unsigned i = 0; i < RT_ELEMENTS(g_au64FreeBsdKernelAddresses); i++)
826 {
827 static const uint8_t s_abNeedle[] = ELFMAG;
828 DBGFADDRESS KernelAddr;
829 DBGFR3AddrFromFlat(pUVM, &KernelAddr, g_au64FreeBsdKernelAddresses[i]);
830 DBGFADDRESS HitAddr;
831 uint32_t cbLeft = FBSD_MAX_KERNEL_SIZE;
832
833 while (cbLeft > X86_PAGE_4K_SIZE)
834 {
835 int rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &KernelAddr, cbLeft, 1,
836 s_abNeedle, sizeof(s_abNeedle) - 1, &HitAddr);
837 if (RT_FAILURE(rc))
838 break;
839
840 /*
841 * Look for the magic "/red/herring" near the header and verify the basic
842 * ELF header.
843 */
844 DBGFADDRESS HitAddrInterp;
845 rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &HitAddr, FBSD_MAX_INTERP_OFFSET, 1,
846 g_abNeedleInterp, sizeof(g_abNeedleInterp), &HitAddrInterp);
847 if (RT_SUCCESS(rc))
848 {
849 union
850 {
851 uint8_t ab[2 * X86_PAGE_4K_SIZE];
852 Elf32_Ehdr Hdr32;
853 Elf64_Ehdr Hdr64;
854 } ElfHdr;
855 AssertCompileMembersSameSizeAndOffset(Elf64_Ehdr, e_ident, Elf32_Ehdr, e_ident);
856 AssertCompileMembersSameSizeAndOffset(Elf64_Ehdr, e_type, Elf32_Ehdr, e_type);
857 AssertCompileMembersSameSizeAndOffset(Elf64_Ehdr, e_machine, Elf32_Ehdr, e_machine);
858 AssertCompileMembersSameSizeAndOffset(Elf64_Ehdr, e_version, Elf32_Ehdr, e_version);
859
860 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &HitAddr, &ElfHdr.ab[0], X86_PAGE_4K_SIZE);
861 if (RT_SUCCESS(rc))
862 {
863 /* We verified the magic above already by scanning for it. */
864 if ( ( ElfHdr.Hdr32.e_ident[EI_CLASS] == ELFCLASS32
865 || ElfHdr.Hdr32.e_ident[EI_CLASS] == ELFCLASS64)
866 && ElfHdr.Hdr32.e_ident[EI_DATA] == ELFDATA2LSB
867 && ElfHdr.Hdr32.e_ident[EI_VERSION] == EV_CURRENT
868 && ElfHdr.Hdr32.e_ident[EI_OSABI] == ELFOSABI_FREEBSD
869 && ElfHdr.Hdr32.e_type == ET_EXEC
870 && ( ElfHdr.Hdr32.e_machine == EM_386
871 || ElfHdr.Hdr32.e_machine == EM_X86_64)
872 && ElfHdr.Hdr32.e_version == EV_CURRENT)
873 {
874 pThis->f64Bit = ElfHdr.Hdr32.e_ident[EI_CLASS] == ELFCLASS64;
875 pThis->AddrKernelElfStart = HitAddr;
876 pThis->AddrKernelInterp = HitAddrInterp;
877 DBGFR3AddrFromFlat(pUVM, &pThis->AddrKernelText, FBSD_UNION(pThis, &ElfHdr, e_entry));
878 LogFunc(("Found %s FreeBSD kernel at %RGv (.interp section at %RGv, .text section at %RGv)\n",
879 pThis->f64Bit ? "amd64" : "i386", pThis->AddrKernelElfStart.FlatPtr,
880 pThis->AddrKernelInterp.FlatPtr, pThis->AddrKernelText.FlatPtr));
881 return true;
882 }
883 }
884 }
885
886 /*
887 * Advance.
888 */
889 RTGCUINTPTR cbDistance = HitAddr.FlatPtr - KernelAddr.FlatPtr + sizeof(s_abNeedle) - 1;
890 if (RT_UNLIKELY(cbDistance >= cbLeft))
891 break;
892
893 cbLeft -= cbDistance;
894 DBGFR3AddrAdd(&KernelAddr, cbDistance);
895 }
896 }
897 return false;
898}
899
900
901/**
902 * @copydoc DBGFOSREG::pfnDestruct
903 */
904static DECLCALLBACK(void) dbgDiggerFreeBsdDestruct(PUVM pUVM, void *pvData)
905{
906 RT_NOREF2(pUVM, pvData);
907}
908
909
910/**
911 * @copydoc DBGFOSREG::pfnConstruct
912 */
913static DECLCALLBACK(int) dbgDiggerFreeBsdConstruct(PUVM pUVM, void *pvData)
914{
915 RT_NOREF1(pUVM);
916 PDBGDIGGERFBSD pThis = (PDBGDIGGERFBSD)pvData;
917
918 pThis->fValid = false;
919 pThis->f64Bit = false;
920 pThis->IDmesg.u32Magic = DBGFOSIDMESG_MAGIC;
921 pThis->IDmesg.pfnQueryKernelLog = dbgDiggerFreeBsdIDmsg_QueryKernelLog;
922 pThis->IDmesg.u32EndMagic = DBGFOSIDMESG_MAGIC;
923
924 return VINF_SUCCESS;
925}
926
927
928const DBGFOSREG g_DBGDiggerFreeBsd =
929{
930 /* .u32Magic = */ DBGFOSREG_MAGIC,
931 /* .fFlags = */ 0,
932 /* .cbData = */ sizeof(DBGDIGGERFBSD),
933 /* .szName = */ "FreeBSD",
934 /* .pfnConstruct = */ dbgDiggerFreeBsdConstruct,
935 /* .pfnDestruct = */ dbgDiggerFreeBsdDestruct,
936 /* .pfnProbe = */ dbgDiggerFreeBsdProbe,
937 /* .pfnInit = */ dbgDiggerFreeBsdInit,
938 /* .pfnRefresh = */ dbgDiggerFreeBsdRefresh,
939 /* .pfnTerm = */ dbgDiggerFreeBsdTerm,
940 /* .pfnQueryVersion = */ dbgDiggerFreeBsdQueryVersion,
941 /* .pfnQueryInterface = */ dbgDiggerFreeBsdQueryInterface,
942 /* .pfnStackUnwindAssist = */ dbgDiggerFreeBsdStackUnwindAssist,
943 /* .u32EndMagic = */ DBGFOSREG_MAGIC
944};
945
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette