1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
|
/* Common core note type descriptions for Linux.
Copyright (C) 2007-2010 Red Hat, Inc.
Copyright (C) H.J. Lu <hjl.tools@gmail.com>, 2015.
This file is part of elfutils.
This file is free software; you can redistribute it and/or modify
it under the terms of either
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at
your option) any later version
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at
your option) any later version
or both in parallel, as here.
elfutils is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see <http://www.gnu.org/licenses/>. */
#include <string.h>
/* The including CPU_corenote.c file provides prstatus_regs and
defines macros ULONG, [PUG]ID_T, and ALIGN_*, TYPE_*.
Here we describe the common layout used in <linux/elfcore.h>. */
#define CHAR int8_t
#define ALIGN_CHAR 1
#define TYPE_CHAR ELF_T_BYTE
#define SHORT uint16_t
#define ALIGN_SHORT 2
#define TYPE_SHORT ELF_T_HALF
#define INT int32_t
#ifndef ALIGN_INT
# define ALIGN_INT 4
#endif
#define TYPE_INT ELF_T_SWORD
#ifndef PR_REG
# define PR_REG ULONG
#endif
#ifndef ALIGN_PR_REG
# define ALIGN_PR_REG ALIGN_ULONG
#endif
#ifndef PRPSINFO_UID_T
# define PRPSINFO_UID_T UID_T
# define ALIGN_PRPSINFO_UID_T ALIGN_UID_T
# define TYPE_PRPSINFO_UID_T TYPE_UID_T
#endif
#ifndef PRPSINFO_GID_T
# define PRPSINFO_GID_T GID_T
# define ALIGN_PRPSINFO_GID_T ALIGN_GID_T
# define TYPE_PRPSINFO_GID_T TYPE_GID_T
#endif
#define FIELD(type, name) type name __attribute__ ((aligned (ALIGN_##type)))
struct EBLHOOK(siginfo)
{
FIELD (INT, si_signo);
FIELD (INT, si_code);
FIELD (INT, si_errno);
};
struct EBLHOOK(timeval)
{
FIELD (ULONG, tv_sec);
FIELD (ULONG, tv_usec);
};
/* On sparc64, tv_usec (suseconds_t) is actually 32 bits with 32 bits padding.
The 'T'|0x80 value for .format indicates this as a special kludge. */
#if SUSECONDS_HALF
# define TIMEVAL_FIELD(name) FIELD (time, ULONG, name, 'T'|0x80, .count = 2)
#else
# define TIMEVAL_FIELD(name) FIELD (time, ULONG, name, 'T', .count = 2)
#endif
struct EBLHOOK(prstatus)
{
struct EBLHOOK(siginfo) pr_info;
FIELD (SHORT, pr_cursig);
FIELD (ULONG, pr_sigpend);
FIELD (ULONG, pr_sighold);
FIELD (PID_T, pr_pid);
FIELD (PID_T, pr_ppid);
FIELD (PID_T, pr_pgrp);
FIELD (PID_T, pr_sid);
struct EBLHOOK(timeval) pr_utime;
struct EBLHOOK(timeval) pr_stime;
struct EBLHOOK(timeval) pr_cutime;
struct EBLHOOK(timeval) pr_cstime;
struct
{
FIELD (PR_REG, pr_reg[PRSTATUS_REGS_SIZE / sizeof (PR_REG)]);
}
#ifdef ALIGN_PR_REG
__attribute__ ((aligned (ALIGN_PR_REG)))
#endif
;
FIELD (INT, pr_fpvalid);
};
#define FNAMESZ 16
#define PRARGSZ 80
struct EBLHOOK(prpsinfo)
{
FIELD (CHAR, pr_state);
FIELD (CHAR, pr_sname);
FIELD (CHAR, pr_zomb);
FIELD (CHAR, pr_nice);
FIELD (ULONG, pr_flag);
FIELD (PRPSINFO_UID_T, pr_uid);
FIELD (PRPSINFO_GID_T, pr_gid);
FIELD (PID_T, pr_pid);
FIELD (PID_T, pr_ppid);
FIELD (PID_T, pr_pgrp);
FIELD (PID_T, pr_sid);
FIELD (CHAR, pr_fname[FNAMESZ]);
FIELD (CHAR, pr_psargs[PRARGSZ]);
};
#undef FIELD
#define FIELD(igroup, itype, item, fmt, ...) \
{ \
.name = #item, \
.group = #igroup, \
.offset = offsetof (struct EBLHOOK(prstatus), pr_##item), \
.type = TYPE_##itype, \
.format = fmt, \
__VA_ARGS__ \
}
static const Ebl_Core_Item prstatus_items[] =
{
FIELD (signal, INT, info.si_signo, 'd'),
FIELD (signal, INT, info.si_code, 'd'),
FIELD (signal, INT, info.si_errno, 'd'),
FIELD (signal, SHORT, cursig, 'd'),
/* Use different group name for a newline delimiter. */
FIELD (signal2, ULONG, sigpend, 'B'),
FIELD (signal3, ULONG, sighold, 'B'),
FIELD (identity, PID_T, pid, 'd', .thread_identifier = true),
FIELD (identity, PID_T, ppid, 'd'),
FIELD (identity, PID_T, pgrp, 'd'),
FIELD (identity, PID_T, sid, 'd'),
TIMEVAL_FIELD (utime),
TIMEVAL_FIELD (stime),
TIMEVAL_FIELD (cutime),
TIMEVAL_FIELD (cstime),
#ifdef PRSTATUS_REGSET_ITEMS
PRSTATUS_REGSET_ITEMS,
#endif
FIELD (register, INT, fpvalid, 'd'),
};
#undef FIELD
#define FIELD(igroup, itype, item, fmt, ...) \
{ \
.name = #item, \
.group = #igroup, \
.offset = offsetof (struct EBLHOOK(prpsinfo), pr_##item), \
.type = TYPE_##itype, \
.format = fmt, \
__VA_ARGS__ \
}
static const Ebl_Core_Item prpsinfo_items[] =
{
FIELD (state, CHAR, state, 'd'),
FIELD (state, CHAR, sname, 'c'),
FIELD (state, CHAR, zomb, 'd'),
FIELD (state, CHAR, nice, 'd'),
FIELD (state, ULONG, flag, 'x'),
FIELD (identity, PRPSINFO_UID_T, uid, 'd'),
FIELD (identity, PRPSINFO_GID_T, gid, 'd'),
FIELD (identity, PID_T, pid, 'd'),
FIELD (identity, PID_T, ppid, 'd'),
FIELD (identity, PID_T, pgrp, 'd'),
FIELD (identity, PID_T, sid, 'd'),
FIELD (command, CHAR, fname, 's', .count = FNAMESZ),
FIELD (command, CHAR, psargs, 's', .count = PRARGSZ),
};
static const Ebl_Core_Item vmcoreinfo_items[] =
{
{
.type = ELF_T_BYTE, .format = '\n'
}
};
#undef FIELD
int
EBLHOOK(core_note) (const GElf_Nhdr *nhdr, const char *name,
GElf_Word *regs_offset, size_t *nregloc,
const Ebl_Register_Location **reglocs,
size_t *nitems, const Ebl_Core_Item **items)
{
switch (nhdr->n_namesz)
{
case sizeof "CORE" - 1: /* Buggy old Linux kernels. */
if (memcmp (name, "CORE", nhdr->n_namesz) == 0)
break;
return 0;
case sizeof "CORE":
if (memcmp (name, "CORE", nhdr->n_namesz) == 0)
break;
/* Buggy old Linux kernels didn't terminate "LINUX".
Fall through. */
case sizeof "LINUX":
if (memcmp (name, "LINUX", nhdr->n_namesz) == 0)
break;
return 0;
case sizeof "VMCOREINFO":
if (nhdr->n_type != 0
|| memcmp (name, "VMCOREINFO", sizeof "VMCOREINFO") != 0)
return 0;
*regs_offset = 0;
*nregloc = 0;
*nitems = 1;
*items = vmcoreinfo_items;
return 1;
default:
return 0;
}
switch (nhdr->n_type)
{
case NT_PRSTATUS:
if (nhdr->n_descsz != sizeof (struct EBLHOOK(prstatus)))
return 0;
*regs_offset = offsetof (struct EBLHOOK(prstatus), pr_reg);
*nregloc = sizeof prstatus_regs / sizeof prstatus_regs[0];
*reglocs = prstatus_regs;
*nitems = sizeof prstatus_items / sizeof prstatus_items[0];
*items = prstatus_items;
return 1;
case NT_PRPSINFO:
if (nhdr->n_descsz != sizeof (struct EBLHOOK(prpsinfo)))
return 0;
*regs_offset = 0;
*nregloc = 0;
*reglocs = NULL;
*nitems = sizeof prpsinfo_items / sizeof prpsinfo_items[0];
*items = prpsinfo_items;
return 1;
#define EXTRA_REGSET(type, size, table) \
case type: \
if (nhdr->n_descsz != size) \
return 0; \
*regs_offset = 0; \
*nregloc = sizeof table / sizeof table[0]; \
*reglocs = table; \
*nitems = 0; \
*items = NULL; \
return 1;
#define EXTRA_REGSET_ITEMS(type, size, table, extra_items) \
case type: \
if (nhdr->n_descsz != size) \
return 0; \
*regs_offset = 0; \
*nregloc = sizeof table / sizeof table[0]; \
*reglocs = table; \
*nitems = sizeof extra_items / sizeof extra_items[0]; \
*items = extra_items; \
return 1;
#define EXTRA_ITEMS(type, size, extra_items) \
case type: \
if (nhdr->n_descsz != size) \
return 0; \
*regs_offset = 0; \
*nregloc = 0; \
*reglocs = NULL; \
*nitems = sizeof extra_items / sizeof extra_items[0]; \
*items = extra_items; \
return 1;
#ifdef FPREGSET_SIZE
EXTRA_REGSET (NT_FPREGSET, FPREGSET_SIZE, fpregset_regs)
#endif
#ifdef EXTRA_NOTES
EXTRA_NOTES
#endif
}
return 0;
}
|
