int kernfunc_init(void) { int ret; ret = find_symbol_address(&sym_module_alloc, "module_alloc"); if (IN_ERR(ret)) return ret; ret = find_symbol_address(&sym_module_free, "module_free"); if (IN_ERR(ret)) return ret; ret = find_symbol_address(&sym_insn_init, "insn_init"); if (IN_ERR(ret)) return ret; ret = find_symbol_address(&sym_insn_get_length, "insn_get_length"); if (IN_ERR(ret)) return ret; ret = find_symbol_address(&sym_insn_rip_relative, "insn_rip_relative"); if (IN_ERR(ret)) return ret; return 0; }
void CRunDlg::OnOK() { char * eptr = NULL; mem_addr addr = 0; // Make sure they've specified a valid address. UpdateData(); if (!m_strAddress.IsEmpty()) { if (isdigit(m_strAddress[0])) addr = (mem_addr)strtoul(m_strAddress, &eptr, 0); else { char *szAddress = m_strAddress.GetBuffer(0); addr = find_symbol_address(szAddress); m_strAddress.ReleaseBuffer(); } if (addr == 0) { CString strMsg; strMsg.Format("Please enter an address or symbol at which to begin execution.\n" "Or, leave blank to begin at the default address of 0x%08x", starting_address()); MessageBox(strMsg); return; } char *undefSyms; if (m_checkUndefinedSymbols && (undefSyms = undefined_symbol_string ()) != NULL) { CString strMsg; strMsg.Format("The following symbols are undefined:\n%s\n", undefSyms); int outcome = MessageBox(strMsg, NULL, MB_OKCANCEL); if (outcome == 2) // "Cancel" { OnCancel(); return; } } } CDialog::OnOK(); }
static void add_breakpoint_action (Widget w, XtPointer client_data, XtPointer call_data) { Widget dialog = (Widget) client_data; String value = XawDialogGetValueString (dialog); mem_addr addr; free (breakpoint_addr); breakpoint_addr = str_copy (value); while (*breakpoint_addr == ' ') breakpoint_addr++; if (isdigit (*breakpoint_addr)) addr = strtoul (value, NULL, 0); else addr = find_symbol_address (breakpoint_addr); add_breakpoint (addr); destroy_popup_prompt (NULL, (XtPointer) dialog, (XtPointer) NULL); }
int symbol_hijack(struct kernsym *sym, const char *symbol_name, unsigned long *code) { int ret; unsigned long orig_addr; unsigned long dest_addr; unsigned long end_addr; u32 *poffset; struct insn insn; bool pte_ro; ret = find_symbol_address(sym, symbol_name); if (IN_ERR(ret)) return ret; if (*(u8 *)sym->addr == OP_JMP_REL32) { printk(PKPRE "error: %s already appears to be hijacked\n", symbol_name); return -EFAULT; } sym->new_addr = malloc(sym->size); if (sym->new_addr == NULL) { printk(PKPRE "Failed to allocate buffer of size %lu for %s\n", sym->size, sym->name); return -ENOMEM; } memset(sym->new_addr, 0, (size_t)sym->size); if (sym->size < OP_JMP_SIZE) { ret = -EFAULT; goto out_error; } orig_addr = (unsigned long)sym->addr; dest_addr = (unsigned long)sym->new_addr; end_addr = orig_addr + sym->size; while (end_addr > orig_addr && *(u8 *)(end_addr - 1) == '\0') --end_addr; if (orig_addr == end_addr) { printk(PKPRE "A spurious symbol \"%s\" (address: %p) seems to contain only zeros\n", sym->name, sym->addr); ret = -EILSEQ; goto out_error; } while (orig_addr < end_addr) { tpe_insn_init(&insn, (void *)orig_addr); tpe_insn_get_length(&insn); if (insn.length == 0) { printk(PKPRE "Failed to decode instruction at %p (%s+0x%lx)\n", (const void *)orig_addr, sym->name, orig_addr - (unsigned long)sym->addr); ret = -EILSEQ; goto out_error; } copy_and_fixup_insn(&insn, (void *)dest_addr, sym); orig_addr += insn.length; dest_addr += insn.length; } sym->new_size = dest_addr - (unsigned long)sym->new_addr; sym->run = sym->new_addr; set_addr_rw((unsigned long) sym->addr, &pte_ro); memcpy(&sym->orig_start_bytes[0], sym->addr, OP_JMP_SIZE); *(u8 *)sym->addr = OP_JMP_REL32; poffset = (u32 *)((unsigned long)sym->addr + 1); *poffset = CODE_OFFSET_FROM_ADDR((unsigned long)sym->addr, OP_JMP_SIZE, (unsigned long)code); set_addr_ro((unsigned long) sym->addr, pte_ro); sym->hijacked = true; return 0; out_error: malloc_free(sym->new_addr); return ret; }