| 1 | //===-- DynamicLoaderDarwinKernel.cpp -------------------------------------===// |
|---|---|
| 2 | // |
| 3 | // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. |
| 4 | // See https://llvm.org/LICENSE.txt for license information. |
| 5 | // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception |
| 6 | // |
| 7 | //===----------------------------------------------------------------------===// |
| 8 | |
| 9 | #include "Plugins/ObjectFile/Mach-O/ObjectFileMachO.h" |
| 10 | #include "Plugins/Platform/MacOSX/PlatformDarwinKernel.h" |
| 11 | #include "lldb/Breakpoint/StoppointCallbackContext.h" |
| 12 | #include "lldb/Core/Debugger.h" |
| 13 | #include "lldb/Core/Module.h" |
| 14 | #include "lldb/Core/ModuleSpec.h" |
| 15 | #include "lldb/Core/PluginManager.h" |
| 16 | #include "lldb/Core/Progress.h" |
| 17 | #include "lldb/Core/Section.h" |
| 18 | #include "lldb/Interpreter/OptionValueProperties.h" |
| 19 | #include "lldb/Symbol/ObjectFile.h" |
| 20 | #include "lldb/Target/OperatingSystem.h" |
| 21 | #include "lldb/Target/RegisterContext.h" |
| 22 | #include "lldb/Target/StackFrame.h" |
| 23 | #include "lldb/Target/Target.h" |
| 24 | #include "lldb/Target/Thread.h" |
| 25 | #include "lldb/Target/ThreadPlanRunToAddress.h" |
| 26 | #include "lldb/Utility/AddressableBits.h" |
| 27 | #include "lldb/Utility/DataBuffer.h" |
| 28 | #include "lldb/Utility/DataBufferHeap.h" |
| 29 | #include "lldb/Utility/LLDBLog.h" |
| 30 | #include "lldb/Utility/Log.h" |
| 31 | #include "lldb/Utility/State.h" |
| 32 | |
| 33 | #include "DynamicLoaderDarwinKernel.h" |
| 34 | |
| 35 | #include <algorithm> |
| 36 | #include <memory> |
| 37 | |
| 38 | //#define ENABLE_DEBUG_PRINTF // COMMENT THIS LINE OUT PRIOR TO CHECKIN |
| 39 | #ifdef ENABLE_DEBUG_PRINTF |
| 40 | #include <cstdio> |
| 41 | #define DEBUG_PRINTF(fmt, ...) printf(fmt, ##__VA_ARGS__) |
| 42 | #else |
| 43 | #define DEBUG_PRINTF(fmt, ...) |
| 44 | #endif |
| 45 | |
| 46 | using namespace lldb; |
| 47 | using namespace lldb_private; |
| 48 | |
| 49 | LLDB_PLUGIN_DEFINE(DynamicLoaderDarwinKernel) |
| 50 | |
| 51 | // Progressively greater amounts of scanning we will allow For some targets |
| 52 | // very early in startup, we can't do any random reads of memory or we can |
| 53 | // crash the device so a setting is needed that can completely disable the |
| 54 | // KASLR scans. |
| 55 | |
| 56 | enum KASLRScanType { |
| 57 | eKASLRScanNone = 0, // No reading into the inferior at all |
| 58 | eKASLRScanLowgloAddresses, // Check one word of memory for a possible kernel |
| 59 | // addr, then see if a kernel is there |
| 60 | eKASLRScanNearPC, // Scan backwards from the current $pc looking for kernel; |
| 61 | // checking at 96 locations total |
| 62 | eKASLRScanExhaustiveScan // Scan through the entire possible kernel address |
| 63 | // range looking for a kernel |
| 64 | }; |
| 65 | |
| 66 | static constexpr OptionEnumValueElement g_kaslr_kernel_scan_enum_values[] = { |
| 67 | { |
| 68 | .value: eKASLRScanNone, |
| 69 | .string_value: "none", |
| 70 | .usage: "Do not read memory looking for a Darwin kernel when attaching.", |
| 71 | }, |
| 72 | { |
| 73 | .value: eKASLRScanLowgloAddresses, |
| 74 | .string_value: "basic", |
| 75 | .usage: "Check for the Darwin kernel's load addr in the lowglo page " |
| 76 | "(boot-args=debug) only.", |
| 77 | }, |
| 78 | { |
| 79 | .value: eKASLRScanNearPC, |
| 80 | .string_value: "fast-scan", |
| 81 | .usage: "Scan near the pc value on attach to find the Darwin kernel's load " |
| 82 | "address.", |
| 83 | }, |
| 84 | { |
| 85 | .value: eKASLRScanExhaustiveScan, |
| 86 | .string_value: "exhaustive-scan", |
| 87 | .usage: "Scan through the entire potential address range of Darwin kernel " |
| 88 | "(only on 32-bit targets).", |
| 89 | }, |
| 90 | }; |
| 91 | |
| 92 | #define LLDB_PROPERTIES_dynamicloaderdarwinkernel |
| 93 | #include "DynamicLoaderDarwinKernelProperties.inc" |
| 94 | |
| 95 | enum { |
| 96 | #define LLDB_PROPERTIES_dynamicloaderdarwinkernel |
| 97 | #include "DynamicLoaderDarwinKernelPropertiesEnum.inc" |
| 98 | }; |
| 99 | |
| 100 | class DynamicLoaderDarwinKernelProperties : public Properties { |
| 101 | public: |
| 102 | static llvm::StringRef GetSettingName() { |
| 103 | static constexpr llvm::StringLiteral g_setting_name("darwin-kernel"); |
| 104 | return g_setting_name; |
| 105 | } |
| 106 | |
| 107 | DynamicLoaderDarwinKernelProperties() : Properties() { |
| 108 | m_collection_sp = std::make_shared<OptionValueProperties>(args: GetSettingName()); |
| 109 | m_collection_sp->Initialize(setting_definitions: g_dynamicloaderdarwinkernel_properties); |
| 110 | } |
| 111 | |
| 112 | ~DynamicLoaderDarwinKernelProperties() override = default; |
| 113 | |
| 114 | bool GetLoadKexts() const { |
| 115 | const uint32_t idx = ePropertyLoadKexts; |
| 116 | return GetPropertyAtIndexAs<bool>( |
| 117 | idx, |
| 118 | g_dynamicloaderdarwinkernel_properties[idx].default_uint_value != 0); |
| 119 | } |
| 120 | |
| 121 | KASLRScanType GetScanType() const { |
| 122 | const uint32_t idx = ePropertyScanType; |
| 123 | return GetPropertyAtIndexAs<KASLRScanType>( |
| 124 | idx, |
| 125 | static_cast<KASLRScanType>( |
| 126 | g_dynamicloaderdarwinkernel_properties[idx].default_uint_value)); |
| 127 | } |
| 128 | }; |
| 129 | |
| 130 | static DynamicLoaderDarwinKernelProperties &GetGlobalProperties() { |
| 131 | static DynamicLoaderDarwinKernelProperties g_settings; |
| 132 | return g_settings; |
| 133 | } |
| 134 | |
| 135 | static bool is_kernel(Module *module) { |
| 136 | if (!module) |
| 137 | return false; |
| 138 | ObjectFile *objfile = module->GetObjectFile(); |
| 139 | if (!objfile) |
| 140 | return false; |
| 141 | if (objfile->GetType() != ObjectFile::eTypeExecutable) |
| 142 | return false; |
| 143 | if (objfile->GetStrata() != ObjectFile::eStrataKernel) |
| 144 | return false; |
| 145 | |
| 146 | return true; |
| 147 | } |
| 148 | |
| 149 | // Create an instance of this class. This function is filled into the plugin |
| 150 | // info class that gets handed out by the plugin factory and allows the lldb to |
| 151 | // instantiate an instance of this class. |
| 152 | DynamicLoader *DynamicLoaderDarwinKernel::CreateInstance(Process *process, |
| 153 | bool force) { |
| 154 | if (!force) { |
| 155 | // If the user provided an executable binary and it is not a kernel, this |
| 156 | // plugin should not create an instance. |
| 157 | Module *exec = process->GetTarget().GetExecutableModulePointer(); |
| 158 | if (exec && !is_kernel(module: exec)) |
| 159 | return nullptr; |
| 160 | |
| 161 | // If the target's architecture does not look like an Apple environment, |
| 162 | // this plugin should not create an instance. |
| 163 | const llvm::Triple &triple_ref = |
| 164 | process->GetTarget().GetArchitecture().GetTriple(); |
| 165 | switch (triple_ref.getOS()) { |
| 166 | case llvm::Triple::Darwin: |
| 167 | case llvm::Triple::MacOSX: |
| 168 | case llvm::Triple::IOS: |
| 169 | case llvm::Triple::TvOS: |
| 170 | case llvm::Triple::WatchOS: |
| 171 | case llvm::Triple::BridgeOS: |
| 172 | case llvm::Triple::DriverKit: |
| 173 | case llvm::Triple::XROS: |
| 174 | if (triple_ref.getVendor() != llvm::Triple::Apple) { |
| 175 | return nullptr; |
| 176 | } |
| 177 | break; |
| 178 | // If we have triple like armv7-unknown-unknown, we should try looking for |
| 179 | // a Darwin kernel. |
| 180 | case llvm::Triple::UnknownOS: |
| 181 | break; |
| 182 | default: |
| 183 | return nullptr; |
| 184 | break; |
| 185 | } |
| 186 | } |
| 187 | |
| 188 | // At this point if there is an ExecutableModule, it is a kernel and the |
| 189 | // Target is some variant of an Apple system. If the Process hasn't provided |
| 190 | // the kernel load address, we need to look around in memory to find it. |
| 191 | const addr_t kernel_load_address = SearchForDarwinKernel(process); |
| 192 | if (CheckForKernelImageAtAddress(addr: kernel_load_address, process).IsValid()) { |
| 193 | return new DynamicLoaderDarwinKernel(process, kernel_load_address); |
| 194 | } |
| 195 | return nullptr; |
| 196 | } |
| 197 | |
| 198 | lldb::addr_t |
| 199 | DynamicLoaderDarwinKernel::SearchForDarwinKernel(Process *process) { |
| 200 | addr_t kernel_load_address = process->GetImageInfoAddress(); |
| 201 | if (kernel_load_address == LLDB_INVALID_ADDRESS) |
| 202 | kernel_load_address = SearchForKernelAtSameLoadAddr(process); |
| 203 | if (kernel_load_address == LLDB_INVALID_ADDRESS) |
| 204 | kernel_load_address = SearchForKernelWithDebugHints(process); |
| 205 | if (kernel_load_address == LLDB_INVALID_ADDRESS) |
| 206 | kernel_load_address = SearchForKernelNearPC(process); |
| 207 | if (kernel_load_address == LLDB_INVALID_ADDRESS) |
| 208 | kernel_load_address = SearchForKernelViaExhaustiveSearch(process); |
| 209 | |
| 210 | return kernel_load_address; |
| 211 | } |
| 212 | |
| 213 | // Check if the kernel binary is loaded in memory without a slide. First verify |
| 214 | // that the ExecutableModule is a kernel before we proceed. Returns the address |
| 215 | // of the kernel if one was found, else LLDB_INVALID_ADDRESS. |
| 216 | lldb::addr_t |
| 217 | DynamicLoaderDarwinKernel::SearchForKernelAtSameLoadAddr(Process *process) { |
| 218 | Module *exe_module = process->GetTarget().GetExecutableModulePointer(); |
| 219 | |
| 220 | if (!is_kernel(module: process->GetTarget().GetExecutableModulePointer())) |
| 221 | return LLDB_INVALID_ADDRESS; |
| 222 | |
| 223 | ObjectFile *exe_objfile = exe_module->GetObjectFile(); |
| 224 | |
| 225 | if (!exe_objfile->GetBaseAddress().IsValid()) |
| 226 | return LLDB_INVALID_ADDRESS; |
| 227 | |
| 228 | if (CheckForKernelImageAtAddress( |
| 229 | addr: exe_objfile->GetBaseAddress().GetFileAddress(), process) == |
| 230 | exe_module->GetUUID()) |
| 231 | return exe_objfile->GetBaseAddress().GetFileAddress(); |
| 232 | |
| 233 | return LLDB_INVALID_ADDRESS; |
| 234 | } |
| 235 | |
| 236 | // If the debug flag is included in the boot-args nvram setting, the kernel's |
| 237 | // load address will be noted in the lowglo page at a fixed address Returns the |
| 238 | // address of the kernel if one was found, else LLDB_INVALID_ADDRESS. |
| 239 | lldb::addr_t |
| 240 | DynamicLoaderDarwinKernel::SearchForKernelWithDebugHints(Process *process) { |
| 241 | if (GetGlobalProperties().GetScanType() == eKASLRScanNone) |
| 242 | return LLDB_INVALID_ADDRESS; |
| 243 | |
| 244 | Status read_err; |
| 245 | addr_t kernel_addresses_64[] = { |
| 246 | 0xfffffff000002010ULL, |
| 247 | 0xfffffe0000004010ULL, // newest arm64 devices, large memory support |
| 248 | 0xfffffff000004010ULL, // newest arm64 devices |
| 249 | 0xffffff8000004010ULL, // 2014-2015-ish arm64 devices |
| 250 | 0xffffff8000002010ULL, // oldest arm64 devices |
| 251 | LLDB_INVALID_ADDRESS}; |
| 252 | addr_t kernel_addresses_32[] = {0xffff0110, // 2016 and earlier armv7 devices |
| 253 | 0xffff1010, LLDB_INVALID_ADDRESS}; |
| 254 | |
| 255 | uint8_t uval[8]; |
| 256 | if (process->GetAddressByteSize() == 8) { |
| 257 | for (size_t i = 0; kernel_addresses_64[i] != LLDB_INVALID_ADDRESS; i++) { |
| 258 | if (process->ReadMemoryFromInferior(vm_addr: kernel_addresses_64[i], buf: uval, size: 8, |
| 259 | error&: read_err) == 8) { |
| 260 | DataExtractor data(&uval, 8, process->GetByteOrder(), |
| 261 | process->GetAddressByteSize()); |
| 262 | lldb::offset_t offset = 0; |
| 263 | uint64_t addr = data.GetU64(offset_ptr: &offset); |
| 264 | if (CheckForKernelImageAtAddress(addr, process).IsValid()) { |
| 265 | return addr; |
| 266 | } |
| 267 | } |
| 268 | } |
| 269 | } |
| 270 | |
| 271 | if (process->GetAddressByteSize() == 4) { |
| 272 | for (size_t i = 0; kernel_addresses_32[i] != LLDB_INVALID_ADDRESS; i++) { |
| 273 | if (process->ReadMemoryFromInferior(vm_addr: kernel_addresses_32[i], buf: uval, size: 4, |
| 274 | error&: read_err) == 4) { |
| 275 | DataExtractor data(&uval, 4, process->GetByteOrder(), |
| 276 | process->GetAddressByteSize()); |
| 277 | lldb::offset_t offset = 0; |
| 278 | uint32_t addr = data.GetU32(offset_ptr: &offset); |
| 279 | if (CheckForKernelImageAtAddress(addr, process).IsValid()) { |
| 280 | return addr; |
| 281 | } |
| 282 | } |
| 283 | } |
| 284 | } |
| 285 | |
| 286 | return LLDB_INVALID_ADDRESS; |
| 287 | } |
| 288 | |
| 289 | // If the kernel is currently executing when lldb attaches, and we don't have a |
| 290 | // better way of finding the kernel's load address, try searching backwards |
| 291 | // from the current pc value looking for the kernel's Mach header in memory. |
| 292 | // Returns the address of the kernel if one was found, else |
| 293 | // LLDB_INVALID_ADDRESS. |
| 294 | lldb::addr_t |
| 295 | DynamicLoaderDarwinKernel::SearchForKernelNearPC(Process *process) { |
| 296 | if (GetGlobalProperties().GetScanType() == eKASLRScanNone || |
| 297 | GetGlobalProperties().GetScanType() == eKASLRScanLowgloAddresses) { |
| 298 | return LLDB_INVALID_ADDRESS; |
| 299 | } |
| 300 | |
| 301 | ThreadSP thread = process->GetThreadList().GetSelectedThread(); |
| 302 | if (thread.get() == nullptr) |
| 303 | return LLDB_INVALID_ADDRESS; |
| 304 | addr_t pc = thread->GetRegisterContext()->GetPC(LLDB_INVALID_ADDRESS); |
| 305 | |
| 306 | int ptrsize = process->GetTarget().GetArchitecture().GetAddressByteSize(); |
| 307 | |
| 308 | // The kernel is always loaded in high memory, if the top bit is zero, |
| 309 | // this isn't a kernel. |
| 310 | if (ptrsize == 8) { |
| 311 | if ((pc & (1ULL << 63)) == 0) { |
| 312 | return LLDB_INVALID_ADDRESS; |
| 313 | } |
| 314 | } else { |
| 315 | if ((pc & (1ULL << 31)) == 0) { |
| 316 | return LLDB_INVALID_ADDRESS; |
| 317 | } |
| 318 | } |
| 319 | |
| 320 | if (pc == LLDB_INVALID_ADDRESS) |
| 321 | return LLDB_INVALID_ADDRESS; |
| 322 | |
| 323 | int pagesize = 0x4000; // 16k pages on 64-bit targets |
| 324 | if (ptrsize == 4) |
| 325 | pagesize = 0x1000; // 4k pages on 32-bit targets |
| 326 | |
| 327 | // The kernel will be loaded on a page boundary. |
| 328 | // Round the current pc down to the nearest page boundary. |
| 329 | addr_t addr = pc & ~(pagesize - 1ULL); |
| 330 | |
| 331 | // Search backwards for 128 megabytes, or first memory read error. |
| 332 | while (pc - addr < 128 * 0x100000) { |
| 333 | bool read_error; |
| 334 | if (CheckForKernelImageAtAddress(addr, process, read_error: &read_error).IsValid()) |
| 335 | return addr; |
| 336 | |
| 337 | // Stop scanning on the first read error we encounter; we've walked |
| 338 | // past this executable block of memory. |
| 339 | if (read_error == true) |
| 340 | break; |
| 341 | |
| 342 | addr -= pagesize; |
| 343 | } |
| 344 | |
| 345 | return LLDB_INVALID_ADDRESS; |
| 346 | } |
| 347 | |
| 348 | // Scan through the valid address range for a kernel binary. This is uselessly |
| 349 | // slow in 64-bit environments so we don't even try it. This scan is not |
| 350 | // enabled by default even for 32-bit targets. Returns the address of the |
| 351 | // kernel if one was found, else LLDB_INVALID_ADDRESS. |
| 352 | lldb::addr_t DynamicLoaderDarwinKernel::SearchForKernelViaExhaustiveSearch( |
| 353 | Process *process) { |
| 354 | if (GetGlobalProperties().GetScanType() != eKASLRScanExhaustiveScan) { |
| 355 | return LLDB_INVALID_ADDRESS; |
| 356 | } |
| 357 | |
| 358 | addr_t kernel_range_low, kernel_range_high; |
| 359 | if (process->GetTarget().GetArchitecture().GetAddressByteSize() == 8) { |
| 360 | kernel_range_low = 1ULL << 63; |
| 361 | kernel_range_high = UINT64_MAX; |
| 362 | } else { |
| 363 | kernel_range_low = 1ULL << 31; |
| 364 | kernel_range_high = UINT32_MAX; |
| 365 | } |
| 366 | |
| 367 | // Stepping through memory at one-megabyte resolution looking for a kernel |
| 368 | // rarely works (fast enough) with a 64-bit address space -- for now, let's |
| 369 | // not even bother. We may be attaching to something which *isn't* a kernel |
| 370 | // and we don't want to spin for minutes on-end looking for a kernel. |
| 371 | if (process->GetTarget().GetArchitecture().GetAddressByteSize() == 8) |
| 372 | return LLDB_INVALID_ADDRESS; |
| 373 | |
| 374 | addr_t addr = kernel_range_low; |
| 375 | |
| 376 | while (addr >= kernel_range_low && addr < kernel_range_high) { |
| 377 | // x86_64 kernels are at offset 0 |
| 378 | if (CheckForKernelImageAtAddress(addr, process).IsValid()) |
| 379 | return addr; |
| 380 | // 32-bit arm kernels are at offset 0x1000 (one 4k page) |
| 381 | if (CheckForKernelImageAtAddress(addr: addr + 0x1000, process).IsValid()) |
| 382 | return addr + 0x1000; |
| 383 | // 64-bit arm kernels are at offset 0x4000 (one 16k page) |
| 384 | if (CheckForKernelImageAtAddress(addr: addr + 0x4000, process).IsValid()) |
| 385 | return addr + 0x4000; |
| 386 | addr += 0x100000; |
| 387 | } |
| 388 | return LLDB_INVALID_ADDRESS; |
| 389 | } |
| 390 | |
| 391 | // Read the mach_header struct out of memory and return it. |
| 392 | // Returns true if the mach_header was successfully read, |
| 393 | // Returns false if there was a problem reading the header, or it was not |
| 394 | // a Mach-O header. |
| 395 | |
| 396 | bool |
| 397 | DynamicLoaderDarwinKernel::ReadMachHeader(addr_t addr, Process *process, llvm::MachO::mach_header &header, |
| 398 | bool *read_error) { |
| 399 | Status error; |
| 400 | if (read_error) |
| 401 | *read_error = false; |
| 402 | |
| 403 | // Read the mach header and see whether it looks like a kernel |
| 404 | if (process->ReadMemory(vm_addr: addr, buf: &header, size: sizeof(header), error) != |
| 405 | sizeof(header)) { |
| 406 | if (read_error) |
| 407 | *read_error = true; |
| 408 | return false; |
| 409 | } |
| 410 | |
| 411 | const uint32_t magicks[] = { llvm::MachO::MH_MAGIC_64, llvm::MachO::MH_MAGIC, llvm::MachO::MH_CIGAM, llvm::MachO::MH_CIGAM_64}; |
| 412 | |
| 413 | bool found_matching_pattern = false; |
| 414 | for (size_t i = 0; i < std::size(magicks); i++) |
| 415 | if (::memcmp (s1: &header.magic, s2: &magicks[i], n: sizeof (uint32_t)) == 0) |
| 416 | found_matching_pattern = true; |
| 417 | |
| 418 | if (!found_matching_pattern) |
| 419 | return false; |
| 420 | |
| 421 | if (header.magic == llvm::MachO::MH_CIGAM || |
| 422 | header.magic == llvm::MachO::MH_CIGAM_64) { |
| 423 | header.magic = llvm::byteswap<uint32_t>(V: header.magic); |
| 424 | header.cputype = llvm::byteswap<uint32_t>(V: header.cputype); |
| 425 | header.cpusubtype = llvm::byteswap<uint32_t>(V: header.cpusubtype); |
| 426 | header.filetype = llvm::byteswap<uint32_t>(V: header.filetype); |
| 427 | header.ncmds = llvm::byteswap<uint32_t>(V: header.ncmds); |
| 428 | header.sizeofcmds = llvm::byteswap<uint32_t>(V: header.sizeofcmds); |
| 429 | header.flags = llvm::byteswap<uint32_t>(V: header.flags); |
| 430 | } |
| 431 | |
| 432 | return true; |
| 433 | } |
| 434 | |
| 435 | // Given an address in memory, look to see if there is a kernel image at that |
| 436 | // address. |
| 437 | // Returns a UUID; if a kernel was not found at that address, UUID.IsValid() |
| 438 | // will be false. |
| 439 | lldb_private::UUID |
| 440 | DynamicLoaderDarwinKernel::CheckForKernelImageAtAddress(lldb::addr_t addr, |
| 441 | Process *process, |
| 442 | bool *read_error) { |
| 443 | Log *log = GetLog(mask: LLDBLog::DynamicLoader); |
| 444 | if (addr == LLDB_INVALID_ADDRESS) { |
| 445 | if (read_error) |
| 446 | *read_error = true; |
| 447 | return UUID(); |
| 448 | } |
| 449 | |
| 450 | LLDB_LOGF(log, |
| 451 | "DynamicLoaderDarwinKernel::CheckForKernelImageAtAddress: " |
| 452 | "looking for kernel binary at 0x%"PRIx64, |
| 453 | addr); |
| 454 | |
| 455 | llvm::MachO::mach_header header; |
| 456 | |
| 457 | if (!ReadMachHeader(addr, process, header, read_error)) |
| 458 | return UUID(); |
| 459 | |
| 460 | // First try a quick test -- read the first 4 bytes and see if there is a |
| 461 | // valid Mach-O magic field there |
| 462 | // (the first field of the mach_header/mach_header_64 struct). |
| 463 | // A kernel is an executable which does not have the dynamic link object flag |
| 464 | // set. |
| 465 | if (header.filetype == llvm::MachO::MH_EXECUTE && |
| 466 | (header.flags & llvm::MachO::MH_DYLDLINK) == 0) { |
| 467 | // Create a full module to get the UUID |
| 468 | ModuleSP memory_module_sp = |
| 469 | process->ReadModuleFromMemory(file_spec: FileSpec("temp_mach_kernel"), header_addr: addr); |
| 470 | if (!memory_module_sp.get()) |
| 471 | return UUID(); |
| 472 | |
| 473 | ObjectFile *exe_objfile = memory_module_sp->GetObjectFile(); |
| 474 | if (exe_objfile == nullptr) { |
| 475 | LLDB_LOGF(log, |
| 476 | "DynamicLoaderDarwinKernel::CheckForKernelImageAtAddress " |
| 477 | "found a binary at 0x%"PRIx64 |
| 478 | " but could not create an object file from memory", |
| 479 | addr); |
| 480 | return UUID(); |
| 481 | } |
| 482 | |
| 483 | if (is_kernel(module: memory_module_sp.get())) { |
| 484 | ArchSpec kernel_arch(eArchTypeMachO, header.cputype, header.cpusubtype); |
| 485 | if (!process->GetTarget().GetArchitecture().IsCompatibleMatch( |
| 486 | rhs: kernel_arch)) { |
| 487 | process->GetTarget().SetArchitecture(arch_spec: kernel_arch); |
| 488 | } |
| 489 | if (log) { |
| 490 | std::string uuid_str; |
| 491 | if (memory_module_sp->GetUUID().IsValid()) { |
| 492 | uuid_str = "with UUID "; |
| 493 | uuid_str += memory_module_sp->GetUUID().GetAsString(); |
| 494 | } else { |
| 495 | uuid_str = "and no LC_UUID found in load commands "; |
| 496 | } |
| 497 | LLDB_LOGF( |
| 498 | log, |
| 499 | "DynamicLoaderDarwinKernel::CheckForKernelImageAtAddress: " |
| 500 | "kernel binary image found at 0x%"PRIx64 " with arch '%s' %s", |
| 501 | addr, kernel_arch.GetTriple().str().c_str(), uuid_str.c_str()); |
| 502 | } |
| 503 | return memory_module_sp->GetUUID(); |
| 504 | } |
| 505 | } |
| 506 | |
| 507 | return UUID(); |
| 508 | } |
| 509 | |
| 510 | // Constructor |
| 511 | DynamicLoaderDarwinKernel::DynamicLoaderDarwinKernel(Process *process, |
| 512 | lldb::addr_t kernel_addr) |
| 513 | : DynamicLoader(process), m_kernel_load_address(kernel_addr), m_kernel(), |
| 514 | m_kext_summary_header_ptr_addr(), m_kext_summary_header_addr(), |
| 515 | m_kext_summary_header(), m_known_kexts(), m_mutex(), |
| 516 | m_break_id(LLDB_INVALID_BREAK_ID) { |
| 517 | Status error; |
| 518 | process->SetCanRunCode(false); |
| 519 | PlatformSP platform_sp = |
| 520 | process->GetTarget().GetDebugger().GetPlatformList().Create( |
| 521 | name: PlatformDarwinKernel::GetPluginNameStatic()); |
| 522 | if (platform_sp.get()) |
| 523 | process->GetTarget().SetPlatform(platform_sp); |
| 524 | } |
| 525 | |
| 526 | // Destructor |
| 527 | DynamicLoaderDarwinKernel::~DynamicLoaderDarwinKernel() { Clear(clear_process: true); } |
| 528 | |
| 529 | void DynamicLoaderDarwinKernel::UpdateIfNeeded() { |
| 530 | LoadKernelModuleIfNeeded(); |
| 531 | SetNotificationBreakpointIfNeeded(); |
| 532 | } |
| 533 | |
| 534 | /// We've attached to a remote connection, or read a corefile. |
| 535 | /// Now load the kernel binary and potentially the kexts, add |
| 536 | /// them to the Target. |
| 537 | void DynamicLoaderDarwinKernel::DidAttach() { |
| 538 | PrivateInitialize(process: m_process); |
| 539 | UpdateIfNeeded(); |
| 540 | } |
| 541 | |
| 542 | /// Called after attaching a process. |
| 543 | /// |
| 544 | /// Allow DynamicLoader plug-ins to execute some code after |
| 545 | /// attaching to a process. |
| 546 | void DynamicLoaderDarwinKernel::DidLaunch() { |
| 547 | PrivateInitialize(process: m_process); |
| 548 | UpdateIfNeeded(); |
| 549 | } |
| 550 | |
| 551 | // Clear out the state of this class. |
| 552 | void DynamicLoaderDarwinKernel::Clear(bool clear_process) { |
| 553 | std::lock_guard<std::recursive_mutex> guard(m_mutex); |
| 554 | |
| 555 | if (m_process->IsAlive() && LLDB_BREAK_ID_IS_VALID(m_break_id)) |
| 556 | m_process->ClearBreakpointSiteByID(break_id: m_break_id); |
| 557 | |
| 558 | if (clear_process) |
| 559 | m_process = nullptr; |
| 560 | m_kernel.Clear(); |
| 561 | m_known_kexts.clear(); |
| 562 | m_kext_summary_header_ptr_addr.Clear(); |
| 563 | m_kext_summary_header_addr.Clear(); |
| 564 | m_break_id = LLDB_INVALID_BREAK_ID; |
| 565 | } |
| 566 | |
| 567 | bool DynamicLoaderDarwinKernel::KextImageInfo::LoadImageAtFileAddress( |
| 568 | Process *process) { |
| 569 | if (IsLoaded()) |
| 570 | return true; |
| 571 | |
| 572 | if (m_module_sp) { |
| 573 | bool changed = false; |
| 574 | if (m_module_sp->SetLoadAddress(target&: process->GetTarget(), value: 0, value_is_offset: true, changed)) |
| 575 | m_load_process_stop_id = process->GetStopID(); |
| 576 | } |
| 577 | return false; |
| 578 | } |
| 579 | |
| 580 | void DynamicLoaderDarwinKernel::KextImageInfo::SetModule(ModuleSP module_sp) { |
| 581 | m_module_sp = module_sp; |
| 582 | m_kernel_image = is_kernel(module: module_sp.get()); |
| 583 | } |
| 584 | |
| 585 | ModuleSP DynamicLoaderDarwinKernel::KextImageInfo::GetModule() { |
| 586 | return m_module_sp; |
| 587 | } |
| 588 | |
| 589 | void DynamicLoaderDarwinKernel::KextImageInfo::SetLoadAddress( |
| 590 | addr_t load_addr) { |
| 591 | m_load_address = load_addr; |
| 592 | } |
| 593 | |
| 594 | addr_t DynamicLoaderDarwinKernel::KextImageInfo::GetLoadAddress() const { |
| 595 | return m_load_address; |
| 596 | } |
| 597 | |
| 598 | uint64_t DynamicLoaderDarwinKernel::KextImageInfo::GetSize() const { |
| 599 | return m_size; |
| 600 | } |
| 601 | |
| 602 | void DynamicLoaderDarwinKernel::KextImageInfo::SetSize(uint64_t size) { |
| 603 | m_size = size; |
| 604 | } |
| 605 | |
| 606 | uint32_t DynamicLoaderDarwinKernel::KextImageInfo::GetProcessStopId() const { |
| 607 | return m_load_process_stop_id; |
| 608 | } |
| 609 | |
| 610 | void DynamicLoaderDarwinKernel::KextImageInfo::SetProcessStopId( |
| 611 | uint32_t stop_id) { |
| 612 | m_load_process_stop_id = stop_id; |
| 613 | } |
| 614 | |
| 615 | bool DynamicLoaderDarwinKernel::KextImageInfo::operator==( |
| 616 | const KextImageInfo &rhs) const { |
| 617 | if (m_uuid.IsValid() || rhs.GetUUID().IsValid()) { |
| 618 | return m_uuid == rhs.GetUUID(); |
| 619 | } |
| 620 | |
| 621 | return m_name == rhs.GetName() && m_load_address == rhs.GetLoadAddress(); |
| 622 | } |
| 623 | |
| 624 | void DynamicLoaderDarwinKernel::KextImageInfo::SetName(const char *name) { |
| 625 | m_name = name; |
| 626 | } |
| 627 | |
| 628 | std::string DynamicLoaderDarwinKernel::KextImageInfo::GetName() const { |
| 629 | return m_name; |
| 630 | } |
| 631 | |
| 632 | void DynamicLoaderDarwinKernel::KextImageInfo::SetUUID(const UUID &uuid) { |
| 633 | m_uuid = uuid; |
| 634 | } |
| 635 | |
| 636 | UUID DynamicLoaderDarwinKernel::KextImageInfo::GetUUID() const { |
| 637 | return m_uuid; |
| 638 | } |
| 639 | |
| 640 | // Given the m_load_address from the kext summaries, and a UUID, try to create |
| 641 | // an in-memory Module at that address. Require that the MemoryModule have a |
| 642 | // matching UUID and detect if this MemoryModule is a kernel or a kext. |
| 643 | // |
| 644 | // Returns true if m_memory_module_sp is now set to a valid Module. |
| 645 | |
| 646 | bool DynamicLoaderDarwinKernel::KextImageInfo::ReadMemoryModule( |
| 647 | Process *process) { |
| 648 | Log *log = GetLog(mask: LLDBLog::Host); |
| 649 | if (m_memory_module_sp.get() != nullptr) |
| 650 | return true; |
| 651 | if (m_load_address == LLDB_INVALID_ADDRESS) |
| 652 | return false; |
| 653 | |
| 654 | FileSpec file_spec(m_name.c_str()); |
| 655 | |
| 656 | llvm::MachO::mach_header mh; |
| 657 | size_t size_to_read = 512; |
| 658 | if (ReadMachHeader(addr: m_load_address, process, header&: mh)) { |
| 659 | if (mh.magic == llvm::MachO::MH_CIGAM || mh.magic == llvm::MachO::MH_MAGIC) |
| 660 | size_to_read = sizeof(llvm::MachO::mach_header) + mh.sizeofcmds; |
| 661 | if (mh.magic == llvm::MachO::MH_CIGAM_64 || |
| 662 | mh.magic == llvm::MachO::MH_MAGIC_64) |
| 663 | size_to_read = sizeof(llvm::MachO::mach_header_64) + mh.sizeofcmds; |
| 664 | } |
| 665 | |
| 666 | ModuleSP memory_module_sp = |
| 667 | process->ReadModuleFromMemory(file_spec, header_addr: m_load_address, size_to_read); |
| 668 | |
| 669 | if (memory_module_sp.get() == nullptr) |
| 670 | return false; |
| 671 | |
| 672 | bool this_is_kernel = is_kernel(module: memory_module_sp.get()); |
| 673 | |
| 674 | // If this is a kext, and the kernel specified what UUID we should find at |
| 675 | // this load address, require that the memory module have a matching UUID or |
| 676 | // something has gone wrong and we should discard it. |
| 677 | if (m_uuid.IsValid()) { |
| 678 | if (m_uuid != memory_module_sp->GetUUID()) { |
| 679 | if (log) { |
| 680 | LLDB_LOGF(log, |
| 681 | "KextImageInfo::ReadMemoryModule the kernel said to find " |
| 682 | "uuid %s at 0x%"PRIx64 |
| 683 | " but instead we found uuid %s, throwing it away", |
| 684 | m_uuid.GetAsString().c_str(), m_load_address, |
| 685 | memory_module_sp->GetUUID().GetAsString().c_str()); |
| 686 | } |
| 687 | return false; |
| 688 | } |
| 689 | } |
| 690 | |
| 691 | // If the in-memory Module has a UUID, let's use that. |
| 692 | if (!m_uuid.IsValid() && memory_module_sp->GetUUID().IsValid()) { |
| 693 | m_uuid = memory_module_sp->GetUUID(); |
| 694 | } |
| 695 | |
| 696 | m_memory_module_sp = memory_module_sp; |
| 697 | m_kernel_image = this_is_kernel; |
| 698 | if (this_is_kernel) { |
| 699 | if (log) { |
| 700 | // This is unusual and probably not intended |
| 701 | LLDB_LOGF(log, |
| 702 | "KextImageInfo::ReadMemoryModule read the kernel binary out " |
| 703 | "of memory"); |
| 704 | } |
| 705 | if (memory_module_sp->GetArchitecture().IsValid()) { |
| 706 | process->GetTarget().SetArchitecture(arch_spec: memory_module_sp->GetArchitecture()); |
| 707 | } |
| 708 | } |
| 709 | |
| 710 | return true; |
| 711 | } |
| 712 | |
| 713 | bool DynamicLoaderDarwinKernel::KextImageInfo::IsKernel() const { |
| 714 | return m_kernel_image; |
| 715 | } |
| 716 | |
| 717 | void DynamicLoaderDarwinKernel::KextImageInfo::SetIsKernel(bool is_kernel) { |
| 718 | m_kernel_image = is_kernel; |
| 719 | } |
| 720 | |
| 721 | bool DynamicLoaderDarwinKernel::KextImageInfo::LoadImageUsingMemoryModule( |
| 722 | Process *process, Progress *progress) { |
| 723 | Log *log = GetLog(mask: LLDBLog::DynamicLoader); |
| 724 | if (IsLoaded()) |
| 725 | return true; |
| 726 | |
| 727 | Target &target = process->GetTarget(); |
| 728 | |
| 729 | // kexts will have a uuid from the table. |
| 730 | // for the kernel, we'll need to read the load commands out of memory to get it. |
| 731 | if (m_uuid.IsValid() == false) { |
| 732 | if (ReadMemoryModule(process) == false) { |
| 733 | Log *log = GetLog(mask: LLDBLog::DynamicLoader); |
| 734 | LLDB_LOGF(log, |
| 735 | "Unable to read '%s' from memory at address 0x%"PRIx64 |
| 736 | " to get the segment load addresses.", |
| 737 | m_name.c_str(), m_load_address); |
| 738 | return false; |
| 739 | } |
| 740 | } |
| 741 | |
| 742 | if (IsKernel() && m_uuid.IsValid()) { |
| 743 | lldb::StreamUP s = target.GetDebugger().GetAsyncOutputStream(); |
| 744 | s->Printf(format: "Kernel UUID: %s\n", m_uuid.GetAsString().c_str()); |
| 745 | s->Printf(format: "Load Address: 0x%"PRIx64 "\n", m_load_address); |
| 746 | |
| 747 | // Start of a kernel debug session, we have the UUID of the kernel. |
| 748 | // Go through the target's list of modules and if there are any kernel |
| 749 | // modules with non-matching UUIDs, remove them. The user may have added |
| 750 | // the wrong kernel binary manually and it will only confuse things. |
| 751 | ModuleList incorrect_kernels; |
| 752 | for (ModuleSP module_sp : target.GetImages().Modules()) { |
| 753 | if (is_kernel(module: module_sp.get()) && module_sp->GetUUID() != m_uuid) |
| 754 | incorrect_kernels.Append(module_sp); |
| 755 | } |
| 756 | target.GetImages().Remove(module_list&: incorrect_kernels); |
| 757 | } |
| 758 | |
| 759 | if (!m_module_sp) { |
| 760 | // See if the kext has already been loaded into the target, probably by the |
| 761 | // user doing target modules add. |
| 762 | const ModuleList &target_images = target.GetImages(); |
| 763 | m_module_sp = target_images.FindModule(uuid: m_uuid); |
| 764 | |
| 765 | StreamString prog_str; |
| 766 | // 'mach_kernel' is a fake name we make up to find kernels |
| 767 | // that were located by the local filesystem scan. |
| 768 | if (GetName() != "mach_kernel") |
| 769 | prog_str << GetName() << " "; |
| 770 | if (GetUUID().IsValid()) |
| 771 | prog_str << GetUUID().GetAsString() << " "; |
| 772 | if (GetLoadAddress() != LLDB_INVALID_ADDRESS) { |
| 773 | prog_str << "at 0x"; |
| 774 | prog_str.PutHex64(uvalue: GetLoadAddress()); |
| 775 | } |
| 776 | |
| 777 | std::unique_ptr<Progress> progress_up; |
| 778 | if (progress) |
| 779 | progress->Increment(amount: 1, updated_detail: prog_str.GetString().str()); |
| 780 | else { |
| 781 | if (IsKernel()) |
| 782 | progress_up = std::make_unique<Progress>(args: "Loading kernel", |
| 783 | args: prog_str.GetString().str()); |
| 784 | else |
| 785 | progress_up = std::make_unique<Progress>(args: "Loading kext", |
| 786 | args: prog_str.GetString().str()); |
| 787 | } |
| 788 | |
| 789 | // Search for the kext on the local filesystem via the UUID |
| 790 | if (!m_module_sp && m_uuid.IsValid()) { |
| 791 | ModuleSpec module_spec; |
| 792 | module_spec.GetUUID() = m_uuid; |
| 793 | if (!m_uuid.IsValid()) |
| 794 | module_spec.GetArchitecture() = target.GetArchitecture(); |
| 795 | module_spec.GetFileSpec() = FileSpec(m_name); |
| 796 | |
| 797 | // If the current platform is PlatformDarwinKernel, create a ModuleSpec |
| 798 | // with the filename set to be the bundle ID for this kext, e.g. |
| 799 | // "com.apple.filesystems.msdosfs", and ask the platform to find it. |
| 800 | // PlatformDarwinKernel does a special scan for kexts on the local |
| 801 | // system. |
| 802 | PlatformSP platform_sp(target.GetPlatform()); |
| 803 | if (platform_sp) { |
| 804 | FileSpecList search_paths = target.GetExecutableSearchPaths(); |
| 805 | platform_sp->GetSharedModule(module_spec, process, module_sp&: m_module_sp, |
| 806 | module_search_paths_ptr: &search_paths, old_modules: nullptr, did_create_ptr: nullptr); |
| 807 | } |
| 808 | |
| 809 | // Ask the Target to find this file on the local system, if possible. |
| 810 | // This will search in the list of currently-loaded files, look in the |
| 811 | // standard search paths on the system, and on a Mac it will try calling |
| 812 | // the DebugSymbols framework with the UUID to find the binary via its |
| 813 | // search methods. |
| 814 | if (!m_module_sp) { |
| 815 | m_module_sp = target.GetOrCreateModule(module_spec, notify: true /* notify */); |
| 816 | } |
| 817 | |
| 818 | // For the kernel, we really do need an on-disk file copy of the binary |
| 819 | // to do anything useful. This will force a call to dsymForUUID if it |
| 820 | // exists, instead of depending on the DebugSymbols preferences being |
| 821 | // set. |
| 822 | Status kernel_search_error; |
| 823 | if (IsKernel() && |
| 824 | (!m_module_sp || !m_module_sp->GetSymbolFileFileSpec())) { |
| 825 | if (PluginManager::DownloadObjectAndSymbolFile( |
| 826 | module_spec, error&: kernel_search_error, force_lookup: true)) { |
| 827 | if (FileSystem::Instance().Exists(file_spec: module_spec.GetFileSpec())) { |
| 828 | m_module_sp = std::make_shared<Module>(args&: module_spec.GetFileSpec(), |
| 829 | args: target.GetArchitecture()); |
| 830 | } |
| 831 | } |
| 832 | } |
| 833 | |
| 834 | if (IsKernel() && !m_module_sp) { |
| 835 | lldb::StreamUP s = target.GetDebugger().GetAsyncErrorStream(); |
| 836 | s->Printf(format: "WARNING: Unable to locate kernel binary on the debugger " |
| 837 | "system.\n"); |
| 838 | if (kernel_search_error.Fail() && kernel_search_error.AsCString(default_error_str: "") && |
| 839 | kernel_search_error.AsCString(default_error_str: "")[0] != '\0') { |
| 840 | *s << kernel_search_error.AsCString(); |
| 841 | } |
| 842 | } |
| 843 | } |
| 844 | |
| 845 | if (m_module_sp && m_uuid.IsValid() && m_module_sp->GetUUID() == m_uuid && |
| 846 | m_module_sp->GetObjectFile()) { |
| 847 | if (ObjectFileMachO *ondisk_objfile_macho = |
| 848 | llvm::dyn_cast<ObjectFileMachO>(Val: m_module_sp->GetObjectFile())) { |
| 849 | if (!IsKernel() && !ondisk_objfile_macho->IsKext()) { |
| 850 | // We have a non-kext, non-kernel binary. If we already have this |
| 851 | // loaded in the Target with load addresses, don't re-load it again. |
| 852 | ModuleSP existing_module_sp = target.GetImages().FindModule(uuid: m_uuid); |
| 853 | if (existing_module_sp && |
| 854 | existing_module_sp->IsLoadedInTarget(target: &target)) { |
| 855 | LLDB_LOGF(log, |
| 856 | "'%s' with UUID %s is not a kext or kernel, and is " |
| 857 | "already registered in target, not loading.", |
| 858 | m_name.c_str(), m_uuid.GetAsString().c_str()); |
| 859 | // It's already loaded, return true. |
| 860 | return true; |
| 861 | } |
| 862 | } |
| 863 | } |
| 864 | } |
| 865 | |
| 866 | // If we managed to find a module, append it to the target's list of |
| 867 | // images. If we also have a memory module, require that they have matching |
| 868 | // UUIDs |
| 869 | if (m_module_sp) { |
| 870 | if (m_uuid.IsValid() && m_module_sp->GetUUID() == m_uuid) { |
| 871 | target.GetImages().AppendIfNeeded(new_module: m_module_sp, notify: false); |
| 872 | } |
| 873 | } |
| 874 | } |
| 875 | |
| 876 | // If we've found a binary, read the load commands out of memory so we |
| 877 | // can set the segment load addresses. |
| 878 | if (m_module_sp) |
| 879 | ReadMemoryModule (process); |
| 880 | |
| 881 | static ConstString g_section_name_LINKEDIT("__LINKEDIT"); |
| 882 | |
| 883 | if (m_memory_module_sp && m_module_sp) { |
| 884 | if (m_module_sp->GetUUID() == m_memory_module_sp->GetUUID()) { |
| 885 | ObjectFile *ondisk_object_file = m_module_sp->GetObjectFile(); |
| 886 | ObjectFile *memory_object_file = m_memory_module_sp->GetObjectFile(); |
| 887 | |
| 888 | if (memory_object_file && ondisk_object_file) { |
| 889 | // The memory_module for kexts may have an invalid __LINKEDIT seg; skip |
| 890 | // it. |
| 891 | const bool ignore_linkedit = !IsKernel(); |
| 892 | |
| 893 | // Normally a kext will have its segment load commands |
| 894 | // (LC_SEGMENT vmaddrs) corrected in memory to have their |
| 895 | // actual segment addresses. |
| 896 | // Userland proceses have their libraries updated the same way |
| 897 | // by dyld. The Mach-O load commands in memory are the canonical |
| 898 | // addresses. |
| 899 | // |
| 900 | // If the kernel gives us a binary where the in-memory segment |
| 901 | // vmaddr is incorrect, then this binary was put in memory without |
| 902 | // updating its Mach-O load commands. We should assume a static |
| 903 | // slide value will be applied to every segment; we don't have the |
| 904 | // correct addresses for each individual segment. |
| 905 | addr_t fixed_slide = LLDB_INVALID_ADDRESS; |
| 906 | if (ObjectFileMachO *memory_objfile_macho = |
| 907 | llvm::dyn_cast<ObjectFileMachO>(Val: memory_object_file)) { |
| 908 | if (Section *header_sect = |
| 909 | memory_objfile_macho->GetMachHeaderSection()) { |
| 910 | if (header_sect->GetFileAddress() != m_load_address) { |
| 911 | fixed_slide = m_load_address - header_sect->GetFileAddress(); |
| 912 | LLDB_LOGF( |
| 913 | log, |
| 914 | "kext %s in-memory LC_SEGMENT vmaddr is not correct, using a " |
| 915 | "fixed slide of 0x%"PRIx64, |
| 916 | m_name.c_str(), fixed_slide); |
| 917 | } |
| 918 | } |
| 919 | } |
| 920 | |
| 921 | SectionList *ondisk_section_list = ondisk_object_file->GetSectionList(); |
| 922 | SectionList *memory_section_list = memory_object_file->GetSectionList(); |
| 923 | if (memory_section_list && ondisk_section_list) { |
| 924 | const uint32_t num_ondisk_sections = ondisk_section_list->GetSize(); |
| 925 | // There may be CTF sections in the memory image so we can't always |
| 926 | // just compare the number of sections (which are actually segments |
| 927 | // in mach-o parlance) |
| 928 | uint32_t sect_idx = 0; |
| 929 | |
| 930 | // Use the memory_module's addresses for each section to set the file |
| 931 | // module's load address as appropriate. We don't want to use a |
| 932 | // single slide value for the entire kext - different segments may be |
| 933 | // slid different amounts by the kext loader. |
| 934 | |
| 935 | uint32_t num_sections_loaded = 0; |
| 936 | for (sect_idx = 0; sect_idx < num_ondisk_sections; ++sect_idx) { |
| 937 | SectionSP ondisk_section_sp( |
| 938 | ondisk_section_list->GetSectionAtIndex(idx: sect_idx)); |
| 939 | if (ondisk_section_sp) { |
| 940 | // Don't ever load __LINKEDIT as it may or may not be actually |
| 941 | // mapped into memory and there is no current way to tell. Until |
| 942 | // such an ability exists, do not load the __LINKEDIT. |
| 943 | if (ignore_linkedit && |
| 944 | ondisk_section_sp->GetName() == g_section_name_LINKEDIT) |
| 945 | continue; |
| 946 | |
| 947 | if (fixed_slide != LLDB_INVALID_ADDRESS) { |
| 948 | target.SetSectionLoadAddress( |
| 949 | section: ondisk_section_sp, |
| 950 | load_addr: ondisk_section_sp->GetFileAddress() + fixed_slide); |
| 951 | } else { |
| 952 | const Section *memory_section = |
| 953 | memory_section_list |
| 954 | ->FindSectionByName(section_dstr: ondisk_section_sp->GetName()) |
| 955 | .get(); |
| 956 | if (memory_section) { |
| 957 | target.SetSectionLoadAddress( |
| 958 | section: ondisk_section_sp, load_addr: memory_section->GetFileAddress()); |
| 959 | ++num_sections_loaded; |
| 960 | } |
| 961 | } |
| 962 | } |
| 963 | } |
| 964 | if (num_sections_loaded > 0) |
| 965 | m_load_process_stop_id = process->GetStopID(); |
| 966 | else |
| 967 | m_module_sp.reset(); // No sections were loaded |
| 968 | } else |
| 969 | m_module_sp.reset(); // One or both section lists |
| 970 | } else |
| 971 | m_module_sp.reset(); // One or both object files missing |
| 972 | } else |
| 973 | m_module_sp.reset(); // UUID mismatch |
| 974 | } |
| 975 | |
| 976 | bool is_loaded = IsLoaded(); |
| 977 | |
| 978 | if (is_loaded && m_module_sp && IsKernel()) { |
| 979 | lldb::StreamUP s = target.GetDebugger().GetAsyncOutputStream(); |
| 980 | ObjectFile *kernel_object_file = m_module_sp->GetObjectFile(); |
| 981 | if (kernel_object_file) { |
| 982 | addr_t file_address = |
| 983 | kernel_object_file->GetBaseAddress().GetFileAddress(); |
| 984 | if (m_load_address != LLDB_INVALID_ADDRESS && |
| 985 | file_address != LLDB_INVALID_ADDRESS) { |
| 986 | s->Printf(format: "Kernel slid 0x%"PRIx64 " in memory.\n", |
| 987 | m_load_address - file_address); |
| 988 | } |
| 989 | } |
| 990 | s->Printf(format: "Loaded kernel file %s\n", |
| 991 | m_module_sp->GetFileSpec().GetPath().c_str()); |
| 992 | } |
| 993 | |
| 994 | // Notify the target about the module being added; |
| 995 | // set breakpoints, load dSYM scripts, etc. as needed. |
| 996 | if (is_loaded && m_module_sp) { |
| 997 | ModuleList loaded_module_list; |
| 998 | loaded_module_list.Append(module_sp: m_module_sp); |
| 999 | target.ModulesDidLoad(module_list&: loaded_module_list); |
| 1000 | } |
| 1001 | |
| 1002 | return is_loaded; |
| 1003 | } |
| 1004 | |
| 1005 | uint32_t DynamicLoaderDarwinKernel::KextImageInfo::GetAddressByteSize() { |
| 1006 | if (m_memory_module_sp) |
| 1007 | return m_memory_module_sp->GetArchitecture().GetAddressByteSize(); |
| 1008 | if (m_module_sp) |
| 1009 | return m_module_sp->GetArchitecture().GetAddressByteSize(); |
| 1010 | return 0; |
| 1011 | } |
| 1012 | |
| 1013 | lldb::ByteOrder DynamicLoaderDarwinKernel::KextImageInfo::GetByteOrder() { |
| 1014 | if (m_memory_module_sp) |
| 1015 | return m_memory_module_sp->GetArchitecture().GetByteOrder(); |
| 1016 | if (m_module_sp) |
| 1017 | return m_module_sp->GetArchitecture().GetByteOrder(); |
| 1018 | return endian::InlHostByteOrder(); |
| 1019 | } |
| 1020 | |
| 1021 | lldb_private::ArchSpec |
| 1022 | DynamicLoaderDarwinKernel::KextImageInfo::GetArchitecture() const { |
| 1023 | if (m_memory_module_sp) |
| 1024 | return m_memory_module_sp->GetArchitecture(); |
| 1025 | if (m_module_sp) |
| 1026 | return m_module_sp->GetArchitecture(); |
| 1027 | return lldb_private::ArchSpec(); |
| 1028 | } |
| 1029 | |
| 1030 | // Load the kernel module and initialize the "m_kernel" member. Return true |
| 1031 | // _only_ if the kernel is loaded the first time through (subsequent calls to |
| 1032 | // this function should return false after the kernel has been already loaded). |
| 1033 | void DynamicLoaderDarwinKernel::LoadKernelModuleIfNeeded() { |
| 1034 | if (!m_kext_summary_header_ptr_addr.IsValid()) { |
| 1035 | m_kernel.Clear(); |
| 1036 | ModuleSP module_sp = m_process->GetTarget().GetExecutableModule(); |
| 1037 | if (is_kernel(module: module_sp.get())) { |
| 1038 | m_kernel.SetModule(module_sp); |
| 1039 | m_kernel.SetIsKernel(true); |
| 1040 | } |
| 1041 | |
| 1042 | ConstString kernel_name("mach_kernel"); |
| 1043 | if (m_kernel.GetModule().get() && m_kernel.GetModule()->GetObjectFile() && |
| 1044 | !m_kernel.GetModule() |
| 1045 | ->GetObjectFile() |
| 1046 | ->GetFileSpec() |
| 1047 | .GetFilename() |
| 1048 | .IsEmpty()) { |
| 1049 | kernel_name = |
| 1050 | m_kernel.GetModule()->GetObjectFile()->GetFileSpec().GetFilename(); |
| 1051 | } |
| 1052 | m_kernel.SetName(kernel_name.AsCString()); |
| 1053 | |
| 1054 | if (m_kernel.GetLoadAddress() == LLDB_INVALID_ADDRESS) { |
| 1055 | m_kernel.SetLoadAddress(m_kernel_load_address); |
| 1056 | if (m_kernel.GetLoadAddress() == LLDB_INVALID_ADDRESS && |
| 1057 | m_kernel.GetModule()) { |
| 1058 | // We didn't get a hint from the process, so we will try the kernel at |
| 1059 | // the address that it exists at in the file if we have one |
| 1060 | ObjectFile *kernel_object_file = m_kernel.GetModule()->GetObjectFile(); |
| 1061 | if (kernel_object_file) { |
| 1062 | addr_t load_address = |
| 1063 | kernel_object_file->GetBaseAddress().GetLoadAddress( |
| 1064 | target: &m_process->GetTarget()); |
| 1065 | addr_t file_address = |
| 1066 | kernel_object_file->GetBaseAddress().GetFileAddress(); |
| 1067 | if (load_address != LLDB_INVALID_ADDRESS && load_address != 0) { |
| 1068 | m_kernel.SetLoadAddress(load_address); |
| 1069 | if (load_address != file_address) { |
| 1070 | // Don't accidentally relocate the kernel to the File address -- |
| 1071 | // the Load address has already been set to its actual in-memory |
| 1072 | // address. Mark it as IsLoaded. |
| 1073 | m_kernel.SetProcessStopId(m_process->GetStopID()); |
| 1074 | } |
| 1075 | } else { |
| 1076 | m_kernel.SetLoadAddress(file_address); |
| 1077 | } |
| 1078 | } |
| 1079 | } |
| 1080 | } |
| 1081 | if (m_kernel.GetLoadAddress() != LLDB_INVALID_ADDRESS) |
| 1082 | if (!m_kernel.LoadImageUsingMemoryModule(process: m_process)) |
| 1083 | m_kernel.LoadImageAtFileAddress(process: m_process); |
| 1084 | |
| 1085 | // The operating system plugin gets loaded and initialized in |
| 1086 | // LoadImageUsingMemoryModule when we discover the kernel dSYM. For a core |
| 1087 | // file in particular, that's the wrong place to do this, since we haven't |
| 1088 | // fixed up the section addresses yet. So let's redo it here. |
| 1089 | LoadOperatingSystemPlugin(flush: false); |
| 1090 | |
| 1091 | if (m_kernel.IsLoaded() && m_kernel.GetModule()) { |
| 1092 | static ConstString kext_summary_symbol("gLoadedKextSummaries"); |
| 1093 | static ConstString arm64_T1Sz_value("gT1Sz"); |
| 1094 | const Symbol *symbol = |
| 1095 | m_kernel.GetModule()->FindFirstSymbolWithNameAndType( |
| 1096 | name: kext_summary_symbol, symbol_type: eSymbolTypeAny); |
| 1097 | if (symbol) { |
| 1098 | m_kext_summary_header_ptr_addr = symbol->GetAddress(); |
| 1099 | // Update all image infos |
| 1100 | ReadAllKextSummaries(); |
| 1101 | } |
| 1102 | // If the kernel global with the T1Sz setting is available, |
| 1103 | // update the target.process.virtual-addressable-bits to be correct. |
| 1104 | // NB the xnu kernel always has T0Sz and T1Sz the same value. If |
| 1105 | // it wasn't the same, we would need to set |
| 1106 | // target.process.virtual-addressable-bits = T0Sz |
| 1107 | // target.process.highmem-virtual-addressable-bits = T1Sz |
| 1108 | symbol = m_kernel.GetModule()->FindFirstSymbolWithNameAndType( |
| 1109 | name: arm64_T1Sz_value, symbol_type: eSymbolTypeData); |
| 1110 | if (symbol) { |
| 1111 | const addr_t orig_code_mask = m_process->GetCodeAddressMask(); |
| 1112 | const addr_t orig_data_mask = m_process->GetDataAddressMask(); |
| 1113 | |
| 1114 | m_process->SetCodeAddressMask(0); |
| 1115 | m_process->SetDataAddressMask(0); |
| 1116 | Status error; |
| 1117 | // gT1Sz is 8 bytes. We may run on a stripped kernel binary |
| 1118 | // where we can't get the size accurately. Hardcode it. |
| 1119 | const size_t sym_bytesize = 8; // size of gT1Sz value |
| 1120 | uint64_t sym_value = |
| 1121 | m_process->GetTarget().ReadUnsignedIntegerFromMemory( |
| 1122 | addr: symbol->GetAddress(), integer_byte_size: sym_bytesize, fail_value: 0, error); |
| 1123 | if (error.Success()) { |
| 1124 | // 64 - T1Sz is the highest bit used for auth. |
| 1125 | // The value we pass in to SetVirtualAddressableBits is |
| 1126 | // the number of bits used for addressing, so if |
| 1127 | // T1Sz is 25, then 64-25 == 39, bits 0..38 are used for |
| 1128 | // addressing, bits 39..63 are used for PAC/TBI or whatever. |
| 1129 | uint32_t virt_addr_bits = 64 - sym_value; |
| 1130 | addr_t mask = AddressableBits::AddressableBitToMask(addressable_bits: virt_addr_bits); |
| 1131 | m_process->SetCodeAddressMask(mask); |
| 1132 | m_process->SetDataAddressMask(mask); |
| 1133 | } else { |
| 1134 | m_process->SetCodeAddressMask(orig_code_mask); |
| 1135 | m_process->SetDataAddressMask(orig_data_mask); |
| 1136 | } |
| 1137 | } |
| 1138 | } else { |
| 1139 | m_kernel.Clear(); |
| 1140 | } |
| 1141 | } |
| 1142 | } |
| 1143 | |
| 1144 | // Static callback function that gets called when our DYLD notification |
| 1145 | // breakpoint gets hit. We update all of our image infos and then let our super |
| 1146 | // class DynamicLoader class decide if we should stop or not (based on global |
| 1147 | // preference). |
| 1148 | bool DynamicLoaderDarwinKernel::BreakpointHitCallback( |
| 1149 | void *baton, StoppointCallbackContext *context, user_id_t break_id, |
| 1150 | user_id_t break_loc_id) { |
| 1151 | return static_cast<DynamicLoaderDarwinKernel *>(baton)->BreakpointHit( |
| 1152 | context, break_id, break_loc_id); |
| 1153 | } |
| 1154 | |
| 1155 | bool DynamicLoaderDarwinKernel::BreakpointHit(StoppointCallbackContext *context, |
| 1156 | user_id_t break_id, |
| 1157 | user_id_t break_loc_id) { |
| 1158 | Log *log = GetLog(mask: LLDBLog::DynamicLoader); |
| 1159 | LLDB_LOGF(log, "DynamicLoaderDarwinKernel::BreakpointHit (...)\n"); |
| 1160 | |
| 1161 | ReadAllKextSummaries(); |
| 1162 | |
| 1163 | if (log) |
| 1164 | PutToLog(log); |
| 1165 | |
| 1166 | return GetStopWhenImagesChange(); |
| 1167 | } |
| 1168 | |
| 1169 | bool DynamicLoaderDarwinKernel::ReadKextSummaryHeader() { |
| 1170 | std::lock_guard<std::recursive_mutex> guard(m_mutex); |
| 1171 | |
| 1172 | // the all image infos is already valid for this process stop ID |
| 1173 | |
| 1174 | if (m_kext_summary_header_ptr_addr.IsValid()) { |
| 1175 | const uint32_t addr_size = m_kernel.GetAddressByteSize(); |
| 1176 | const ByteOrder byte_order = m_kernel.GetByteOrder(); |
| 1177 | Status error; |
| 1178 | // Read enough bytes for a "OSKextLoadedKextSummaryHeader" structure which |
| 1179 | // is currently 4 uint32_t and a pointer. |
| 1180 | uint8_t buf[24]; |
| 1181 | DataExtractor data(buf, sizeof(buf), byte_order, addr_size); |
| 1182 | const size_t count = 4 * sizeof(uint32_t) + addr_size; |
| 1183 | const bool force_live_memory = true; |
| 1184 | if (m_process->GetTarget().ReadPointerFromMemory( |
| 1185 | addr: m_kext_summary_header_ptr_addr, error, |
| 1186 | pointer_addr&: m_kext_summary_header_addr, force_live_memory)) { |
| 1187 | // We got a valid address for our kext summary header and make sure it |
| 1188 | // isn't NULL |
| 1189 | if (m_kext_summary_header_addr.IsValid() && |
| 1190 | m_kext_summary_header_addr.GetFileAddress() != 0) { |
| 1191 | const size_t bytes_read = m_process->GetTarget().ReadMemory( |
| 1192 | addr: m_kext_summary_header_addr, dst: buf, dst_len: count, error, force_live_memory); |
| 1193 | if (bytes_read == count) { |
| 1194 | lldb::offset_t offset = 0; |
| 1195 | m_kext_summary_header.version = data.GetU32(offset_ptr: &offset); |
| 1196 | if (m_kext_summary_header.version > 128) { |
| 1197 | lldb::StreamSP s = |
| 1198 | m_process->GetTarget().GetDebugger().GetAsyncOutputStream(); |
| 1199 | s->Printf(format: "WARNING: Unable to read kext summary header, got " |
| 1200 | "improbable version number %u\n", |
| 1201 | m_kext_summary_header.version); |
| 1202 | // If we get an improbably large version number, we're probably |
| 1203 | // getting bad memory. |
| 1204 | m_kext_summary_header_addr.Clear(); |
| 1205 | return false; |
| 1206 | } |
| 1207 | if (m_kext_summary_header.version >= 2) { |
| 1208 | m_kext_summary_header.entry_size = data.GetU32(offset_ptr: &offset); |
| 1209 | if (m_kext_summary_header.entry_size > 4096) { |
| 1210 | // If we get an improbably large entry_size, we're probably |
| 1211 | // getting bad memory. |
| 1212 | lldb::StreamSP s = |
| 1213 | m_process->GetTarget().GetDebugger().GetAsyncOutputStream(); |
| 1214 | s->Printf(format: "WARNING: Unable to read kext summary header, got " |
| 1215 | "improbable entry_size %u\n", |
| 1216 | m_kext_summary_header.entry_size); |
| 1217 | m_kext_summary_header_addr.Clear(); |
| 1218 | return false; |
| 1219 | } |
| 1220 | } else { |
| 1221 | // Versions less than 2 didn't have an entry size, it was hard |
| 1222 | // coded |
| 1223 | m_kext_summary_header.entry_size = |
| 1224 | KERNEL_MODULE_ENTRY_SIZE_VERSION_1; |
| 1225 | } |
| 1226 | m_kext_summary_header.entry_count = data.GetU32(offset_ptr: &offset); |
| 1227 | if (m_kext_summary_header.entry_count > 10000) { |
| 1228 | // If we get an improbably large number of kexts, we're probably |
| 1229 | // getting bad memory. |
| 1230 | lldb::StreamSP s = |
| 1231 | m_process->GetTarget().GetDebugger().GetAsyncOutputStream(); |
| 1232 | s->Printf(format: "WARNING: Unable to read kext summary header, got " |
| 1233 | "improbable number of kexts %u\n", |
| 1234 | m_kext_summary_header.entry_count); |
| 1235 | m_kext_summary_header_addr.Clear(); |
| 1236 | return false; |
| 1237 | } |
| 1238 | return true; |
| 1239 | } |
| 1240 | } |
| 1241 | } |
| 1242 | } |
| 1243 | m_kext_summary_header_addr.Clear(); |
| 1244 | return false; |
| 1245 | } |
| 1246 | |
| 1247 | // We've either (a) just attached to a new kernel, or (b) the kexts-changed |
| 1248 | // breakpoint was hit and we need to figure out what kexts have been added or |
| 1249 | // removed. Read the kext summaries from the inferior kernel memory, compare |
| 1250 | // them against the m_known_kexts vector and update the m_known_kexts vector as |
| 1251 | // needed to keep in sync with the inferior. |
| 1252 | |
| 1253 | bool DynamicLoaderDarwinKernel::ParseKextSummaries( |
| 1254 | const Address &kext_summary_addr, uint32_t count) { |
| 1255 | KextImageInfo::collection kext_summaries; |
| 1256 | Log *log = GetLog(mask: LLDBLog::DynamicLoader); |
| 1257 | LLDB_LOGF(log, |
| 1258 | "Kexts-changed breakpoint hit, there are %d kexts currently.\n", |
| 1259 | count); |
| 1260 | |
| 1261 | std::lock_guard<std::recursive_mutex> guard(m_mutex); |
| 1262 | |
| 1263 | if (!ReadKextSummaries(kext_summary_addr, image_infos_count: count, image_infos&: kext_summaries)) |
| 1264 | return false; |
| 1265 | |
| 1266 | // read the plugin.dynamic-loader.darwin-kernel.load-kexts setting -- if the |
| 1267 | // user requested no kext loading, don't print any messages about kexts & |
| 1268 | // don't try to read them. |
| 1269 | const bool load_kexts = GetGlobalProperties().GetLoadKexts(); |
| 1270 | |
| 1271 | // By default, all kexts we've loaded in the past are marked as "remove" and |
| 1272 | // all of the kexts we just found out about from ReadKextSummaries are marked |
| 1273 | // as "add". |
| 1274 | std::vector<bool> to_be_removed(m_known_kexts.size(), true); |
| 1275 | std::vector<bool> to_be_added(count, true); |
| 1276 | |
| 1277 | int number_of_new_kexts_being_added = 0; |
| 1278 | int number_of_old_kexts_being_removed = m_known_kexts.size(); |
| 1279 | |
| 1280 | const uint32_t new_kexts_size = kext_summaries.size(); |
| 1281 | const uint32_t old_kexts_size = m_known_kexts.size(); |
| 1282 | |
| 1283 | // The m_known_kexts vector may have entries that have been Cleared, or are a |
| 1284 | // kernel. |
| 1285 | for (uint32_t old_kext = 0; old_kext < old_kexts_size; old_kext++) { |
| 1286 | bool ignore = false; |
| 1287 | KextImageInfo &image_info = m_known_kexts[old_kext]; |
| 1288 | if (image_info.IsKernel()) { |
| 1289 | ignore = true; |
| 1290 | } else if (image_info.GetLoadAddress() == LLDB_INVALID_ADDRESS && |
| 1291 | !image_info.GetModule()) { |
| 1292 | ignore = true; |
| 1293 | } |
| 1294 | |
| 1295 | if (ignore) { |
| 1296 | number_of_old_kexts_being_removed--; |
| 1297 | to_be_removed[old_kext] = false; |
| 1298 | } |
| 1299 | } |
| 1300 | |
| 1301 | // Scan over the list of kexts we just read from the kernel, note those that |
| 1302 | // need to be added and those already loaded. |
| 1303 | for (uint32_t new_kext = 0; new_kext < new_kexts_size; new_kext++) { |
| 1304 | bool add_this_one = true; |
| 1305 | for (uint32_t old_kext = 0; old_kext < old_kexts_size; old_kext++) { |
| 1306 | if (m_known_kexts[old_kext] == kext_summaries[new_kext]) { |
| 1307 | // We already have this kext, don't re-load it. |
| 1308 | to_be_added[new_kext] = false; |
| 1309 | // This kext is still present, do not remove it. |
| 1310 | to_be_removed[old_kext] = false; |
| 1311 | |
| 1312 | number_of_old_kexts_being_removed--; |
| 1313 | add_this_one = false; |
| 1314 | break; |
| 1315 | } |
| 1316 | } |
| 1317 | // If this "kext" entry is actually an alias for the kernel -- the kext was |
| 1318 | // compiled into the kernel or something -- then we don't want to load the |
| 1319 | // kernel's text section at a different address. Ignore this kext entry. |
| 1320 | if (kext_summaries[new_kext].GetUUID().IsValid() && |
| 1321 | m_kernel.GetUUID().IsValid() && |
| 1322 | kext_summaries[new_kext].GetUUID() == m_kernel.GetUUID()) { |
| 1323 | to_be_added[new_kext] = false; |
| 1324 | break; |
| 1325 | } |
| 1326 | if (add_this_one) { |
| 1327 | number_of_new_kexts_being_added++; |
| 1328 | } |
| 1329 | } |
| 1330 | |
| 1331 | if (number_of_new_kexts_being_added == 0 && |
| 1332 | number_of_old_kexts_being_removed == 0) |
| 1333 | return true; |
| 1334 | |
| 1335 | lldb::StreamSP s = |
| 1336 | m_process->GetTarget().GetDebugger().GetAsyncOutputStream(); |
| 1337 | if (load_kexts) { |
| 1338 | if (number_of_new_kexts_being_added > 0 && |
| 1339 | number_of_old_kexts_being_removed > 0) { |
| 1340 | s->Printf(format: "Loading %d kext modules and unloading %d kext modules ", |
| 1341 | number_of_new_kexts_being_added, |
| 1342 | number_of_old_kexts_being_removed); |
| 1343 | } else if (number_of_new_kexts_being_added > 0) { |
| 1344 | s->Printf(format: "Loading %d kext modules ", number_of_new_kexts_being_added); |
| 1345 | } else if (number_of_old_kexts_being_removed > 0) { |
| 1346 | s->Printf(format: "Unloading %d kext modules ", |
| 1347 | number_of_old_kexts_being_removed); |
| 1348 | } |
| 1349 | } |
| 1350 | |
| 1351 | if (log) { |
| 1352 | if (load_kexts) { |
| 1353 | LLDB_LOGF(log, |
| 1354 | "DynamicLoaderDarwinKernel::ParseKextSummaries: %d kexts " |
| 1355 | "added, %d kexts removed", |
| 1356 | number_of_new_kexts_being_added, |
| 1357 | number_of_old_kexts_being_removed); |
| 1358 | } else { |
| 1359 | LLDB_LOGF(log, |
| 1360 | "DynamicLoaderDarwinKernel::ParseKextSummaries kext loading is " |
| 1361 | "disabled, else would have %d kexts added, %d kexts removed", |
| 1362 | number_of_new_kexts_being_added, |
| 1363 | number_of_old_kexts_being_removed); |
| 1364 | } |
| 1365 | } |
| 1366 | |
| 1367 | // Build up a list of <kext-name, uuid> for any kexts that fail to load |
| 1368 | std::vector<std::pair<std::string, UUID>> kexts_failed_to_load; |
| 1369 | if (number_of_new_kexts_being_added > 0) { |
| 1370 | ModuleList loaded_module_list; |
| 1371 | Progress progress("Loading kext", "", number_of_new_kexts_being_added); |
| 1372 | |
| 1373 | const uint32_t num_of_new_kexts = kext_summaries.size(); |
| 1374 | for (uint32_t new_kext = 0; new_kext < num_of_new_kexts; new_kext++) { |
| 1375 | if (to_be_added[new_kext]) { |
| 1376 | KextImageInfo &image_info = kext_summaries[new_kext]; |
| 1377 | if (load_kexts) { |
| 1378 | if (!image_info.LoadImageUsingMemoryModule(process: m_process, progress: &progress)) { |
| 1379 | kexts_failed_to_load.push_back(x: std::pair<std::string, UUID>( |
| 1380 | kext_summaries[new_kext].GetName(), |
| 1381 | kext_summaries[new_kext].GetUUID())); |
| 1382 | image_info.LoadImageAtFileAddress(process: m_process); |
| 1383 | } |
| 1384 | } |
| 1385 | |
| 1386 | m_known_kexts.push_back(x: image_info); |
| 1387 | |
| 1388 | if (image_info.GetModule() && |
| 1389 | m_process->GetStopID() == image_info.GetProcessStopId()) |
| 1390 | loaded_module_list.AppendIfNeeded(new_module: image_info.GetModule()); |
| 1391 | |
| 1392 | if (log) |
| 1393 | kext_summaries[new_kext].PutToLog(log); |
| 1394 | } |
| 1395 | } |
| 1396 | m_process->GetTarget().ModulesDidLoad(module_list&: loaded_module_list); |
| 1397 | } |
| 1398 | |
| 1399 | if (number_of_old_kexts_being_removed > 0) { |
| 1400 | ModuleList loaded_module_list; |
| 1401 | const uint32_t num_of_old_kexts = m_known_kexts.size(); |
| 1402 | for (uint32_t old_kext = 0; old_kext < num_of_old_kexts; old_kext++) { |
| 1403 | ModuleList unloaded_module_list; |
| 1404 | if (to_be_removed[old_kext]) { |
| 1405 | KextImageInfo &image_info = m_known_kexts[old_kext]; |
| 1406 | // You can't unload the kernel. |
| 1407 | if (!image_info.IsKernel()) { |
| 1408 | if (image_info.GetModule()) { |
| 1409 | unloaded_module_list.AppendIfNeeded(new_module: image_info.GetModule()); |
| 1410 | } |
| 1411 | s->Printf(format: "."); |
| 1412 | image_info.Clear(); |
| 1413 | // should pull it out of the KextImageInfos vector but that would |
| 1414 | // mutate the list and invalidate the to_be_removed bool vector; |
| 1415 | // leaving it in place once Cleared() is relatively harmless. |
| 1416 | } |
| 1417 | } |
| 1418 | m_process->GetTarget().ModulesDidUnload(module_list&: unloaded_module_list, delete_locations: false); |
| 1419 | } |
| 1420 | } |
| 1421 | |
| 1422 | if (load_kexts) { |
| 1423 | s->Printf(format: " done.\n"); |
| 1424 | if (kexts_failed_to_load.size() > 0 && number_of_new_kexts_being_added > 0) { |
| 1425 | s->Printf(format: "Failed to load %d of %d kexts:\n", |
| 1426 | (int)kexts_failed_to_load.size(), |
| 1427 | number_of_new_kexts_being_added); |
| 1428 | // print a sorted list of <kext-name, uuid> kexts which failed to load |
| 1429 | unsigned longest_name = 0; |
| 1430 | std::sort(first: kexts_failed_to_load.begin(), last: kexts_failed_to_load.end()); |
| 1431 | for (const auto &ku : kexts_failed_to_load) { |
| 1432 | if (ku.first.size() > longest_name) |
| 1433 | longest_name = ku.first.size(); |
| 1434 | } |
| 1435 | for (const auto &ku : kexts_failed_to_load) { |
| 1436 | std::string uuid; |
| 1437 | if (ku.second.IsValid()) |
| 1438 | uuid = ku.second.GetAsString(); |
| 1439 | s->Printf(format: " %-*s %s\n", longest_name, ku.first.c_str(), uuid.c_str()); |
| 1440 | } |
| 1441 | } |
| 1442 | } |
| 1443 | |
| 1444 | return true; |
| 1445 | } |
| 1446 | |
| 1447 | uint32_t DynamicLoaderDarwinKernel::ReadKextSummaries( |
| 1448 | const Address &kext_summary_addr, uint32_t image_infos_count, |
| 1449 | KextImageInfo::collection &image_infos) { |
| 1450 | const ByteOrder endian = m_kernel.GetByteOrder(); |
| 1451 | const uint32_t addr_size = m_kernel.GetAddressByteSize(); |
| 1452 | |
| 1453 | image_infos.resize(new_size: image_infos_count); |
| 1454 | const size_t count = image_infos.size() * m_kext_summary_header.entry_size; |
| 1455 | DataBufferHeap data(count, 0); |
| 1456 | Status error; |
| 1457 | |
| 1458 | const bool force_live_memory = true; |
| 1459 | const size_t bytes_read = m_process->GetTarget().ReadMemory( |
| 1460 | addr: kext_summary_addr, dst: data.GetBytes(), dst_len: data.GetByteSize(), error, force_live_memory); |
| 1461 | if (bytes_read == count) { |
| 1462 | |
| 1463 | DataExtractor extractor(data.GetBytes(), data.GetByteSize(), endian, |
| 1464 | addr_size); |
| 1465 | uint32_t i = 0; |
| 1466 | for (uint32_t kext_summary_offset = 0; |
| 1467 | i < image_infos.size() && |
| 1468 | extractor.ValidOffsetForDataOfSize(offset: kext_summary_offset, |
| 1469 | length: m_kext_summary_header.entry_size); |
| 1470 | ++i, kext_summary_offset += m_kext_summary_header.entry_size) { |
| 1471 | lldb::offset_t offset = kext_summary_offset; |
| 1472 | const void *name_data = |
| 1473 | extractor.GetData(offset_ptr: &offset, length: KERNEL_MODULE_MAX_NAME); |
| 1474 | if (name_data == nullptr) |
| 1475 | break; |
| 1476 | image_infos[i].SetName((const char *)name_data); |
| 1477 | UUID uuid(extractor.GetData(offset_ptr: &offset, length: 16), 16); |
| 1478 | image_infos[i].SetUUID(uuid); |
| 1479 | image_infos[i].SetLoadAddress(extractor.GetU64(offset_ptr: &offset)); |
| 1480 | image_infos[i].SetSize(extractor.GetU64(offset_ptr: &offset)); |
| 1481 | } |
| 1482 | if (i < image_infos.size()) |
| 1483 | image_infos.resize(new_size: i); |
| 1484 | } else { |
| 1485 | image_infos.clear(); |
| 1486 | } |
| 1487 | return image_infos.size(); |
| 1488 | } |
| 1489 | |
| 1490 | bool DynamicLoaderDarwinKernel::ReadAllKextSummaries() { |
| 1491 | std::lock_guard<std::recursive_mutex> guard(m_mutex); |
| 1492 | |
| 1493 | if (ReadKextSummaryHeader()) { |
| 1494 | if (m_kext_summary_header.entry_count > 0 && |
| 1495 | m_kext_summary_header_addr.IsValid()) { |
| 1496 | Address summary_addr(m_kext_summary_header_addr); |
| 1497 | summary_addr.Slide(offset: m_kext_summary_header.GetSize()); |
| 1498 | if (!ParseKextSummaries(kext_summary_addr: summary_addr, |
| 1499 | count: m_kext_summary_header.entry_count)) { |
| 1500 | m_known_kexts.clear(); |
| 1501 | } |
| 1502 | return true; |
| 1503 | } |
| 1504 | } |
| 1505 | return false; |
| 1506 | } |
| 1507 | |
| 1508 | // Dump an image info structure to the file handle provided. |
| 1509 | void DynamicLoaderDarwinKernel::KextImageInfo::PutToLog(Log *log) const { |
| 1510 | if (m_load_address == LLDB_INVALID_ADDRESS) { |
| 1511 | LLDB_LOG(log, "uuid={0} name=\"{1}\" (UNLOADED)", m_uuid.GetAsString(), |
| 1512 | m_name); |
| 1513 | } else { |
| 1514 | LLDB_LOG(log, "addr={0:x+16} size={1:x+16} uuid={2} name=\"{3}\"", |
| 1515 | m_load_address, m_size, m_uuid.GetAsString(), m_name); |
| 1516 | } |
| 1517 | } |
| 1518 | |
| 1519 | // Dump the _dyld_all_image_infos members and all current image infos that we |
| 1520 | // have parsed to the file handle provided. |
| 1521 | void DynamicLoaderDarwinKernel::PutToLog(Log *log) const { |
| 1522 | if (log == nullptr) |
| 1523 | return; |
| 1524 | |
| 1525 | std::lock_guard<std::recursive_mutex> guard(m_mutex); |
| 1526 | LLDB_LOGF(log, |
| 1527 | "gLoadedKextSummaries = 0x%16.16"PRIx64 |
| 1528 | " { version=%u, entry_size=%u, entry_count=%u }", |
| 1529 | m_kext_summary_header_addr.GetFileAddress(), |
| 1530 | m_kext_summary_header.version, m_kext_summary_header.entry_size, |
| 1531 | m_kext_summary_header.entry_count); |
| 1532 | |
| 1533 | size_t i; |
| 1534 | const size_t count = m_known_kexts.size(); |
| 1535 | if (count > 0) { |
| 1536 | log->PutCString(cstr: "Loaded:"); |
| 1537 | for (i = 0; i < count; i++) |
| 1538 | m_known_kexts[i].PutToLog(log); |
| 1539 | } |
| 1540 | } |
| 1541 | |
| 1542 | void DynamicLoaderDarwinKernel::PrivateInitialize(Process *process) { |
| 1543 | DEBUG_PRINTF("DynamicLoaderDarwinKernel::%s() process state = %s\n", |
| 1544 | __FUNCTION__, StateAsCString(m_process->GetState())); |
| 1545 | Clear(clear_process: true); |
| 1546 | m_process = process; |
| 1547 | } |
| 1548 | |
| 1549 | void DynamicLoaderDarwinKernel::SetNotificationBreakpointIfNeeded() { |
| 1550 | if (m_break_id == LLDB_INVALID_BREAK_ID && m_kernel.GetModule()) { |
| 1551 | DEBUG_PRINTF("DynamicLoaderDarwinKernel::%s() process state = %s\n", |
| 1552 | __FUNCTION__, StateAsCString(m_process->GetState())); |
| 1553 | |
| 1554 | const bool internal_bp = true; |
| 1555 | const bool hardware = false; |
| 1556 | const LazyBool skip_prologue = eLazyBoolNo; |
| 1557 | FileSpecList module_spec_list; |
| 1558 | module_spec_list.Append(file: m_kernel.GetModule()->GetFileSpec()); |
| 1559 | Breakpoint *bp = |
| 1560 | m_process->GetTarget() |
| 1561 | .CreateBreakpoint(containingModules: &module_spec_list, containingSourceFiles: nullptr, |
| 1562 | func_name: "OSKextLoadedKextSummariesUpdated", |
| 1563 | func_name_type_mask: eFunctionNameTypeFull, language: eLanguageTypeUnknown, offset: 0, |
| 1564 | skip_prologue, internal: internal_bp, request_hardware: hardware) |
| 1565 | .get(); |
| 1566 | |
| 1567 | bp->SetCallback(callback: DynamicLoaderDarwinKernel::BreakpointHitCallback, baton: this, |
| 1568 | is_synchronous: true); |
| 1569 | m_break_id = bp->GetID(); |
| 1570 | } |
| 1571 | } |
| 1572 | |
| 1573 | // Member function that gets called when the process state changes. |
| 1574 | void DynamicLoaderDarwinKernel::PrivateProcessStateChanged(Process *process, |
| 1575 | StateType state) { |
| 1576 | DEBUG_PRINTF("DynamicLoaderDarwinKernel::%s(%s)\n", __FUNCTION__, |
| 1577 | StateAsCString(state)); |
| 1578 | switch (state) { |
| 1579 | case eStateConnected: |
| 1580 | case eStateAttaching: |
| 1581 | case eStateLaunching: |
| 1582 | case eStateInvalid: |
| 1583 | case eStateUnloaded: |
| 1584 | case eStateExited: |
| 1585 | case eStateDetached: |
| 1586 | Clear(clear_process: false); |
| 1587 | break; |
| 1588 | |
| 1589 | case eStateStopped: |
| 1590 | UpdateIfNeeded(); |
| 1591 | break; |
| 1592 | |
| 1593 | case eStateRunning: |
| 1594 | case eStateStepping: |
| 1595 | case eStateCrashed: |
| 1596 | case eStateSuspended: |
| 1597 | break; |
| 1598 | } |
| 1599 | } |
| 1600 | |
| 1601 | ThreadPlanSP |
| 1602 | DynamicLoaderDarwinKernel::GetStepThroughTrampolinePlan(Thread &thread, |
| 1603 | bool stop_others) { |
| 1604 | ThreadPlanSP thread_plan_sp; |
| 1605 | Log *log = GetLog(mask: LLDBLog::Step); |
| 1606 | LLDB_LOGF(log, "Could not find symbol for step through."); |
| 1607 | return thread_plan_sp; |
| 1608 | } |
| 1609 | |
| 1610 | Status DynamicLoaderDarwinKernel::CanLoadImage() { |
| 1611 | Status error; |
| 1612 | error = Status::FromErrorString( |
| 1613 | str: "always unsafe to load or unload shared libraries in the darwin kernel"); |
| 1614 | return error; |
| 1615 | } |
| 1616 | |
| 1617 | void DynamicLoaderDarwinKernel::Initialize() { |
| 1618 | PluginManager::RegisterPlugin(name: GetPluginNameStatic(), |
| 1619 | description: GetPluginDescriptionStatic(), create_callback: CreateInstance, |
| 1620 | debugger_init_callback: DebuggerInitialize); |
| 1621 | } |
| 1622 | |
| 1623 | void DynamicLoaderDarwinKernel::Terminate() { |
| 1624 | PluginManager::UnregisterPlugin(create_callback: CreateInstance); |
| 1625 | } |
| 1626 | |
| 1627 | void DynamicLoaderDarwinKernel::DebuggerInitialize( |
| 1628 | lldb_private::Debugger &debugger) { |
| 1629 | if (!PluginManager::GetSettingForDynamicLoaderPlugin( |
| 1630 | debugger, setting_name: DynamicLoaderDarwinKernelProperties::GetSettingName())) { |
| 1631 | const bool is_global_setting = true; |
| 1632 | PluginManager::CreateSettingForDynamicLoaderPlugin( |
| 1633 | debugger, properties_sp: GetGlobalProperties().GetValueProperties(), |
| 1634 | description: "Properties for the DynamicLoaderDarwinKernel plug-in.", |
| 1635 | is_global_property: is_global_setting); |
| 1636 | } |
| 1637 | } |
| 1638 | |
| 1639 | llvm::StringRef DynamicLoaderDarwinKernel::GetPluginDescriptionStatic() { |
| 1640 | return "Dynamic loader plug-in that watches for shared library loads/unloads " |
| 1641 | "in the MacOSX kernel."; |
| 1642 | } |
| 1643 | |
| 1644 | lldb::ByteOrder |
| 1645 | DynamicLoaderDarwinKernel::GetByteOrderFromMagic(uint32_t magic) { |
| 1646 | switch (magic) { |
| 1647 | case llvm::MachO::MH_MAGIC: |
| 1648 | case llvm::MachO::MH_MAGIC_64: |
| 1649 | return endian::InlHostByteOrder(); |
| 1650 | |
| 1651 | case llvm::MachO::MH_CIGAM: |
| 1652 | case llvm::MachO::MH_CIGAM_64: |
| 1653 | if (endian::InlHostByteOrder() == lldb::eByteOrderBig) |
| 1654 | return lldb::eByteOrderLittle; |
| 1655 | else |
| 1656 | return lldb::eByteOrderBig; |
| 1657 | |
| 1658 | default: |
| 1659 | break; |
| 1660 | } |
| 1661 | return lldb::eByteOrderInvalid; |
| 1662 | } |
| 1663 |
Definitions
- KASLRScanType
- g_kaslr_kernel_scan_enum_values
- DynamicLoaderDarwinKernelProperties
- GetSettingName
- DynamicLoaderDarwinKernelProperties
- ~DynamicLoaderDarwinKernelProperties
- GetLoadKexts
- GetScanType
- GetGlobalProperties
- is_kernel
- CreateInstance
- SearchForDarwinKernel
- SearchForKernelAtSameLoadAddr
- SearchForKernelWithDebugHints
- SearchForKernelNearPC
- SearchForKernelViaExhaustiveSearch
- ReadMachHeader
- CheckForKernelImageAtAddress
- DynamicLoaderDarwinKernel
- ~DynamicLoaderDarwinKernel
- UpdateIfNeeded
- DidAttach
- DidLaunch
- Clear
- LoadImageAtFileAddress
- SetModule
- GetModule
- SetLoadAddress
- GetLoadAddress
- GetSize
- SetSize
- GetProcessStopId
- SetProcessStopId
- operator==
- SetName
- GetName
- SetUUID
- GetUUID
- ReadMemoryModule
- IsKernel
- SetIsKernel
- LoadImageUsingMemoryModule
- GetAddressByteSize
- GetByteOrder
- GetArchitecture
- LoadKernelModuleIfNeeded
- BreakpointHitCallback
- BreakpointHit
- ReadKextSummaryHeader
- ParseKextSummaries
- ReadKextSummaries
- ReadAllKextSummaries
- PutToLog
- PutToLog
- PrivateInitialize
- SetNotificationBreakpointIfNeeded
- PrivateProcessStateChanged
- GetStepThroughTrampolinePlan
- CanLoadImage
- Initialize
- Terminate
- DebuggerInitialize
- GetPluginDescriptionStatic
Improve your Profiling and Debugging skills
Find out more