Package ghidra.pcode.emu.linux

Class EmuLinuxX86SyscallUseropLibrary<T>

java.lang.Object

ghidra.pcode.exec.AnnotatedPcodeUseropLibrary<T>

ghidra.pcode.emu.sys.AnnotatedEmuSyscallUseropLibrary<T>

ghidra.pcode.emu.unix.AbstractEmuUnixSyscallUseropLibrary<T>

ghidra.pcode.emu.linux.AbstractEmuLinuxSyscallUseropLibrary<T>

ghidra.pcode.emu.linux.EmuLinuxX86SyscallUseropLibrary<T>

Type Parameters:

T - the type of values processed by the library

All Implemented Interfaces:

EmuSyscallLibrary<T>, PcodeUseropLibrary<T>

public class EmuLinuxX86SyscallUseropLibrary<T>
extends AbstractEmuLinuxSyscallUseropLibrary<T>

A system call library simulating Linux for x86 (32-bit)

Nested Class Summary

Nested classes/interfaces inherited from class ghidra.pcode.emu.unix.AbstractEmuUnixSyscallUseropLibrary

AbstractEmuUnixSyscallUseropLibrary.Errno, AbstractEmuUnixSyscallUseropLibrary.UnixStructuredPart

Nested classes/interfaces inherited from class ghidra.pcode.emu.sys.AnnotatedEmuSyscallUseropLibrary

AnnotatedEmuSyscallUseropLibrary.EmuSyscall, AnnotatedEmuSyscallUseropLibrary.StructuredPart

Nested classes/interfaces inherited from class ghidra.pcode.exec.AnnotatedPcodeUseropLibrary

AnnotatedPcodeUseropLibrary.AnnotatedPcodeUseropDefinition<T>, AnnotatedPcodeUseropLibrary.FixedArgsAnnotatedPcodeUseropDefinition<T>, AnnotatedPcodeUseropLibrary.OpExecutor, AnnotatedPcodeUseropLibrary.OpLibrary, AnnotatedPcodeUseropLibrary.OpOutput, AnnotatedPcodeUseropLibrary.OpState, AnnotatedPcodeUseropLibrary.PcodeUserop, AnnotatedPcodeUseropLibrary.VariadicAnnotatedPcodeUseropDefinition<T>

Nested classes/interfaces inherited from interface ghidra.pcode.emu.sys.EmuSyscallLibrary

EmuSyscallLibrary.EmuSyscallDefinition<T>, EmuSyscallLibrary.SyscallPcodeUseropDefinition<T>

Nested classes/interfaces inherited from interface ghidra.pcode.exec.PcodeUseropLibrary

PcodeUseropLibrary.EmptyPcodeUseropLibrary, PcodeUseropLibrary.PcodeUseropDefinition<T>

Field Summary

Fields

Modifier and Type	Field	Description
protected FileDataTypeManager	clib32
protected final Register	regEAX
protected final Register	regEIP

Fields inherited from class ghidra.pcode.emu.linux.AbstractEmuLinuxSyscallUseropLibrary

ERRNOS, O_APPEND, O_CREAT, O_MASK_RDWR, O_RDONLY, O_RDWR, O_TRUNC, O_WRONLY

Fields inherited from class ghidra.pcode.emu.unix.AbstractEmuUnixSyscallUseropLibrary

closedFds, descriptors, fs, intSize, user

Fields inherited from class ghidra.pcode.emu.sys.AnnotatedEmuSyscallUseropLibrary

additionalArchives, CACHE_BY_CLASS, cSpec, dtMachineWord, machine, program, SYSCALL_SPACE_NAME, syscallMap

Fields inherited from class ghidra.pcode.exec.AnnotatedPcodeUseropLibrary

ops

Fields inherited from interface ghidra.pcode.emu.sys.EmuSyscallLibrary

SYSCALL_CONVENTION_NAME

Fields inherited from interface ghidra.pcode.exec.PcodeUseropLibrary

NIL

Constructor Summary

Constructors

Constructor	Description
EmuLinuxX86SyscallUseropLibrary(PcodeMachine<T> machine, EmuUnixFileSystem<T> fs, Program program)	Construct the system call library for Linux-x86
EmuLinuxX86SyscallUseropLibrary(PcodeMachine<T> machine, EmuUnixFileSystem<T> fs, Program program, EmuUnixUser user)	Construct the system call library for Linux-x86

Method Summary

Modifier and Type	Method	Description
protected void	disposeAdditionalArchives()
protected Collection<DataTypeManager>	getAdditionalArchives()
long	readSyscallNumber(PcodeExecutorState<T> state, PcodeExecutorStatePiece.Reason reason)	Retrieve the desired system call number according to the emulated system's conventions
protected boolean	returnErrno(PcodeExecutor<T> executor, int errno)	Place the errno into the machine as expected by the simulated platform's ABI
T	swi(PcodeExecutor<T> executor, PcodeUseropLibrary<T> library, T number)	Implement this to detect and interpret the INT 0x80 instruction as the syscall convention

Methods inherited from class ghidra.pcode.emu.linux.AbstractEmuLinuxSyscallUseropLibrary

convertFlags, getErrno

Methods inherited from class ghidra.pcode.emu.unix.AbstractEmuUnixSyscallUseropLibrary

claimFd, createHandle, findFd, handleError, lowestFd, newStructuredPart, putDescriptor, releaseFd, unix_close, unix_exit, unix_group_exit, unix_open, unix_read, unix_write

Methods inherited from class ghidra.pcode.emu.sys.AnnotatedEmuSyscallUseropLibrary

getSyscalls, getSyscallUserop, mapAndBindSyscalls, mapAndBindSyscalls, newBoundSyscall

Methods inherited from class ghidra.pcode.exec.AnnotatedPcodeUseropLibrary

getMethodLookup, getOperandType, getUserops

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface ghidra.pcode.emu.sys.EmuSyscallLibrary

syscall

Methods inherited from interface ghidra.pcode.exec.PcodeUseropLibrary

compose, getSymbols, getUserops

Field Details

regEIP

protected final Register regEIP

regEAX

protected final Register regEAX

clib32

protected FileDataTypeManager clib32

Constructor Details

EmuLinuxX86SyscallUseropLibrary

public EmuLinuxX86SyscallUseropLibrary(PcodeMachine<T> machine,
 EmuUnixFileSystem<T> fs,
 Program program)

Construct the system call library for Linux-x86

Parameters:

machine - the machine emulating the hardware

fs - the file system to export to the user-space program

program - a program containing syscall definitions and conventions, likely the target program

EmuLinuxX86SyscallUseropLibrary

public EmuLinuxX86SyscallUseropLibrary(PcodeMachine<T> machine,
 EmuUnixFileSystem<T> fs,
 Program program,
 EmuUnixUser user)

Construct the system call library for Linux-x86

Parameters:

machine - the machine emulating the hardware

fs - the file system to export to the user-space program

program - a program containing syscall definitions and conventions, likely the target program

user - the "current user" to simulate

Method Details

getAdditionalArchives

protected Collection<DataTypeManager> getAdditionalArchives()

Overrides:

getAdditionalArchives in class AnnotatedEmuSyscallUseropLibrary<T>

disposeAdditionalArchives

protected void disposeAdditionalArchives()

Overrides:

disposeAdditionalArchives in class AnnotatedEmuSyscallUseropLibrary<T>

readSyscallNumber

public long readSyscallNumber(PcodeExecutorState<T> state,
 PcodeExecutorStatePiece.Reason reason)

Description copied from interface: EmuSyscallLibrary

Retrieve the desired system call number according to the emulated system's conventions

TODO: This should go away in favor of some specification stored in the emulated program database. Until then, we require system-specific implementations.

Parameters:

state - the executor's state

reason - the reason for reading state, probably PcodeExecutorStatePiece.Reason.EXECUTE_READ, but should be taken from the executor

Returns:

the system call number

returnErrno

protected boolean returnErrno(PcodeExecutor<T> executor,
 int errno)

Description copied from class: AbstractEmuUnixSyscallUseropLibrary

Place the errno into the machine as expected by the simulated platform's ABI

Specified by:

returnErrno in class AbstractEmuUnixSyscallUseropLibrary<T>

Parameters:

executor - the executor for the thread running this system call

errno - the error number

Returns:

true if the errno was successfully placed

swi

public T swi(PcodeExecutor<T> executor,
 PcodeUseropLibrary<T> library,
 T number)

Implement this to detect and interpret the INT 0x80 instruction as the syscall convention

Parameters:

executor - to receive the executor

library - to receive the userop library, presumably replete with syscalls

number - the interrupt number

Returns:

the address of the fall-through, to hack the PcodeOp.CALLIND