VirtualBox

source: vbox/trunk/src/VBox/Debugger/DBGPlugInLinux.cpp@ 62508

Last change on this file since 62508 was 62480, checked in by vboxsync, 8 years ago

(C) 2016

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 91.6 KB
Line 
1/* $Id: DBGPlugInLinux.cpp 62480 2016-07-22 18:29:41Z vboxsync $ */
2/** @file
3 * DBGPlugInLinux - Debugger and Guest OS Digger Plugin For Linux.
4 */
5
6/*
7 * Copyright (C) 2008-2016 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/*********************************************************************************************************************************
20* Header Files *
21*********************************************************************************************************************************/
22#define LOG_GROUP LOG_GROUP_DBGF ///@todo add new log group.
23#include "DBGPlugIns.h"
24#include "DBGPlugInCommonELF.h"
25#include <VBox/vmm/dbgf.h>
26#include <VBox/dis.h>
27#include <iprt/file.h>
28#include <iprt/string.h>
29#include <iprt/mem.h>
30#include <iprt/stream.h>
31#include <iprt/ctype.h>
32#include <iprt/vfs.h>
33#include <iprt/zip.h>
34
35
36/*********************************************************************************************************************************
37* Structures and Typedefs *
38*********************************************************************************************************************************/
39
40/** @name InternalLinux structures
41 * @{ */
42
43
44/** @} */
45
46
47/**
48 * Config item type.
49 */
50typedef enum DBGDIGGERLINUXCFGITEMTYPE
51{
52 /** Invalid type. */
53 DBGDIGGERLINUXCFGITEMTYPE_INVALID = 0,
54 /** String. */
55 DBGDIGGERLINUXCFGITEMTYPE_STRING,
56 /** Number. */
57 DBGDIGGERLINUXCFGITEMTYPE_NUMBER,
58 /** Flag whether this feature is included in the
59 * kernel or as a module. */
60 DBGDIGGERLINUXCFGITEMTYPE_FLAG
61} DBGDIGGERLINUXCFGITEMTYPE;
62
63/**
64 * Item in the config database.
65 */
66typedef struct DBGDIGGERLINUXCFGITEM
67{
68 /** String space core. */
69 RTSTRSPACECORE Core;
70 /** Config item type. */
71 DBGDIGGERLINUXCFGITEMTYPE enmType;
72 /** Data based on the type. */
73 union
74 {
75 /** Number. */
76 int64_t i64Num;
77 /** Flag. */
78 bool fModule;
79 /** String - variable in size. */
80 char aszString[1];
81 } u;
82} DBGDIGGERLINUXCFGITEM;
83/** Pointer to a config database item. */
84typedef DBGDIGGERLINUXCFGITEM *PDBGDIGGERLINUXCFGITEM;
85/** Pointer to a const config database item. */
86typedef const DBGDIGGERLINUXCFGITEM *PCDBGDIGGERLINUXCFGITEM;
87
88/**
89 * Linux guest OS digger instance data.
90 */
91typedef struct DBGDIGGERLINUX
92{
93 /** Whether the information is valid or not.
94 * (For fending off illegal interface method calls.) */
95 bool fValid;
96 /** Set if 64-bit, clear if 32-bit. */
97 bool f64Bit;
98
99 /** The address of the linux banner.
100 * This is set during probing. */
101 DBGFADDRESS AddrLinuxBanner;
102 /** Kernel base address.
103 * This is set during probing, refined during kallsyms parsing. */
104 DBGFADDRESS AddrKernelBase;
105 /** The kernel size. */
106 uint32_t cbKernel;
107
108 /** The number of kernel symbols (kallsyms_num_syms).
109 * This is set during init. */
110 uint32_t cKernelSymbols;
111 /** The size of the kernel name table (sizeof(kallsyms_names)). */
112 uint32_t cbKernelNames;
113 /** Number of entries in the kernel_markers table. */
114 uint32_t cKernelNameMarkers;
115 /** The size of the kernel symbol token table. */
116 uint32_t cbKernelTokenTable;
117 /** The address of the encoded kernel symbol names (kallsyms_names). */
118 DBGFADDRESS AddrKernelNames;
119 /** The address of the kernel symbol addresses (kallsyms_addresses). */
120 DBGFADDRESS AddrKernelAddresses;
121 /** The address of the kernel symbol name markers (kallsyms_markers). */
122 DBGFADDRESS AddrKernelNameMarkers;
123 /** The address of the kernel symbol token table (kallsyms_token_table). */
124 DBGFADDRESS AddrKernelTokenTable;
125 /** The address of the kernel symbol token index table (kallsyms_token_index). */
126 DBGFADDRESS AddrKernelTokenIndex;
127
128 /** The kernel message log interface. */
129 DBGFOSIDMESG IDmesg;
130
131 /** The config database root. */
132 RTSTRSPACE hCfgDb;
133} DBGDIGGERLINUX;
134/** Pointer to the linux guest OS digger instance data. */
135typedef DBGDIGGERLINUX *PDBGDIGGERLINUX;
136
137
138/**
139 * The current printk_log structure.
140 */
141typedef struct LNXPRINTKHDR
142{
143 /** Monotonic timestamp. */
144 uint64_t nsTimestamp;
145 /** The total size of this message record. */
146 uint16_t cbTotal;
147 /** The size of the text part (immediately follows the header). */
148 uint16_t cbText;
149 /** The size of the optional dictionary part (follows the text). */
150 uint16_t cbDict;
151 /** The syslog facility number. */
152 uint8_t bFacility;
153 /** First 5 bits are internal flags, next 3 bits are log level. */
154 uint8_t fFlagsAndLevel;
155} LNXPRINTKHDR;
156AssertCompileSize(LNXPRINTKHDR, 2*sizeof(uint64_t));
157/** Pointer to linux printk_log header. */
158typedef LNXPRINTKHDR *PLNXPRINTKHDR;
159/** Pointer to linux const printk_log header. */
160typedef LNXPRINTKHDR const *PCLNXPRINTKHDR;
161
162
163/*********************************************************************************************************************************
164* Defined Constants And Macros *
165*********************************************************************************************************************************/
166/** Validates a 32-bit linux kernel address */
167#define LNX32_VALID_ADDRESS(Addr) ((Addr) > UINT32_C(0x80000000) && (Addr) < UINT32_C(0xfffff000))
168/** Validates a 64-bit linux kernel address */
169#define LNX64_VALID_ADDRESS(Addr) ((Addr) > UINT64_C(0xffff800000000000) && (Addr) < UINT64_C(0xfffffffffffff000))
170
171/** The max kernel size. */
172#define LNX_MAX_KERNEL_SIZE UINT32_C(0x0f000000)
173
174/** The maximum size we expect for kallsyms_names. */
175#define LNX_MAX_KALLSYMS_NAMES_SIZE UINT32_C(0x200000)
176/** The maximum size we expect for kallsyms_token_table. */
177#define LNX_MAX_KALLSYMS_TOKEN_TABLE_SIZE UINT32_C(0x10000)
178/** The minimum number of symbols we expect in kallsyms_num_syms. */
179#define LNX_MIN_KALLSYMS_SYMBOLS UINT32_C(2048)
180/** The maximum number of symbols we expect in kallsyms_num_syms. */
181#define LNX_MAX_KALLSYMS_SYMBOLS UINT32_C(1048576)
182/** The min length an encoded symbol in kallsyms_names is expected to have. */
183#define LNX_MIN_KALLSYMS_ENC_LENGTH UINT8_C(1)
184/** The max length an encoded symbol in kallsyms_names is expected to have.
185 * @todo check real life here. */
186#define LNX_MAX_KALLSYMS_ENC_LENGTH UINT8_C(28)
187/** The approximate maximum length of a string token. */
188#define LNX_MAX_KALLSYMS_TOKEN_LEN UINT16_C(32)
189/** Maximum compressed config size expected. */
190#define LNX_MAX_COMPRESSED_CFG_SIZE _1M
191
192/** Module tag for linux ('linuxmod' on little endian ASCII systems). */
193#define DIG_LNX_MOD_TAG UINT64_C(0x545f5d78758e898c)
194
195
196/*********************************************************************************************************************************
197* Internal Functions *
198*********************************************************************************************************************************/
199static DECLCALLBACK(int) dbgDiggerLinuxInit(PUVM pUVM, void *pvData);
200
201
202/*********************************************************************************************************************************
203* Global Variables *
204*********************************************************************************************************************************/
205/** Table of common linux kernel addresses. */
206static uint64_t g_au64LnxKernelAddresses[] =
207{
208 UINT64_C(0xc0100000),
209 UINT64_C(0x90100000),
210 UINT64_C(0xffffffff80200000)
211};
212
213static const uint8_t g_abLinuxVersion[] = "Linux version ";
214
215/**
216 * Disassembles a simple getter returning the value for it.
217 *
218 * @returns VBox status code.
219 * @param pThis The Linux digger data.
220 * @param pUVM The VM handle.
221 * @param hMod The module to use.
222 * @param pszSymbol The symbol of the getter.
223 * @param pvVal Where to store the value on success.
224 * @param cbVal Size of the value in bytes.
225 */
226static int dbgDiggerLinuxDisassembleSimpleGetter(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
227 const char *pszSymbol, void *pvVal, uint32_t cbVal)
228{
229 int rc = VINF_SUCCESS;
230
231 RTDBGSYMBOL SymInfo;
232 rc = RTDbgModSymbolByName(hMod, pszSymbol, &SymInfo);
233 if (RT_SUCCESS(rc))
234 {
235 /*
236 * Do the diassembling. Disassemble until a ret instruction is encountered
237 * or a limit is reached (don't want to disassemble for too long as the getter
238 * should be short).
239 * push and pop instructions are skipped as well as any mov instructions not
240 * touching the rax or eax register (depending on the size of the value).
241 */
242 unsigned cInstrDisassembled = 0;
243 uint32_t offInstr = 0;
244 bool fRet = false;
245 DISSTATE DisState;
246 RT_ZERO(DisState);
247
248 do
249 {
250 DBGFADDRESS Addr;
251 RTGCPTR GCPtrCur = (RTGCPTR)SymInfo.Value + pThis->AddrKernelBase.FlatPtr + offInstr;
252 DBGFR3AddrFromFlat(pUVM, &Addr, GCPtrCur);
253
254 /* Prefetch the instruction. */
255 uint8_t abInstr[32];
256 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &Addr, &abInstr[0], sizeof(abInstr));
257 if (RT_SUCCESS(rc))
258 {
259 uint32_t cbInstr = 0;
260
261 rc = DISInstr(&abInstr[0], pThis->f64Bit ? DISCPUMODE_64BIT : DISCPUMODE_32BIT, &DisState, &cbInstr);
262 if (RT_SUCCESS(rc))
263 {
264 switch (DisState.pCurInstr->uOpcode)
265 {
266 case OP_PUSH:
267 case OP_POP:
268 case OP_NOP:
269 case OP_LEA:
270 break;
271 case OP_RETN:
272 /* Getter returned, abort disassembling. */
273 fRet = true;
274 break;
275 case OP_MOV:
276 /*
277 * Check that the destination is either rax or eax depending on the
278 * value size.
279 *
280 * Param1 is the destination and Param2 the source.
281 */
282 if ( ( ( (DisState.Param1.fUse & (DISUSE_BASE | DISUSE_REG_GEN32))
283 && cbVal == sizeof(uint32_t))
284 || ( (DisState.Param1.fUse & (DISUSE_BASE | DISUSE_REG_GEN64))
285 && cbVal == sizeof(uint64_t)))
286 && DisState.Param1.Base.idxGenReg == DISGREG_RAX)
287 {
288 /* Parse the source. */
289 if (DisState.Param2.fUse & (DISUSE_IMMEDIATE32 | DISUSE_IMMEDIATE64))
290 memcpy(pvVal, &DisState.Param2.uValue, cbVal);
291 else if (DisState.Param2.fUse & (DISUSE_RIPDISPLACEMENT32|DISUSE_DISPLACEMENT32|DISUSE_DISPLACEMENT64))
292 {
293 RTGCPTR GCPtrVal = 0;
294
295 if (DisState.Param2.fUse & DISUSE_RIPDISPLACEMENT32)
296 GCPtrVal = GCPtrCur + DisState.Param2.uDisp.i32 + cbInstr;
297 else if (DisState.Param2.fUse & DISUSE_DISPLACEMENT32)
298 GCPtrVal = (RTGCPTR)DisState.Param2.uDisp.u32;
299 else if (DisState.Param2.fUse & DISUSE_DISPLACEMENT64)
300 GCPtrVal = (RTGCPTR)DisState.Param2.uDisp.u64;
301 else
302 AssertMsgFailedBreakStmt(("Invalid displacement\n"), rc = VERR_INVALID_STATE);
303
304 DBGFADDRESS AddrVal;
305 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/,
306 DBGFR3AddrFromFlat(pUVM, &AddrVal, GCPtrVal),
307 pvVal, cbVal);
308 }
309 }
310 break;
311 default:
312 /* All other instructions will cause an error for now (playing safe here). */
313 rc = VERR_INVALID_PARAMETER;
314 break;
315 }
316 cInstrDisassembled++;
317 offInstr += cbInstr;
318 }
319 }
320 } while ( RT_SUCCESS(rc)
321 && cInstrDisassembled < 20
322 && !fRet);
323 }
324
325 return rc;
326}
327
328/**
329 * Try to get at the log buffer starting address and size by disassembling emit_log_char.
330 *
331 * @returns VBox status code.
332 * @param pThis The Linux digger data.
333 * @param pUVM The VM handle.
334 * @param hMod The module to use.
335 * @param pGCPtrLogBuf Where to store the log buffer pointer on success.
336 * @param pcbLogBuf Where to store the size of the log buffer on success.
337 */
338static int dbgDiggerLinuxQueryAsciiLogBufferPtrs(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
339 RTGCPTR *pGCPtrLogBuf, uint32_t *pcbLogBuf)
340{
341 int rc = VINF_SUCCESS;
342
343 /**
344 * We disassemble emit_log_char to get at the log buffer address and size.
345 * This is used in case the symbols are not exported in kallsyms.
346 *
347 * This is what it typically looks like:
348 * vmlinux!emit_log_char:
349 * %00000000c01204a1 56 push esi
350 * %00000000c01204a2 8b 35 d0 1c 34 c0 mov esi, dword [0c0341cd0h]
351 * %00000000c01204a8 53 push ebx
352 * %00000000c01204a9 8b 1d 74 3b 3e c0 mov ebx, dword [0c03e3b74h]
353 * %00000000c01204af 8b 0d d8 1c 34 c0 mov ecx, dword [0c0341cd8h]
354 * %00000000c01204b5 8d 56 ff lea edx, [esi-001h]
355 * %00000000c01204b8 21 da and edx, ebx
356 * %00000000c01204ba 88 04 11 mov byte [ecx+edx], al
357 * %00000000c01204bd 8d 53 01 lea edx, [ebx+001h]
358 * %00000000c01204c0 89 d0 mov eax, edx
359 * [...]
360 */
361 RTDBGSYMBOL SymInfo;
362 rc = RTDbgModSymbolByName(hMod, "emit_log_char", &SymInfo);
363 if (RT_SUCCESS(rc))
364 {
365 /*
366 * Do the diassembling. Disassemble until a ret instruction is encountered
367 * or a limit is reached (don't want to disassemble for too long as the getter
368 * should be short). Certain instructions found are ignored (push, nop, etc.).
369 */
370 unsigned cInstrDisassembled = 0;
371 uint32_t offInstr = 0;
372 bool fRet = false;
373 DISSTATE DisState;
374 unsigned idxAddressesUsed = 0;
375 struct { size_t cb; RTGCPTR GCPtrOrigSrc; } aAddresses[5];
376 RT_ZERO(DisState);
377 RT_ZERO(aAddresses);
378
379 do
380 {
381 DBGFADDRESS Addr;
382 RTGCPTR GCPtrCur = (RTGCPTR)SymInfo.Value + pThis->AddrKernelBase.FlatPtr + offInstr;
383 DBGFR3AddrFromFlat(pUVM, &Addr, GCPtrCur);
384
385 /* Prefetch the instruction. */
386 uint8_t abInstr[32];
387 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &Addr, &abInstr[0], sizeof(abInstr));
388 if (RT_SUCCESS(rc))
389 {
390 uint32_t cbInstr = 0;
391
392 rc = DISInstr(&abInstr[0], pThis->f64Bit ? DISCPUMODE_64BIT : DISCPUMODE_32BIT, &DisState, &cbInstr);
393 if (RT_SUCCESS(rc))
394 {
395 switch (DisState.pCurInstr->uOpcode)
396 {
397 case OP_PUSH:
398 case OP_POP:
399 case OP_NOP:
400 case OP_LEA:
401 case OP_AND:
402 case OP_CBW:
403 break;
404 case OP_RETN:
405 /* emit_log_char returned, abort disassembling. */
406 rc = VERR_NOT_FOUND;
407 fRet = true;
408 break;
409 case OP_MOV:
410 case OP_MOVSXD:
411 /*
412 * If a mov is encountered writing to memory with al (or dil for amd64) being the source the
413 * character is stored and we can infer the base address and size of the log buffer from
414 * the source addresses.
415 */
416 if ( (DisState.Param2.fUse & DISUSE_REG_GEN8)
417 && ( (DisState.Param2.Base.idxGenReg == DISGREG_AL && !pThis->f64Bit)
418 || (DisState.Param2.Base.idxGenReg == DISGREG_DIL && pThis->f64Bit))
419 && DISUSE_IS_EFFECTIVE_ADDR(DisState.Param1.fUse))
420 {
421 RTGCPTR GCPtrLogBuf = 0;
422 size_t cbLogBuf = 0;
423
424 /*
425 * We can stop disassembling now and inspect all registers, look for a valid kernel address first.
426 * Only one of the accessed registers should hold a valid kernel address.
427 * For the log size look for the biggest non kernel address.
428 */
429 for (unsigned i = 0; i < idxAddressesUsed; i++)
430 {
431 DBGFADDRESS AddrVal;
432 union { uint8_t abVal[8]; uint32_t u32Val; uint64_t u64Val; } Val;
433
434 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/,
435 DBGFR3AddrFromFlat(pUVM, &AddrVal, aAddresses[i].GCPtrOrigSrc),
436 &Val.abVal[0], aAddresses[i].cb);
437 if (RT_SUCCESS(rc))
438 {
439 if (pThis->f64Bit && aAddresses[i].cb == sizeof(uint64_t))
440 {
441 if (LNX64_VALID_ADDRESS(Val.u64Val))
442 {
443 if (GCPtrLogBuf == 0)
444 GCPtrLogBuf = Val.u64Val;
445 else
446 {
447 rc = VERR_NOT_FOUND;
448 break;
449 }
450 }
451 }
452 else
453 {
454 AssertMsgBreakStmt(aAddresses[i].cb == sizeof(uint32_t),
455 ("Invalid value size\n"), rc = VERR_INVALID_STATE);
456
457 /* Might be a kernel address or a size indicator. */
458 if (!pThis->f64Bit && LNX32_VALID_ADDRESS(Val.u32Val))
459 {
460 if (GCPtrLogBuf == 0)
461 GCPtrLogBuf = Val.u32Val;
462 else
463 {
464 rc = VERR_NOT_FOUND;
465 break;
466 }
467 }
468 else
469 {
470 /*
471 * The highest value will be the log buffer because the other
472 * accessed variables are indexes into the buffer and hence
473 * always smaller than the size.
474 */
475 if (cbLogBuf < Val.u32Val)
476 cbLogBuf = Val.u32Val;
477 }
478 }
479 }
480 }
481
482 if ( RT_SUCCESS(rc)
483 && GCPtrLogBuf != 0
484 && cbLogBuf != 0)
485 {
486 *pGCPtrLogBuf = GCPtrLogBuf;
487 *pcbLogBuf = cbLogBuf;
488 }
489 else if (RT_SUCCESS(rc))
490 rc = VERR_NOT_FOUND;
491
492 fRet = true;
493 break;
494 }
495 else
496 {
497 /*
498 * In case of a memory to register move store the destination register index and the
499 * source address in the relation table for later processing.
500 */
501 if ( (DisState.Param1.fUse & (DISUSE_BASE | DISUSE_REG_GEN32 | DISUSE_REG_GEN64))
502 && (DisState.Param2.cb == sizeof(uint32_t) || DisState.Param2.cb == sizeof(uint64_t))
503 && (DisState.Param2.fUse & (DISUSE_RIPDISPLACEMENT32|DISUSE_DISPLACEMENT32|DISUSE_DISPLACEMENT64)))
504 {
505 RTGCPTR GCPtrVal = 0;
506
507 if (DisState.Param2.fUse & DISUSE_RIPDISPLACEMENT32)
508 GCPtrVal = GCPtrCur + DisState.Param2.uDisp.i32 + cbInstr;
509 else if (DisState.Param2.fUse & DISUSE_DISPLACEMENT32)
510 GCPtrVal = (RTGCPTR)DisState.Param2.uDisp.u32;
511 else if (DisState.Param2.fUse & DISUSE_DISPLACEMENT64)
512 GCPtrVal = (RTGCPTR)DisState.Param2.uDisp.u64;
513 else
514 AssertMsgFailedBreakStmt(("Invalid displacement\n"), rc = VERR_INVALID_STATE);
515
516 if (idxAddressesUsed < RT_ELEMENTS(aAddresses))
517 {
518 /* movsxd reads always 32bits. */
519 if (DisState.pCurInstr->uOpcode == OP_MOVSXD)
520 aAddresses[idxAddressesUsed].cb = sizeof(uint32_t);
521 else
522 aAddresses[idxAddressesUsed].cb = DisState.Param2.cb;
523 aAddresses[idxAddressesUsed].GCPtrOrigSrc = GCPtrVal;
524 idxAddressesUsed++;
525 }
526 else
527 {
528 rc = VERR_INVALID_PARAMETER;
529 break;
530 }
531 }
532 }
533 break;
534 default:
535 /* All other instructions will cause an error for now (playing safe here). */
536 rc = VERR_INVALID_PARAMETER;
537 break;
538 }
539 cInstrDisassembled++;
540 offInstr += cbInstr;
541 }
542 }
543 } while ( RT_SUCCESS(rc)
544 && cInstrDisassembled < 20
545 && !fRet);
546 }
547
548 return rc;
549}
550
551/**
552 * Try to get at the log buffer starting address and size by disassembling some exposed helpers.
553 *
554 * @returns VBox status code.
555 * @param pThis The Linux digger data.
556 * @param pUVM The VM handle.
557 * @param hMod The module to use.
558 * @param pGCPtrLogBuf Where to store the log buffer pointer on success.
559 * @param pcbLogBuf Where to store the size of the log buffer on success.
560 */
561static int dbgDiggerLinuxQueryLogBufferPtrs(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
562 RTGCPTR *pGCPtrLogBuf, uint32_t *pcbLogBuf)
563{
564 int rc = VINF_SUCCESS;
565
566 struct { void *pvVar; size_t cbHost, cbGuest; const char *pszSymbol; } aSymbols[] =
567 {
568 { pGCPtrLogBuf, sizeof(RTGCPTR), pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t), "log_buf_addr_get" },
569 { pcbLogBuf, sizeof(uint32_t), sizeof(uint32_t), "log_buf_len_get" }
570 };
571 for (uint32_t i = 0; i < RT_ELEMENTS(aSymbols) && RT_SUCCESS(rc); i++)
572 {
573 RT_BZERO(aSymbols[i].pvVar, aSymbols[i].cbHost);
574 Assert(aSymbols[i].cbHost >= aSymbols[i].cbGuest);
575 rc = dbgDiggerLinuxDisassembleSimpleGetter(pThis, pUVM, hMod, aSymbols[i].pszSymbol,
576 aSymbols[i].pvVar, aSymbols[i].cbGuest);
577 }
578
579 return rc;
580}
581
582/**
583 * Returns whether the log buffer is a simple ascii buffer or a record based implementation
584 * based on the kernel version found.
585 *
586 * @returns Flag whether the log buffer is the simple ascii buffer.
587 * @param pThis The Linux digger data.
588 * @param pUVM The user mode VM handle.
589 */
590static bool dbgDiggerLinuxLogBufferIsAsciiBuffer(PDBGDIGGERLINUX pThis, PUVM pUVM)
591{
592 char szTmp[128];
593 char const *pszVer = &szTmp[sizeof(g_abLinuxVersion) - 1];
594
595 RT_ZERO(szTmp);
596 int rc = DBGFR3MemReadString(pUVM, 0, &pThis->AddrLinuxBanner, szTmp, sizeof(szTmp) - 1);
597 if ( RT_SUCCESS(rc)
598 && RTStrVersionCompare(pszVer, "3.4") == -1)
599 return true;
600
601 return false;
602}
603
604/**
605 * Worker to get at the kernel log for pre 3.4 kernels where the log buffer was just a char buffer.
606 *
607 * @returns VBox status code.
608 * @param pThis The Linux digger data.
609 * @param pUVM The VM user mdoe handle.
610 * @param hMod The debug module handle.
611 * @param fFlags Flags reserved for future use, MBZ.
612 * @param cMessages The number of messages to retrieve, counting from the
613 * end of the log (i.e. like tail), use UINT32_MAX for all.
614 * @param pszBuf The output buffer.
615 * @param cbBuf The buffer size.
616 * @param pcbActual Where to store the number of bytes actually returned,
617 * including zero terminator. On VERR_BUFFER_OVERFLOW this
618 * holds the necessary buffer size. Optional.
619 */
620static int dbgDiggerLinuxLogBufferQueryAscii(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
621 uint32_t fFlags, uint32_t cMessages,
622 char *pszBuf, size_t cbBuf, size_t *pcbActual)
623{
624 int rc = VINF_SUCCESS;
625 RTGCPTR GCPtrLogBuf;
626 uint32_t cbLogBuf;
627
628 struct { void *pvVar; size_t cbHost, cbGuest; const char *pszSymbol; } aSymbols[] =
629 {
630 { &GCPtrLogBuf, sizeof(GCPtrLogBuf), pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t), "log_buf" },
631 { &cbLogBuf, sizeof(cbLogBuf), sizeof(cbLogBuf), "log_buf_len" },
632 };
633 for (uint32_t i = 0; i < RT_ELEMENTS(aSymbols); i++)
634 {
635 RTDBGSYMBOL SymInfo;
636 rc = RTDbgModSymbolByName(hMod, aSymbols[i].pszSymbol, &SymInfo);
637 if (RT_SUCCESS(rc))
638 {
639 RT_BZERO(aSymbols[i].pvVar, aSymbols[i].cbHost);
640 Assert(aSymbols[i].cbHost >= aSymbols[i].cbGuest);
641 DBGFADDRESS Addr;
642 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/,
643 DBGFR3AddrFromFlat(pUVM, &Addr, (RTGCPTR)SymInfo.Value + pThis->AddrKernelBase.FlatPtr),
644 aSymbols[i].pvVar, aSymbols[i].cbGuest);
645 if (RT_SUCCESS(rc))
646 continue;
647 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Reading '%s' at %RGv: %Rrc\n", aSymbols[i].pszSymbol, Addr.FlatPtr, rc));
648 }
649 else
650 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Error looking up '%s': %Rrc\n", aSymbols[i].pszSymbol, rc));
651 rc = VERR_NOT_FOUND;
652 break;
653 }
654
655 /*
656 * Some kernels don't expose the variables in kallsyms so we have to try disassemble
657 * some public helpers to get at the addresses.
658 *
659 * @todo: Maybe cache those values so we don't have to do the heavy work every time?
660 */
661 if (rc == VERR_NOT_FOUND)
662 {
663 rc = dbgDiggerLinuxQueryAsciiLogBufferPtrs(pThis, pUVM, hMod, &GCPtrLogBuf, &cbLogBuf);
664 if (RT_FAILURE(rc))
665 return rc;
666 }
667
668 /*
669 * Check if the values make sense.
670 */
671 if (pThis->f64Bit ? !LNX64_VALID_ADDRESS(GCPtrLogBuf) : !LNX32_VALID_ADDRESS(GCPtrLogBuf))
672 {
673 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_buf' value %RGv is not valid.\n", GCPtrLogBuf));
674 return VERR_NOT_FOUND;
675 }
676 if ( cbLogBuf < 4096
677 || !RT_IS_POWER_OF_TWO(cbLogBuf)
678 || cbLogBuf > 16*_1M)
679 {
680 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_buf_len' value %#x is not valid.\n", cbLogBuf));
681 return VERR_NOT_FOUND;
682 }
683
684 /*
685 * Read the whole log buffer.
686 */
687 uint8_t *pbLogBuf = (uint8_t *)RTMemAlloc(cbLogBuf);
688 if (!pbLogBuf)
689 {
690 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Failed to allocate %#x bytes for log buffer\n", cbLogBuf));
691 return VERR_NO_MEMORY;
692 }
693 DBGFADDRESS Addr;
694 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, DBGFR3AddrFromFlat(pUVM, &Addr, GCPtrLogBuf), pbLogBuf, cbLogBuf);
695 if (RT_FAILURE(rc))
696 {
697 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Error reading %#x bytes of log buffer at %RGv: %Rrc\n",
698 cbLogBuf, Addr.FlatPtr, rc));
699 RTMemFree(pbLogBuf);
700 return VERR_NOT_FOUND;
701 }
702
703 /** @todo: Try to parse where the single messages start to make use of cMessages. */
704 size_t cchLength = RTStrNLen((const char *)pbLogBuf, cbLogBuf);
705 memcpy(&pszBuf[0], pbLogBuf, RT_MIN(cbBuf, cchLength));
706
707 /* Done with the buffer. */
708 RTMemFree(pbLogBuf);
709
710 /* Set return size value. */
711 if (pcbActual)
712 *pcbActual = RT_MIN(cbBuf, cchLength);
713
714 return cbBuf <= cchLength ? VERR_BUFFER_OVERFLOW : VINF_SUCCESS;
715}
716
717/**
718 * Worker to get at the kernel log for post 3.4 kernels where the log buffer contains records.
719 *
720 * @returns VBox status code.
721 * @param pThis The Linux digger data.
722 * @param pUVM The VM user mdoe handle.
723 * @param hMod The debug module handle.
724 * @param fFlags Flags reserved for future use, MBZ.
725 * @param cMessages The number of messages to retrieve, counting from the
726 * end of the log (i.e. like tail), use UINT32_MAX for all.
727 * @param pszBuf The output buffer.
728 * @param cbBuf The buffer size.
729 * @param pcbActual Where to store the number of bytes actually returned,
730 * including zero terminator. On VERR_BUFFER_OVERFLOW this
731 * holds the necessary buffer size. Optional.
732 */
733static int dbgDiggerLinuxLogBufferQueryRecords(PDBGDIGGERLINUX pThis, PUVM pUVM, RTDBGMOD hMod,
734 uint32_t fFlags, uint32_t cMessages,
735 char *pszBuf, size_t cbBuf, size_t *pcbActual)
736{
737 int rc = VINF_SUCCESS;
738 RTGCPTR GCPtrLogBuf;
739 uint32_t cbLogBuf;
740 uint32_t idxFirst;
741 uint32_t idxNext;
742
743 struct { void *pvVar; size_t cbHost, cbGuest; const char *pszSymbol; } aSymbols[] =
744 {
745 { &GCPtrLogBuf, sizeof(GCPtrLogBuf), pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t), "log_buf" },
746 { &cbLogBuf, sizeof(cbLogBuf), sizeof(cbLogBuf), "log_buf_len" },
747 { &idxFirst, sizeof(idxFirst), sizeof(idxFirst), "log_first_idx" },
748 { &idxNext, sizeof(idxNext), sizeof(idxNext), "log_next_idx" },
749 };
750 for (uint32_t i = 0; i < RT_ELEMENTS(aSymbols); i++)
751 {
752 RTDBGSYMBOL SymInfo;
753 rc = RTDbgModSymbolByName(hMod, aSymbols[i].pszSymbol, &SymInfo);
754 if (RT_SUCCESS(rc))
755 {
756 RT_BZERO(aSymbols[i].pvVar, aSymbols[i].cbHost);
757 Assert(aSymbols[i].cbHost >= aSymbols[i].cbGuest);
758 DBGFADDRESS Addr;
759 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/,
760 DBGFR3AddrFromFlat(pUVM, &Addr, (RTGCPTR)SymInfo.Value + pThis->AddrKernelBase.FlatPtr),
761 aSymbols[i].pvVar, aSymbols[i].cbGuest);
762 if (RT_SUCCESS(rc))
763 continue;
764 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Reading '%s' at %RGv: %Rrc\n", aSymbols[i].pszSymbol, Addr.FlatPtr, rc));
765 }
766 else
767 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Error looking up '%s': %Rrc\n", aSymbols[i].pszSymbol, rc));
768 rc = VERR_NOT_FOUND;
769 break;
770 }
771
772 /*
773 * Some kernels don't expose the variables in kallsyms so we have to try disassemble
774 * some public helpers to get at the addresses.
775 *
776 * @todo: Maybe cache those values so we don't have to do the heavy work every time?
777 */
778 if (rc == VERR_NOT_FOUND)
779 {
780 idxFirst = 0;
781 idxNext = 0;
782 rc = dbgDiggerLinuxQueryLogBufferPtrs(pThis, pUVM, hMod, &GCPtrLogBuf, &cbLogBuf);
783 if (RT_FAILURE(rc))
784 return rc;
785 }
786
787 /*
788 * Check if the values make sense.
789 */
790 if (pThis->f64Bit ? !LNX64_VALID_ADDRESS(GCPtrLogBuf) : !LNX32_VALID_ADDRESS(GCPtrLogBuf))
791 {
792 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_buf' value %RGv is not valid.\n", GCPtrLogBuf));
793 return VERR_NOT_FOUND;
794 }
795 if ( cbLogBuf < 4096
796 || !RT_IS_POWER_OF_TWO(cbLogBuf)
797 || cbLogBuf > 16*_1M)
798 {
799 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_buf_len' value %#x is not valid.\n", cbLogBuf));
800 return VERR_NOT_FOUND;
801 }
802 uint32_t const cbLogAlign = 4;
803 if ( idxFirst > cbLogBuf - sizeof(LNXPRINTKHDR)
804 || (idxFirst & (cbLogAlign - 1)) != 0)
805 {
806 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_first_idx' value %#x is not valid.\n", idxFirst));
807 return VERR_NOT_FOUND;
808 }
809 if ( idxNext > cbLogBuf - sizeof(LNXPRINTKHDR)
810 || (idxNext & (cbLogAlign - 1)) != 0)
811 {
812 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: 'log_next_idx' value %#x is not valid.\n", idxNext));
813 return VERR_NOT_FOUND;
814 }
815
816 /*
817 * Read the whole log buffer.
818 */
819 uint8_t *pbLogBuf = (uint8_t *)RTMemAlloc(cbLogBuf);
820 if (!pbLogBuf)
821 {
822 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Failed to allocate %#x bytes for log buffer\n", cbLogBuf));
823 return VERR_NO_MEMORY;
824 }
825 DBGFADDRESS Addr;
826 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, DBGFR3AddrFromFlat(pUVM, &Addr, GCPtrLogBuf), pbLogBuf, cbLogBuf);
827 if (RT_FAILURE(rc))
828 {
829 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Error reading %#x bytes of log buffer at %RGv: %Rrc\n",
830 cbLogBuf, Addr.FlatPtr, rc));
831 RTMemFree(pbLogBuf);
832 return VERR_NOT_FOUND;
833 }
834
835 /*
836 * Count the messages in the buffer while doing some basic validation.
837 */
838 uint32_t const cbUsed = idxFirst == idxNext ? cbLogBuf /* could be empty... */
839 : idxFirst < idxNext ? idxNext - idxFirst : cbLogBuf - idxFirst + idxNext;
840 uint32_t cbLeft = cbUsed;
841 uint32_t offCur = idxFirst;
842 uint32_t cLogMsgs = 0;
843
844 while (cbLeft > 0)
845 {
846 PCLNXPRINTKHDR pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
847 if (!pHdr->cbTotal)
848 {
849 /* Wrap around packet, most likely... */
850 if (cbLogBuf - offCur >= cbLeft)
851 break;
852 offCur = 0;
853 pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
854 }
855 if (RT_UNLIKELY( pHdr->cbTotal > cbLogBuf - sizeof(*pHdr) - offCur
856 || pHdr->cbTotal > cbLeft
857 || (pHdr->cbTotal & (cbLogAlign - 1)) != 0
858 || pHdr->cbTotal < (uint32_t)pHdr->cbText + (uint32_t)pHdr->cbDict + sizeof(*pHdr) ))
859 {
860 Log(("dbgDiggerLinuxIDmsg_QueryKernelLog: Invalid printk_log record at %#x: cbTotal=%#x cbText=%#x cbDict=%#x cbLogBuf=%#x cbLeft=%#x\n",
861 offCur, pHdr->cbTotal, pHdr->cbText, pHdr->cbDict, cbLogBuf, cbLeft));
862 rc = VERR_INVALID_STATE;
863 break;
864 }
865
866 if (pHdr->cbText > 0)
867 cLogMsgs++;
868
869 /* next */
870 offCur += pHdr->cbTotal;
871 cbLeft -= pHdr->cbTotal;
872 }
873 if (RT_FAILURE(rc))
874 {
875 RTMemFree(pbLogBuf);
876 return rc;
877 }
878
879 /*
880 * Copy the messages into the output buffer.
881 */
882 offCur = idxFirst;
883 cbLeft = cbUsed;
884
885 /* Skip messages that the caller doesn't want. */
886 if (cMessages < cLogMsgs)
887 {
888 uint32_t cToSkip = cLogMsgs - cMessages;
889 while (cToSkip > 0)
890 {
891 PCLNXPRINTKHDR pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
892 if (!pHdr->cbTotal)
893 {
894 offCur = 0;
895 pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
896 }
897 if (pHdr->cbText > 0)
898 cToSkip--;
899
900 /* next */
901 offCur += pHdr->cbTotal;
902 cbLeft -= pHdr->cbTotal;
903 }
904 }
905
906 /* Now copy the messages. */
907 size_t offDst = 0;
908 while (cbLeft > 0)
909 {
910 PCLNXPRINTKHDR pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
911 if (!pHdr->cbTotal)
912 {
913 if (cbLogBuf - offCur >= cbLeft)
914 break;
915 offCur = 0;
916 pHdr = (PCLNXPRINTKHDR)&pbLogBuf[offCur];
917 }
918
919 if (pHdr->cbText > 0)
920 {
921 char *pchText = (char *)(pHdr + 1);
922 size_t cchText = RTStrNLen(pchText, pHdr->cbText);
923 if (offDst + cchText < cbBuf)
924 {
925 memcpy(&pszBuf[offDst], pHdr + 1, cchText);
926 pszBuf[offDst + cchText] = '\n';
927 }
928 else if (offDst < cbBuf)
929 memcpy(&pszBuf[offDst], pHdr + 1, cbBuf - offDst);
930 offDst += cchText + 1;
931 }
932
933 /* next */
934 offCur += pHdr->cbTotal;
935 cbLeft -= pHdr->cbTotal;
936 }
937
938 /* Done with the buffer. */
939 RTMemFree(pbLogBuf);
940
941 /* Make sure we've reserved a char for the terminator. */
942 if (!offDst)
943 offDst = 1;
944
945 /* Set return size value. */
946 if (pcbActual)
947 *pcbActual = offDst;
948
949 if (offDst <= cbBuf)
950 return VINF_SUCCESS;
951 else
952 return VERR_BUFFER_OVERFLOW;
953}
954
955/**
956 * @interface_method_impl{DBGFOSIDMESG,pfnQueryKernelLog}
957 */
958static DECLCALLBACK(int) dbgDiggerLinuxIDmsg_QueryKernelLog(PDBGFOSIDMESG pThis, PUVM pUVM, uint32_t fFlags, uint32_t cMessages,
959 char *pszBuf, size_t cbBuf, size_t *pcbActual)
960{
961 PDBGDIGGERLINUX pData = RT_FROM_MEMBER(pThis, DBGDIGGERLINUX, IDmesg);
962
963 if (cMessages < 1)
964 return VERR_INVALID_PARAMETER;
965
966 /*
967 * Resolve the symbols we need and read their values.
968 */
969 RTDBGAS hAs = DBGFR3AsResolveAndRetain(pUVM, DBGF_AS_KERNEL);
970 RTDBGMOD hMod;
971 int rc = RTDbgAsModuleByName(hAs, "vmlinux", 0, &hMod);
972 if (RT_FAILURE(rc))
973 return VERR_NOT_FOUND;
974 RTDbgAsRelease(hAs);
975
976 size_t cbActual;
977 /*
978 * Check whether the kernel log buffer is a simple char buffer or the newer
979 * record based implementation.
980 * The record based implementation was presumably introduced with kernel 3.4,
981 * see: http://thread.gmane.org/gmane.linux.kernel/1284184
982 */
983 if (dbgDiggerLinuxLogBufferIsAsciiBuffer(pData, pUVM))
984 rc = dbgDiggerLinuxLogBufferQueryAscii(pData, pUVM, hMod, fFlags, cMessages, pszBuf, cbBuf, &cbActual);
985 else
986 rc = dbgDiggerLinuxLogBufferQueryRecords(pData, pUVM, hMod, fFlags, cMessages, pszBuf, cbBuf, &cbActual);
987
988 /* Release the module in any case. */
989 RTDbgModRelease(hMod);
990
991 if (RT_FAILURE(rc) && rc != VERR_BUFFER_OVERFLOW)
992 return rc;
993
994 if (pcbActual)
995 *pcbActual = cbActual;
996
997 /*
998 * All VBox strings are UTF-8 and bad things may in theory happen if we
999 * pass bad UTF-8 to code which assumes it's all valid. So, we enforce
1000 * UTF-8 upon the guest kernel messages here even if they (probably) have
1001 * no defined code set in reality.
1002 */
1003 if ( RT_SUCCESS(rc)
1004 && cbActual <= cbBuf)
1005 {
1006 pszBuf[cbActual - 1] = '\0';
1007 RTStrPurgeEncoding(pszBuf);
1008 return VINF_SUCCESS;
1009 }
1010
1011 if (cbBuf)
1012 {
1013 pszBuf[cbBuf - 1] = '\0';
1014 RTStrPurgeEncoding(pszBuf);
1015 }
1016 return VERR_BUFFER_OVERFLOW;
1017}
1018
1019
1020/**
1021 * Worker destroying the config database.
1022 */
1023static DECLCALLBACK(int) dbgDiggerLinuxCfgDbDestroyWorker(PRTSTRSPACECORE pStr, void *pvUser)
1024{
1025 PDBGDIGGERLINUXCFGITEM pCfgItem = (PDBGDIGGERLINUXCFGITEM)pStr;
1026 RTStrFree((char *)pCfgItem->Core.pszString);
1027 RTMemFree(pCfgItem);
1028 NOREF(pvUser);
1029 return 0;
1030}
1031
1032
1033/**
1034 * Destroy the config database.
1035 *
1036 * @returns nothing.
1037 * @param pThis The Linux digger data.
1038 */
1039static void dbgDiggerLinuxCfgDbDestroy(PDBGDIGGERLINUX pThis)
1040{
1041 RTStrSpaceDestroy(&pThis->hCfgDb, dbgDiggerLinuxCfgDbDestroyWorker, NULL);
1042}
1043
1044
1045/**
1046 * @copydoc DBGFOSREG::pfnQueryInterface
1047 */
1048static DECLCALLBACK(void *) dbgDiggerLinuxQueryInterface(PUVM pUVM, void *pvData, DBGFOSINTERFACE enmIf)
1049{
1050 PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
1051 switch (enmIf)
1052 {
1053 case DBGFOSINTERFACE_DMESG:
1054 return &pThis->IDmesg;
1055
1056 default:
1057 return NULL;
1058 }
1059}
1060
1061
1062/**
1063 * @copydoc DBGFOSREG::pfnQueryVersion
1064 */
1065static DECLCALLBACK(int) dbgDiggerLinuxQueryVersion(PUVM pUVM, void *pvData, char *pszVersion, size_t cchVersion)
1066{
1067 PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
1068 Assert(pThis->fValid);
1069
1070 /*
1071 * It's all in the linux banner.
1072 */
1073 int rc = DBGFR3MemReadString(pUVM, 0, &pThis->AddrLinuxBanner, pszVersion, cchVersion);
1074 if (RT_SUCCESS(rc))
1075 {
1076 char *pszEnd = RTStrEnd(pszVersion, cchVersion);
1077 AssertReturn(pszEnd, VERR_BUFFER_OVERFLOW);
1078 while ( pszEnd > pszVersion
1079 && RT_C_IS_SPACE(pszEnd[-1]))
1080 pszEnd--;
1081 *pszEnd = '\0';
1082 }
1083 else
1084 RTStrPrintf(pszVersion, cchVersion, "DBGFR3MemRead -> %Rrc", rc);
1085
1086 return rc;
1087}
1088
1089
1090/**
1091 * @copydoc DBGFOSREG::pfnTerm
1092 */
1093static DECLCALLBACK(void) dbgDiggerLinuxTerm(PUVM pUVM, void *pvData)
1094{
1095 PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
1096 Assert(pThis->fValid);
1097
1098 dbgDiggerLinuxCfgDbDestroy(pThis);
1099 pThis->fValid = false;
1100}
1101
1102
1103/**
1104 * @copydoc DBGFOSREG::pfnRefresh
1105 */
1106static DECLCALLBACK(int) dbgDiggerLinuxRefresh(PUVM pUVM, void *pvData)
1107{
1108 PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
1109 NOREF(pThis);
1110 Assert(pThis->fValid);
1111
1112 /*
1113 * For now we'll flush and reload everything.
1114 */
1115 dbgDiggerLinuxTerm(pUVM, pvData);
1116 return dbgDiggerLinuxInit(pUVM, pvData);
1117}
1118
1119
1120/**
1121 * Worker for dbgDiggerLinuxFindStartOfNamesAndSymbolCount that update the
1122 * digger data.
1123 *
1124 * @returns VINF_SUCCESS.
1125 * @param pThis The Linux digger data to update.
1126 * @param pAddrKernelNames The kallsyms_names address.
1127 * @param cKernelSymbols The number of kernel symbol.
1128 * @param cbAddress The guest address size.
1129 */
1130static int dbgDiggerLinuxFoundStartOfNames(PDBGDIGGERLINUX pThis, PCDBGFADDRESS pAddrKernelNames,
1131 uint32_t cKernelSymbols, uint32_t cbAddress)
1132{
1133 pThis->cKernelSymbols = cKernelSymbols;
1134 pThis->AddrKernelNames = *pAddrKernelNames;
1135 pThis->AddrKernelAddresses = *pAddrKernelNames;
1136 DBGFR3AddrSub(&pThis->AddrKernelAddresses, (cKernelSymbols + 1) * cbAddress);
1137
1138 Log(("dbgDiggerLinuxFoundStartOfNames: AddrKernelAddresses=%RGv\n"
1139 "dbgDiggerLinuxFoundStartOfNames: cKernelSymbols=%#x (at %RGv)\n"
1140 "dbgDiggerLinuxFoundStartOfNames: AddrKernelName=%RGv\n",
1141 pThis->AddrKernelAddresses.FlatPtr,
1142 pThis->cKernelSymbols, pThis->AddrKernelNames.FlatPtr - cbAddress,
1143 pThis->AddrKernelNames.FlatPtr));
1144 return VINF_SUCCESS;
1145}
1146
1147
1148/**
1149 * Tries to find the address of the kallsyms_names, kallsyms_num_syms and
1150 * kallsyms_addresses symbols.
1151 *
1152 * The kallsyms_num_syms is read and stored in pThis->cKernelSymbols, while the
1153 * addresses of the other two are stored as pThis->AddrKernelNames and
1154 * pThis->AddrKernelAddresses.
1155 *
1156 * @returns VBox status code, success indicating that all three variables have
1157 * been found and taken down.
1158 * @param pUVM The user mode VM handle.
1159 * @param pThis The Linux digger data.
1160 * @param pHitAddr An address we think is inside kallsyms_names.
1161 */
1162static int dbgDiggerLinuxFindStartOfNamesAndSymbolCount(PUVM pUVM, PDBGDIGGERLINUX pThis, PCDBGFADDRESS pHitAddr)
1163{
1164 /*
1165 * Search backwards in chunks.
1166 */
1167 union
1168 {
1169 uint8_t ab[0x1000];
1170 uint32_t au32[0x1000 / sizeof(uint32_t)];
1171 uint64_t au64[0x1000 / sizeof(uint64_t)];
1172 } uBuf;
1173 uint32_t cbLeft = LNX_MAX_KALLSYMS_NAMES_SIZE;
1174 uint32_t cbBuf = pHitAddr->FlatPtr & (sizeof(uBuf) - 1);
1175 DBGFADDRESS CurAddr = *pHitAddr;
1176 DBGFR3AddrSub(&CurAddr, cbBuf);
1177 cbBuf += sizeof(uint64_t) - 1; /* In case our kobj hit is in the first 4/8 bytes. */
1178 for (;;)
1179 {
1180 int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &CurAddr, &uBuf, sizeof(uBuf));
1181 if (RT_FAILURE(rc))
1182 return rc;
1183
1184 /*
1185 * We assume that the three symbols are aligned on guest pointer boundrary.
1186 *
1187 * The boundrary between the two tables should be noticable as the number
1188 * is unlikely to be more than 16 millions, there will be at least one zero
1189 * byte where it is, 64-bit will have 5 zero bytes. Zero bytes aren't all
1190 * that common in the kallsyms_names table.
1191 *
1192 * Also the kallsyms_names table starts with a length byte, which means
1193 * we're likely to see a byte in the range 1..31.
1194 *
1195 * The kallsyms_addresses are mostly sorted (except for the start where the
1196 * absolute symbols are), so we'll spot a bunch of kernel addresses
1197 * immediately preceeding the kallsyms_num_syms field.
1198 *
1199 * Lazy bird: If kallsyms_num_syms is on a buffer boundrary, we skip
1200 * the check for kernel addresses preceeding it.
1201 */
1202 if (pThis->f64Bit)
1203 {
1204 uint32_t i = cbBuf / sizeof(uint64_t);
1205 while (i-- > 0)
1206 if ( uBuf.au64[i] <= LNX_MAX_KALLSYMS_SYMBOLS
1207 && uBuf.au64[i] >= LNX_MIN_KALLSYMS_SYMBOLS)
1208 {
1209 uint8_t *pb = (uint8_t *)&uBuf.au64[i + 1];
1210 if ( pb[0] <= LNX_MAX_KALLSYMS_ENC_LENGTH
1211 && pb[0] >= LNX_MIN_KALLSYMS_ENC_LENGTH)
1212 {
1213 if ( (i <= 0 || LNX64_VALID_ADDRESS(uBuf.au64[i - 1]))
1214 && (i <= 1 || LNX64_VALID_ADDRESS(uBuf.au64[i - 2]))
1215 && (i <= 2 || LNX64_VALID_ADDRESS(uBuf.au64[i - 3])))
1216 return dbgDiggerLinuxFoundStartOfNames(pThis,
1217 DBGFR3AddrAdd(&CurAddr, (i + 1) * sizeof(uint64_t)),
1218 (uint32_t)uBuf.au64[i], sizeof(uint64_t));
1219 }
1220 }
1221 }
1222 else
1223 {
1224 uint32_t i = cbBuf / sizeof(uint32_t);
1225 while (i-- > 0)
1226 if ( uBuf.au32[i] <= LNX_MAX_KALLSYMS_SYMBOLS
1227 && uBuf.au32[i] >= LNX_MIN_KALLSYMS_SYMBOLS)
1228 {
1229 uint8_t *pb = (uint8_t *)&uBuf.au32[i + 1];
1230 if ( pb[0] <= LNX_MAX_KALLSYMS_ENC_LENGTH
1231 && pb[0] >= LNX_MIN_KALLSYMS_ENC_LENGTH)
1232 {
1233 if ( (i <= 0 || LNX32_VALID_ADDRESS(uBuf.au32[i - 1]))
1234 && (i <= 1 || LNX32_VALID_ADDRESS(uBuf.au32[i - 2]))
1235 && (i <= 2 || LNX32_VALID_ADDRESS(uBuf.au32[i - 3])))
1236 return dbgDiggerLinuxFoundStartOfNames(pThis,
1237 DBGFR3AddrAdd(&CurAddr, (i + 1) * sizeof(uint32_t)),
1238 uBuf.au32[i], sizeof(uint32_t));
1239 }
1240 }
1241 }
1242
1243 /*
1244 * Advance
1245 */
1246 if (RT_UNLIKELY(cbLeft <= sizeof(uBuf)))
1247 {
1248 Log(("dbgDiggerLinuxFindStartOfNamesAndSymbolCount: failed (pHitAddr=%RGv)\n", pHitAddr->FlatPtr));
1249 return VERR_NOT_FOUND;
1250 }
1251 cbLeft -= sizeof(uBuf);
1252 DBGFR3AddrSub(&CurAddr, sizeof(uBuf));
1253 cbBuf = sizeof(uBuf);
1254 }
1255}
1256
1257
1258/**
1259 * Worker for dbgDiggerLinuxFindEndNames that records the findings.
1260 *
1261 * @returns VINF_SUCCESS
1262 * @param pThis The linux digger data to update.
1263 * @param pAddrMarkers The address of the marker (kallsyms_markers).
1264 * @param cbMarkerEntry The size of a marker entry (32-bit or 64-bit).
1265 */
1266static int dbgDiggerLinuxFoundMarkers(PDBGDIGGERLINUX pThis, PCDBGFADDRESS pAddrMarkers, uint32_t cbMarkerEntry)
1267{
1268 pThis->cbKernelNames = pAddrMarkers->FlatPtr - pThis->AddrKernelNames.FlatPtr;
1269 pThis->AddrKernelNameMarkers = *pAddrMarkers;
1270 pThis->cKernelNameMarkers = RT_ALIGN_32(pThis->cKernelSymbols, 256) / 256;
1271 pThis->AddrKernelTokenTable = *pAddrMarkers;
1272 DBGFR3AddrAdd(&pThis->AddrKernelTokenTable, pThis->cKernelNameMarkers * cbMarkerEntry);
1273
1274 Log(("dbgDiggerLinuxFoundMarkers: AddrKernelNames=%RGv cbKernelNames=%#x\n"
1275 "dbgDiggerLinuxFoundMarkers: AddrKernelNameMarkers=%RGv cKernelNameMarkers=%#x\n"
1276 "dbgDiggerLinuxFoundMarkers: AddrKernelTokenTable=%RGv\n",
1277 pThis->AddrKernelNames.FlatPtr, pThis->cbKernelNames,
1278 pThis->AddrKernelNameMarkers.FlatPtr, pThis->cKernelNameMarkers,
1279 pThis->AddrKernelTokenTable.FlatPtr));
1280 return VINF_SUCCESS;
1281}
1282
1283
1284/**
1285 * Tries to find the end of kallsyms_names and thereby the start of
1286 * kallsyms_markers and kallsyms_token_table.
1287 *
1288 * The kallsyms_names size is stored in pThis->cbKernelNames, the addresses of
1289 * the two other symbols in pThis->AddrKernelNameMarkers and
1290 * pThis->AddrKernelTokenTable. The number of marker entries is stored in
1291 * pThis->cKernelNameMarkers.
1292 *
1293 * @returns VBox status code, success indicating that all three variables have
1294 * been found and taken down.
1295 * @param pUVM The user mode VM handle.
1296 * @param pThis The Linux digger data.
1297 * @param pHitAddr An address we think is inside kallsyms_names.
1298 */
1299static int dbgDiggerLinuxFindEndOfNamesAndMore(PUVM pUVM, PDBGDIGGERLINUX pThis, PCDBGFADDRESS pHitAddr)
1300{
1301 /*
1302 * Search forward in chunks.
1303 */
1304 union
1305 {
1306 uint8_t ab[0x1000];
1307 uint32_t au32[0x1000 / sizeof(uint32_t)];
1308 uint64_t au64[0x1000 / sizeof(uint64_t)];
1309 } uBuf;
1310 bool fPendingZeroHit = false;
1311 uint32_t cbLeft = LNX_MAX_KALLSYMS_NAMES_SIZE + sizeof(uBuf);
1312 uint32_t offBuf = pHitAddr->FlatPtr & (sizeof(uBuf) - 1);
1313 DBGFADDRESS CurAddr = *pHitAddr;
1314 DBGFR3AddrSub(&CurAddr, offBuf);
1315 for (;;)
1316 {
1317 int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &CurAddr, &uBuf, sizeof(uBuf));
1318 if (RT_FAILURE(rc))
1319 return rc;
1320
1321 /*
1322 * The kallsyms_names table is followed by kallsyms_markers we assume,
1323 * using sizeof(unsigned long) alignment like the preceeding symbols.
1324 *
1325 * The kallsyms_markers table has entried sizeof(unsigned long) and
1326 * contains offsets into kallsyms_names. The kallsyms_markers used to
1327 * index kallsyms_names and reduce seek time when looking up the name
1328 * of an address/symbol. Each entry in kallsyms_markers covers 256
1329 * symbol names.
1330 *
1331 * Because of this, the first entry is always zero and all the entries
1332 * are ascending. It also follows that the size of the table can be
1333 * calculated from kallsyms_num_syms.
1334 *
1335 * Note! We could also have walked kallsyms_names by skipping
1336 * kallsyms_num_syms names, but this is faster and we will
1337 * validate the encoded names later.
1338 */
1339 if (pThis->f64Bit)
1340 {
1341 if ( RT_UNLIKELY(fPendingZeroHit)
1342 && uBuf.au64[0] >= (LNX_MIN_KALLSYMS_ENC_LENGTH + 1) * 256
1343 && uBuf.au64[0] <= (LNX_MAX_KALLSYMS_ENC_LENGTH + 1) * 256)
1344 return dbgDiggerLinuxFoundMarkers(pThis, DBGFR3AddrSub(&CurAddr, sizeof(uint64_t)), sizeof(uint64_t));
1345
1346 uint32_t const cEntries = sizeof(uBuf) / sizeof(uint64_t);
1347 for (uint32_t i = offBuf / sizeof(uint64_t); i < cEntries; i++)
1348 if (uBuf.au64[i] == 0)
1349 {
1350 if (RT_UNLIKELY(i + 1 >= cEntries))
1351 {
1352 fPendingZeroHit = true;
1353 break;
1354 }
1355 if ( uBuf.au64[i + 1] >= (LNX_MIN_KALLSYMS_ENC_LENGTH + 1) * 256
1356 && uBuf.au64[i + 1] <= (LNX_MAX_KALLSYMS_ENC_LENGTH + 1) * 256)
1357 return dbgDiggerLinuxFoundMarkers(pThis, DBGFR3AddrAdd(&CurAddr, i * sizeof(uint64_t)), sizeof(uint64_t));
1358 }
1359 }
1360 else
1361 {
1362 if ( RT_UNLIKELY(fPendingZeroHit)
1363 && uBuf.au32[0] >= (LNX_MIN_KALLSYMS_ENC_LENGTH + 1) * 256
1364 && uBuf.au32[0] <= (LNX_MAX_KALLSYMS_ENC_LENGTH + 1) * 256)
1365 return dbgDiggerLinuxFoundMarkers(pThis, DBGFR3AddrSub(&CurAddr, sizeof(uint32_t)), sizeof(uint32_t));
1366
1367 uint32_t const cEntries = sizeof(uBuf) / sizeof(uint32_t);
1368 for (uint32_t i = offBuf / sizeof(uint32_t); i < cEntries; i++)
1369 if (uBuf.au32[i] == 0)
1370 {
1371 if (RT_UNLIKELY(i + 1 >= cEntries))
1372 {
1373 fPendingZeroHit = true;
1374 break;
1375 }
1376 if ( uBuf.au32[i + 1] >= (LNX_MIN_KALLSYMS_ENC_LENGTH + 1) * 256
1377 && uBuf.au32[i + 1] <= (LNX_MAX_KALLSYMS_ENC_LENGTH + 1) * 256)
1378 return dbgDiggerLinuxFoundMarkers(pThis, DBGFR3AddrAdd(&CurAddr, i * sizeof(uint32_t)), sizeof(uint32_t));
1379 }
1380 }
1381
1382 /*
1383 * Advance
1384 */
1385 if (RT_UNLIKELY(cbLeft <= sizeof(uBuf)))
1386 {
1387 Log(("dbgDiggerLinuxFindEndOfNamesAndMore: failed (pHitAddr=%RGv)\n", pHitAddr->FlatPtr));
1388 return VERR_NOT_FOUND;
1389 }
1390 cbLeft -= sizeof(uBuf);
1391 DBGFR3AddrAdd(&CurAddr, sizeof(uBuf));
1392 offBuf = 0;
1393 }
1394}
1395
1396
1397/**
1398 * Locates the kallsyms_token_index table.
1399 *
1400 * Storing the address in pThis->AddrKernelTokenIndex and the size of the token
1401 * table in pThis->cbKernelTokenTable.
1402 *
1403 * @returns VBox status code.
1404 * @param pUVM The user mode VM handle.
1405 * @param pThis The Linux digger data.
1406 */
1407static int dbgDiggerLinuxFindTokenIndex(PUVM pUVM, PDBGDIGGERLINUX pThis)
1408{
1409 /*
1410 * The kallsyms_token_table is very much like a string table. Due to the
1411 * nature of the compression algorithm it is reasonably short (one example
1412 * here is 853 bytes), so we'll not be reading it in chunks but in full.
1413 * To be on the safe side, we read 8KB, ASSUMING we won't run into unmapped
1414 * memory or any other nasty stuff...
1415 */
1416 union
1417 {
1418 uint8_t ab[0x2000];
1419 uint16_t au16[0x2000 / sizeof(uint16_t)];
1420 } uBuf;
1421 DBGFADDRESS CurAddr = pThis->AddrKernelTokenTable;
1422 int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &CurAddr, &uBuf, sizeof(uBuf));
1423 if (RT_FAILURE(rc))
1424 return rc;
1425
1426 /*
1427 * We've got two choices here, either walk the string table or look for
1428 * the next structure, kallsyms_token_index.
1429 *
1430 * The token index is a table of 256 uint16_t entries (index by bytes
1431 * from kallsyms_names) that gives offsets in kallsyms_token_table. It
1432 * starts with a zero entry and the following entries are sorted in
1433 * ascending order. The range of the entries are reasonably small since
1434 * kallsyms_token_table is small.
1435 *
1436 * The alignment seems to be sizeof(unsigned long), just like
1437 * kallsyms_token_table.
1438 *
1439 * So, we start by looking for a zero 16-bit entry.
1440 */
1441 uint32_t cIncr = (pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t)) / sizeof(uint16_t);
1442
1443 for (uint32_t i = 0; i < sizeof(uBuf) / sizeof(uint16_t) - 16; i += cIncr)
1444 if ( uBuf.au16[i] == 0
1445 && uBuf.au16[i + 1] > 0
1446 && uBuf.au16[i + 1] <= LNX_MAX_KALLSYMS_TOKEN_LEN
1447 && (uint16_t)(uBuf.au16[i + 2] - uBuf.au16[i + 1] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
1448 && (uint16_t)(uBuf.au16[i + 3] - uBuf.au16[i + 2] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
1449 && (uint16_t)(uBuf.au16[i + 4] - uBuf.au16[i + 3] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
1450 && (uint16_t)(uBuf.au16[i + 5] - uBuf.au16[i + 4] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
1451 && (uint16_t)(uBuf.au16[i + 6] - uBuf.au16[i + 5] - 1U) <= (uint16_t)LNX_MAX_KALLSYMS_TOKEN_LEN
1452 )
1453 {
1454 pThis->AddrKernelTokenIndex = CurAddr;
1455 DBGFR3AddrAdd(&pThis->AddrKernelTokenIndex, i * sizeof(uint16_t));
1456 pThis->cbKernelTokenTable = i * sizeof(uint16_t);
1457 return VINF_SUCCESS;
1458 }
1459
1460 Log(("dbgDiggerLinuxFindTokenIndex: Failed (%RGv..%RGv)\n", CurAddr.FlatPtr, CurAddr.FlatPtr + (RTGCUINTPTR)sizeof(uBuf)));
1461 return VERR_NOT_FOUND;
1462}
1463
1464
1465/**
1466 * Loads the kernel symbols from the kallsyms tables.
1467 *
1468 * @returns VBox status code.
1469 * @param pUVM The user mode VM handle.
1470 * @param pThis The Linux digger data.
1471 */
1472static int dbgDiggerLinuxLoadKernelSymbols(PUVM pUVM, PDBGDIGGERLINUX pThis)
1473{
1474 /*
1475 * Allocate memory for temporary table copies, reading the tables as we go.
1476 */
1477 uint32_t const cbGuestAddr = pThis->f64Bit ? sizeof(uint64_t) : sizeof(uint32_t);
1478 void *pvAddresses = RTMemAllocZ(pThis->cKernelSymbols * cbGuestAddr);
1479 int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &pThis->AddrKernelAddresses, pvAddresses, pThis->cKernelSymbols * cbGuestAddr);
1480 if (RT_SUCCESS(rc))
1481 {
1482 uint8_t *pbNames = (uint8_t *)RTMemAllocZ(pThis->cbKernelNames);
1483 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &pThis->AddrKernelNames, pbNames, pThis->cbKernelNames);
1484 if (RT_SUCCESS(rc))
1485 {
1486 char *pszzTokens = (char *)RTMemAllocZ(pThis->cbKernelTokenTable);
1487 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &pThis->AddrKernelTokenTable, pszzTokens, pThis->cbKernelTokenTable);
1488 if (RT_SUCCESS(rc))
1489 {
1490 uint16_t *paoffTokens = (uint16_t *)RTMemAllocZ(256 * sizeof(uint16_t));
1491 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &pThis->AddrKernelTokenIndex, paoffTokens, 256 * sizeof(uint16_t));
1492 if (RT_SUCCESS(rc))
1493 {
1494 /*
1495 * Figure out the kernel start and end.
1496 */
1497 RTGCUINTPTR uKernelStart = pThis->AddrKernelAddresses.FlatPtr;
1498 RTGCUINTPTR uKernelEnd = pThis->AddrKernelTokenIndex.FlatPtr + 256 * sizeof(uint16_t);
1499 uint32_t i;
1500 if (cbGuestAddr == sizeof(uint64_t))
1501 {
1502 uint64_t *pauAddrs = (uint64_t *)pvAddresses;
1503 for (i = 0; i < pThis->cKernelSymbols; i++)
1504 if ( pauAddrs[i] < uKernelStart
1505 && LNX64_VALID_ADDRESS(pauAddrs[i])
1506 && uKernelStart - pauAddrs[i] < LNX_MAX_KERNEL_SIZE)
1507 uKernelStart = pauAddrs[i];
1508
1509 for (i = pThis->cKernelSymbols - 1; i > 0; i--)
1510 if ( pauAddrs[i] > uKernelEnd
1511 && LNX64_VALID_ADDRESS(pauAddrs[i])
1512 && pauAddrs[i] - uKernelEnd < LNX_MAX_KERNEL_SIZE)
1513 uKernelEnd = pauAddrs[i];
1514 }
1515 else
1516 {
1517 uint32_t *pauAddrs = (uint32_t *)pvAddresses;
1518 for (i = 0; i < pThis->cKernelSymbols; i++)
1519 if ( pauAddrs[i] < uKernelStart
1520 && LNX32_VALID_ADDRESS(pauAddrs[i])
1521 && uKernelStart - pauAddrs[i] < LNX_MAX_KERNEL_SIZE)
1522 uKernelStart = pauAddrs[i];
1523
1524 for (i = pThis->cKernelSymbols - 1; i > 0; i--)
1525 if ( pauAddrs[i] > uKernelEnd
1526 && LNX32_VALID_ADDRESS(pauAddrs[i])
1527 && pauAddrs[i] - uKernelEnd < LNX_MAX_KERNEL_SIZE)
1528 uKernelEnd = pauAddrs[i];
1529 }
1530
1531 RTGCUINTPTR cbKernel = uKernelEnd - uKernelStart;
1532 pThis->cbKernel = (uint32_t)cbKernel;
1533 DBGFR3AddrFromFlat(pUVM, &pThis->AddrKernelBase, uKernelStart);
1534 Log(("dbgDiggerLinuxLoadKernelSymbols: uKernelStart=%RGv cbKernel=%#x\n", uKernelStart, cbKernel));
1535
1536 /*
1537 * Create a module for the kernel.
1538 */
1539 RTDBGMOD hMod;
1540 rc = RTDbgModCreate(&hMod, "vmlinux", cbKernel, 0 /*fFlags*/);
1541 if (RT_SUCCESS(rc))
1542 {
1543 rc = RTDbgModSetTag(hMod, DIG_LNX_MOD_TAG); AssertRC(rc);
1544 rc = VINF_SUCCESS;
1545
1546 /*
1547 * Enumerate the symbols.
1548 */
1549 uint8_t const *pbCurAddr = (uint8_t const *)pvAddresses;
1550 uint32_t offName = 0;
1551 uint32_t cLeft = pThis->cKernelSymbols;
1552 while (cLeft-- > 0 && RT_SUCCESS(rc))
1553 {
1554 /* Decode the symbol name first. */
1555 if (RT_LIKELY(offName < pThis->cbKernelNames))
1556 {
1557 uint8_t cbName = pbNames[offName++];
1558 if (RT_LIKELY(offName + cbName <= pThis->cbKernelNames))
1559 {
1560 char szSymbol[4096];
1561 uint32_t offSymbol = 0;
1562 while (cbName-- > 0)
1563 {
1564 uint8_t bEnc = pbNames[offName++];
1565 uint16_t offToken = paoffTokens[bEnc];
1566 if (RT_LIKELY(offToken < pThis->cbKernelTokenTable))
1567 {
1568 const char *pszToken = &pszzTokens[offToken];
1569 char ch;
1570 while ((ch = *pszToken++) != '\0')
1571 if (offSymbol < sizeof(szSymbol) - 1)
1572 szSymbol[offSymbol++] = ch;
1573 }
1574 else
1575 {
1576 rc = VERR_INVALID_UTF8_ENCODING;
1577 break;
1578 }
1579 }
1580 szSymbol[offSymbol < sizeof(szSymbol) ? offSymbol : sizeof(szSymbol) - 1] = '\0';
1581
1582 /* The address. */
1583 RTGCUINTPTR uSymAddr = cbGuestAddr == sizeof(uint64_t)
1584 ? *(uint64_t *)pbCurAddr : *(uint32_t *)pbCurAddr;
1585 pbCurAddr += cbGuestAddr;
1586
1587 /* Add it without the type char. */
1588 if (uSymAddr - uKernelStart <= cbKernel)
1589 {
1590 rc = RTDbgModSymbolAdd(hMod, &szSymbol[1], RTDBGSEGIDX_RVA, uSymAddr - uKernelStart,
1591 0 /*cb*/, 0 /*fFlags*/, NULL);
1592 if (RT_FAILURE(rc))
1593 {
1594 if ( rc == VERR_DBG_SYMBOL_NAME_OUT_OF_RANGE
1595 || rc == VERR_DBG_INVALID_RVA
1596 || rc == VERR_DBG_ADDRESS_CONFLICT
1597 || rc == VERR_DBG_DUPLICATE_SYMBOL)
1598 {
1599 Log2(("dbgDiggerLinuxLoadKernelSymbols: RTDbgModSymbolAdd(,%s,) failed %Rrc (ignored)\n", szSymbol, rc));
1600 rc = VINF_SUCCESS;
1601 }
1602 else
1603 Log(("dbgDiggerLinuxLoadKernelSymbols: RTDbgModSymbolAdd(,%s,) failed %Rrc\n", szSymbol, rc));
1604 }
1605 }
1606 }
1607 else
1608 {
1609 rc = VERR_END_OF_STRING;
1610 Log(("dbgDiggerLinuxLoadKernelSymbols: offName=%#x cLeft=%#x cbName=%#x cbKernelNames=%#x\n",
1611 offName, cLeft, cbName, pThis->cbKernelNames));
1612 }
1613 }
1614 else
1615 {
1616 rc = VERR_END_OF_STRING;
1617 Log(("dbgDiggerLinuxLoadKernelSymbols: offName=%#x cLeft=%#x cbKernelNames=%#x\n",
1618 offName, cLeft, pThis->cbKernelNames));
1619 }
1620 }
1621
1622 /*
1623 * Link the module into the address space.
1624 */
1625 if (RT_SUCCESS(rc))
1626 {
1627 RTDBGAS hAs = DBGFR3AsResolveAndRetain(pUVM, DBGF_AS_KERNEL);
1628 if (hAs != NIL_RTDBGAS)
1629 rc = RTDbgAsModuleLink(hAs, hMod, uKernelStart, RTDBGASLINK_FLAGS_REPLACE);
1630 else
1631 rc = VERR_INTERNAL_ERROR;
1632 RTDbgAsRelease(hAs);
1633 }
1634 else
1635 Log(("dbgDiggerLinuxLoadKernelSymbols: Failed: %Rrc\n", rc));
1636 RTDbgModRelease(hMod);
1637 }
1638 else
1639 Log(("dbgDiggerLinuxLoadKernelSymbols: RTDbgModCreate failed: %Rrc\n", rc));
1640 }
1641 else
1642 Log(("dbgDiggerLinuxLoadKernelSymbols: Reading token index at %RGv failed: %Rrc\n",
1643 pThis->AddrKernelTokenIndex.FlatPtr, rc));
1644 RTMemFree(paoffTokens);
1645 }
1646 else
1647 Log(("dbgDiggerLinuxLoadKernelSymbols: Reading token table at %RGv failed: %Rrc\n",
1648 pThis->AddrKernelTokenTable.FlatPtr, rc));
1649 RTMemFree(pszzTokens);
1650 }
1651 else
1652 Log(("dbgDiggerLinuxLoadKernelSymbols: Reading encoded names at %RGv failed: %Rrc\n",
1653 pThis->AddrKernelNames.FlatPtr, rc));
1654 RTMemFree(pbNames);
1655 }
1656 else
1657 Log(("dbgDiggerLinuxLoadKernelSymbols: Reading symbol addresses at %RGv failed: %Rrc\n",
1658 pThis->AddrKernelAddresses.FlatPtr, rc));
1659 RTMemFree(pvAddresses);
1660 return rc;
1661}
1662
1663
1664/**
1665 * Checks if there is a likely kallsyms_names fragment at pHitAddr.
1666 *
1667 * @returns true if it's a likely fragment, false if not.
1668 * @param pUVM The user mode VM handle.
1669 * @param pHitAddr The address where paNeedle was found.
1670 * @param pabNeedle The fragment we've been searching for.
1671 * @param cbNeedle The length of the fragment.
1672 */
1673static bool dbgDiggerLinuxIsLikelyNameFragment(PUVM pUVM, PCDBGFADDRESS pHitAddr, uint8_t const *pabNeedle, uint8_t cbNeedle)
1674{
1675 /*
1676 * Examples of lead and tail bytes of our choosen needle in a randomly
1677 * picked kernel:
1678 * k o b j
1679 * 22 6b 6f 62 6a aa
1680 * fc 6b 6f 62 6a aa
1681 * 82 6b 6f 62 6a 5f - ascii trail byte (_).
1682 * ee 6b 6f 62 6a aa
1683 * fc 6b 6f 62 6a 5f - ascii trail byte (_).
1684 * 0a 74 6b 6f 62 6a 5f ea - ascii lead (t) and trail (_) bytes.
1685 * 0b 54 6b 6f 62 6a aa - ascii lead byte (T).
1686 * ... omitting 29 samples similar to the last two ...
1687 * d8 6b 6f 62 6a aa
1688 * d8 6b 6f 62 6a aa
1689 * d8 6b 6f 62 6a aa
1690 * d8 6b 6f 62 6a aa
1691 * f9 5f 6b 6f 62 6a 5f 94 - ascii lead and trail bytes (_)
1692 * f9 5f 6b 6f 62 6a 0c - ascii lead byte (_).
1693 * fd 6b 6f 62 6a 0f
1694 * ... enough.
1695 */
1696 uint8_t abBuf[32];
1697 DBGFADDRESS ReadAddr = *pHitAddr;
1698 DBGFR3AddrSub(&ReadAddr, 2);
1699 int rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, &ReadAddr, abBuf, 2 + cbNeedle + 2);
1700 if (RT_SUCCESS(rc))
1701 {
1702 if (memcmp(&abBuf[2], pabNeedle, cbNeedle) == 0) /* paranoia */
1703 {
1704 uint8_t const bLead = abBuf[1] == '_' || abBuf[1] == 'T' || abBuf[1] == 't' ? abBuf[0] : abBuf[1];
1705 uint8_t const offTail = 2 + cbNeedle;
1706 uint8_t const bTail = abBuf[offTail] == '_' ? abBuf[offTail] : abBuf[offTail + 1];
1707 if ( bLead >= 1 && (bLead < 0x20 || bLead >= 0x80)
1708 && bTail >= 1 && (bTail < 0x20 || bTail >= 0x80))
1709 return true;
1710 Log(("dbgDiggerLinuxIsLikelyNameFragment: failed at %RGv: bLead=%#x bTail=%#x (offTail=%#x)\n",
1711 pHitAddr->FlatPtr, bLead, bTail, offTail));
1712 }
1713 else
1714 Log(("dbgDiggerLinuxIsLikelyNameFragment: failed at %RGv: Needle changed!\n", pHitAddr->FlatPtr));
1715 }
1716 else
1717 Log(("dbgDiggerLinuxIsLikelyNameFragment: failed at %RGv: %Rrc\n", pHitAddr->FlatPtr, rc));
1718
1719 return false;
1720}
1721
1722/**
1723 * Tries to find and load the kernel symbol table with the given needle.
1724 *
1725 * @returns VBox status code.
1726 * @param pThis The Linux digger data.
1727 * @param pUVM The user mode VM handle.
1728 * @param pabNeedle The needle to use for searching.
1729 * @param cbNeedle Size of the needle in bytes.
1730 */
1731static int dbgDiggerLinuxFindSymbolTableFromNeedle(PDBGDIGGERLINUX pThis, PUVM pUVM, uint8_t const *pabNeedle, size_t cbNeedle)
1732{
1733 int rc = VINF_SUCCESS;
1734
1735 /*
1736 * Go looking for the kallsyms table. If it's there, it will be somewhere
1737 * after the linux_banner symbol, so use it for starting the search.
1738 */
1739 DBGFADDRESS CurAddr = pThis->AddrLinuxBanner;
1740 uint32_t cbLeft = LNX_MAX_KERNEL_SIZE;
1741 while (cbLeft > 4096)
1742 {
1743 DBGFADDRESS HitAddr;
1744 rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &CurAddr, cbLeft, 1 /*uAlign*/,
1745 pabNeedle, cbNeedle, &HitAddr);
1746 if (RT_FAILURE(rc))
1747 break;
1748 if (dbgDiggerLinuxIsLikelyNameFragment(pUVM, &HitAddr, pabNeedle, cbNeedle))
1749 {
1750 /* There will be another hit near by. */
1751 DBGFR3AddrAdd(&HitAddr, 1);
1752 rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &HitAddr, LNX_MAX_KALLSYMS_NAMES_SIZE, 1 /*uAlign*/,
1753 pabNeedle, cbNeedle, &HitAddr);
1754 if ( RT_SUCCESS(rc)
1755 && dbgDiggerLinuxIsLikelyNameFragment(pUVM, &HitAddr, pabNeedle, cbNeedle))
1756 {
1757 /*
1758 * We've got a very likely candidate for a location inside kallsyms_names.
1759 * Try find the start of it, that is to say, try find kallsyms_num_syms.
1760 * kallsyms_num_syms is aligned on sizeof(unsigned long) boundrary
1761 */
1762 rc = dbgDiggerLinuxFindStartOfNamesAndSymbolCount(pUVM, pThis, &HitAddr);
1763 if (RT_SUCCESS(rc))
1764 rc = dbgDiggerLinuxFindEndOfNamesAndMore(pUVM, pThis, &HitAddr);
1765 if (RT_SUCCESS(rc))
1766 rc = dbgDiggerLinuxFindTokenIndex(pUVM, pThis);
1767 if (RT_SUCCESS(rc))
1768 rc = dbgDiggerLinuxLoadKernelSymbols(pUVM, pThis);
1769 if (RT_SUCCESS(rc))
1770 break;
1771 }
1772 }
1773
1774 /*
1775 * Advance.
1776 */
1777 RTGCUINTPTR cbDistance = HitAddr.FlatPtr - CurAddr.FlatPtr + cbNeedle;
1778 if (RT_UNLIKELY(cbDistance >= cbLeft))
1779 {
1780 Log(("dbgDiggerLinuxInit: Failed to find kallsyms\n"));
1781 break;
1782 }
1783 cbLeft -= cbDistance;
1784 DBGFR3AddrAdd(&CurAddr, cbDistance);
1785
1786 }
1787
1788 return rc;
1789}
1790
1791/**
1792 * Skips whitespace and comments in the given config returning the pointer
1793 * to the first non whitespace character.
1794 *
1795 * @returns Pointer to the first non whitespace character or NULL if the end
1796 * of the string was reached.
1797 * @param pszCfg The config string.
1798 */
1799static const char *dbgDiggerLinuxCfgSkipWhitespace(const char *pszCfg)
1800{
1801 do
1802 {
1803 while ( *pszCfg != '\0'
1804 && ( RT_C_IS_SPACE(*pszCfg)
1805 || *pszCfg == '\n'))
1806 pszCfg++;
1807
1808 /* Do we have a comment? Skip it. */
1809 if (*pszCfg == '#')
1810 {
1811 while ( *pszCfg != '\n'
1812 && *pszCfg != '\0')
1813 pszCfg++;
1814 }
1815 } while ( *pszCfg != '\0'
1816 && ( RT_C_IS_SPACE(*pszCfg)
1817 || *pszCfg == '\n'
1818 || *pszCfg == '#'));
1819
1820 return pszCfg;
1821}
1822
1823/**
1824 * Parses an identifier at the given position.
1825 *
1826 * @returns VBox status code.
1827 * @param pszCfg The config data.
1828 * @param ppszCfgNext Where to store the pointer to the data following the identifier.
1829 * @param ppszIde Where to store the pointer to the identifier on success.
1830 * Free with RTStrFree().
1831 */
1832static int dbgDiggerLinuxCfgParseIde(const char *pszCfg, const char **ppszCfgNext, char **ppszIde)
1833{
1834 int rc = VINF_SUCCESS;
1835 size_t cchIde = 0;
1836
1837 while ( *pszCfg != '\0'
1838 && ( RT_C_IS_ALNUM(*pszCfg)
1839 || *pszCfg == '_'))
1840 {
1841 cchIde++;
1842 pszCfg++;
1843 }
1844
1845 if (cchIde)
1846 {
1847 *ppszIde = RTStrDupN(pszCfg - cchIde, cchIde);
1848 if (!*ppszIde)
1849 rc = VERR_NO_STR_MEMORY;
1850 }
1851
1852 *ppszCfgNext = pszCfg;
1853 return rc;
1854}
1855
1856/**
1857 * Parses a value for a config item.
1858 *
1859 * @returns VBox status code.
1860 * @param pszCfg The config data.
1861 * @param ppszCfgNext Where to store the pointer to the data following the identifier.
1862 * @param pcbCfg Where the initial size of the string is stored.
1863 * Contains the remaining string length on return.
1864 * @param ppCfgItem Where to store the created config item on success.
1865 */
1866static int dbgDiggerLinuxCfgParseVal(const char *pszCfg, const char **ppszCfgNext,
1867 PDBGDIGGERLINUXCFGITEM *ppCfgItem)
1868{
1869 int rc = VINF_SUCCESS;
1870 PDBGDIGGERLINUXCFGITEM pCfgItem = NULL;
1871
1872 if (RT_C_IS_DIGIT(*pszCfg) || *pszCfg == '-')
1873 {
1874 /* Parse the number. */
1875 int64_t i64Num;
1876 rc = RTStrToInt64Ex(pszCfg, (char **)ppszCfgNext, 0, &i64Num);
1877 if ( RT_SUCCESS(rc)
1878 || rc == VWRN_TRAILING_CHARS
1879 || rc == VWRN_TRAILING_SPACES)
1880 {
1881 pCfgItem = (PDBGDIGGERLINUXCFGITEM)RTMemAllocZ(sizeof(DBGDIGGERLINUXCFGITEM));
1882 if (pCfgItem)
1883 {
1884 pCfgItem->enmType = DBGDIGGERLINUXCFGITEMTYPE_NUMBER;
1885 pCfgItem->u.i64Num = i64Num;
1886 }
1887 else
1888 rc = VERR_NO_MEMORY;
1889 }
1890 }
1891 else if (*pszCfg == '\"')
1892 {
1893 /* Parse a string. */
1894 const char *pszCfgCur = pszCfg + 1;
1895 while ( *pszCfgCur != '\0'
1896 && *pszCfgCur != '\"')
1897 pszCfgCur++;
1898
1899 if (*pszCfgCur == '\"')
1900 {
1901 pCfgItem = (PDBGDIGGERLINUXCFGITEM)RTMemAllocZ(RT_OFFSETOF(DBGDIGGERLINUXCFGITEM, u.aszString[pszCfgCur - pszCfg + 1]));
1902 if (pCfgItem)
1903 {
1904 pCfgItem->enmType = DBGDIGGERLINUXCFGITEMTYPE_STRING;
1905 RTStrCopyEx(&pCfgItem->u.aszString[0], pszCfgCur - pszCfg + 1, pszCfg, pszCfgCur - pszCfg);
1906 *ppszCfgNext = pszCfgCur + 1;
1907 }
1908 else
1909 rc = VERR_NO_MEMORY;
1910 }
1911 else
1912 rc = VERR_INVALID_STATE;
1913 }
1914 else if ( *pszCfg == 'y'
1915 || *pszCfg == 'm')
1916 {
1917 /* Included or module. */
1918 pCfgItem = (PDBGDIGGERLINUXCFGITEM)RTMemAllocZ(sizeof(DBGDIGGERLINUXCFGITEM));
1919 if (pCfgItem)
1920 {
1921 pCfgItem->enmType = DBGDIGGERLINUXCFGITEMTYPE_FLAG;
1922 pCfgItem->u.fModule = *pszCfg == 'm';
1923 }
1924 else
1925 rc = VERR_NO_MEMORY;
1926 pszCfg++;
1927 *ppszCfgNext = pszCfg;
1928 }
1929 else
1930 rc = VERR_INVALID_STATE;
1931
1932 if (RT_SUCCESS(rc))
1933 *ppCfgItem = pCfgItem;
1934 else if (pCfgItem)
1935 RTMemFree(pCfgItem);
1936
1937 return rc;
1938}
1939
1940/**
1941 * Parses the given kernel config and creates the config database.
1942 *
1943 * @returns VBox status code
1944 * @param pThis The Linux digger data.
1945 * @param pbCfg The config string.
1946 */
1947static int dbgDiggerLinuxCfgParse(PDBGDIGGERLINUX pThis, const char *pszCfg)
1948{
1949 int rc = VINF_SUCCESS;
1950
1951 /*
1952 * The config is a text file with the following elements:
1953 * # starts a comment which goes till the end of the line
1954 * <Ide>=<val> where <Ide> is an identifier consisting of
1955 * alphanumerical characters (including _)
1956 * <val> denotes the value for the identifier and can have the following
1957 * formats:
1958 * (-)[0-9]* for numbers
1959 * "..." for a string value
1960 * m when a feature is enabled as a module
1961 * y when a feature is enabled
1962 * Newlines are used as a separator between values and mark the end
1963 * of a comment
1964 */
1965 const char *pszCfgCur = pszCfg;
1966 while ( RT_SUCCESS(rc)
1967 && *pszCfgCur != '\0')
1968 {
1969 /* Start skipping the whitespace. */
1970 pszCfgCur = dbgDiggerLinuxCfgSkipWhitespace(pszCfgCur);
1971 if ( pszCfgCur
1972 && *pszCfgCur != '\0')
1973 {
1974 char *pszIde = NULL;
1975 /* Must be an identifier, parse it. */
1976 rc = dbgDiggerLinuxCfgParseIde(pszCfgCur, &pszCfgCur, &pszIde);
1977 if (RT_SUCCESS(rc))
1978 {
1979 /*
1980 * Skip whitespace again (shouldn't be required because = follows immediately
1981 * in the observed configs).
1982 */
1983 pszCfgCur = dbgDiggerLinuxCfgSkipWhitespace(pszCfgCur);
1984 if ( pszCfgCur
1985 && *pszCfgCur == '=')
1986 {
1987 pszCfgCur++;
1988 pszCfgCur = dbgDiggerLinuxCfgSkipWhitespace(pszCfgCur);
1989 if ( pszCfgCur
1990 && *pszCfgCur != '\0')
1991 {
1992 /* Get the value. */
1993 PDBGDIGGERLINUXCFGITEM pCfgItem = NULL;
1994 rc = dbgDiggerLinuxCfgParseVal(pszCfgCur, &pszCfgCur, &pCfgItem);
1995 if (RT_SUCCESS(rc))
1996 {
1997 pCfgItem->Core.pszString = pszIde;
1998 bool fRc = RTStrSpaceInsert(&pThis->hCfgDb, &pCfgItem->Core);
1999 if (!fRc)
2000 {
2001 RTStrFree(pszIde);
2002 RTMemFree(pCfgItem);
2003 rc = VERR_INVALID_STATE;
2004 }
2005 }
2006 }
2007 else
2008 rc = VERR_EOF;
2009 }
2010 else
2011 rc = VERR_INVALID_STATE;
2012 }
2013
2014 if (RT_FAILURE(rc))
2015 RTStrFree(pszIde);
2016 }
2017 else
2018 break; /* Reached the end of the config. */
2019 }
2020
2021 if (RT_FAILURE(rc))
2022 dbgDiggerLinuxCfgDbDestroy(pThis);
2023
2024 return rc;
2025}
2026
2027/**
2028 * Decompresses the given config and validates the UTF-8 encoding.
2029 *
2030 * @returns VBox status code.
2031 * @param pbCfgComp The compressed config.
2032 * @param cbCfgComp Size of the compressed config.
2033 * @param ppszCfg Where to store the pointer to the decompressed config
2034 * on success.
2035 */
2036static int dbgDiggerLinuxCfgDecompress(const uint8_t *pbCfgComp, size_t cbCfgComp, char **ppszCfg)
2037{
2038 int rc = VINF_SUCCESS;
2039 RTVFSIOSTREAM hVfsIos = NIL_RTVFSIOSTREAM;
2040
2041 rc = RTVfsIoStrmFromBuffer(RTFILE_O_READ, pbCfgComp, cbCfgComp, &hVfsIos);
2042 if (RT_SUCCESS(rc))
2043 {
2044 RTVFSIOSTREAM hVfsIosDecomp = NIL_RTVFSIOSTREAM;
2045 rc = RTZipGzipDecompressIoStream(hVfsIos, RTZIPGZIPDECOMP_F_ALLOW_ZLIB_HDR, &hVfsIosDecomp);
2046 if (RT_SUCCESS(rc))
2047 {
2048 char *pszCfg = NULL;
2049 size_t cchCfg = 0;
2050 size_t cbRead = 0;
2051
2052 do
2053 {
2054 uint8_t abBuf[_64K];
2055 rc = RTVfsIoStrmRead(hVfsIosDecomp, abBuf, sizeof(abBuf), true /*fBlocking*/, &cbRead);
2056 if (rc == VINF_EOF && cbRead == 0)
2057 rc = VINF_SUCCESS;
2058 if ( RT_SUCCESS(rc)
2059 && cbRead > 0)
2060 {
2061 /* Append data. */
2062 char *pszCfgNew = pszCfg;
2063 rc = RTStrRealloc(&pszCfgNew, cchCfg + cbRead + 1);
2064 if (RT_SUCCESS(rc))
2065 {
2066 pszCfg = pszCfgNew;
2067 memcpy(pszCfg + cchCfg, &abBuf[0], cbRead);
2068 cchCfg += cbRead;
2069 pszCfg[cchCfg] = '\0'; /* Enforce string termination. */
2070 }
2071 }
2072 } while (RT_SUCCESS(rc) && cbRead > 0);
2073
2074 if (RT_SUCCESS(rc))
2075 *ppszCfg = pszCfg;
2076 else if (RT_FAILURE(rc) && pszCfg)
2077 RTStrFree(pszCfg);
2078
2079 RTVfsIoStrmRelease(hVfsIosDecomp);
2080 }
2081 RTVfsIoStrmRelease(hVfsIos);
2082 }
2083
2084 return rc;
2085}
2086
2087/**
2088 * Reads and decodes the compressed kernel config.
2089 *
2090 * @returns VBox status code.
2091 * @param pThis The Linux digger data.
2092 * @param pUVM The user mode VM handle.
2093 * @param pAddrStart The start address of the compressed config.
2094 * @param cbCfgComp The size of the compressed config.
2095 */
2096static int dbgDiggerLinuxCfgDecode(PDBGDIGGERLINUX pThis, PUVM pUVM,
2097 PCDBGFADDRESS pAddrStart, size_t cbCfgComp)
2098{
2099 int rc = VINF_SUCCESS;
2100 uint8_t *pbCfgComp = (uint8_t *)RTMemTmpAlloc(cbCfgComp);
2101 if (!pbCfgComp)
2102 return VERR_NO_MEMORY;
2103
2104 rc = DBGFR3MemRead(pUVM, 0 /*idCpu*/, pAddrStart, pbCfgComp, cbCfgComp);
2105 if (RT_SUCCESS(rc))
2106 {
2107 char *pszCfg = NULL;
2108 rc = dbgDiggerLinuxCfgDecompress(pbCfgComp, cbCfgComp, &pszCfg);
2109 if (RT_SUCCESS(rc))
2110 {
2111 if (RTStrIsValidEncoding(pszCfg))
2112 rc = dbgDiggerLinuxCfgParse(pThis, pszCfg);
2113 else
2114 rc = VERR_INVALID_UTF8_ENCODING;
2115 RTStrFree(pszCfg);
2116 }
2117 }
2118
2119 RTMemFree(pbCfgComp);
2120 return rc;
2121}
2122
2123/**
2124 * Tries to find the compressed kernel config in the kernel address space
2125 * and sets up the config database.
2126 *
2127 * @returns VBox status code.
2128 * @param pThis The Linux digger data.
2129 * @param pUVM The user mode VM handle.
2130 */
2131static int dbgDiggerLinuxCfgFind(PDBGDIGGERLINUX pThis, PUVM pUVM)
2132{
2133 int rc = VINF_SUCCESS;
2134
2135 /*
2136 * Go looking for the IKCFG_ST string which indicates the start
2137 * of the compressed config file.
2138 */
2139 static const uint8_t s_abCfgNeedleStart[] = "IKCFG_ST";
2140 static const uint8_t s_abCfgNeedleEnd[] = "IKCFG_ED";
2141 DBGFADDRESS CurAddr = pThis->AddrLinuxBanner;
2142 uint32_t cbLeft = LNX_MAX_KERNEL_SIZE;
2143 while (cbLeft > 4096)
2144 {
2145 DBGFADDRESS HitAddrStart;
2146 rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &CurAddr, cbLeft, 1 /*uAlign*/,
2147 s_abCfgNeedleStart, sizeof(s_abCfgNeedleStart) - 1, &HitAddrStart);
2148 if (RT_FAILURE(rc))
2149 break;
2150
2151 /* Check for the end marker which shouldn't be that far away. */
2152 DBGFR3AddrAdd(&HitAddrStart, sizeof(s_abCfgNeedleStart) - 1);
2153 DBGFADDRESS HitAddrEnd;
2154 rc = DBGFR3MemScan(pUVM, 0 /* idCpu */, &HitAddrStart, LNX_MAX_COMPRESSED_CFG_SIZE,
2155 1 /* uAlign */, s_abCfgNeedleEnd, sizeof(s_abCfgNeedleEnd) - 1, &HitAddrEnd);
2156 if (RT_SUCCESS(rc))
2157 {
2158 /* Allocate a buffer to hold the compressed data between the markers and fetch it. */
2159 RTGCUINTPTR cbCfg = HitAddrEnd.FlatPtr - HitAddrStart.FlatPtr;
2160 Assert(cbCfg == (size_t)cbCfg);
2161 rc = dbgDiggerLinuxCfgDecode(pThis, pUVM, &HitAddrStart, cbCfg);
2162 if (RT_SUCCESS(rc))
2163 break;
2164 }
2165
2166 /*
2167 * Advance.
2168 */
2169 RTGCUINTPTR cbDistance = HitAddrStart.FlatPtr - CurAddr.FlatPtr + sizeof(s_abCfgNeedleStart) - 1;
2170 if (RT_UNLIKELY(cbDistance >= cbLeft))
2171 {
2172 LogFunc(("Failed to find compressed kernel config\n"));
2173 break;
2174 }
2175 cbLeft -= cbDistance;
2176 DBGFR3AddrAdd(&CurAddr, cbDistance);
2177
2178 }
2179
2180 return rc;
2181}
2182
2183/**
2184 * @copydoc DBGFOSREG::pfnInit
2185 */
2186static DECLCALLBACK(int) dbgDiggerLinuxInit(PUVM pUVM, void *pvData)
2187{
2188 PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
2189 Assert(!pThis->fValid);
2190
2191 /*
2192 * Assume 64-bit kernels all live way beyond 32-bit address space.
2193 */
2194 pThis->f64Bit = pThis->AddrLinuxBanner.FlatPtr > UINT32_MAX;
2195
2196 pThis->hCfgDb = NULL;
2197
2198 /*
2199 * Try to find the compressed kernel config and parse it before we try
2200 * to get the symbol table, the config database is required to select
2201 * the method to use.
2202 */
2203 int rc = dbgDiggerLinuxCfgFind(pThis, pUVM);
2204 if (RT_FAILURE(rc))
2205 LogFlowFunc(("Failed to find kernel config (%Rrc), no config database available\n", rc));
2206
2207 static const uint8_t s_abNeedle[] = "kobj";
2208 rc = dbgDiggerLinuxFindSymbolTableFromNeedle(pThis, pUVM, s_abNeedle, sizeof(s_abNeedle) - 1);
2209 if (RT_FAILURE(rc))
2210 {
2211 /* Try alternate needle (seen on older x86 Linux kernels). */
2212 static const uint8_t s_abNeedleAlt[] = "kobjec";
2213 rc = dbgDiggerLinuxFindSymbolTableFromNeedle(pThis, pUVM, s_abNeedleAlt, sizeof(s_abNeedleAlt) - 1);
2214 if (RT_FAILURE(rc))
2215 {
2216 static const uint8_t s_abNeedleOSuseX86[] = "nmi"; /* OpenSuSe 10.2 x86 */
2217 rc = dbgDiggerLinuxFindSymbolTableFromNeedle(pThis, pUVM, s_abNeedleOSuseX86, sizeof(s_abNeedleOSuseX86) - 1);
2218 }
2219 }
2220
2221 pThis->fValid = true;
2222 return VINF_SUCCESS;
2223}
2224
2225
2226/**
2227 * @copydoc DBGFOSREG::pfnProbe
2228 */
2229static DECLCALLBACK(bool) dbgDiggerLinuxProbe(PUVM pUVM, void *pvData)
2230{
2231 PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
2232
2233 /*
2234 * Look for "Linux version " at the start of the rodata segment.
2235 * Hope that this comes before any message buffer or other similar string.
2236 */
2237 for (unsigned i = 0; i < RT_ELEMENTS(g_au64LnxKernelAddresses); i++)
2238 {
2239 DBGFADDRESS KernelAddr;
2240 DBGFR3AddrFromFlat(pUVM, &KernelAddr, g_au64LnxKernelAddresses[i]);
2241 DBGFADDRESS HitAddr;
2242 int rc = DBGFR3MemScan(pUVM, 0, &KernelAddr, LNX_MAX_KERNEL_SIZE, 1,
2243 g_abLinuxVersion, sizeof(g_abLinuxVersion) - 1, &HitAddr);
2244 if (RT_SUCCESS(rc))
2245 {
2246 char szTmp[128];
2247 char const *pszX = &szTmp[sizeof(g_abLinuxVersion) - 1];
2248 rc = DBGFR3MemReadString(pUVM, 0, &HitAddr, szTmp, sizeof(szTmp));
2249 if ( RT_SUCCESS(rc)
2250 && ( ( pszX[0] == '2' /* 2.x.y with x in {0..6} */
2251 && pszX[1] == '.'
2252 && pszX[2] >= '0'
2253 && pszX[2] <= '6')
2254 || ( pszX[0] >= '3' /* 3.x, 4.x, ... 9.x */
2255 && pszX[0] <= '9'
2256 && pszX[1] == '.'
2257 && pszX[2] >= '0'
2258 && pszX[2] <= '9')
2259 )
2260 )
2261 {
2262 pThis->AddrKernelBase = KernelAddr;
2263 pThis->AddrLinuxBanner = HitAddr;
2264 return true;
2265 }
2266 }
2267 }
2268 return false;
2269}
2270
2271
2272/**
2273 * @copydoc DBGFOSREG::pfnDestruct
2274 */
2275static DECLCALLBACK(void) dbgDiggerLinuxDestruct(PUVM pUVM, void *pvData)
2276{
2277
2278}
2279
2280
2281/**
2282 * @copydoc DBGFOSREG::pfnConstruct
2283 */
2284static DECLCALLBACK(int) dbgDiggerLinuxConstruct(PUVM pUVM, void *pvData)
2285{
2286 PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
2287 pThis->IDmesg.u32Magic = DBGFOSIDMESG_MAGIC;
2288 pThis->IDmesg.pfnQueryKernelLog = dbgDiggerLinuxIDmsg_QueryKernelLog;
2289 pThis->IDmesg.u32EndMagic = DBGFOSIDMESG_MAGIC;
2290
2291 return VINF_SUCCESS;
2292}
2293
2294
2295const DBGFOSREG g_DBGDiggerLinux =
2296{
2297 /* .u32Magic = */ DBGFOSREG_MAGIC,
2298 /* .fFlags = */ 0,
2299 /* .cbData = */ sizeof(DBGDIGGERLINUX),
2300 /* .szName = */ "Linux",
2301 /* .pfnConstruct = */ dbgDiggerLinuxConstruct,
2302 /* .pfnDestruct = */ dbgDiggerLinuxDestruct,
2303 /* .pfnProbe = */ dbgDiggerLinuxProbe,
2304 /* .pfnInit = */ dbgDiggerLinuxInit,
2305 /* .pfnRefresh = */ dbgDiggerLinuxRefresh,
2306 /* .pfnTerm = */ dbgDiggerLinuxTerm,
2307 /* .pfnQueryVersion = */ dbgDiggerLinuxQueryVersion,
2308 /* .pfnQueryInterface = */ dbgDiggerLinuxQueryInterface,
2309 /* .u32EndMagic = */ DBGFOSREG_MAGIC
2310};
2311
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette