int initialize_network(void) { #if WITH_TUNTAP const char *str; network = calloc(sizeof(*network), 1); // install the network register handlers install_mem_handler(NET_REGS_BASE, NET_REGS_SIZE, &network_regs_get_put, NULL); // try to intialize the tun/tap interface str = get_config_key_string("network", "device", NULL); if (!str) { SYS_TRACE(0, "sys: no network device node specified in config file, aborting.\n"); exit(1); } // try to open the device network->fd = open_tun(str); if (network->fd < 0) { SYS_TRACE(0, "sys: failed to open tun/tap interface at '%s'\n", str); exit(1); } // start a network reader/writer thread SDL_CreateThread(&network_thread, NULL); #endif return 0; }
static void fix_libpthread(uint32_t * sym_stack_used, uint32_t * sym_stack_user) { int err; struct proc_entry pe; memset(&pe, 0, sizeof(pe)); strncpy(pe.fn, opts->pthread_so_fn, 256); pe.bits = PE_FILE; err = proc_fill_entry(&pe, child_pid); /* if err != 0, then there is no libpthread. */ if (err != 0) { SYS_TRACE("no %s found, needn't fix libpthread\n", opts->pthread_so_fn); return; } SYS_TRACE("find %s mapped ", opts->pthread_so_fn); /* find symbol __stack_user and stack_used */ void * img = load_file(pe.fn); struct elf_handler * lp_so = elf_init(img, pe.start); *sym_stack_user = elf_get_symbol_address(lp_so, "__stack_user"); *sym_stack_used = elf_get_symbol_address(lp_so, "stack_used"); elf_cleanup(lp_so); free(img); }
static word network_regs_get_put(armaddr_t address, word data, int size, int put) { word val; uint offset; SYS_TRACE(5, "sys: network_regs_get_put at 0x%08x, data 0x%08x, size %d, put %d\n", address, data, size, put); switch (address) { case NET_HEAD: /* head is read/only */ val = network->head; break; case NET_TAIL: if (put) { network->tail = data % PACKET_QUEUE_LEN; if (network->head == network->tail) { pic_deassert_level(INT_NET); } } val = network->tail; break; case NET_SEND: if (put) { write(network->fd, network->out_packet, network->out_packet_len); } val = 0; break; case NET_SEND_LEN: if (put) { network->out_packet_len = data % PACKET_LEN; } val = network->out_packet_len; break; case NET_IN_BUF_LEN: /* read/only */ val = network->in_packet_len[network->tail]; break; case NET_OUT_BUF...(NET_OUT_BUF + NET_BUF_LEN - 1): offset = address - NET_OUT_BUF; if (put) { val = buffer_write(network->out_packet, offset, data, size); } else { val = buffer_read(network->out_packet, offset, size); } break; case NET_IN_BUF...(NET_IN_BUF + NET_BUF_LEN - 1): offset = address - NET_IN_BUF; /* in buffers are read/only */ val = buffer_read(network->in_packet[network->tail], offset, size); break; default: SYS_TRACE(0, "sys: unhandled network address 0x%08x\n", address); return 0; } return val; }
static void wrapper_main(int argc, char * argv[]) { pid_t pid; /* first, trace target */ pid = ptrace_execve("./target", argv); /* dump stack, find sysinfo */ struct user_regs_struct regs; regs = ptrace_peekuser(); SYS_TRACE("stack top=0x%x\n", regs.esp); struct proc_entry stack_entry; stack_entry.addr = regs.esp; stack_entry.bits = PE_ADDR; proc_fill_entry(&stack_entry, pid); SYS_TRACE("stack range: 0x%x-0x%x\n", stack_entry.start, stack_entry.end); /* dump the stack and find SYSINFO */ uint32_t stack_size = stack_entry.end - regs.esp; void * stack_image = malloc(stack_size); void * elf_table; assert(stack_image != 0); ptrace_dupmem(stack_image, regs.esp, stack_size); elf_table = get_elf_table(stack_image); assert(elf_table != NULL); SYS_TRACE("elf_table start at %p\n", elf_table); /* iterator elf table */ uint32_t * auxv_entry = elf_table; uint32_t * pvdso_ehdr = NULL, * pvdso_entrance = NULL; while (*auxv_entry != 0) { if (auxv_entry[0] == AT_SYSINFO) pvdso_entrance = &auxv_entry[1]; if (auxv_entry[0] == AT_SYSINFO_EHDR) pvdso_ehdr = &auxv_entry[1]; auxv_entry += 2; } assert_throw(pvdso_ehdr != NULL, "cannot find vdso ehdr"); assert_throw(pvdso_entrance != NULL, "cannot find vdso entrance"); SYS_FORCE("vdso mapped at 0x%x, entry=0x%x\n", *pvdso_ehdr, *pvdso_entrance); /* begin to map wrapper so */ map_wrap_so("./syscall_wrapper_entrance.so", 0x3000, pvdso_entrance, pvdso_ehdr); /* reset the stack */ ptrace_updmem(stack_image, regs.esp, stack_size); free(stack_image); ptrace_detach(TRUE); }
void SysApi_GetSimLockStatus(ClientInfo_t *inClientInfoPtr, SYS_SIMLOCK_STATE_t *simlock_state, SYS_SIMLOCK_SIM_DATA_t *sim_data, Boolean is_testsim) { #if 1 Result_t res = RESULT_TIMER_EXPIRED; UInt32 tid; MsgType_t msgType; RPC_ACK_Result_t ackResult; tid = RPC_SyncCreateTID((SYS_SIMLOCK_STATE_t *)simlock_state, sizeof(SYS_SIMLOCK_STATE_t)); inClientInfoPtr->reserved = tid; SYS_SimLockApi_GetStatus(tid, SYS_GetClientId(), inClientInfoPtr->simId, (SYS_SIMLOCK_SIM_DATA_t *)sim_data, is_testsim); res = RPC_SyncWaitForResponseTimer(tid, inClientInfoPtr->clientId, &ackResult, &msgType, NULL, (TICKS_ONE_SECOND * 5)); #endif if (res == RESULT_TIMER_EXPIRED) { SYS_TRACE ("SysApi_GetSimLockStatus WARNING!!! (Timeout) Check if AP is handling this message\n"); simlock_state->network_lock_enabled = FALSE; simlock_state->network_subset_lock_enabled = FALSE; simlock_state->service_provider_lock_enabled = FALSE; simlock_state->corporate_lock_enabled = FALSE; simlock_state->phone_lock_enabled = FALSE; simlock_state->network_lock = SYS_SIM_SECURITY_OPEN; simlock_state->network_subset_lock = SYS_SIM_SECURITY_OPEN; simlock_state->service_provider_lock = SYS_SIM_SECURITY_OPEN; simlock_state->corporate_lock = SYS_SIM_SECURITY_OPEN; simlock_state->phone_lock = SYS_SIM_SECURITY_OPEN; } SYS_TRACE("SysApi_GetSimLockStatus enabled: %d, %d, %d, %d, %d\r\n", simlock_state->network_lock_enabled, simlock_state->network_subset_lock_enabled, simlock_state->service_provider_lock_enabled, simlock_state->corporate_lock_enabled, simlock_state->phone_lock_enabled); SYS_TRACE("SysApi_GetSimLockStatus status: %d, %d, %d, %d, %d\r\n", simlock_state->network_lock, simlock_state->network_subset_lock, simlock_state->service_provider_lock, simlock_state->corporate_lock, simlock_state->phone_lock); }
/*******************************For Test*********************************************/ int eep_write(struct cmd_tbl_s *cmdtp, int argc, char * const argv[]) { int retval; retval = eeprom_write(atoi(argv[1]), (uint8 *)argv[2], strlen(argv[2])); if(retval < 0){ SYS_TRACE("eeprom write fail\r\n"); }else{ SYS_TRACE("eeprom write %d bytes success\r\n", retval); } return 0; }
int eep_read(struct cmd_tbl_s *cmdtp, int argc, char * const argv[]) { int retval; uint8 buf[64] = {0}; retval = eeprom_read(atoi(argv[1]), buf, atoi(argv[2])); if(retval < 0){ SYS_TRACE("eeprom read fail\r\n"); }else{ SYS_TRACE("eeprom read=[%s]\r\n", buf); } return 0; }
static void HandleSysReqMsg(RPC_Msg_t* pMsg, ResultDataBufHandle_t dataBufHandle, UInt32 userContextData) { Boolean ret; SYS_ReqRep_t* req = (SYS_ReqRep_t*)pMsg->dataBuf; RPC_SendAckForRequest(dataBufHandle, 0); #ifndef UNDER_LINUX ret = SYS_IsRegisteredClientID(pMsg->clientID); SYS_TRACE( "HandleSysReqMsg msg=0x%x clientID=%d ret=%d\n", pMsg->msgId, pMsg->clientID, ret); if(pMsg->clientID > 0 && !ret && pMsg->msgId != MSG_SYS_SYNC_REG_EVENT_REQ) { SYS_RegisterForPredefinedClient(SYS_DefaultRemoteHandler, pMsg->clientID, 0xFFFFFFFF); } #endif if(pMsg->msgId == MSG_AT_COMMAND_REQ) { } else { SYS_GenCommsMsgHnd(pMsg,req); } RPC_SYSFreeResultDataBuffer(dataBufHandle); }
static word mainmem_get_put(armaddr_t address, word data, int size, int put) { void *ptr; ptr = mainmem.mem + (address - mainmem.base); switch(size) { case 4: if(put) WRITE_MEM_WORD(ptr, data); else data = READ_MEM_WORD(ptr); break; case 2: if(put) WRITE_MEM_HALFWORD(ptr, data); else data = READ_MEM_HALFWORD(ptr); break; case 1: if(put) WRITE_MEM_BYTE(ptr, data); else data = READ_MEM_BYTE(ptr); break; } SYS_TRACE(5, "sys: mainmem_get_put at 0x%08x, data 0x%08x, size %d, put %d\n", address, data, size, put); return data; }
void SYS_InitRpc(void) { static int first_time = 1; //UInt8 ret = 0; if(first_time) { RPC_InitParams_t params={0}; RPC_SyncInitParams_t syncParams; params.iType = INTERFACE_RPC_DEFAULT; params.respCb = HandleSysEventRspCb; params.reqCb = HandleSysReqMsg; params.mainProc = xdr_SYS_ReqRep_t; sysGetXdrStruct(&(params.xdrtbl), &(params.table_size)); params.maxDataBufSize = sizeof(SYS_ReqRep_t); syncParams.copyCb = SysCopyPayload; RPC_SyncRegisterClient(¶ms,&syncParams); first_time = 0; SYS_SyncTaskMsg(); #if defined(ENABLE_USB_MEGASIM) sys_usb_init(); #endif #ifndef UNDER_LINUX SYS_TRACE( "SYS_InitRpc \n"); #endif } }
static void mdc_volume_event_handler(sys_state_t *sys) { mdc_t *p; uint8 j; if(sys->status == STATUS_STANDBY) return; p = (mdc_t *)sys->mdc; for(j = 0; j < SLOT_NUM; j++){ if(p->slot[j].type != MDC_CARD_NUM){ SYS_TRACE("mdc_volume_event_handler:%d-%d-%d\r\n", p->slot_src_idx[j], sys->src, (p->slot_src_idx[j] + p->slot[j].max_input)); if(sys->src >= p->slot_src_idx[j] && sys->src < (p->slot_src_idx[j] + p->slot[j].max_input)){ switch(p->slot[j].type){ case MDC_HDMI_v2: do_mdc_volume_report(sys, (mdc_slot_t)j); break; default: break; } } } } }
static Boolean IsApInDeepSleep() { UInt32 value = 0; RPC_GetProperty(RPC_PROP_AP_IN_DEEPSLEEP, &value); _DBG_(SYS_TRACE("IsApInDeepSleep result=%d \r\n",value)); return (value == 0)?FALSE:TRUE; }
static void do_mdc_volume_report(sys_state_t *sys, mdc_slot_t slot) { uint8 vol; vol = ((int)sys->master_vol - MASTER_VOL_INDEX_MIN_INT) * 100 / MASTER_VOL_WIDTH_INT; SYS_TRACE("do_mdc_volume_report:vol=%d\r\n", vol); hdmi_v2_send_msg(slot, HDMI2_CMD_VOLUME, &vol, 1); }
void sys_usb_init(void) { SYS_TRACE("AP sys_usb_init"); SysUsbRpc_InstallHandler(SysUsbAp_MsgHandler); #if defined(ENABLE_USB_MEGASIM) EEM_Init(); #endif }
void Send_MdcTask_Msg(Mdc_event_t event, uint8 value) { uint8 result = 0; gMdcMsg_t = (Mdc_Task_Msg_t *)osal_msg_allocate(sizeof(Mdc_Task_Msg_t)); if(NULL == gMdcMsg_t) { SYS_TRACE("no memory for mdc msg\r\n"); return; } gMdcMsg_t->hdr.event = (uint8)event; gMdcMsg_t->value = value; result = osal_msg_send(gMdcTaskID,(uint8 *)gMdcMsg_t); if(result != SUCCESS) { SYS_TRACE("send mdc msg fail\r\n"); } }
void Send_DisplayTask_Msg(dis_event_t event, uint8 value) { uint8 result = 0; gDisplay = (Dis_Msg_t *)osal_msg_allocate(sizeof(Dis_Msg_t)); if(NULL == gDisplay) { SYS_TRACE("no memory for dispaly msg\r\n"); return; } gDisplay->hdr.event = (uint8)event; gDisplay->value = value; result = osal_msg_send(gDisTaskID,(uint8 *)gDisplay); if(result != SUCCESS) { SYS_TRACE("send display msg fail\r\n"); } }
static void HandleSysEventRspCb(RPC_Msg_t* pMsg, ResultDataBufHandle_t dataBufHandle, UInt32 userContextData) { //SYS_ReqRep_t* rsp; #ifndef UNDER_LINUX SYS_TRACE( "HandleSysEventRspCb msg=0x%x clientID=%d \n", pMsg->msgId, 0); #endif RPC_SYSFreeResultDataBuffer(dataBufHandle); }
void console_task(void *parameter) { SYS_TRACE("console task running\r\n"); ring_buffer_init(); // Enable UART0 interupt IntEnable(INT_UART0); while(1){ serial_poll_handler(); vTaskDelay(50/portTICK_RATE_MS); } }
static void printer_main(void) { finished = 0; while (!finished) { int16_t nr = 0; volatile struct exception exp; TRY_CATCH(exp, MASK_RESOURCE_LOST) { read_logger(&nr, sizeof(nr)); SYS_TRACE("syscall nr %u\n", nr); if ((nr > NR_SYSCALLS) || (nr < 0)) { if (-nr - 1 > 64) THROW(EXCEPTION_FATAL, "no handler for syscall %u", nr); else { printf("raise signal %d\n", -nr - 1); skip_signal(); continue; } } if (syscall_table[nr].output_handler == NULL) THROW(EXCEPTION_FATAL, "no handler for syscall %u", nr); if (nr == __NR_exit_group) { syscall_table[nr].output_handler(nr); continue; } int16_t sigflag; read_logger(&sigflag, sizeof(sigflag)); if (sigflag != -1) { printf("syscall %d distrubed by signal %d\n", nr, -sigflag-1); skip_signal(); } else { syscall_table[nr].output_handler(nr); } } CATCH (exp) { case EXCEPTION_NO_ERROR: break; case EXCEPTION_RESOURCE_LOST: SYS_VERBOSE("log file over\n"); finished = 1; break; default: RETHROW(exp); } }
static int network_thread(void *args) { for (;;) { ssize_t ret; ret = read(network->fd, network->in_packet[network->head], PACKET_LEN); if (ret > 0) { SYS_TRACE(2, "sys: got network data, size %d, head %d, tail %d\n", ret, network->head, network->tail); network->in_packet_len[network->head] = ret; network->head = (network->head + 1) % PACKET_QUEUE_LEN; pic_assert_level(INT_NET); } } return 0; }
static void mdc_prepare_test_environment(sys_state_t *sys, uint8 slot) { mdc_test_t *p = NULL; /*only do this once*/ if(sys->mdc_test == NULL){ p = (mdc_test_t *)MALLOC(sizeof(mdc_test_t)); OSAL_ASSERT(p != NULL); memset(p, 0, sizeof(mdc_test_t)); p->start_index = slot; p->cur_index = slot; p->item = TEST_ITEM_I2C; sys->mdc_test = (void *)p; // AC_STANDBY(1); // DC5V_EN(1); // DC3V_EN(1); mdc_power_set((mdc_slot_t)slot, ON); SYS_TRACE("mdc test environment prepared.\r\n"); } p->bitmap_insert |= (1 << slot); p->num++; }
static void map_wrap_so(const char * so_file, uintptr_t load_bias, uint32_t * pvdso_entrance, uint32_t * pvdso_ehdr) { uint32_t name_pos; int fd, err; struct stat s; err = stat(so_file, &s); assert_errno_throw("stat file %s failed", so_file); assert_throw(S_ISREG(s.st_mode), "file %s not a regular file", so_file); /* don't use off_t, it may not be a 32 bit word! */ int32_t fsize = s.st_size; SYS_TRACE("desired so file length is %d\n", fsize); /* elf operations */ void * so_image = load_file(so_file); struct elf_handler * h = elf_init(so_image, load_bias); /* load program headers */ int nr_phdr = 0; struct elf32_phdr * phdr = elf_get_phdr_table(h, &nr_phdr); assert_throw(((phdr != NULL) && (nr_phdr != 0)), "load phdr of file %s failed\n", so_file); /* find the entry symbol */ uintptr_t entry_addr = elf_get_symbol_address(h, "syscall_wrapper_entrace"); SYS_TRACE("wrapper func address will be 0x%x\n", entry_addr); name_pos = ptrace_push(so_file, strlen(so_file), TRUE); fd = ptrace_syscall(open, 3, name_pos, O_RDONLY, 0); assert_throw(fd >= 0, "open sofile for child failed, return %d", fd); SYS_TRACE("open so file for child, fd=%d\n", fd); /* for each program header */ for (int i = 0; i < nr_phdr; i++, phdr ++) { SYS_FORCE("phdr %d, type=0x%x, flag=0x%x\n", i, phdr->p_type, phdr->p_flags); if (phdr->p_type != PT_LOAD) continue; int elf_prot = 0, elf_flags = 0; if (phdr->p_flags & PF_R) elf_prot |= PROT_READ; if (phdr->p_flags & PF_W) elf_prot |= PROT_WRITE; if (phdr->p_flags & PF_X) elf_prot |= PROT_EXEC; elf_flags = MAP_PRIVATE | MAP_EXECUTABLE; unsigned long size = phdr->p_filesz + ELF_PAGEOFFSET(phdr->p_vaddr); unsigned long off = phdr->p_offset - ELF_PAGEOFFSET(phdr->p_vaddr); int32_t map_addr = load_bias + phdr->p_vaddr - ELF_PAGEOFFSET(phdr->p_vaddr); map_addr = ptrace_syscall(mmap2, 6, map_addr, size, elf_prot, elf_flags | MAP_FIXED, fd, off); assert_throw(map_addr != 0xffffffff, "map wrap so failed, return 0x%x", map_addr); } elf_cleanup(h); free(so_image); if (pvdso_ehdr) *pvdso_ehdr = load_bias; if (pvdso_entrance) *pvdso_entrance = entry_addr; }
void ir_in_recive_handler(void) { uint32 status; uint32 time_cnt; uint32 time_cur; status = GPIOIntStatus(IR_IN_PORT, 1); GPIOIntClear(IR_IN_PORT, status); if(GPIO_ReadSinglePin(IR_IN_PORT, IR_IN_PIN)){ SET_IR_OUT(1); }else{ SET_IR_OUT(0); return; } time_cur = bsp_timer0_get_time(); time_cnt = time_cur - ir_jack.last_time; ir_jack.last_time = time_cur; gIr_timeout = 0; switch(ir_jack.state){ case NEC_IDLE: ir_jack.state = NEC_LEADER; break; case NEC_LEADER: if(time_cnt < LEADER_TIME_MAX && time_cnt > LEADER_TIME_MIN){ ir_jack.code.val = 0; ir_jack.bitcnt = 0; ir_jack.state = NEC_CODE; }else{ ir_jack.state = NEC_IDLE; } break; case NEC_CODE: if(time_cnt < ONE_TIME_MAX && time_cnt > ZERO_TIME_MIN){ ir_jack.bitcnt++; ir_jack.code.val >>= 1; if(time_cnt >= MEDIAN_BIT_TIME){ ir_jack.code.val |= 0x80000000; } } if(ir_jack.bitcnt == 32){ SYS_TRACE("jack ir code =[%x],LB=%2x, HB=%2x, UB=%2x, MB=%2x \r\n", ir_jack.code.val, ir_jack.code.byte.LB, ir_jack.code.byte.HB, ir_jack.code.byte.UB, ir_jack.code.byte.MB); if((ir_jack.code.byte.LB == CUSTMER_CODE_LB) && (ir_jack.code.byte.HB == CUSTMET_CODE_HB)){ if((ir_jack.code.byte.MB & ir_jack.code.byte.UB) == 0){ ring_buffer_write(IR_BACK_IN, ir_jack.code.byte.UB); ir_jack.bitcnt = 0; ir_jack.state = NEC_REPEATE1; if((ir_commond[IR_VOL_UP] == ir_jack.code.byte.UB) || (ir_commond[IR_LFET] == ir_jack.code.byte.UB) || (ir_commond[IR_RIGHT]== ir_jack.code.byte.UB) || (ir_commond[IR_VOL_DOWN] == ir_jack.code.byte.UB)){ repeat_thres = 5; repeat_commond = ir_jack.code.byte.UB; }else{ repeat_thres = 0; repeat_commond = 0; } ir_jack.code.val = 0; }else{ ir_jack.state = NEC_IDLE; } }else{ ir_jack.state = NEC_IDLE; } } break; case NEC_REPEATE1: ir_jack.state = NEC_REPEATE2; break; case NEC_REPEATE2: if(time_cnt <= REPEAT_TIME_MAX && time_cnt >= REPEAT_TIME_MIN){ if(repeat_commond){ ir_jack.state = NEC_REPEATE1; if(repeat_thres){ repeat_thres--; }else{ ring_buffer_write(IR_BACK_IN, repeat_commond); } }else{ ir_jack.state = NEC_IDLE; } } break; default: break; }
Boolean SysUsbAp_MsgHandler(InterTaskMsg_t *msg) { Boolean result = 0; Boolean rsp = TRUE; SYS_TRACE("AP SysUsbAp_MsgHandler msg:%p", msg); Log_EnableLogging(LOGID_USB,TRUE); if(!msg) { Log_DebugPrintf(LOGID_USB, "%s SysUsbAp_MsgHandler: NULL msg!!\n", PROC_TYPE); return FALSE; } switch(msg->msgType) { case USB_IPC_MSC_INIT: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_INIT call ipcMsc_Init", PROC_TYPE); break; case USB_IPC_MSC_UNINIT: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_UNINIT Nothing to do", PROC_TYPE); break; case USB_IPC_MSC_MEDIA_INSERT: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_MEDIA_INSERT ", PROC_TYPE); sysMscRpc_Insert(msg); break; case USB_IPC_MSC_MEDIA_MOUNT: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_MEDIA_MOUNT ", PROC_TYPE); sysMscRpc_Mount(msg); rsp = FALSE; break; case USB_IPC_MSC_MEDIA_REMOVE: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_MEDIA_REMOVE ", PROC_TYPE); sysMscRpc_Remove(msg); break; case USB_IPC_MSC_DEVICE_ATTACH: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_DEVICE_ATTACH Nothing to do", PROC_TYPE); break; case USB_IPC_MSC_DEVICE_DETACH: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_DEVICE_DETACH Nothing to do", PROC_TYPE); break; case USB_IPC_MSC_READ: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_READ Nothing to do", PROC_TYPE); break; case USB_IPC_MSC_WRITE: Log_DebugPrintf(LOGID_USB, "%s USB_IPC_MSC_WRITE Nothing to do", PROC_TYPE); break; #if defined (ENABLE_USB_MEGASIM) case USB_IPC_EEM_CTRL: { usbEemCtrl_t *ctrl = (usbEemCtrl_t *)msg->dataBuf; Log_DebugPrintf(LOGID_SYSEEMRPC, "EEM_Task MSG USB_IPC_EEM_CTRL Recvd EEM Msg:%d Value:%d", ctrl->msg, ctrl->value); result = JusbAdapter_SendMsg(0, (USB_MSG_TYPES)ctrl->msg, &ctrl->value, sizeof(ctrl->value)); FreeInterTaskMsg(msg); rsp = FALSE; break; } case USB_IPC_NOTIFY: Log_DebugPrintf(LOGID_USB, "%s usb cb USB_IPC_NOTIFY val:%d ", PROC_TYPE, *(UInt32 *)msg->dataBuf); if(sysUsbRpcNotifyCb) { sysUsbRpcNotifyCb(*(UInt32 *)msg->dataBuf); } break; #endif default: Log_DebugPrintf(LOGID_USB, "%s USB msg Default Type:%d len:%d buf:%p", PROC_TYPE, msg->msgType, msg->dataLength, msg->dataBuf); } if(!result) { Log_DebugPrintf(LOGID_USB, "%s USB JusbAdapter_SendMsg failed type:%d", PROC_TYPE, msg->msgType); } return rsp; }
static void gdbloader_main(const char * target_fn) { /* check: target_fn should be same as argv[0] */ if (strcmp(target_fn, cf->cmdline[0]) != 0) { SYS_FATAL("target should be %s, not %s\n", cf->cmdline[0], target_fn); THROW(EXCEPTION_FATAL, "cmdline error"); } /* execve child */ child_pid = ptrace_execve(target_fn, cf->cmdline, cf->environ); /* inject memory */ /* before we inject memory, we need to restore heap */ uint32_t heap_end; heap_end = ptrace_syscall(brk, 1, cf->state->brk); CTHROW(heap_end == cf->state->brk, "restore heap failed: %d", heap_end); SYS_TRACE("restore heap to 0x%x\n", heap_end); inject_memory(); /* then, we retrive the inject so file, enter from * __debug_entry. we need to push: * nothing. * process can retrive all from state vector. * and we cannot use stack now * */ /* NOTICE: the state_vector should be saved in the ckpt memory, * we needn't restore them in ptrace process. let the inject so * to do it. */ /* from the opts get the so-file bias */ uint32_t inj_bias = opts->inj_bias; /* use procutils to get the file */ struct proc_entry e; e.start = inj_bias; e.bits = PE_START; proc_fill_entry(&e, child_pid); SYS_TRACE("inject so is %s\n", e.fn); /* use elfutils to retrive the symbol */ void * img = load_file(e.fn); struct elf_handler * inj_so = elf_init(img, inj_bias); uintptr_t debug_entry = elf_get_symbol_address(inj_so, opts->entry); SYS_TRACE("symbol %s at 0x%x\n", opts->entry, debug_entry); /* inject the injector opts */ inject_injopts(inj_so); elf_cleanup(inj_so); free(img); /* we have to restore register here... */ SYS_FORCE("pid=%d\n", child_pid); SYS_FORCE("eip=0x%x\n", cf->state->regs.eip); ptrace_pokeuser(cf->state->regs); SYS_TRACE("eax=0x%x\n", cf->state->regs.eax); SYS_TRACE("ebx=0x%x\n", cf->state->regs.ebx); SYS_TRACE("ecx=0x%x\n", cf->state->regs.ecx); SYS_TRACE("edx=0x%x\n", cf->state->regs.edx); SYS_TRACE("esi=0x%x\n", cf->state->regs.esi); SYS_TRACE("edi=0x%x\n", cf->state->regs.edi); SYS_TRACE("ebp=0x%x\n", cf->state->regs.ebp); SYS_TRACE("esp=0x%x\n", cf->state->regs.esp); // SYS_TRACE("gs=0x%x\n", cf->state->regs.gs); // SYS_TRACE("es=0x%x\n", cf->state->regs.es); /* we push eip at the top of the new stack */ ptrace_push(&cf->state->regs.eip, sizeof(uint32_t), FALSE); /* fix libpthread problem: * * when gdb attaches to target, if it find libpthread, gdb * will try to use libthread_db to retrive thread-local info. * some data, like `errno', is TLS and need those info. * * When gdb does the work, it use ptrace to peek memory from target image. * so gdb will see the original thread info, the tid is different from * current pid, therefore gdb will think there are at least 2 threads and * then it will try to attach to the 'old' one and definitely fail. When this * failure occures, gdb print a warning message. * * We have 2 ways to solve this problem: * * 1. add a syscall into kernel's code, change its pid. it is simple. * 2. change the image when gdb attach. * * We choose the 2nd one because we prefer user space solution. * * */ uint32_t sym_stack_used = 0, sym_stack_user = 0; if (opts->fix_pthread_tid) { fix_libpthread(&sym_stack_used, &sym_stack_user); SYS_WARNING("sym_stack_used=0x%x, sym_stack_user=0x%x\n", sym_stack_used, sym_stack_user); } /* we push those 2 addresses onto the stack */ ptrace_push(&sym_stack_used, sizeof(uint32_t), FALSE); ptrace_push(&sym_stack_user, sizeof(uint32_t), FALSE); /* move eip and detach, let the target process to run */ ptrace_goto(debug_entry); /* detach in main */ return; }
static void inject_memory(void) { struct mem_region * stack_r = NULL; SYS_TRACE("nr_regions=%d\n", cf->nr_regions); /* for each mem region in ckpt file */ for (int i = 0; i < cf->nr_regions; i++) { struct mem_region * r = cf->regions[i]; SYS_TRACE("range %d: 0x%x--0x%x (0x%x:0x%x): %s\n", i, r->start, r->end, r->prot, r->offset, r->fn); /* find the region already mapped */ struct proc_entry e; bool_t res; uint32_t start, end; start = r->start; end = r->end; do { res = proc_find_in_range(&e, child_pid, start, end); if (res) { start = e.end; SYS_TRACE("\talready mapped in target: 0x%x--0x%x (0x%x:0x%x): %s\n", e.start, e.end, e.prot, e.offset, e.fn); /* check if 2 maps are same */ if ((e.start != r->start) || (e.end != r->end) || (e.prot != r->prot) || (strcmp(e.fn, r->fn) != 0)) { /* different */ /* special treat [heap] and [stack] */ if (strcmp(e.fn, "[heap]") == 0) { /* heap size is different */ /* that shouldn't happen, we restore heap address before * calling this function*/ THROW(EXCEPTION_FATAL, "heap address inconsistent"); } else if (strcmp(e.fn, "[stack]") == 0) { if (strcmp(r->fn, "[stack]") != 0) { /* that shouldn't happen... */ THROW(EXCEPTION_FATAL, "stack inconsistent"); } /* stack can auto expand */ } else if (strcmp(e.fn, "[vdso]") == 0) { THROW(EXCEPTION_FATAL, "vdso inconsistent"); } else { /* unmap the already mapped file */ /* first, check eip */ struct user_regs_struct regs = ptrace_peekuser(); if ((regs.eip >= e.start) && (regs.eip < e.end)) { /* target ckpt is special: it unmap itself... */ /* currently we don't support it */ THROW(EXCEPTION_FATAL, "eip (0x%x) inconsistent", (uint32_t)regs.eip); } /* now we can safely unmap that file or memregion */ int err; SYS_TRACE("\tunmap 0x%x--0x%x\n", e.start, e.end); err = ptrace_syscall(munmap, 2, e.start, e.end - e.start); if (err < 0) THROW(EXCEPTION_FATAL, "unmap memrigon 0x%x--0x%x failed: %d", e.start, e.end, err); } } } else { start = r->end; } } while (start < end); /* now the region has been cleaned up, there may be 2 situations: * 1. the desired region is empty; * 2. the desired region is mapped, but the same as ckpt. * here we use procutils to check it again. */ res = proc_find_in_range(&e, child_pid, r->start, r->end); if (res) { SYS_TRACE("\tdesired region is mapped\n"); if ((e.start != r->start) || (e.end != r->end) || (e.prot != r->prot) || (strcmp(e.fn, r->fn) != 0)) { /* if the lower end of stack inconsistent, don't care. * stack is auto expandable. */ /* NOT(e.fn same as r->fn and e.fn is "[stack]") */ if (!(!strcmp(e.fn, r->fn) && !strncmp(e.fn, "[stack]", 7))) { INJ_FATAL("this region is not cleaned up:\n"); INJ_FATAL("\tstart : 0x%x 0x%x\n", e.start, r->start); INJ_FATAL("\tend : 0x%x 0x%x\n", e.end, r->end); INJ_FATAL("\tprot : 0x%x 0x%x\n", e.prot, r->prot); INJ_FATAL("\tfn: : \"%s\" \"%s\"\n", e.fn, r->fn); THROW(EXCEPTION_FATAL, "Shouldn't happed...\n"); } } } else { SYS_TRACE("\tdesired region is unmapped\n"); /* from the ckpt, find the file and do the map */ uint32_t map_addr = r->start; uint32_t size = r->end - r->start; uint32_t prot = r->prot; uint32_t flags = MAP_FIXED | MAP_EXECUTABLE | MAP_PRIVATE; if ((r->fn_len <= 1) || (r->fn[0] == '\0')) { /* this is not a file map */ uint32_t ret_addr; flags |= MAP_ANONYMOUS; SYS_TRACE("\tdo the anonymouse map\n"); ret_addr = ptrace_syscall(mmap2, 6, map_addr, size, prot, flags, 0, 0); CTHROW(map_addr == ret_addr, "mmap2 failed, return 0x%x, not 0x%x", ret_addr, map_addr); } else { /* this is a file map */ uint32_t fn_pos; /* push the filename */ fn_pos = ptrace_push(r->fn, strlen(r->fn) + 1, TRUE); int fd = ptrace_syscall(open, 3, fn_pos, O_RDONLY, 0); CTHROW(fd >= 0, "open file %s failed: %d", r->fn, fd); SYS_TRACE("\tdo the map\n"); uint32_t off = r->offset; uint32_t ret_addr = ptrace_syscall(mmap2, 6, map_addr, size, prot, flags, fd, off >> PAGE_SHIFT); CTHROW(ret_addr == map_addr, "mmap2 file %s failed: return 0x%x", r->fn, ret_addr); ptrace_syscall(close, 1, fd); } } /* now the memory region has been built up, we then poke * memory into it */ /* don't update stack here. although in most case the stack * is the last region we meet, there are some special situations. * for example in compat memlayout. the stack may be polluted by * pervious ptrace_push operation. */ if (strcmp(r->fn, "[stack]") == 0) stack_r = r; else if (strcmp(r->fn, "[vdso]") != 0) /* chkp don't contain vdso */ ptrace_updmem(r->f_pos + cf->ckpt_img, r->start, r->end - r->start); } CTHROW(stack_r != NULL, "no \"[stack]\" found"); /* we poke stack at last */ ptrace_updmem(stack_r->f_pos + cf->ckpt_img, stack_r->start, stack_r->end - stack_r->start); }
int mdc_init(void) { /*the index of the slot*/ int i; /*the index of the card*/ int j; int type_index[MDC_CARD_NUM] = {0}; int type_count[MDC_CARD_NUM] = {0}; mdc_adc_load(gMdc->adc, SLOT_NUM); //mdc_adc_load(gMdc->adc, SLOT_NUM); for (i = 0; i < SLOT_NUM; i++){ for (j = 0; j < MDC_CARD_NUM; j++){ if (mdc_adc_cmp(gMdc->adc[i], Resistance_Table[j]) == true){ if ((j == MDC_HDMI)||(j == MDC_HDMI_v2)){ type_count[MDC_HDMI]++; type_count[MDC_HDMI_v2]++; }else{ type_count[j]++; } /*used for firmware upgrade*/ gSlot = i; } } } for (i = 0; i < SLOT_NUM; i++){ for (j = 0; j < MDC_CARD_NUM; j++){ if(mdc_adc_cmp(gMdc->adc[i], Resistance_Table[j]) == true){ mdc_slot_init(&gMdc->slot[i], (mdc_type_t)j, type_index[j]); gMdc->slot_src_idx[i] = gSystem_t->src_num; gSystem_t->src_num += (gMdc->slot[i].max_input); if ((gMdc->prev_slot[i].type != gMdc->slot[i].type) || (gMdc->prev_slot[i].index != gMdc->slot[i].index)){ /*--- mdc changed, setup default ---*/ SYS_TRACE("slot[%d], type %s changed, setup default\r\n", i,CardTypeName[gMdc->slot[i].type]); if (type_count[j] > 1){ /*there have 2 the same mdc cards. so the first one's name should init with indicator number.*/ mdc_setup_init(&gMdc->slot[i], &gMdc->setup[i], (mdc_type_t)j, gMdc->slot[i].index, 1, i); } else{ mdc_setup_init(&gMdc->slot[i], &gMdc->setup[i], (mdc_type_t)j, gMdc->slot[i].index, 0, i); } if(gMdc->mdc_slot_index == i){ gMdc->mdc_slot_src_index = 0; } mdc_slot_update(&gMdc->prev_slot[i], &gMdc->slot[i]); Send_SysTask_Msg(SYS_DATABASE_SAVE_MSG, 1); }else{ /*it is very important to add this handle*/ mdc_card_name_update(&gMdc->prev_slot[i], &gMdc->setup[i]); //mdc_slot_update(&gMdc->prev_slot[i], &gMdc->slot[i]); } if ((j == MDC_HDMI)||(j == MDC_HDMI_v2)) { type_index[MDC_HDMI]++; type_index[MDC_HDMI_v2]++; } else { type_index[j]++; } sys_src_list_append(gSrcListHead, &gMdc->setup[i], &gMdc->prev_slot[i]); break; } } /*no normal MDC card found*/ if(gMdc->slot[i].type == MDC_CARD_NUM){ mdc_setup_init(&gMdc->slot[i] ,&gMdc->setup[i], MDC_CARD_NUM, 0, 0, i); if (gMdc->adc[i] < 20){ SYS_TRACE("slot[%d] found[%s] card\r\n", i, CardTypeName[MDC_CARD_NUM]); mdc_prepare_test_environment(gSystem_t, i); }else{ SYS_TRACE("No MDC card found\r\n"); } mdc_slot_update(&gMdc->prev_slot[i], NULL); Send_SysTask_Msg(SYS_DATABASE_SAVE_MSG, 1); } else { SYS_TRACE("slot[%d] found[%s] card\r\n", i, CardTypeName[gMdc->slot[i].type]); } } return 0; }