1 | /* $Id: DBGPlugInLinux.cpp 61578 2016-06-08 14:09:27Z vboxsync $ */
|
---|
2 | /** @file
|
---|
3 | * DBGPlugInLinux - Debugger and Guest OS Digger Plugin For Linux.
|
---|
4 | */
|
---|
5 |
|
---|
6 | /*
|
---|
7 | * Copyright (C) 2008-2015 Oracle Corporation
|
---|
8 | *
|
---|
9 | * This file is part of VirtualBox Open Source Edition (OSE), as
|
---|
10 | * available from http://www.virtualbox.org. This file is free software;
|
---|
11 | * you can redistribute it and/or modify it under the terms of the GNU
|
---|
12 | * General Public License (GPL) as published by the Free Software
|
---|
13 | * Foundation, in version 2 as it comes in the "COPYING" file of the
|
---|
14 | * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
|
---|
15 | * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
|
---|
16 | */
|
---|
17 |
|
---|
18 |
|
---|
19 | /*********************************************************************************************************************************
|
---|
20 | * Header Files *
|
---|
21 | *********************************************************************************************************************************/
|
---|
22 | #define LOG_GROUP LOG_GROUP_DBGF ///@todo add new log group.
|
---|
23 | #include "DBGPlugIns.h"
|
---|
24 | #include "DBGPlugInCommonELF.h"
|
---|
25 | #include <VBox/vmm/dbgf.h>
|
---|
26 | #include <VBox/dis.h>
|
---|
27 | #include <iprt/string.h>
|
---|
28 | #include <iprt/mem.h>
|
---|
29 | #include <iprt/stream.h>
|
---|
30 | #include <iprt/ctype.h>
|
---|
31 |
|
---|
32 |
|
---|
33 | /*********************************************************************************************************************************
|
---|
34 | * Structures and Typedefs *
|
---|
35 | *********************************************************************************************************************************/
|
---|
36 |
|
---|
37 | /** @name InternalLinux structures
|
---|
38 | * @{ */
|
---|
39 |
|
---|
40 |
|
---|
41 | /** @} */
|
---|
42 |
|
---|
43 |
|
---|
44 | /**
|
---|
45 | * Linux guest OS digger instance data.
|
---|
46 | */
|
---|
47 | typedef struct DBGDIGGERLINUX
|
---|
48 | {
|
---|
49 | /** Whether the information is valid or not.
|
---|
50 | * (For fending off illegal interface method calls.) */
|
---|
51 | bool fValid;
|
---|
52 | /** Set if 64-bit, clear if 32-bit. */
|
---|
53 | bool f64Bit;
|
---|
54 |
|
---|
55 | /** The address of the linux banner.
|
---|
56 | * This is set during probing. */
|
---|
57 | DBGFADDRESS AddrLinuxBanner;
|
---|
58 | /** Kernel base address.
|
---|
59 | * This is set during probing, refined during kallsyms parsing. */
|
---|
60 | DBGFADDRESS AddrKernelBase;
|
---|
61 | /** The kernel size. */
|
---|
62 | uint32_t cbKernel;
|
---|
63 |
|
---|
64 | /** The number of kernel symbols (kallsyms_num_syms).
|
---|
65 | * This is set during init. */
|
---|
66 | uint32_t cKernelSymbols;
|
---|
67 | /** The size of the kernel name table (sizeof(kallsyms_names)). */
|
---|
68 | uint32_t cbKernelNames;
|
---|
69 | /** Number of entries in the kernel_markers table. */
|
---|
70 | uint32_t cKernelNameMarkers;
|
---|
71 | /** The size of the kernel symbol token table. */
|
---|
72 | uint32_t cbKernelTokenTable;
|
---|
73 | /** The address of the encoded kernel symbol names (kallsyms_names). */
|
---|
74 | DBGFADDRESS AddrKernelNames;
|
---|
75 | /** The address of the kernel symbol addresses (kallsyms_addresses). */
|
---|
76 | DBGFADDRESS AddrKernelAddresses;
|
---|
77 | /** The address of the kernel symbol name markers (kallsyms_markers). */
|
---|
78 | DBGFADDRESS AddrKernelNameMarkers;
|
---|
79 | /** The address of the kernel symbol token table (kallsyms_token_table). */
|
---|
80 | DBGFADDRESS AddrKernelTokenTable;
|
---|
81 | /** The address of the kernel symbol token index table (kallsyms_token_index). */
|
---|
82 | DBGFADDRESS AddrKernelTokenIndex;
|
---|
83 |
|
---|
84 | /** The kernel message log interface. */
|
---|
85 | DBGFOSIDMESG IDmesg;
|
---|
86 | } DBGDIGGERLINUX;
|
---|
87 | /** Pointer to the linux guest OS digger instance data. */
|
---|
88 | typedef DBGDIGGERLINUX *PDBGDIGGERLINUX;
|
---|
89 |
|
---|
90 |
|
---|
91 | /**
|
---|
92 | * The current printk_log structure.
|
---|
93 | */
|
---|
94 | typedef struct LNXPRINTKHDR
|
---|
95 | {
|
---|
96 | /** Monotonic timestamp. */
|
---|
97 | uint64_t nsTimestamp;
|
---|
98 | /** The total size of this message record. */
|
---|
99 | uint16_t cbTotal;
|
---|
100 | /** The size of the text part (immediately follows the header). */
|
---|
101 | uint16_t cbText;
|
---|
102 | /** The size of the optional dictionary part (follows the text). */
|
---|
103 | uint16_t cbDict;
|
---|
104 | /** The syslog facility number. */
|
---|
105 | uint8_t bFacility;
|
---|
106 | /** First 5 bits are internal flags, next 3 bits are log level. */
|
---|
107 | uint8_t fFlagsAndLevel;
|
---|
108 | } LNXPRINTKHDR;
|
---|
109 | AssertCompileSize(LNXPRINTKHDR, 2*sizeof(uint64_t));
|
---|
110 | /** Pointer to linux printk_log header. */
|
---|
111 | typedef LNXPRINTKHDR *PLNXPRINTKHDR;
|
---|
112 | /** Pointer to linux const printk_log header. */
|
---|
113 | typedef LNXPRINTKHDR const *PCLNXPRINTKHDR;
|
---|
114 |
|
---|
115 |
|
---|
116 | /*********************************************************************************************************************************
|
---|
117 | * Defined Constants And Macros *
|
---|
118 | *********************************************************************************************************************************/
|
---|
119 | /** Validates a 32-bit linux kernel address */
|
---|
120 | #define LNX32_VALID_ADDRESS(Addr) ((Addr) > UINT32_C(0x80000000) && (Addr) < UINT32_C(0xfffff000))
|
---|
121 | /** Validates a 64-bit linux kernel address */
|
---|
122 | #define LNX64_VALID_ADDRESS(Addr) ((Addr) > UINT64_C(0xffff800000000000) && (Addr) < UINT64_C(0xfffffffffffff000))
|
---|
123 |
|
---|
124 | /** The max kernel size. */
|
---|
125 | #define LNX_MAX_KERNEL_SIZE UINT32_C(0x0f000000)
|
---|
126 |
|
---|
127 | /** The maximum size we expect for kallsyms_names. */
|
---|
128 | #define LNX_MAX_KALLSYMS_NAMES_SIZE UINT32_C(0x200000)
|
---|
129 | /** The maximum size we expect for kallsyms_token_table. */
|
---|
130 | #define LNX_MAX_KALLSYMS_TOKEN_TABLE_SIZE UINT32_C(0x10000)
|
---|
131 | /** The minimum number of symbols we expect in kallsyms_num_syms. */
|
---|
132 | #define LNX_MIN_KALLSYMS_SYMBOLS UINT32_C(2048)
|
---|
133 | /** The maximum number of symbols we expect in kallsyms_num_syms. */
|
---|
134 | #define LNX_MAX_KALLSYMS_SYMBOLS UINT32_C(1048576)
|
---|
135 | /** The min length an encoded symbol in kallsyms_names is expected to have. */
|
---|
136 | #define LNX_MIN_KALLSYMS_ENC_LENGTH UINT8_C(1)
|
---|
137 | /** The max length an encoded symbol in kallsyms_names is expected to have.
|
---|
138 | * @todo check real life here. */
|
---|
139 | #define LNX_MAX_KALLSYMS_ENC_LENGTH UINT8_C(28)
|
---|
140 | /** The approximate maximum length of a string token. */
|
---|
141 | #define LNX_MAX_KALLSYMS_TOKEN_LEN UINT16_C(32)
|
---|
142 |
|
---|
143 | /** Module tag for linux ('linuxmod' on little endian ASCII systems). */
|
---|
144 | #define DIG_LNX_MOD_TAG UINT64_C(0x545f5d78758e898c)
|
---|
145 |
|
---|
146 |
|
---|
147 | /*********************************************************************************************************************************
|
---|
148 | * Internal Functions *
|
---|
149 | *********************************************************************************************************************************/
|
---|
150 | static DECLCALLBACK(int) dbgDiggerLinuxInit(PUVM pUVM, void *pvData);
|
---|
151 |
|
---|
152 |
|
---|
153 | /*********************************************************************************************************************************
|
---|
154 | * Global Variables *
|
---|
155 | *********************************************************************************************************************************/
|
---|
156 | /** Table of common linux kernel addresses. */
|
---|
157 | static uint64_t g_au64LnxKernelAddresses[] =
|
---|
158 | {
|
---|
159 | UINT64_C(0xc0100000),
|
---|
160 | UINT64_C(0x90100000),
|
---|
161 | UINT64_C(0xffffffff80200000)
|
---|
162 | };
|
---|
163 |
|
---|
164 | static const uint8_t g_abLinuxVersion[] = "Linux version ";
|
---|
165 |
|
---|
166 | /**
|
---|
167 | * Disassembles a simple getter returning the value for it.
|
---|
168 | *
|
---|
169 | * @returns VBox status code.
|
---|
170 | * @param pThis The Linux digger data.
|
---|
171 | * @param pUVM The VM handle.
|
---|
172 | * @param hMod The module to use.
|
---|
173 | * @param pszSymbol The symbol of the getter.
|
---|
174 | * @param pvVal Where to store the value on success.
|
---|
175 | * @param cbVal Size of the value in bytes.
|
---|
176 | */
|
---|
177 | static int dbgDiggerLinuxDisassembleSimpleGetter(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
|
---|
178 | const char *pszSymbol, void *pvVal, uint32_t cbVal)
|
---|
179 | {
|
---|
180 | int rc = VINF_SUCCESS;
|
---|
181 |
|
---|
182 | RTDBGSYMBOL SymInfo;
|
---|
183 | rc = RTDbgModSymbolByName(hMod, pszSymbol, &SymInfo);
|
---|
184 | if (RT_SUCCESS(rc))
|
---|
185 | {
|
---|
186 | /*
|
---|
187 | * Do the diassembling. Disassemble until a ret instruction is encountered
|
---|
188 | * or a limit is reached (don't want to disassemble for too long as the getter
|
---|
189 | * should be short).
|
---|
190 | * push and pop instructions are skipped as well as any mov instructions not
|
---|
191 | * touching the rax or eax register (depending on the size of the value).
|
---|
192 | */
|
---|
193 | unsigned cInstrDisassembled = 0;
|
---|
194 | uint32_t offInstr = 0;
|
---|
195 | bool fRet = false;
|
---|
196 | DISSTATE DisState;
|
---|
197 | RT_ZERO(DisState);
|
---|
198 |
|
---|
199 | do
|
---|
200 | {
|
---|
201 | DBGFADDRESS Addr;
|
---|
202 | RTGCPTR GCPtrCur = (RTGCPTR)SymInfo.Value + pThis->AddrKernelBase.FlatPtr + offInstr;
|
---|
203 | DBGFR3AddrFromFlat(pUVM, &Addr, GCPtrCur);
|
---|
204 |
|
---|
205 | /* Prefetch the instruction. */
|
---|
206 | uint8_t abInstr[32];
|
---|
207 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &Addr, &abInstr[0], sizeof(abInstr));
|
---|
208 | if (RT_SUCCESS(rc))
|
---|
209 | {
|
---|
210 | uint32_t cbInstr = 0;
|
---|
211 |
|
---|
212 | rc = DISInstr(&abInstr[0], pThis->f64Bit ? DISCPUMODE_64BIT : DISCPUMODE_32BIT, &DisState, &cbInstr);
|
---|
213 | if (RT_SUCCESS(rc))
|
---|
214 | {
|
---|
215 | switch (DisState.pCurInstr->uOpcode)
|
---|
216 | {
|
---|
217 | case OP_PUSH:
|
---|
218 | case OP_POP:
|
---|
219 | case OP_NOP:
|
---|
220 | case OP_LEA:
|
---|
221 | break;
|
---|
222 | case OP_RETN:
|
---|
223 | /* Getter returned, abort disassembling. */
|
---|
224 | fRet = true;
|
---|
225 | break;
|
---|
226 | case OP_MOV:
|
---|
227 | /*
|
---|
228 | * Check that the destination is either rax or eax depending on the
|
---|
229 | * value size.
|
---|
230 | *
|
---|
231 | * Param1 is the destination and Param2 the source.
|
---|
232 | */
|
---|
233 | if ( ( ( (DisState.Param1.fUse & (DISUSE_BASE | DISUSE_REG_GEN32))
|
---|
234 | && cbVal == sizeof(uint32_t))
|
---|
235 | || ( (DisState.Param1.fUse & (DISUSE_BASE | DISUSE_REG_GEN64))
|
---|
236 | && cbVal == sizeof(uint64_t)))
|
---|
237 | && DisState.Param1.Base.idxGenReg == DISGREG_RAX)
|
---|
238 | {
|
---|
239 | /* Parse the source. */
|
---|
240 | if (DisState.Param2.fUse & (DISUSE_IMMEDIATE32 | DISUSE_IMMEDIATE64))
|
---|
241 | memcpy(pvVal, &DisState.Param2.uValue, cbVal);
|
---|
242 | else if (DisState.Param2.fUse & (DISUSE_RIPDISPLACEMENT32|DISUSE_DISPLACEMENT32|DISUSE_DISPLACEMENT64))
|
---|
243 | {
|
---|
244 | RTGCPTR GCPtrVal = 0;
|
---|
245 |
|
---|
246 | if (DisState.Param2.fUse & DISUSE_RIPDISPLACEMENT32)
|
---|
247 | GCPtrVal = GCPtrCur + DisState.Param2.uDisp.i32 + cbInstr;
|
---|
248 | else if (DisState.Param2.fUse & DISUSE_DISPLACEMENT32)
|
---|
249 | GCPtrVal = (RTGCPTR)DisState.Param2.uDisp.u32;
|
---|
250 | else if (DisState.Param2.fUse & DISUSE_DISPLACEMENT64)
|
---|
251 | GCPtrVal = (RTGCPTR)DisState.Param2.uDisp.u64;
|
---|
252 | else
|
---|
253 | AssertMsgFailedBreakStmt(("Invalid displacement\n"), rc = VERR_INVALID_STATE);
|
---|
254 |
|
---|
255 | DBGFADDRESS AddrVal;
|
---|
256 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/,
|
---|
257 | DBGFR3AddrFromFlat(pUVM, &AddrVal, GCPtrVal),
|
---|
258 | pvVal, cbVal);
|
---|
259 | }
|
---|
260 | }
|
---|
261 | break;
|
---|
262 | default:
|
---|
263 | /* All other instructions will cause an error for now (playing safe here). */
|
---|
264 | rc = VERR_INVALID_PARAMETER;
|
---|
265 | break;
|
---|
266 | }
|
---|
267 | cInstrDisassembled++;
|
---|
268 | offInstr += cbInstr;
|
---|
269 | }
|
---|
270 | }
|
---|
271 | } while ( RT_SUCCESS(rc)
|
---|
272 | && cInstrDisassembled < 20
|
---|
273 | && !fRet);
|
---|
274 | }
|
---|
275 |
|
---|
276 | return rc;
|
---|
277 | }
|
---|
278 |
|
---|
279 | /**
|
---|
280 | * Try to get at the log buffer starting address and size by disassembling some exposed helpers.
|
---|
281 | *
|
---|
282 | * @returns VBox status code.
|
---|
283 | * @param pThis The Linux digger data.
|
---|
284 | * @param pUVM The VM handle.
|
---|
285 | * @param hMod The module to use.
|
---|
286 | * @param pGCPtrLogBuf Where to store the log buffer pointer on success.
|
---|
287 | * @param pcbLogBuf Where to store the size of the log buffer on success.
|
---|
288 | */
|
---|
289 | static int dbgDiggerLinuxQueryLogBufferPtrs(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
|
---|
290 | RTGCPTR *pGCPtrLogBuf, uint32_t *pcbLogBuf)
|
---|
291 | {
|
---|
292 | int rc = VINF_SUCCESS;
|
---|
293 |
|
---|
294 | struct { void *pvVar; size_t cbHost, cbGuest; const char *pszSymbol; } aSymbols[] =
|
---|
295 | {
|
---|
296 | { pGCPtrLogBuf, sizeof(RTGCPTR), pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t), "log_buf_addr_get" },
|
---|
297 | { pcbLogBuf, sizeof(uint32_t), sizeof(uint32_t), "log_buf_len_get" }
|
---|
298 | };
|
---|
299 | for (uint32_t i = 0; i < RT_ELEMENTS(aSymbols) && RT_SUCCESS(rc); i++)
|
---|
300 | {
|
---|
301 | RT_BZERO(aSymbols[i].pvVar, aSymbols[i].cbHost);
|
---|
302 | Assert(aSymbols[i].cbHost >= aSymbols[i].cbGuest);
|
---|
303 | rc = dbgDiggerLinuxDisassembleSimpleGetter(pThis, pUVM, hMod, aSymbols[i].pszSymbol,
|
---|
304 | aSymbols[i].pvVar, aSymbols[i].cbGuest);
|
---|
305 | }
|
---|
306 |
|
---|
307 | return rc;
|
---|
308 | }
|
---|
309 |
|
---|
310 | /**
|
---|
311 | * Returns whether the log buffer is a simple ascii buffer or a record based implementation
|
---|
312 | * based on the kernel version found.
|
---|
313 | *
|
---|
314 | * @returns Flag whether the log buffer is the simple ascii buffer.
|
---|
315 | * @param pThis The Linux digger data.
|
---|
316 | * @param pUVM The user mode VM handle.
|
---|
317 | */
|
---|
318 | static bool dbgDiggerLinuxLogBufferIsAsciiBuffer(PDBGDIGGERLINUX pThis, PUVM pUVM)
|
---|
319 | {
|
---|
320 | char szTmp[128];
|
---|
321 | char const *pszVer = &szTmp[sizeof(g_abLinuxVersion) - 1];
|
---|
322 |
|
---|
323 | RT_ZERO(szTmp);
|
---|
324 | int rc = DBGFR3MemReadString(pUVM, 0, &pThis->AddrLinuxBanner, szTmp, sizeof(szTmp) - 1);
|
---|
325 | if ( RT_SUCCESS(rc)
|
---|
326 | && RTStrVersionCompare(pszVer, "3.4") == -1)
|
---|
327 | return true;
|
---|
328 |
|
---|
329 | return false;
|
---|
330 | }
|
---|
331 |
|
---|
332 | /**
|
---|
333 | * Worker to get at the kernel log for pre 3.4 kernels where the log buffer was just a char buffer.
|
---|
334 | *
|
---|
335 | * @returns VBox status code.
|
---|
336 | * @param pThis The Linux digger data.
|
---|
337 | * @param pUVM The VM user mdoe handle.
|
---|
338 | * @param hMod The debug module handle.
|
---|
339 | * @param fFlags Flags reserved for future use, MBZ.
|
---|
340 | * @param cMessages The number of messages to retrieve, counting from the
|
---|
341 | * end of the log (i.e. like tail), use UINT32_MAX for all.
|
---|
342 | * @param pszBuf The output buffer.
|
---|
343 | * @param cbBuf The buffer size.
|
---|
344 | * @param pcbActual Where to store the number of bytes actually returned,
|
---|
345 | * including zero terminator. On VERR_BUFFER_OVERFLOW this
|
---|
346 | * holds the necessary buffer size. Optional.
|
---|
347 | */
|
---|
348 | static int dbgDiggerLinuxLogBufferQueryAscii(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
|
---|
349 | uint32_t fFlags, uint32_t cMessages,
|
---|
350 | char *pszBuf, size_t cbBuf, size_t *pcbActual)
|
---|
351 | {
|
---|
352 | int rc = VINF_SUCCESS;
|
---|
353 | RTGCPTR GCPtrLogBuf;
|
---|
354 | uint32_t cbLogBuf;
|
---|
355 |
|
---|
356 | struct { void *pvVar; size_t cbHost, cbGuest; const char *pszSymbol; } aSymbols[] =
|
---|
357 | {
|
---|
358 | { &GCPtrLogBuf, sizeof(GCPtrLogBuf), pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t), "log_buf" },
|
---|
359 | { &cbLogBuf, sizeof(cbLogBuf), sizeof(cbLogBuf), "log_buf_len" },
|
---|
360 | };
|
---|
361 | for (uint32_t i = 0; i < RT_ELEMENTS(aSymbols); i++)
|
---|
362 | {
|
---|
363 | RTDBGSYMBOL SymInfo;
|
---|
364 | rc = RTDbgModSymbolByName(hMod, aSymbols[i].pszSymbol, &SymInfo);
|
---|
365 | if (RT_SUCCESS(rc))
|
---|
366 | {
|
---|
367 | RT_BZERO(aSymbols[i].pvVar, aSymbols[i].cbHost);
|
---|
368 | Assert(aSymbols[i].cbHost >= aSymbols[i].cbGuest);
|
---|
369 | DBGFADDRESS Addr;
|
---|
370 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/,
|
---|
371 | DBGFR3AddrFromFlat(pUVM, &Addr, (RTGCPTR)SymInfo.Value + pThis->AddrKernelBase.FlatPtr),
|
---|
372 | aSymbols[i].pvVar, aSymbols[i].cbGuest);
|
---|
373 | if (RT_SUCCESS(rc))
|
---|
374 | continue;
|
---|
375 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Reading '%s' at %RGv: %Rrc\n", aSymbols[i].pszSymbol, Addr.FlatPtr, rc));
|
---|
376 | }
|
---|
377 | else
|
---|
378 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Error looking up '%s': %Rrc\n", aSymbols[i].pszSymbol, rc));
|
---|
379 | rc = VERR_NOT_FOUND;
|
---|
380 | break;
|
---|
381 | }
|
---|
382 |
|
---|
383 | if (RT_FAILURE(rc))
|
---|
384 | return rc;
|
---|
385 |
|
---|
386 | /*
|
---|
387 | * Check if the values make sense.
|
---|
388 | */
|
---|
389 | if (pThis->f64Bit ? !LNX64_VALID_ADDRESS(GCPtrLogBuf) : !LNX32_VALID_ADDRESS(GCPtrLogBuf))
|
---|
390 | {
|
---|
391 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_buf' value %RGv is not valid.\n", GCPtrLogBuf));
|
---|
392 | return VERR_NOT_FOUND;
|
---|
393 | }
|
---|
394 | if ( cbLogBuf < 4096
|
---|
395 | || !RT_IS_POWER_OF_TWO(cbLogBuf)
|
---|
396 | || cbLogBuf > 16*_1M)
|
---|
397 | {
|
---|
398 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_buf_len' value %#x is not valid.\n", cbLogBuf));
|
---|
399 | return VERR_NOT_FOUND;
|
---|
400 | }
|
---|
401 |
|
---|
402 | /*
|
---|
403 | * Read the whole log buffer.
|
---|
404 | */
|
---|
405 | uint8_t *pbLogBuf = (uint8_t *)RTMemAlloc(cbLogBuf);
|
---|
406 | if (!pbLogBuf)
|
---|
407 | {
|
---|
408 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Failed to allocate %#x bytes for log buffer\n", cbLogBuf));
|
---|
409 | return VERR_NO_MEMORY;
|
---|
410 | }
|
---|
411 | DBGFADDRESS Addr;
|
---|
412 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, DBGFR3AddrFromFlat(pUVM, &Addr, GCPtrLogBuf), pbLogBuf, cbLogBuf);
|
---|
413 | if (RT_FAILURE(rc))
|
---|
414 | {
|
---|
415 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Error reading %#x bytes of log buffer at %RGv: %Rrc\n",
|
---|
416 | cbLogBuf, Addr.FlatPtr, rc));
|
---|
417 | RTMemFree(pbLogBuf);
|
---|
418 | return VERR_NOT_FOUND;
|
---|
419 | }
|
---|
420 |
|
---|
421 | /** @todo: Try to parse where the single messages start to make use of cMessages. */
|
---|
422 | size_t cchLength = RTStrNLen((const char *)pbLogBuf, cbLogBuf);
|
---|
423 | memcpy(&pszBuf[0], pbLogBuf, RT_MIN(cbBuf, cchLength));
|
---|
424 |
|
---|
425 | /* Done with the buffer. */
|
---|
426 | RTMemFree(pbLogBuf);
|
---|
427 |
|
---|
428 | /* Set return size value. */
|
---|
429 | if (pcbActual)
|
---|
430 | *pcbActual = RT_MIN(cbBuf, cchLength);
|
---|
431 |
|
---|
432 | return cbBuf <= cchLength ? VERR_BUFFER_OVERFLOW : VINF_SUCCESS;
|
---|
433 | }
|
---|
434 |
|
---|
435 | /**
|
---|
436 | * Worker to get at the kernel log for post 3.4 kernels where the log buffer contains records.
|
---|
437 | *
|
---|
438 | * @returns VBox status code.
|
---|
439 | * @param pThis The Linux digger data.
|
---|
440 | * @param pUVM The VM user mdoe handle.
|
---|
441 | * @param hMod The debug module handle.
|
---|
442 | * @param fFlags Flags reserved for future use, MBZ.
|
---|
443 | * @param cMessages The number of messages to retrieve, counting from the
|
---|
444 | * end of the log (i.e. like tail), use UINT32_MAX for all.
|
---|
445 | * @param pszBuf The output buffer.
|
---|
446 | * @param cbBuf The buffer size.
|
---|
447 | * @param pcbActual Where to store the number of bytes actually returned,
|
---|
448 | * including zero terminator. On VERR_BUFFER_OVERFLOW this
|
---|
449 | * holds the necessary buffer size. Optional.
|
---|
450 | */
|
---|
451 | static int dbgDiggerLinuxLogBufferQueryRecords(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
|
---|
452 | uint32_t fFlags, uint32_t cMessages,
|
---|
453 | char *pszBuf, size_t cbBuf, size_t *pcbActual)
|
---|
454 | {
|
---|
455 | int rc = VINF_SUCCESS;
|
---|
456 | RTGCPTR GCPtrLogBuf;
|
---|
457 | uint32_t cbLogBuf;
|
---|
458 | uint32_t idxFirst;
|
---|
459 | uint32_t idxNext;
|
---|
460 |
|
---|
461 | struct { void *pvVar; size_t cbHost, cbGuest; const char *pszSymbol; } aSymbols[] =
|
---|
462 | {
|
---|
463 | { &GCPtrLogBuf, sizeof(GCPtrLogBuf), pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t), "log_buf" },
|
---|
464 | { &cbLogBuf, sizeof(cbLogBuf), sizeof(cbLogBuf), "log_buf_len" },
|
---|
465 | { &idxFirst, sizeof(idxFirst), sizeof(idxFirst), "log_first_idx" },
|
---|
466 | { &idxNext, sizeof(idxNext), sizeof(idxNext), "log_next_idx" },
|
---|
467 | };
|
---|
468 | for (uint32_t i = 0; i < RT_ELEMENTS(aSymbols); i++)
|
---|
469 | {
|
---|
470 | RTDBGSYMBOL SymInfo;
|
---|
471 | rc = RTDbgModSymbolByName(hMod, aSymbols[i].pszSymbol, &SymInfo);
|
---|
472 | if (RT_SUCCESS(rc))
|
---|
473 | {
|
---|
474 | RT_BZERO(aSymbols[i].pvVar, aSymbols[i].cbHost);
|
---|
475 | Assert(aSymbols[i].cbHost >= aSymbols[i].cbGuest);
|
---|
476 | DBGFADDRESS Addr;
|
---|
477 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/,
|
---|
478 | DBGFR3AddrFromFlat(pUVM, &Addr, (RTGCPTR)SymInfo.Value + pThis->AddrKernelBase.FlatPtr),
|
---|
479 | aSymbols[i].pvVar, aSymbols[i].cbGuest);
|
---|
480 | if (RT_SUCCESS(rc))
|
---|
481 | continue;
|
---|
482 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Reading '%s' at %RGv: %Rrc\n", aSymbols[i].pszSymbol, Addr.FlatPtr, rc));
|
---|
483 | }
|
---|
484 | else
|
---|
485 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Error looking up '%s': %Rrc\n", aSymbols[i].pszSymbol, rc));
|
---|
486 | rc = VERR_NOT_FOUND;
|
---|
487 | break;
|
---|
488 | }
|
---|
489 |
|
---|
490 | /*
|
---|
491 | * Some kernels don't expose the variables in kallsyms so we have to try disassemble
|
---|
492 | * some public helpers to get at the addresses.
|
---|
493 | *
|
---|
494 | * @todo: Maybe cache those values so we don't have to do the heavy work every time?
|
---|
495 | */
|
---|
496 | if (rc == VERR_NOT_FOUND)
|
---|
497 | {
|
---|
498 | idxFirst = 0;
|
---|
499 | idxNext = 0;
|
---|
500 | rc = dbgDiggerLinuxQueryLogBufferPtrs(pThis, pUVM, hMod, &GCPtrLogBuf, &cbLogBuf);
|
---|
501 | if (RT_FAILURE(rc))
|
---|
502 | return rc;
|
---|
503 | }
|
---|
504 |
|
---|
505 | /*
|
---|
506 | * Check if the values make sense.
|
---|
507 | */
|
---|
508 | if (pThis->f64Bit ? !LNX64_VALID_ADDRESS(GCPtrLogBuf) : !LNX32_VALID_ADDRESS(GCPtrLogBuf))
|
---|
509 | {
|
---|
510 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_buf' value %RGv is not valid.\n", GCPtrLogBuf));
|
---|
511 | return VERR_NOT_FOUND;
|
---|
512 | }
|
---|
513 | if ( cbLogBuf < 4096
|
---|
514 | || !RT_IS_POWER_OF_TWO(cbLogBuf)
|
---|
515 | || cbLogBuf > 16*_1M)
|
---|
516 | {
|
---|
517 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_buf_len' value %#x is not valid.\n", cbLogBuf));
|
---|
518 | return VERR_NOT_FOUND;
|
---|
519 | }
|
---|
520 | uint32_t const cbLogAlign = 4;
|
---|
521 | if ( idxFirst > cbLogBuf - sizeof(LNXPRINTKHDR)
|
---|
522 | || (idxFirst & (cbLogAlign - 1)) != 0)
|
---|
523 | {
|
---|
524 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_first_idx' value %#x is not valid.\n", idxFirst));
|
---|
525 | return VERR_NOT_FOUND;
|
---|
526 | }
|
---|
527 | if ( idxNext > cbLogBuf - sizeof(LNXPRINTKHDR)
|
---|
528 | || (idxNext & (cbLogAlign - 1)) != 0)
|
---|
529 | {
|
---|
530 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_next_idx' value %#x is not valid.\n", idxNext));
|
---|
531 | return VERR_NOT_FOUND;
|
---|
532 | }
|
---|
533 |
|
---|
534 | /*
|
---|
535 | * Read the whole log buffer.
|
---|
536 | */
|
---|
537 | uint8_t *pbLogBuf = (uint8_t *)RTMemAlloc(cbLogBuf);
|
---|
538 | if (!pbLogBuf)
|
---|
539 | {
|
---|
540 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Failed to allocate %#x bytes for log buffer\n", cbLogBuf));
|
---|
541 | return VERR_NO_MEMORY;
|
---|
542 | }
|
---|
543 | DBGFADDRESS Addr;
|
---|
544 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, DBGFR3AddrFromFlat(pUVM, &Addr, GCPtrLogBuf), pbLogBuf, cbLogBuf);
|
---|
545 | if (RT_FAILURE(rc))
|
---|
546 | {
|
---|
547 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Error reading %#x bytes of log buffer at %RGv: %Rrc\n",
|
---|
548 | cbLogBuf, Addr.FlatPtr, rc));
|
---|
549 | RTMemFree(pbLogBuf);
|
---|
550 | return VERR_NOT_FOUND;
|
---|
551 | }
|
---|
552 |
|
---|
553 | /*
|
---|
554 | * Count the messages in the buffer while doing some basic validation.
|
---|
555 | */
|
---|
556 | uint32_t const cbUsed = idxFirst == idxNext ? cbLogBuf /* could be empty... */
|
---|
557 | : idxFirst < idxNext ? idxNext - idxFirst : cbLogBuf - idxFirst + idxNext;
|
---|
558 | uint32_t cbLeft = cbUsed;
|
---|
559 | uint32_t offCur = idxFirst;
|
---|
560 | uint32_t cLogMsgs = 0;
|
---|
561 |
|
---|
562 | while (cbLeft > 0)
|
---|
563 | {
|
---|
564 | PCLNXPRINTKHDR pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
|
---|
565 | if (!pHdr->cbTotal)
|
---|
566 | {
|
---|
567 | /* Wrap around packet, most likely... */
|
---|
568 | if (cbLogBuf - offCur >= cbLeft)
|
---|
569 | break;
|
---|
570 | offCur = 0;
|
---|
571 | pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
|
---|
572 | }
|
---|
573 | if (RT_UNLIKELY( pHdr->cbTotal > cbLogBuf - sizeof(*pHdr) - offCur
|
---|
574 | || pHdr->cbTotal > cbLeft
|
---|
575 | || (pHdr->cbTotal & (cbLogAlign - 1)) != 0
|
---|
576 | || pHdr->cbTotal < (uint32_t)pHdr->cbText + (uint32_t)pHdr->cbDict + sizeof(*pHdr) ))
|
---|
577 | {
|
---|
578 | Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Invalid printk_log record at %#x: cbTotal=%#x cbText=%#x cbDict=%#x cbLogBuf=%#x cbLeft=%#x\n",
|
---|
579 | offCur, pHdr->cbTotal, pHdr->cbText, pHdr->cbDict, cbLogBuf, cbLeft));
|
---|
580 | rc = VERR_INVALID_STATE;
|
---|
581 | break;
|
---|
582 | }
|
---|
583 |
|
---|
584 | if (pHdr->cbText > 0)
|
---|
585 | cLogMsgs++;
|
---|
586 |
|
---|
587 | /* next */
|
---|
588 | offCur += pHdr->cbTotal;
|
---|
589 | cbLeft -= pHdr->cbTotal;
|
---|
590 | }
|
---|
591 | if (RT_FAILURE(rc))
|
---|
592 | {
|
---|
593 | RTMemFree(pbLogBuf);
|
---|
594 | return rc;
|
---|
595 | }
|
---|
596 |
|
---|
597 | /*
|
---|
598 | * Copy the messages into the output buffer.
|
---|
599 | */
|
---|
600 | offCur = idxFirst;
|
---|
601 | cbLeft = cbUsed;
|
---|
602 |
|
---|
603 | /* Skip messages that the caller doesn't want. */
|
---|
604 | if (cMessages < cLogMsgs)
|
---|
605 | {
|
---|
606 | uint32_t cToSkip = cLogMsgs - cMessages;
|
---|
607 | while (cToSkip > 0)
|
---|
608 | {
|
---|
609 | PCLNXPRINTKHDR pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
|
---|
610 | if (!pHdr->cbTotal)
|
---|
611 | {
|
---|
612 | offCur = 0;
|
---|
613 | pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
|
---|
614 | }
|
---|
615 | if (pHdr->cbText > 0)
|
---|
616 | cToSkip--;
|
---|
617 |
|
---|
618 | /* next */
|
---|
619 | offCur += pHdr->cbTotal;
|
---|
620 | cbLeft -= pHdr->cbTotal;
|
---|
621 | }
|
---|
622 | }
|
---|
623 |
|
---|
624 | /* Now copy the messages. */
|
---|
625 | size_t offDst = 0;
|
---|
626 | while (cbLeft > 0)
|
---|
627 | {
|
---|
628 | PCLNXPRINTKHDR pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
|
---|
629 | if (!pHdr->cbTotal)
|
---|
630 | {
|
---|
631 | if (cbLogBuf - offCur >= cbLeft)
|
---|
632 | break;
|
---|
633 | offCur = 0;
|
---|
634 | pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
|
---|
635 | }
|
---|
636 |
|
---|
637 | if (pHdr->cbText > 0)
|
---|
638 | {
|
---|
639 | char *pchText = (char *)(pHdr + 1);
|
---|
640 | size_t cchText = RTStrNLen(pchText, pHdr->cbText);
|
---|
641 | if (offDst + cchText < cbBuf)
|
---|
642 | {
|
---|
643 | memcpy(&pszBuf[offDst], pHdr + 1, cchText);
|
---|
644 | pszBuf[offDst + cchText] = '\n';
|
---|
645 | }
|
---|
646 | else if (offDst < cbBuf)
|
---|
647 | memcpy(&pszBuf[offDst], pHdr + 1, cbBuf - offDst);
|
---|
648 | offDst += cchText + 1;
|
---|
649 | }
|
---|
650 |
|
---|
651 | /* next */
|
---|
652 | offCur += pHdr->cbTotal;
|
---|
653 | cbLeft -= pHdr->cbTotal;
|
---|
654 | }
|
---|
655 |
|
---|
656 | /* Done with the buffer. */
|
---|
657 | RTMemFree(pbLogBuf);
|
---|
658 |
|
---|
659 | /* Make sure we've reserved a char for the terminator. */
|
---|
660 | if (!offDst)
|
---|
661 | offDst = 1;
|
---|
662 |
|
---|
663 | /* Set return size value. */
|
---|
664 | if (pcbActual)
|
---|
665 | *pcbActual = offDst;
|
---|
666 |
|
---|
667 | if (offDst <= cbBuf)
|
---|
668 | return VINF_SUCCESS;
|
---|
669 | else
|
---|
670 | return VERR_BUFFER_OVERFLOW;
|
---|
671 | }
|
---|
672 |
|
---|
673 | /**
|
---|
674 | * @interface_method_impl{DBGFOSIDMESG,pfnQueryKernelLog}
|
---|
675 | */
|
---|
676 | static DECLCALLBACK(int) dbgDiggerLinuxIDmsg_QueryKernelLog(PDBGFOSIDMESG pThis, PUVM pUVM, uint32_t fFlags, uint32_t cMessages,
|
---|
677 | char *pszBuf, size_t cbBuf, size_t *pcbActual)
|
---|
678 | {
|
---|
679 | PDBGDIGGERLINUX pData = RT_FROM_MEMBER(pThis, DBGDIGGERLINUX, IDmesg);
|
---|
680 |
|
---|
681 | if (cMessages < 1)
|
---|
682 | return VERR_INVALID_PARAMETER;
|
---|
683 |
|
---|
684 | /*
|
---|
685 | * Resolve the symbols we need and read their values.
|
---|
686 | */
|
---|
687 | RTDBGAS hAs = DBGFR3AsResolveAndRetain(pUVM, DBGF_AS_KERNEL);
|
---|
688 | RTDBGMOD hMod;
|
---|
689 | int rc = RTDbgAsModuleByName(hAs, "vmlinux", 0, &hMod);
|
---|
690 | if (RT_FAILURE(rc))
|
---|
691 | return VERR_NOT_FOUND;
|
---|
692 | RTDbgAsRelease(hAs);
|
---|
693 |
|
---|
694 | size_t cbActual;
|
---|
695 | /*
|
---|
696 | * Check whether the kernel log buffer is a simple char buffer or the newer
|
---|
697 | * record based implementation.
|
---|
698 | * The record based implementation was presumably introduced with kernel 3.4,
|
---|
699 | * see: http://thread.gmane.org/gmane.linux.kernel/1284184
|
---|
700 | */
|
---|
701 | if (dbgDiggerLinuxLogBufferIsAsciiBuffer(pData, pUVM))
|
---|
702 | rc = dbgDiggerLinuxLogBufferQueryAscii(pData, pUVM, hMod, fFlags, cMessages, pszBuf, cbBuf, &cbActual);
|
---|
703 | else
|
---|
704 | rc = dbgDiggerLinuxLogBufferQueryRecords(pData, pUVM, hMod, fFlags, cMessages, pszBuf, cbBuf, &cbActual);
|
---|
705 |
|
---|
706 | /* Release the module in any case. */
|
---|
707 | RTDbgModRelease(hMod);
|
---|
708 |
|
---|
709 | if (RT_FAILURE(rc) && rc != VERR_BUFFER_OVERFLOW)
|
---|
710 | return rc;
|
---|
711 |
|
---|
712 | if (pcbActual)
|
---|
713 | *pcbActual = cbActual;
|
---|
714 |
|
---|
715 | /*
|
---|
716 | * All VBox strings are UTF-8 and bad things may in theory happen if we
|
---|
717 | * pass bad UTF-8 to code which assumes it's all valid. So, we enforce
|
---|
718 | * UTF-8 upon the guest kernel messages here even if they (probably) have
|
---|
719 | * no defined code set in reality.
|
---|
720 | */
|
---|
721 | if ( RT_SUCCESS(rc)
|
---|
722 | && cbActual <= cbBuf)
|
---|
723 | {
|
---|
724 | pszBuf[cbActual - 1] = '\0';
|
---|
725 | RTStrPurgeEncoding(pszBuf);
|
---|
726 | return VINF_SUCCESS;
|
---|
727 | }
|
---|
728 |
|
---|
729 | if (cbBuf)
|
---|
730 | {
|
---|
731 | pszBuf[cbBuf - 1] = '\0';
|
---|
732 | RTStrPurgeEncoding(pszBuf);
|
---|
733 | }
|
---|
734 | return VERR_BUFFER_OVERFLOW;
|
---|
735 | }
|
---|
736 |
|
---|
737 |
|
---|
738 | /**
|
---|
739 | * @copydoc DBGFOSREG::pfnQueryInterface
|
---|
740 | */
|
---|
741 | static DECLCALLBACK(void *) dbgDiggerLinuxQueryInterface(PUVM pUVM, void *pvData, DBGFOSINTERFACE enmIf)
|
---|
742 | {
|
---|
743 | PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
|
---|
744 | switch (enmIf)
|
---|
745 | {
|
---|
746 | case DBGFOSINTERFACE_DMESG:
|
---|
747 | return &pThis->IDmesg;
|
---|
748 |
|
---|
749 | default:
|
---|
750 | return NULL;
|
---|
751 | }
|
---|
752 | }
|
---|
753 |
|
---|
754 |
|
---|
755 | /**
|
---|
756 | * @copydoc DBGFOSREG::pfnQueryVersion
|
---|
757 | */
|
---|
758 | static DECLCALLBACK(int) dbgDiggerLinuxQueryVersion(PUVM pUVM, void *pvData, char *pszVersion, size_t cchVersion)
|
---|
759 | {
|
---|
760 | PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
|
---|
761 | Assert(pThis->fValid);
|
---|
762 |
|
---|
763 | /*
|
---|
764 | * It's all in the linux banner.
|
---|
765 | */
|
---|
766 | int rc = DBGFR3MemReadString(pUVM, 0, &pThis->AddrLinuxBanner, pszVersion, cchVersion);
|
---|
767 | if (RT_SUCCESS(rc))
|
---|
768 | {
|
---|
769 | char *pszEnd = RTStrEnd(pszVersion, cchVersion);
|
---|
770 | AssertReturn(pszEnd, VERR_BUFFER_OVERFLOW);
|
---|
771 | while ( pszEnd > pszVersion
|
---|
772 | && RT_C_IS_SPACE(pszEnd[-1]))
|
---|
773 | pszEnd--;
|
---|
774 | *pszEnd = '\0';
|
---|
775 | }
|
---|
776 | else
|
---|
777 | RTStrPrintf(pszVersion, cchVersion, "DBGFR3MemRead -> %Rrc", rc);
|
---|
778 |
|
---|
779 | return rc;
|
---|
780 | }
|
---|
781 |
|
---|
782 |
|
---|
783 | /**
|
---|
784 | * @copydoc DBGFOSREG::pfnTerm
|
---|
785 | */
|
---|
786 | static DECLCALLBACK(void) dbgDiggerLinuxTerm(PUVM pUVM, void *pvData)
|
---|
787 | {
|
---|
788 | PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
|
---|
789 | Assert(pThis->fValid);
|
---|
790 |
|
---|
791 | pThis->fValid = false;
|
---|
792 | }
|
---|
793 |
|
---|
794 |
|
---|
795 | /**
|
---|
796 | * @copydoc DBGFOSREG::pfnRefresh
|
---|
797 | */
|
---|
798 | static DECLCALLBACK(int) dbgDiggerLinuxRefresh(PUVM pUVM, void *pvData)
|
---|
799 | {
|
---|
800 | PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
|
---|
801 | NOREF(pThis);
|
---|
802 | Assert(pThis->fValid);
|
---|
803 |
|
---|
804 | /*
|
---|
805 | * For now we'll flush and reload everything.
|
---|
806 | */
|
---|
807 | dbgDiggerLinuxTerm(pUVM, pvData);
|
---|
808 | return dbgDiggerLinuxInit(pUVM, pvData);
|
---|
809 | }
|
---|
810 |
|
---|
811 |
|
---|
812 | /**
|
---|
813 | * Worker for dbgDiggerLinuxFindStartOfNamesAndSymbolCount that update the
|
---|
814 | * digger data.
|
---|
815 | *
|
---|
816 | * @returns VINF_SUCCESS.
|
---|
817 | * @param pThis The Linux digger data to update.
|
---|
818 | * @param pAddrKernelNames The kallsyms_names address.
|
---|
819 | * @param cKernelSymbols The number of kernel symbol.
|
---|
820 | * @param cbAddress The guest address size.
|
---|
821 | */
|
---|
822 | static int dbgDiggerLinuxFoundStartOfNames(PDBGDIGGERLINUX pThis, PCDBGFADDRESS pAddrKernelNames,
|
---|
823 | uint32_t cKernelSymbols, uint32_t cbAddress)
|
---|
824 | {
|
---|
825 | pThis->cKernelSymbols = cKernelSymbols;
|
---|
826 | pThis->AddrKernelNames = *pAddrKernelNames;
|
---|
827 | pThis->AddrKernelAddresses = *pAddrKernelNames;
|
---|
828 | DBGFR3AddrSub(&pThis->AddrKernelAddresses, (cKernelSymbols + 1) * cbAddress);
|
---|
829 |
|
---|
830 | Log(("dbgDiggerLinuxFoundStartOfNames: AddrKernelAddresses=%RGv\n"
|
---|
831 | "dbgDiggerLinuxFoundStartOfNames: cKernelSymbols=%#x (at %RGv)\n"
|
---|
832 | "dbgDiggerLinuxFoundStartOfNames: AddrKernelName=%RGv\n",
|
---|
833 | pThis->AddrKernelAddresses.FlatPtr,
|
---|
834 | pThis->cKernelSymbols, pThis->AddrKernelNames.FlatPtr - cbAddress,
|
---|
835 | pThis->AddrKernelNames.FlatPtr));
|
---|
836 | return VINF_SUCCESS;
|
---|
837 | }
|
---|
838 |
|
---|
839 |
|
---|
840 | /**
|
---|
841 | * Tries to find the address of the kallsyms_names, kallsyms_num_syms and
|
---|
842 | * kallsyms_addresses symbols.
|
---|
843 | *
|
---|
844 | * The kallsyms_num_syms is read and stored in pThis->cKernelSymbols, while the
|
---|
845 | * addresses of the other two are stored as pThis->AddrKernelNames and
|
---|
846 | * pThis->AddrKernelAddresses.
|
---|
847 | *
|
---|
848 | * @returns VBox status code, success indicating that all three variables have
|
---|
849 | * been found and taken down.
|
---|
850 | * @param pUVM The user mode VM handle.
|
---|
851 | * @param pThis The Linux digger data.
|
---|
852 | * @param pHitAddr An address we think is inside kallsyms_names.
|
---|
853 | */
|
---|
854 | static int dbgDiggerLinuxFindStartOfNamesAndSymbolCount(PUVM pUVM, PDBGDIGGERLINUX pThis, PCDBGFADDRESS pHitAddr)
|
---|
855 | {
|
---|
856 | /*
|
---|
857 | * Search backwards in chunks.
|
---|
858 | */
|
---|
859 | union
|
---|
860 | {
|
---|
861 | uint8_t ab[0x1000];
|
---|
862 | uint32_t au32[0x1000 / sizeof(uint32_t)];
|
---|
863 | uint64_t au64[0x1000 / sizeof(uint64_t)];
|
---|
864 | } uBuf;
|
---|
865 | uint32_t cbLeft = LNX_MAX_KALLSYMS_NAMES_SIZE;
|
---|
866 | uint32_t cbBuf = pHitAddr->FlatPtr & (sizeof(uBuf) - 1);
|
---|
867 | DBGFADDRESS CurAddr = *pHitAddr;
|
---|
868 | DBGFR3AddrSub(&CurAddr, cbBuf);
|
---|
869 | cbBuf += sizeof(uint64_t) - 1; /* In case our kobj hit is in the first 4/8 bytes. */
|
---|
870 | for (;;)
|
---|
871 | {
|
---|
872 | int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &CurAddr, &uBuf, sizeof(uBuf));
|
---|
873 | if (RT_FAILURE(rc))
|
---|
874 | return rc;
|
---|
875 |
|
---|
876 | /*
|
---|
877 | * We assume that the three symbols are aligned on guest pointer boundrary.
|
---|
878 | *
|
---|
879 | * The boundrary between the two tables should be noticable as the number
|
---|
880 | * is unlikely to be more than 16 millions, there will be at least one zero
|
---|
881 | * byte where it is, 64-bit will have 5 zero bytes. Zero bytes aren't all
|
---|
882 | * that common in the kallsyms_names table.
|
---|
883 | *
|
---|
884 | * Also the kallsyms_names table starts with a length byte, which means
|
---|
885 | * we're likely to see a byte in the range 1..31.
|
---|
886 | *
|
---|
887 | * The kallsyms_addresses are mostly sorted (except for the start where the
|
---|
888 | * absolute symbols are), so we'll spot a bunch of kernel addresses
|
---|
889 | * immediately preceeding the kallsyms_num_syms field.
|
---|
890 | *
|
---|
891 | * Lazy bird: If kallsyms_num_syms is on a buffer boundrary, we skip
|
---|
892 | * the check for kernel addresses preceeding it.
|
---|
893 | */
|
---|
894 | if (pThis->f64Bit)
|
---|
895 | {
|
---|
896 | uint32_t i = cbBuf / sizeof(uint64_t);
|
---|
897 | while (i-- > 0)
|
---|
898 | if ( uBuf.au64[i] <= LNX_MAX_KALLSYMS_SYMBOLS
|
---|
899 | && uBuf.au64[i] >= LNX_MIN_KALLSYMS_SYMBOLS)
|
---|
900 | {
|
---|
901 | uint8_t *pb = (uint8_t *)&uBuf.au64[i + 1];
|
---|
902 | if ( pb[0] <= LNX_MAX_KALLSYMS_ENC_LENGTH
|
---|
903 | && pb[0] >= LNX_MIN_KALLSYMS_ENC_LENGTH)
|
---|
904 | {
|
---|
905 | if ( (i <= 0 || LNX64_VALID_ADDRESS(uBuf.au64[i - 1]))
|
---|
906 | && (i <= 1 || LNX64_VALID_ADDRESS(uBuf.au64[i - 2]))
|
---|
907 | && (i <= 2 || LNX64_VALID_ADDRESS(uBuf.au64[i - 3])))
|
---|
908 | return dbgDiggerLinuxFoundStartOfNames(pThis,
|
---|
909 | DBGFR3AddrAdd(&CurAddr, (i + 1) * sizeof(uint64_t)),
|
---|
910 | (uint32_t)uBuf.au64[i], sizeof(uint64_t));
|
---|
911 | }
|
---|
912 | }
|
---|
913 | }
|
---|
914 | else
|
---|
915 | {
|
---|
916 | uint32_t i = cbBuf / sizeof(uint32_t);
|
---|
917 | while (i-- > 0)
|
---|
918 | if ( uBuf.au32[i] <= LNX_MAX_KALLSYMS_SYMBOLS
|
---|
919 | && uBuf.au32[i] >= LNX_MIN_KALLSYMS_SYMBOLS)
|
---|
920 | {
|
---|
921 | uint8_t *pb = (uint8_t *)&uBuf.au32[i + 1];
|
---|
922 | if ( pb[0] <= LNX_MAX_KALLSYMS_ENC_LENGTH
|
---|
923 | && pb[0] >= LNX_MIN_KALLSYMS_ENC_LENGTH)
|
---|
924 | {
|
---|
925 | if ( (i <= 0 || LNX32_VALID_ADDRESS(uBuf.au32[i - 1]))
|
---|
926 | && (i <= 1 || LNX32_VALID_ADDRESS(uBuf.au32[i - 2]))
|
---|
927 | && (i <= 2 || LNX32_VALID_ADDRESS(uBuf.au32[i - 3])))
|
---|
928 | return dbgDiggerLinuxFoundStartOfNames(pThis,
|
---|
929 | DBGFR3AddrAdd(&CurAddr, (i + 1) * sizeof(uint32_t)),
|
---|
930 | uBuf.au32[i], sizeof(uint32_t));
|
---|
931 | }
|
---|
932 | }
|
---|
933 | }
|
---|
934 |
|
---|
935 | /*
|
---|
936 | * Advance
|
---|
937 | */
|
---|
938 | if (RT_UNLIKELY(cbLeft <= sizeof(uBuf)))
|
---|
939 | {
|
---|
940 | Log(("dbgDiggerLinuxFindStartOfNamesAndSymbolCount: failed (pHitAddr=%RGv)\n", pHitAddr->FlatPtr));
|
---|
941 | return VERR_NOT_FOUND;
|
---|
942 | }
|
---|
943 | cbLeft -= sizeof(uBuf);
|
---|
944 | DBGFR3AddrSub(&CurAddr, sizeof(uBuf));
|
---|
945 | cbBuf = sizeof(uBuf);
|
---|
946 | }
|
---|
947 | }
|
---|
948 |
|
---|
949 |
|
---|
950 | /**
|
---|
951 | * Worker for dbgDiggerLinuxFindEndNames that records the findings.
|
---|
952 | *
|
---|
953 | * @returns VINF_SUCCESS
|
---|
954 | * @param pThis The linux digger data to update.
|
---|
955 | * @param pAddrMarkers The address of the marker (kallsyms_markers).
|
---|
956 | * @param cbMarkerEntry The size of a marker entry (32-bit or 64-bit).
|
---|
957 | */
|
---|
958 | static int dbgDiggerLinuxFoundMarkers(PDBGDIGGERLINUX pThis, PCDBGFADDRESS pAddrMarkers, uint32_t cbMarkerEntry)
|
---|
959 | {
|
---|
960 | pThis->cbKernelNames = pAddrMarkers->FlatPtr - pThis->AddrKernelNames.FlatPtr;
|
---|
961 | pThis->AddrKernelNameMarkers = *pAddrMarkers;
|
---|
962 | pThis->cKernelNameMarkers = RT_ALIGN_32(pThis->cKernelSymbols, 256) / 256;
|
---|
963 | pThis->AddrKernelTokenTable = *pAddrMarkers;
|
---|
964 | DBGFR3AddrAdd(&pThis->AddrKernelTokenTable, pThis->cKernelNameMarkers * cbMarkerEntry);
|
---|
965 |
|
---|
966 | Log(("dbgDiggerLinuxFoundMarkers: AddrKernelNames=%RGv cbKernelNames=%#x\n"
|
---|
967 | "dbgDiggerLinuxFoundMarkers: AddrKernelNameMarkers=%RGv cKernelNameMarkers=%#x\n"
|
---|
968 | "dbgDiggerLinuxFoundMarkers: AddrKernelTokenTable=%RGv\n",
|
---|
969 | pThis->AddrKernelNames.FlatPtr, pThis->cbKernelNames,
|
---|
970 | pThis->AddrKernelNameMarkers.FlatPtr, pThis->cKernelNameMarkers,
|
---|
971 | pThis->AddrKernelTokenTable.FlatPtr));
|
---|
972 | return VINF_SUCCESS;
|
---|
973 | }
|
---|
974 |
|
---|
975 |
|
---|
976 | /**
|
---|
977 | * Tries to find the end of kallsyms_names and thereby the start of
|
---|
978 | * kallsyms_markers and kallsyms_token_table.
|
---|
979 | *
|
---|
980 | * The kallsyms_names size is stored in pThis->cbKernelNames, the addresses of
|
---|
981 | * the two other symbols in pThis->AddrKernelNameMarkers and
|
---|
982 | * pThis->AddrKernelTokenTable. The number of marker entries is stored in
|
---|
983 | * pThis->cKernelNameMarkers.
|
---|
984 | *
|
---|
985 | * @returns VBox status code, success indicating that all three variables have
|
---|
986 | * been found and taken down.
|
---|
987 | * @param pUVM The user mode VM handle.
|
---|
988 | * @param pThis The Linux digger data.
|
---|
989 | * @param pHitAddr An address we think is inside kallsyms_names.
|
---|
990 | */
|
---|
991 | static int dbgDiggerLinuxFindEndOfNamesAndMore(PUVM pUVM, PDBGDIGGERLINUX pThis, PCDBGFADDRESS pHitAddr)
|
---|
992 | {
|
---|
993 | /*
|
---|
994 | * Search forward in chunks.
|
---|
995 | */
|
---|
996 | union
|
---|
997 | {
|
---|
998 | uint8_t ab[0x1000];
|
---|
999 | uint32_t au32[0x1000 / sizeof(uint32_t)];
|
---|
1000 | uint64_t au64[0x1000 / sizeof(uint64_t)];
|
---|
1001 | } uBuf;
|
---|
1002 | bool fPendingZeroHit = false;
|
---|
1003 | uint32_t cbLeft = LNX_MAX_KALLSYMS_NAMES_SIZE + sizeof(uBuf);
|
---|
1004 | uint32_t offBuf = pHitAddr->FlatPtr & (sizeof(uBuf) - 1);
|
---|
1005 | DBGFADDRESS CurAddr = *pHitAddr;
|
---|
1006 | DBGFR3AddrSub(&CurAddr, offBuf);
|
---|
1007 | for (;;)
|
---|
1008 | {
|
---|
1009 | int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &CurAddr, &uBuf, sizeof(uBuf));
|
---|
1010 | if (RT_FAILURE(rc))
|
---|
1011 | return rc;
|
---|
1012 |
|
---|
1013 | /*
|
---|
1014 | * The kallsyms_names table is followed by kallsyms_markers we assume,
|
---|
1015 | * using sizeof(unsigned long) alignment like the preceeding symbols.
|
---|
1016 | *
|
---|
1017 | * The kallsyms_markers table has entried sizeof(unsigned long) and
|
---|
1018 | * contains offsets into kallsyms_names. The kallsyms_markers used to
|
---|
1019 | * index kallsyms_names and reduce seek time when looking up the name
|
---|
1020 | * of an address/symbol. Each entry in kallsyms_markers covers 256
|
---|
1021 | * symbol names.
|
---|
1022 | *
|
---|
1023 | * Because of this, the first entry is always zero and all the entries
|
---|
1024 | * are ascending. It also follows that the size of the table can be
|
---|
1025 | * calculated from kallsyms_num_syms.
|
---|
1026 | *
|
---|
1027 | * Note! We could also have walked kallsyms_names by skipping
|
---|
1028 | * kallsyms_num_syms names, but this is faster and we will
|
---|
1029 | * validate the encoded names later.
|
---|
1030 | */
|
---|
1031 | if (pThis->f64Bit)
|
---|
1032 | {
|
---|
1033 | if ( RT_UNLIKELY(fPendingZeroHit)
|
---|
1034 | && uBuf.au64[0] >= (LNX_MIN_KALLSYMS_ENC_LENGTH + 1) * 256
|
---|
1035 | && uBuf.au64[0] <= (LNX_MAX_KALLSYMS_ENC_LENGTH + 1) * 256)
|
---|
1036 | return dbgDiggerLinuxFoundMarkers(pThis, DBGFR3AddrSub(&CurAddr, sizeof(uint64_t)), sizeof(uint64_t));
|
---|
1037 |
|
---|
1038 | uint32_t const cEntries = sizeof(uBuf) / sizeof(uint64_t);
|
---|
1039 | for (uint32_t i = offBuf / sizeof(uint64_t); i < cEntries; i++)
|
---|
1040 | if (uBuf.au64[i] == 0)
|
---|
1041 | {
|
---|
1042 | if (RT_UNLIKELY(i + 1 >= cEntries))
|
---|
1043 | {
|
---|
1044 | fPendingZeroHit = true;
|
---|
1045 | break;
|
---|
1046 | }
|
---|
1047 | if ( uBuf.au64[i + 1] >= (LNX_MIN_KALLSYMS_ENC_LENGTH + 1) * 256
|
---|
1048 | && uBuf.au64[i + 1] <= (LNX_MAX_KALLSYMS_ENC_LENGTH + 1) * 256)
|
---|
1049 | return dbgDiggerLinuxFoundMarkers(pThis, DBGFR3AddrAdd(&CurAddr, i * sizeof(uint64_t)), sizeof(uint64_t));
|
---|
1050 | }
|
---|
1051 | }
|
---|
1052 | else
|
---|
1053 | {
|
---|
1054 | if ( RT_UNLIKELY(fPendingZeroHit)
|
---|
1055 | && uBuf.au32[0] >= (LNX_MIN_KALLSYMS_ENC_LENGTH + 1) * 256
|
---|
1056 | && uBuf.au32[0] <= (LNX_MAX_KALLSYMS_ENC_LENGTH + 1) * 256)
|
---|
1057 | return dbgDiggerLinuxFoundMarkers(pThis, DBGFR3AddrSub(&CurAddr, sizeof(uint32_t)), sizeof(uint32_t));
|
---|
1058 |
|
---|
1059 | uint32_t const cEntries = sizeof(uBuf) / sizeof(uint32_t);
|
---|
1060 | for (uint32_t i = offBuf / sizeof(uint32_t); i < cEntries; i++)
|
---|
1061 | if (uBuf.au32[i] == 0)
|
---|
1062 | {
|
---|
1063 | if (RT_UNLIKELY(i + 1 >= cEntries))
|
---|
1064 | {
|
---|
1065 | fPendingZeroHit = true;
|
---|
1066 | break;
|
---|
1067 | }
|
---|
1068 | if ( uBuf.au32[i + 1] >= (LNX_MIN_KALLSYMS_ENC_LENGTH + 1) * 256
|
---|
1069 | && uBuf.au32[i + 1] <= (LNX_MAX_KALLSYMS_ENC_LENGTH + 1) * 256)
|
---|
1070 | return dbgDiggerLinuxFoundMarkers(pThis, DBGFR3AddrAdd(&CurAddr, i * sizeof(uint32_t)), sizeof(uint32_t));
|
---|
1071 | }
|
---|
1072 | }
|
---|
1073 |
|
---|
1074 | /*
|
---|
1075 | * Advance
|
---|
1076 | */
|
---|
1077 | if (RT_UNLIKELY(cbLeft <= sizeof(uBuf)))
|
---|
1078 | {
|
---|
1079 | Log(("dbgDiggerLinuxFindEndOfNamesAndMore: failed (pHitAddr=%RGv)\n", pHitAddr->FlatPtr));
|
---|
1080 | return VERR_NOT_FOUND;
|
---|
1081 | }
|
---|
1082 | cbLeft -= sizeof(uBuf);
|
---|
1083 | DBGFR3AddrAdd(&CurAddr, sizeof(uBuf));
|
---|
1084 | offBuf = 0;
|
---|
1085 | }
|
---|
1086 | }
|
---|
1087 |
|
---|
1088 |
|
---|
1089 | /**
|
---|
1090 | * Locates the kallsyms_token_index table.
|
---|
1091 | *
|
---|
1092 | * Storing the address in pThis->AddrKernelTokenIndex and the size of the token
|
---|
1093 | * table in pThis->cbKernelTokenTable.
|
---|
1094 | *
|
---|
1095 | * @returns VBox status code.
|
---|
1096 | * @param pUVM The user mode VM handle.
|
---|
1097 | * @param pThis The Linux digger data.
|
---|
1098 | */
|
---|
1099 | static int dbgDiggerLinuxFindTokenIndex(PUVM pUVM, PDBGDIGGERLINUX pThis)
|
---|
1100 | {
|
---|
1101 | /*
|
---|
1102 | * The kallsyms_token_table is very much like a string table. Due to the
|
---|
1103 | * nature of the compression algorithm it is reasonably short (one example
|
---|
1104 | * here is 853 bytes), so we'll not be reading it in chunks but in full.
|
---|
1105 | * To be on the safe side, we read 8KB, ASSUMING we won't run into unmapped
|
---|
1106 | * memory or any other nasty stuff...
|
---|
1107 | */
|
---|
1108 | union
|
---|
1109 | {
|
---|
1110 | uint8_t ab[0x2000];
|
---|
1111 | uint16_t au16[0x2000 / sizeof(uint16_t)];
|
---|
1112 | } uBuf;
|
---|
1113 | DBGFADDRESS CurAddr = pThis->AddrKernelTokenTable;
|
---|
1114 | int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &CurAddr, &uBuf, sizeof(uBuf));
|
---|
1115 | if (RT_FAILURE(rc))
|
---|
1116 | return rc;
|
---|
1117 |
|
---|
1118 | /*
|
---|
1119 | * We've got two choices here, either walk the string table or look for
|
---|
1120 | * the next structure, kallsyms_token_index.
|
---|
1121 | *
|
---|
1122 | * The token index is a table of 256 uint16_t entries (index by bytes
|
---|
1123 | * from kallsyms_names) that gives offsets in kallsyms_token_table. It
|
---|
1124 | * starts with a zero entry and the following entries are sorted in
|
---|
1125 | * ascending order. The range of the entries are reasonably small since
|
---|
1126 | * kallsyms_token_table is small.
|
---|
1127 | *
|
---|
1128 | * The alignment seems to be sizeof(unsigned long), just like
|
---|
1129 | * kallsyms_token_table.
|
---|
1130 | *
|
---|
1131 | * So, we start by looking for a zero 16-bit entry.
|
---|
1132 | */
|
---|
1133 | uint32_t cIncr = (pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t)) / sizeof(uint16_t);
|
---|
1134 |
|
---|
1135 | for (uint32_t i = 0; i < sizeof(uBuf) / sizeof(uint16_t) - 16; i += cIncr)
|
---|
1136 | if ( uBuf.au16[i] == 0
|
---|
1137 | && uBuf.au16[i + 1] > 0
|
---|
1138 | && uBuf.au16[i + 1] <= LNX_MAX_KALLSYMS_TOKEN_LEN
|
---|
1139 | && (uint16_t)(uBuf.au16[i + 2] - uBuf.au16[i + 1] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
|
---|
1140 | && (uint16_t)(uBuf.au16[i + 3] - uBuf.au16[i + 2] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
|
---|
1141 | && (uint16_t)(uBuf.au16[i + 4] - uBuf.au16[i + 3] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
|
---|
1142 | && (uint16_t)(uBuf.au16[i + 5] - uBuf.au16[i + 4] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
|
---|
1143 | && (uint16_t)(uBuf.au16[i + 6] - uBuf.au16[i + 5] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
|
---|
1144 | )
|
---|
1145 | {
|
---|
1146 | pThis->AddrKernelTokenIndex = CurAddr;
|
---|
1147 | DBGFR3AddrAdd(&pThis->AddrKernelTokenIndex, i * sizeof(uint16_t));
|
---|
1148 | pThis->cbKernelTokenTable = i * sizeof(uint16_t);
|
---|
1149 | return VINF_SUCCESS;
|
---|
1150 | }
|
---|
1151 |
|
---|
1152 | Log(("dbgDiggerLinuxFindTokenIndex: Failed (%RGv..%RGv)\n", CurAddr.FlatPtr, CurAddr.FlatPtr + (RTGCUINTPTR)sizeof(uBuf)));
|
---|
1153 | return VERR_NOT_FOUND;
|
---|
1154 | }
|
---|
1155 |
|
---|
1156 |
|
---|
1157 | /**
|
---|
1158 | * Loads the kernel symbols from the kallsyms tables.
|
---|
1159 | *
|
---|
1160 | * @returns VBox status code.
|
---|
1161 | * @param pUVM The user mode VM handle.
|
---|
1162 | * @param pThis The Linux digger data.
|
---|
1163 | */
|
---|
1164 | static int dbgDiggerLinuxLoadKernelSymbols(PUVM pUVM, PDBGDIGGERLINUX pThis)
|
---|
1165 | {
|
---|
1166 | /*
|
---|
1167 | * Allocate memory for temporary table copies, reading the tables as we go.
|
---|
1168 | */
|
---|
1169 | uint32_t const cbGuestAddr = pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t);
|
---|
1170 | void *pvAddresses = RTMemAllocZ(pThis->cKernelSymbols * cbGuestAddr);
|
---|
1171 | int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &pThis->AddrKernelAddresses, pvAddresses, pThis->cKernelSymbols * cbGuestAddr);
|
---|
1172 | if (RT_SUCCESS(rc))
|
---|
1173 | {
|
---|
1174 | uint8_t *pbNames = (uint8_t *)RTMemAllocZ(pThis->cbKernelNames);
|
---|
1175 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &pThis->AddrKernelNames, pbNames, pThis->cbKernelNames);
|
---|
1176 | if (RT_SUCCESS(rc))
|
---|
1177 | {
|
---|
1178 | char *pszzTokens = (char *)RTMemAllocZ(pThis->cbKernelTokenTable);
|
---|
1179 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &pThis->AddrKernelTokenTable, pszzTokens, pThis->cbKernelTokenTable);
|
---|
1180 | if (RT_SUCCESS(rc))
|
---|
1181 | {
|
---|
1182 | uint16_t *paoffTokens = (uint16_t *)RTMemAllocZ(256 * sizeof(uint16_t));
|
---|
1183 | rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &pThis->AddrKernelTokenIndex, paoffTokens, 256 * sizeof(uint16_t));
|
---|
1184 | if (RT_SUCCESS(rc))
|
---|
1185 | {
|
---|
1186 | /*
|
---|
1187 | * Figure out the kernel start and end.
|
---|
1188 | */
|
---|
1189 | RTGCUINTPTR uKernelStart = pThis->AddrKernelAddresses.FlatPtr;
|
---|
1190 | RTGCUINTPTR uKernelEnd = pThis->AddrKernelTokenIndex.FlatPtr + 256 * sizeof(uint16_t);
|
---|
1191 | uint32_t i;
|
---|
1192 | if (cbGuestAddr == sizeof(uint64_t))
|
---|
1193 | {
|
---|
1194 | uint64_t *pauAddrs = (uint64_t *)pvAddresses;
|
---|
1195 | for (i = 0; i < pThis->cKernelSymbols; i++)
|
---|
1196 | if ( pauAddrs[i] < uKernelStart
|
---|
1197 | && LNX64_VALID_ADDRESS(pauAddrs[i])
|
---|
1198 | && uKernelStart - pauAddrs[i] < LNX_MAX_KERNEL_SIZE)
|
---|
1199 | uKernelStart = pauAddrs[i];
|
---|
1200 |
|
---|
1201 | for (i = pThis->cKernelSymbols - 1; i > 0; i--)
|
---|
1202 | if ( pauAddrs[i] > uKernelEnd
|
---|
1203 | && LNX64_VALID_ADDRESS(pauAddrs[i])
|
---|
1204 | && pauAddrs[i] - uKernelEnd < LNX_MAX_KERNEL_SIZE)
|
---|
1205 | uKernelEnd = pauAddrs[i];
|
---|
1206 | }
|
---|
1207 | else
|
---|
1208 | {
|
---|
1209 | uint32_t *pauAddrs = (uint32_t *)pvAddresses;
|
---|
1210 | for (i = 0; i < pThis->cKernelSymbols; i++)
|
---|
1211 | if ( pauAddrs[i] < uKernelStart
|
---|
1212 | && LNX32_VALID_ADDRESS(pauAddrs[i])
|
---|
1213 | && uKernelStart - pauAddrs[i] < LNX_MAX_KERNEL_SIZE)
|
---|
1214 | uKernelStart = pauAddrs[i];
|
---|
1215 |
|
---|
1216 | for (i = pThis->cKernelSymbols - 1; i > 0; i--)
|
---|
1217 | if ( pauAddrs[i] > uKernelEnd
|
---|
1218 | && LNX32_VALID_ADDRESS(pauAddrs[i])
|
---|
1219 | && pauAddrs[i] - uKernelEnd < LNX_MAX_KERNEL_SIZE)
|
---|
1220 | uKernelEnd = pauAddrs[i];
|
---|
1221 | }
|
---|
1222 |
|
---|
1223 | RTGCUINTPTR cbKernel = uKernelEnd - uKernelStart;
|
---|
1224 | pThis->cbKernel = (uint32_t)cbKernel;
|
---|
1225 | DBGFR3AddrFromFlat(pUVM, &pThis->AddrKernelBase, uKernelStart);
|
---|
1226 | Log(("dbgDiggerLinuxLoadKernelSymbols: uKernelStart=%RGv cbKernel=%#x\n", uKernelStart, cbKernel));
|
---|
1227 |
|
---|
1228 | /*
|
---|
1229 | * Create a module for the kernel.
|
---|
1230 | */
|
---|
1231 | RTDBGMOD hMod;
|
---|
1232 | rc = RTDbgModCreate(&hMod, "vmlinux", cbKernel, 0 /*fFlags*/);
|
---|
1233 | if (RT_SUCCESS(rc))
|
---|
1234 | {
|
---|
1235 | rc = RTDbgModSetTag(hMod, DIG_LNX_MOD_TAG); AssertRC(rc);
|
---|
1236 | rc = VINF_SUCCESS;
|
---|
1237 |
|
---|
1238 | /*
|
---|
1239 | * Enumerate the symbols.
|
---|
1240 | */
|
---|
1241 | uint8_t const *pbCurAddr = (uint8_t const *)pvAddresses;
|
---|
1242 | uint32_t offName = 0;
|
---|
1243 | uint32_t cLeft = pThis->cKernelSymbols;
|
---|
1244 | while (cLeft-- > 0 && RT_SUCCESS(rc))
|
---|
1245 | {
|
---|
1246 | /* Decode the symbol name first. */
|
---|
1247 | if (RT_LIKELY(offName < pThis->cbKernelNames))
|
---|
1248 | {
|
---|
1249 | uint8_t cbName = pbNames[offName++];
|
---|
1250 | if (RT_LIKELY(offName + cbName <= pThis->cbKernelNames))
|
---|
1251 | {
|
---|
1252 | char szSymbol[4096];
|
---|
1253 | uint32_t offSymbol = 0;
|
---|
1254 | while (cbName-- > 0)
|
---|
1255 | {
|
---|
1256 | uint8_t bEnc = pbNames[offName++];
|
---|
1257 | uint16_t offToken = paoffTokens[bEnc];
|
---|
1258 | if (RT_LIKELY(offToken < pThis->cbKernelTokenTable))
|
---|
1259 | {
|
---|
1260 | const char *pszToken = &pszzTokens[offToken];
|
---|
1261 | char ch;
|
---|
1262 | while ((ch = *pszToken++) != '\0')
|
---|
1263 | if (offSymbol < sizeof(szSymbol) - 1)
|
---|
1264 | szSymbol[offSymbol++] = ch;
|
---|
1265 | }
|
---|
1266 | else
|
---|
1267 | {
|
---|
1268 | rc = VERR_INVALID_UTF8_ENCODING;
|
---|
1269 | break;
|
---|
1270 | }
|
---|
1271 | }
|
---|
1272 | szSymbol[offSymbol < sizeof(szSymbol) ? offSymbol : sizeof(szSymbol) - 1] = '\0';
|
---|
1273 |
|
---|
1274 | /* The address. */
|
---|
1275 | RTGCUINTPTR uSymAddr = cbGuestAddr == sizeof(uint64_t)
|
---|
1276 | ? *(uint64_t *)pbCurAddr : *(uint32_t *)pbCurAddr;
|
---|
1277 | pbCurAddr += cbGuestAddr;
|
---|
1278 |
|
---|
1279 | /* Add it without the type char. */
|
---|
1280 | if (uSymAddr - uKernelStart <= cbKernel)
|
---|
1281 | {
|
---|
1282 | rc = RTDbgModSymbolAdd(hMod, &szSymbol[1], RTDBGSEGIDX_RVA, uSymAddr - uKernelStart,
|
---|
1283 | 0 /*cb*/, 0 /*fFlags*/, NULL);
|
---|
1284 | if (RT_FAILURE(rc))
|
---|
1285 | {
|
---|
1286 | if ( rc == VERR_DBG_SYMBOL_NAME_OUT_OF_RANGE
|
---|
1287 | || rc == VERR_DBG_INVALID_RVA
|
---|
1288 | || rc == VERR_DBG_ADDRESS_CONFLICT
|
---|
1289 | || rc == VERR_DBG_DUPLICATE_SYMBOL)
|
---|
1290 | {
|
---|
1291 | Log2(("dbgDiggerLinuxLoadKernelSymbols: RTDbgModSymbolAdd(,%s,) failed %Rrc (ignored)\n", szSymbol, rc));
|
---|
1292 | rc = VINF_SUCCESS;
|
---|
1293 | }
|
---|
1294 | else
|
---|
1295 | Log(("dbgDiggerLinuxLoadKernelSymbols: RTDbgModSymbolAdd(,%s,) failed %Rrc\n", szSymbol, rc));
|
---|
1296 | }
|
---|
1297 | }
|
---|
1298 | }
|
---|
1299 | else
|
---|
1300 | {
|
---|
1301 | rc = VERR_END_OF_STRING;
|
---|
1302 | Log(("dbgDiggerLinuxLoadKernelSymbols: offName=%#x cLeft=%#x cbName=%#x cbKernelNames=%#x\n",
|
---|
1303 | offName, cLeft, cbName, pThis->cbKernelNames));
|
---|
1304 | }
|
---|
1305 | }
|
---|
1306 | else
|
---|
1307 | {
|
---|
1308 | rc = VERR_END_OF_STRING;
|
---|
1309 | Log(("dbgDiggerLinuxLoadKernelSymbols: offName=%#x cLeft=%#x cbKernelNames=%#x\n",
|
---|
1310 | offName, cLeft, pThis->cbKernelNames));
|
---|
1311 | }
|
---|
1312 | }
|
---|
1313 |
|
---|
1314 | /*
|
---|
1315 | * Link the module into the address space.
|
---|
1316 | */
|
---|
1317 | if (RT_SUCCESS(rc))
|
---|
1318 | {
|
---|
1319 | RTDBGAS hAs = DBGFR3AsResolveAndRetain(pUVM, DBGF_AS_KERNEL);
|
---|
1320 | if (hAs != NIL_RTDBGAS)
|
---|
1321 | rc = RTDbgAsModuleLink(hAs, hMod, uKernelStart, RTDBGASLINK_FLAGS_REPLACE);
|
---|
1322 | else
|
---|
1323 | rc = VERR_INTERNAL_ERROR;
|
---|
1324 | RTDbgAsRelease(hAs);
|
---|
1325 | }
|
---|
1326 | else
|
---|
1327 | Log(("dbgDiggerLinuxLoadKernelSymbols: Failed: %Rrc\n", rc));
|
---|
1328 | RTDbgModRelease(hMod);
|
---|
1329 | }
|
---|
1330 | else
|
---|
1331 | Log(("dbgDiggerLinuxLoadKernelSymbols: RTDbgModCreate failed: %Rrc\n", rc));
|
---|
1332 | }
|
---|
1333 | else
|
---|
1334 | Log(("dbgDiggerLinuxLoadKernelSymbols: Reading token index at %RGv failed: %Rrc\n",
|
---|
1335 | pThis->AddrKernelTokenIndex.FlatPtr, rc));
|
---|
1336 | RTMemFree(paoffTokens);
|
---|
1337 | }
|
---|
1338 | else
|
---|
1339 | Log(("dbgDiggerLinuxLoadKernelSymbols: Reading token table at %RGv failed: %Rrc\n",
|
---|
1340 | pThis->AddrKernelTokenTable.FlatPtr, rc));
|
---|
1341 | RTMemFree(pszzTokens);
|
---|
1342 | }
|
---|
1343 | else
|
---|
1344 | Log(("dbgDiggerLinuxLoadKernelSymbols: Reading encoded names at %RGv failed: %Rrc\n",
|
---|
1345 | pThis->AddrKernelNames.FlatPtr, rc));
|
---|
1346 | RTMemFree(pbNames);
|
---|
1347 | }
|
---|
1348 | else
|
---|
1349 | Log(("dbgDiggerLinuxLoadKernelSymbols: Reading symbol addresses at %RGv failed: %Rrc\n",
|
---|
1350 | pThis->AddrKernelAddresses.FlatPtr, rc));
|
---|
1351 | RTMemFree(pvAddresses);
|
---|
1352 | return rc;
|
---|
1353 | }
|
---|
1354 |
|
---|
1355 |
|
---|
1356 | /**
|
---|
1357 | * Checks if there is a likely kallsyms_names fragment at pHitAddr.
|
---|
1358 | *
|
---|
1359 | * @returns true if it's a likely fragment, false if not.
|
---|
1360 | * @param pUVM The user mode VM handle.
|
---|
1361 | * @param pHitAddr The address where paNeedle was found.
|
---|
1362 | * @param pabNeedle The fragment we've been searching for.
|
---|
1363 | * @param cbNeedle The length of the fragment.
|
---|
1364 | */
|
---|
1365 | static bool dbgDiggerLinuxIsLikelyNameFragment(PUVM pUVM, PCDBGFADDRESS pHitAddr, uint8_t const *pabNeedle, uint8_t cbNeedle)
|
---|
1366 | {
|
---|
1367 | /*
|
---|
1368 | * Examples of lead and tail bytes of our choosen needle in a randomly
|
---|
1369 | * picked kernel:
|
---|
1370 | * k o b j
|
---|
1371 | * 22 6b 6f 62 6a aa
|
---|
1372 | * fc 6b 6f 62 6a aa
|
---|
1373 | * 82 6b 6f 62 6a 5f - ascii trail byte (_).
|
---|
1374 | * ee 6b 6f 62 6a aa
|
---|
1375 | * fc 6b 6f 62 6a 5f - ascii trail byte (_).
|
---|
1376 | * 0a 74 6b 6f 62 6a 5f ea - ascii lead (t) and trail (_) bytes.
|
---|
1377 | * 0b 54 6b 6f 62 6a aa - ascii lead byte (T).
|
---|
1378 | * ... omitting 29 samples similar to the last two ...
|
---|
1379 | * d8 6b 6f 62 6a aa
|
---|
1380 | * d8 6b 6f 62 6a aa
|
---|
1381 | * d8 6b 6f 62 6a aa
|
---|
1382 | * d8 6b 6f 62 6a aa
|
---|
1383 | * f9 5f 6b 6f 62 6a 5f 94 - ascii lead and trail bytes (_)
|
---|
1384 | * f9 5f 6b 6f 62 6a 0c - ascii lead byte (_).
|
---|
1385 | * fd 6b 6f 62 6a 0f
|
---|
1386 | * ... enough.
|
---|
1387 | */
|
---|
1388 | uint8_t abBuf[32];
|
---|
1389 | DBGFADDRESS ReadAddr = *pHitAddr;
|
---|
1390 | DBGFR3AddrSub(&ReadAddr, 2);
|
---|
1391 | int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &ReadAddr, abBuf, 2 + cbNeedle + 2);
|
---|
1392 | if (RT_SUCCESS(rc))
|
---|
1393 | {
|
---|
1394 | if (memcmp(&abBuf[2], pabNeedle, cbNeedle) == 0) /* paranoia */
|
---|
1395 | {
|
---|
1396 | uint8_t const bLead = abBuf[1] == '_' || abBuf[1] == 'T' || abBuf[1] == 't' ? abBuf[0] : abBuf[1];
|
---|
1397 | uint8_t const offTail = 2 + cbNeedle;
|
---|
1398 | uint8_t const bTail = abBuf[offTail] == '_' ? abBuf[offTail] : abBuf[offTail + 1];
|
---|
1399 | if ( bLead >= 1 && (bLead < 0x20 || bLead >= 0x80)
|
---|
1400 | && bTail >= 1 && (bTail < 0x20 || bTail >= 0x80))
|
---|
1401 | return true;
|
---|
1402 | Log(("dbgDiggerLinuxIsLikelyNameFragment: failed at %RGv: bLead=%#x bTail=%#x (offTail=%#x)\n",
|
---|
1403 | pHitAddr->FlatPtr, bLead, bTail, offTail));
|
---|
1404 | }
|
---|
1405 | else
|
---|
1406 | Log(("dbgDiggerLinuxIsLikelyNameFragment: failed at %RGv: Needle changed!\n", pHitAddr->FlatPtr));
|
---|
1407 | }
|
---|
1408 | else
|
---|
1409 | Log(("dbgDiggerLinuxIsLikelyNameFragment: failed at %RGv: %Rrc\n", pHitAddr->FlatPtr, rc));
|
---|
1410 |
|
---|
1411 | return false;
|
---|
1412 | }
|
---|
1413 |
|
---|
1414 | /**
|
---|
1415 | * Tries to find and load the kernel symbol table with the given needle.
|
---|
1416 | *
|
---|
1417 | * @returns VBox status code.
|
---|
1418 | * @param pThis The Linux digger data.
|
---|
1419 | * @param pUVM The user mode VM handle.
|
---|
1420 | * @param pabNeedle The needle to use for searching.
|
---|
1421 | * @param cbNeedle Size of the needle in bytes.
|
---|
1422 | */
|
---|
1423 | static int dbgDiggerLinuxFindSymbolTableFromNeedle(PDBGDIGGERLINUX pThis, PUVM pUVM, uint8_t const *pabNeedle, size_t cbNeedle)
|
---|
1424 | {
|
---|
1425 | int rc = VINF_SUCCESS;
|
---|
1426 |
|
---|
1427 | /*
|
---|
1428 | * Go looking for the kallsyms table. If it's there, it will be somewhere
|
---|
1429 | * after the linux_banner symbol, so use it for starting the search.
|
---|
1430 | */
|
---|
1431 | DBGFADDRESS CurAddr = pThis->AddrLinuxBanner;
|
---|
1432 | uint32_t cbLeft = LNX_MAX_KERNEL_SIZE;
|
---|
1433 | while (cbLeft > 4096)
|
---|
1434 | {
|
---|
1435 | DBGFADDRESS HitAddr;
|
---|
1436 | rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &CurAddr, cbLeft, 1 /*uAlign*/,
|
---|
1437 | pabNeedle, cbNeedle, &HitAddr);
|
---|
1438 | if (RT_FAILURE(rc))
|
---|
1439 | break;
|
---|
1440 | if (dbgDiggerLinuxIsLikelyNameFragment(pUVM, &HitAddr, pabNeedle, cbNeedle))
|
---|
1441 | {
|
---|
1442 | /* There will be another hit near by. */
|
---|
1443 | DBGFR3AddrAdd(&HitAddr, 1);
|
---|
1444 | rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &HitAddr, LNX_MAX_KALLSYMS_NAMES_SIZE, 1 /*uAlign*/,
|
---|
1445 | pabNeedle, cbNeedle, &HitAddr);
|
---|
1446 | if ( RT_SUCCESS(rc)
|
---|
1447 | && dbgDiggerLinuxIsLikelyNameFragment(pUVM, &HitAddr, pabNeedle, cbNeedle))
|
---|
1448 | {
|
---|
1449 | /*
|
---|
1450 | * We've got a very likely candidate for a location inside kallsyms_names.
|
---|
1451 | * Try find the start of it, that is to say, try find kallsyms_num_syms.
|
---|
1452 | * kallsyms_num_syms is aligned on sizeof(unsigned long) boundrary
|
---|
1453 | */
|
---|
1454 | rc = dbgDiggerLinuxFindStartOfNamesAndSymbolCount(pUVM, pThis, &HitAddr);
|
---|
1455 | if (RT_SUCCESS(rc))
|
---|
1456 | rc = dbgDiggerLinuxFindEndOfNamesAndMore(pUVM, pThis, &HitAddr);
|
---|
1457 | if (RT_SUCCESS(rc))
|
---|
1458 | rc = dbgDiggerLinuxFindTokenIndex(pUVM, pThis);
|
---|
1459 | if (RT_SUCCESS(rc))
|
---|
1460 | rc = dbgDiggerLinuxLoadKernelSymbols(pUVM, pThis);
|
---|
1461 | if (RT_SUCCESS(rc))
|
---|
1462 | break;
|
---|
1463 | }
|
---|
1464 | }
|
---|
1465 |
|
---|
1466 | /*
|
---|
1467 | * Advance.
|
---|
1468 | */
|
---|
1469 | RTGCUINTPTR cbDistance = HitAddr.FlatPtr - CurAddr.FlatPtr + cbNeedle;
|
---|
1470 | if (RT_UNLIKELY(cbDistance >= cbLeft))
|
---|
1471 | {
|
---|
1472 | Log(("dbgDiggerLinuxInit: Failed to find kallsyms\n"));
|
---|
1473 | break;
|
---|
1474 | }
|
---|
1475 | cbLeft -= cbDistance;
|
---|
1476 | DBGFR3AddrAdd(&CurAddr, cbDistance);
|
---|
1477 |
|
---|
1478 | }
|
---|
1479 |
|
---|
1480 | return rc;
|
---|
1481 | }
|
---|
1482 | /**
|
---|
1483 | * @copydoc DBGFOSREG::pfnInit
|
---|
1484 | */
|
---|
1485 | static DECLCALLBACK(int) dbgDiggerLinuxInit(PUVM pUVM, void *pvData)
|
---|
1486 | {
|
---|
1487 | PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
|
---|
1488 | Assert(!pThis->fValid);
|
---|
1489 |
|
---|
1490 | /*
|
---|
1491 | * Assume 64-bit kernels all live way beyond 32-bit address space.
|
---|
1492 | */
|
---|
1493 | pThis->f64Bit = pThis->AddrLinuxBanner.FlatPtr > UINT32_MAX;
|
---|
1494 |
|
---|
1495 | static const uint8_t s_abNeedle[] = "kobj";
|
---|
1496 | int rc = dbgDiggerLinuxFindSymbolTableFromNeedle(pThis, pUVM, s_abNeedle, sizeof(s_abNeedle) - 1);
|
---|
1497 | if (RT_FAILURE(rc))
|
---|
1498 | {
|
---|
1499 | /* Try alternate needle (seen on older x86 Linux kernels). */
|
---|
1500 | static const uint8_t s_abNeedleAlt[] = "kobjec";
|
---|
1501 | dbgDiggerLinuxFindSymbolTableFromNeedle(pThis, pUVM, s_abNeedleAlt, sizeof(s_abNeedleAlt) - 1);
|
---|
1502 | }
|
---|
1503 |
|
---|
1504 | pThis->fValid = true;
|
---|
1505 | return VINF_SUCCESS;
|
---|
1506 | }
|
---|
1507 |
|
---|
1508 |
|
---|
1509 | /**
|
---|
1510 | * @copydoc DBGFOSREG::pfnProbe
|
---|
1511 | */
|
---|
1512 | static DECLCALLBACK(bool) dbgDiggerLinuxProbe(PUVM pUVM, void *pvData)
|
---|
1513 | {
|
---|
1514 | PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
|
---|
1515 |
|
---|
1516 | /*
|
---|
1517 | * Look for "Linux version " at the start of the rodata segment.
|
---|
1518 | * Hope that this comes before any message buffer or other similar string.
|
---|
1519 | */
|
---|
1520 | for (unsigned i = 0; i < RT_ELEMENTS(g_au64LnxKernelAddresses); i++)
|
---|
1521 | {
|
---|
1522 | DBGFADDRESS KernelAddr;
|
---|
1523 | DBGFR3AddrFromFlat(pUVM, &KernelAddr, g_au64LnxKernelAddresses[i]);
|
---|
1524 | DBGFADDRESS HitAddr;
|
---|
1525 | int rc = DBGFR3MemScan(pUVM, 0, &KernelAddr, LNX_MAX_KERNEL_SIZE, 1,
|
---|
1526 | g_abLinuxVersion, sizeof(g_abLinuxVersion) - 1, &HitAddr);
|
---|
1527 | if (RT_SUCCESS(rc))
|
---|
1528 | {
|
---|
1529 | char szTmp[128];
|
---|
1530 | char const *pszX = &szTmp[sizeof(g_abLinuxVersion) - 1];
|
---|
1531 | rc = DBGFR3MemReadString(pUVM, 0, &HitAddr, szTmp, sizeof(szTmp));
|
---|
1532 | if ( RT_SUCCESS(rc)
|
---|
1533 | && ( ( pszX[0] == '2' /* 2.x.y with x in {0..6} */
|
---|
1534 | && pszX[1] == '.'
|
---|
1535 | && pszX[2] >= '0'
|
---|
1536 | && pszX[2] <= '6')
|
---|
1537 | || ( pszX[0] >= '3' /* 3.x, 4.x, ... 9.x */
|
---|
1538 | && pszX[0] <= '9'
|
---|
1539 | && pszX[1] == '.'
|
---|
1540 | && pszX[2] >= '0'
|
---|
1541 | && pszX[2] <= '9')
|
---|
1542 | )
|
---|
1543 | )
|
---|
1544 | {
|
---|
1545 | pThis->AddrKernelBase = KernelAddr;
|
---|
1546 | pThis->AddrLinuxBanner = HitAddr;
|
---|
1547 | return true;
|
---|
1548 | }
|
---|
1549 | }
|
---|
1550 | }
|
---|
1551 | return false;
|
---|
1552 | }
|
---|
1553 |
|
---|
1554 |
|
---|
1555 | /**
|
---|
1556 | * @copydoc DBGFOSREG::pfnDestruct
|
---|
1557 | */
|
---|
1558 | static DECLCALLBACK(void) dbgDiggerLinuxDestruct(PUVM pUVM, void *pvData)
|
---|
1559 | {
|
---|
1560 |
|
---|
1561 | }
|
---|
1562 |
|
---|
1563 |
|
---|
1564 | /**
|
---|
1565 | * @copydoc DBGFOSREG::pfnConstruct
|
---|
1566 | */
|
---|
1567 | static DECLCALLBACK(int) dbgDiggerLinuxConstruct(PUVM pUVM, void *pvData)
|
---|
1568 | {
|
---|
1569 | PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
|
---|
1570 | pThis->IDmesg.u32Magic = DBGFOSIDMESG_MAGIC;
|
---|
1571 | pThis->IDmesg.pfnQueryKernelLog = dbgDiggerLinuxIDmsg_QueryKernelLog;
|
---|
1572 | pThis->IDmesg.u32EndMagic = DBGFOSIDMESG_MAGIC;
|
---|
1573 |
|
---|
1574 | return VINF_SUCCESS;
|
---|
1575 | }
|
---|
1576 |
|
---|
1577 |
|
---|
1578 | const DBGFOSREG g_DBGDiggerLinux =
|
---|
1579 | {
|
---|
1580 | /* .u32Magic = */ DBGFOSREG_MAGIC,
|
---|
1581 | /* .fFlags = */ 0,
|
---|
1582 | /* .cbData = */ sizeof(DBGDIGGERLINUX),
|
---|
1583 | /* .szName = */ "Linux",
|
---|
1584 | /* .pfnConstruct = */ dbgDiggerLinuxConstruct,
|
---|
1585 | /* .pfnDestruct = */ dbgDiggerLinuxDestruct,
|
---|
1586 | /* .pfnProbe = */ dbgDiggerLinuxProbe,
|
---|
1587 | /* .pfnInit = */ dbgDiggerLinuxInit,
|
---|
1588 | /* .pfnRefresh = */ dbgDiggerLinuxRefresh,
|
---|
1589 | /* .pfnTerm = */ dbgDiggerLinuxTerm,
|
---|
1590 | /* .pfnQueryVersion = */ dbgDiggerLinuxQueryVersion,
|
---|
1591 | /* .pfnQueryInterface = */ dbgDiggerLinuxQueryInterface,
|
---|
1592 | /* .u32EndMagic = */ DBGFOSREG_MAGIC
|
---|
1593 | };
|
---|
1594 |
|
---|