diff options
| -rw-r--r-- | lib/arm64/assemble.h | 3 | ||||
| -rw-r--r-- | lib/darwin/execmem.c | 3 | ||||
| -rw-r--r-- | lib/darwin/inject.c | 46 | ||||
| -rw-r--r-- | lib/darwin/interpose.c | 20 | ||||
| -rw-r--r-- | lib/darwin/mach-decls.h | 15 | ||||
| -rw-r--r-- | lib/darwin/objc-asm.S | 4 | ||||
| -rw-r--r-- | lib/darwin/objc.c | 6 | ||||
| -rw-r--r-- | lib/darwin/substrate-compat.c | 8 | ||||
| -rw-r--r-- | lib/dis.h | 4 | ||||
| -rw-r--r-- | lib/hook-functions.c | 18 | ||||
| -rw-r--r-- | lib/jump-dis.c | 9 | ||||
| -rw-r--r-- | lib/substitute.h | 3 |
12 files changed, 94 insertions, 45 deletions
diff --git a/lib/arm64/assemble.h b/lib/arm64/assemble.h index c4fb487..a58e227 100644 --- a/lib/arm64/assemble.h +++ b/lib/arm64/assemble.h @@ -48,7 +48,8 @@ static inline void LDRxi(void **codep, int Rt, int Rn, uint32_t off, static inline void ADRP_ADD(void **codep, int reg, uint64_t pc, uint64_t dpc) { uint64_t diff = (dpc & ~0xfff) - (pc & ~0xfff); /* ADRP reg, dpc */ - op32(codep, 0x90000000 | reg | (diff & 0x3000) << 17 | (diff & 0x1ffffc000) >> 9); + op32(codep, 0x90000000 | reg | (diff & 0x3000) << 17 | + (diff & 0x1ffffc000) >> 9); uint32_t lo = dpc & 0xfff; if (lo) { /* ADD reg, reg, #lo */ diff --git a/lib/darwin/execmem.c b/lib/darwin/execmem.c index b142aff..d2bd4ab 100644 --- a/lib/darwin/execmem.c +++ b/lib/darwin/execmem.c @@ -33,7 +33,8 @@ GEN_SYSCALL(mach_msg, -31); __typeof__(mach_thread_self) manual_thread_self; GEN_SYSCALL(thread_self, -27); -extern int __sigaction(int, struct __sigaction * __restrict, struct sigaction * __restrict); +extern int __sigaction(int, struct __sigaction * __restrict, + struct sigaction * __restrict); static void manual_memcpy(void *restrict dest, const void *src, size_t len) { /* volatile to avoid compiler transformation to call to memcpy */ diff --git a/lib/darwin/inject.c b/lib/darwin/inject.c index 14b204b..7e36e60 100644 --- a/lib/darwin/inject.c +++ b/lib/darwin/inject.c @@ -80,7 +80,8 @@ static int find_foreign_images(mach_port_t task, cnt = tdi.all_image_info_size; mach_vm_size_t size; - kr = mach_vm_read_overwrite(task, tdi.all_image_info_addr, tdi.all_image_info_size, + kr = mach_vm_read_overwrite(task, tdi.all_image_info_addr, + tdi.all_image_info_size, (mach_vm_address_t) all_image_infos_buf, &size); if (kr || size != tdi.all_image_info_size) { asprintf(error, "mach_vm_read_overwrite(all_image_info): kr=%d", kr); @@ -119,7 +120,8 @@ static int find_foreign_images(mach_port_t task, #undef FIELD if (info_array_count > 2000) { - asprintf(error, "unreasonable number of loaded libraries: %u", info_array_count); + asprintf(error, "unreasonable number of loaded libraries: %u", + info_array_count); return SUBSTITUTE_ERR_MISC; } size_t info_array_size = info_array_count * info_array_elm_size; @@ -165,8 +167,10 @@ static int find_foreign_images(mach_port_t task, } if (strlen(path_buf) == toread && toread < MAXPATHLEN) { /* get the rest... */ - kr = mach_vm_read_overwrite(task, file_path + toread, MAXPATHLEN - toread, - (mach_vm_address_t) path_buf + toread, &size); + kr = mach_vm_read_overwrite(task, file_path + toread, + MAXPATHLEN - toread, + (mach_vm_address_t) path_buf + toread, + &size); if (kr) { continue; } @@ -203,8 +207,8 @@ static int get_foreign_image_export(mach_port_t task, uint64_t hdr_addr, vm_prot_t cur, max; hdr_buf_size = PAGE_SIZE; kern_return_t kr = mach_vm_remap(mach_task_self(), &hdr_buf, hdr_buf_size, 0, - VM_FLAGS_ANYWHERE, task, hdr_addr, /*copy*/ true, - &cur, &max, VM_INHERIT_NONE); + VM_FLAGS_ANYWHERE, task, hdr_addr, + /*copy*/ true, &cur, &max, VM_INHERIT_NONE); if (kr) { asprintf(error, "mach_vm_remap(libdyld header): kr=%d", kr); return SUBSTITUTE_ERR_MISC; @@ -226,7 +230,8 @@ static int get_foreign_image_export(mach_port_t task, uint64_t hdr_addr, size_t total_size = mh_size + mh->sizeofcmds; if (total_size > hdr_buf_size) { - vm_deallocate(mach_task_self(), (vm_offset_t) hdr_buf, (vm_size_t) hdr_buf_size); + vm_deallocate(mach_task_self(), (vm_offset_t) hdr_buf, + (vm_size_t) hdr_buf_size); hdr_buf_size = total_size; hdr_buf = 0; kr = mach_vm_remap(mach_task_self(), &hdr_buf, hdr_buf_size, 0, @@ -323,7 +328,8 @@ badmach: ret = SUBSTITUTE_ERR_MISC; goto fail; fail: - vm_deallocate(mach_task_self(), (vm_offset_t) hdr_buf, (vm_size_t) hdr_buf_size); + vm_deallocate(mach_task_self(), (vm_offset_t) hdr_buf, + (vm_size_t) hdr_buf_size); return ret; } @@ -371,7 +377,8 @@ got_symbol:; return false; if (!read_leb128(&ptr, end, false, &flags)) return false; - if (flags & (EXPORT_SYMBOL_FLAGS_REEXPORT | EXPORT_SYMBOL_FLAGS_STUB_AND_RESOLVER)) { + if (flags & (EXPORT_SYMBOL_FLAGS_REEXPORT | + EXPORT_SYMBOL_FLAGS_STUB_AND_RESOLVER)) { /* don't bother to support for now */ return false; } @@ -462,7 +469,8 @@ static int do_baton(const char *filename, size_t filelen, cpu_type_t cputype, } } - memcpy(stackbuf + baton_len, target_shuttle, nshuttle * sizeof(*target_shuttle)); + memcpy(stackbuf + baton_len, target_shuttle, + nshuttle * sizeof(*target_shuttle)); semaphore_t sem_port = MACH_PORT_NULL; kern_return_t kr = semaphore_create(task, &sem_port, SYNC_POLICY_FIFO, 0); @@ -571,8 +579,10 @@ int substitute_dlopen_in_pid(int pid, const char *filename, int options, uint64_t symaddr; } syms[2]; } libs[3] = { - {images[0].address, 2, {{"_dlopen", 0}, {"_dlsym", 0}}}, - {images[1].address, 2, {{"_pthread_create", 0}, {"_pthread_detach", 0}}}, + {images[0].address, 2, {{"_dlopen", 0}, + {"_dlsym", 0}}}, + {images[1].address, 2, {{"_pthread_create", 0}, + {"_pthread_detach", 0}}}, {images[2].address, 1, {{"_munmap", 0}}}, }; @@ -586,14 +596,17 @@ int substitute_dlopen_in_pid(int pid, const char *filename, int options, goto fail; const char *failed_symbol = NULL; for (int j = 0; j < libs[i].nsyms; j++) { - if (!find_export_symbol(export, export_size, libs[i].syms[j].symname, - libs[i].addr, &libs[i].syms[j].symaddr)) { + if (!find_export_symbol(export, export_size, + libs[i].syms[j].symname, + libs[i].addr, + &libs[i].syms[j].symaddr)) { failed_symbol = libs[i].syms[j].symname; break; } } - vm_deallocate(mach_task_self(), (vm_offset_t) linkedit, (vm_size_t) linkedit_size); + vm_deallocate(mach_task_self(), (vm_offset_t) linkedit, + (vm_size_t) linkedit_size); if (failed_symbol) { asprintf(error, "couldn't find target symbol %s", failed_symbol); ret = SUBSTITUTE_ERR_MISC; @@ -620,7 +633,8 @@ int substitute_dlopen_in_pid(int pid, const char *filename, int options, cputype == CPU_TYPE_ARM64 ? 0x4000 : #endif 0x1000; - kr = mach_vm_allocate(task, &target_stack, 2 * target_page_size, VM_FLAGS_ANYWHERE); + kr = mach_vm_allocate(task, &target_stack, 2 * target_page_size, + VM_FLAGS_ANYWHERE); if (kr) { asprintf(error, "couldn't allocate target stack"); ret = SUBSTITUTE_ERR_OOM; diff --git a/lib/darwin/interpose.c b/lib/darwin/interpose.c index 89f047e..4581bab 100644 --- a/lib/darwin/interpose.c +++ b/lib/darwin/interpose.c @@ -2,6 +2,7 @@ #include <stdint.h> #include <stdbool.h> +#include <stdatomic.h> #include "substitute.h" #include "substitute-internal.h" @@ -17,8 +18,8 @@ struct interpose_state { segment_command_x *stack_segments[32]; }; -static int try_bind_section(void *bind, size_t size, const struct interpose_state *st, - bool lazy) { +static int try_bind_section(void *bind, size_t size, + const struct interpose_state *st, bool lazy) { void *ptr = bind, *end = bind + size; char *sym = NULL; uint8_t type = lazy ? BIND_TYPE_POINTER : 0; @@ -89,12 +90,15 @@ static int try_bind_section(void *bind, size_t size, const struct interpose_stat } if (i != st->nhooks) { while (count--) { - uintptr_t new = (uintptr_t) h->replacement + (intptr_t) addend; + uintptr_t new = (uintptr_t) h->replacement + + (intptr_t) addend; uintptr_t old; void *p = (void *) (segment + offset); switch (type) { case BIND_TYPE_POINTER: { - old = __atomic_exchange_n((uintptr_t *) p, new, __ATOMIC_RELAXED); + old = atomic_exchange_explicit( + (_Atomic uintptr_t *) p, new, + memory_order_relaxed); break; } case BIND_TYPE_TEXT_ABSOLUTE32: { @@ -103,7 +107,9 @@ static int try_bind_section(void *bind, size_t size, const struct interpose_stat * this is impossible... */ substitute_panic("bad TEXT_ABSOLUTE32 rel\n"); } - old = __atomic_exchange_n((uint32_t *) p, (uint32_t) new, __ATOMIC_RELAXED); + old = atomic_exchange_explicit( + (_Atomic uint32_t *) p, (uint32_t) new, + memory_order_relaxed); break; } case BIND_TYPE_TEXT_PCREL32: { @@ -113,7 +119,9 @@ static int try_bind_section(void *bind, size_t size, const struct interpose_stat /* ditto */ substitute_panic("bad TEXT_ABSOLUTE32 rel\n"); } - old = __atomic_exchange_n((uint32_t *) p, (uint32_t) rel, __ATOMIC_RELAXED); + old = atomic_exchange_explicit( + (_Atomic uint32_t *) p, (uint32_t) rel, + memory_order_relaxed); old += pc; break; } diff --git a/lib/darwin/mach-decls.h b/lib/darwin/mach-decls.h index 3448252..2bfbae2 100644 --- a/lib/darwin/mach-decls.h +++ b/lib/darwin/mach-decls.h @@ -2,12 +2,19 @@ #include <stdint.h> #include <mach/mach.h> -kern_return_t mach_vm_read_overwrite(vm_map_t, mach_vm_address_t, mach_vm_size_t, mach_vm_address_t, mach_vm_size_t *); -kern_return_t mach_vm_remap(vm_map_t, mach_vm_address_t *, mach_vm_size_t, mach_vm_offset_t, int, vm_map_t, mach_vm_address_t, boolean_t, vm_prot_t *, vm_prot_t *, vm_inherit_t); -kern_return_t mach_vm_write(vm_map_t, mach_vm_address_t, vm_offset_t, mach_msg_type_number_t); +kern_return_t mach_vm_read_overwrite(vm_map_t, mach_vm_address_t, + mach_vm_size_t, mach_vm_address_t, + mach_vm_size_t *); +kern_return_t mach_vm_remap(vm_map_t, mach_vm_address_t *, mach_vm_size_t, + mach_vm_offset_t, int, vm_map_t, mach_vm_address_t, + boolean_t, vm_prot_t *, vm_prot_t *, vm_inherit_t); +kern_return_t mach_vm_write(vm_map_t, mach_vm_address_t, vm_offset_t, + mach_msg_type_number_t); kern_return_t mach_vm_allocate(vm_map_t, mach_vm_address_t *, mach_vm_size_t, int); kern_return_t mach_vm_deallocate(vm_map_t, mach_vm_address_t, mach_vm_size_t); -kern_return_t mach_vm_region(vm_map_t, mach_vm_address_t *, mach_vm_size_t *, vm_region_flavor_t, vm_region_info_t, mach_msg_type_number_t *, mach_port_t *); +kern_return_t mach_vm_region(vm_map_t, mach_vm_address_t *, mach_vm_size_t *, + vm_region_flavor_t, vm_region_info_t, + mach_msg_type_number_t *, mach_port_t *); /* bootstrap.h */ extern mach_port_t bootstrap_port; diff --git a/lib/darwin/objc-asm.S b/lib/darwin/objc-asm.S index 9d8c517..826daea 100644 --- a/lib/darwin/objc-asm.S +++ b/lib/darwin/objc-asm.S @@ -9,7 +9,9 @@ _remap_start: .set i, 0 -#define my_rpe (0b + (_PAGE_SIZE - i * TRAMPOLINE_SIZE + i * TRAMP_INFO_PAGE_ENTRY_SIZE)) +#define my_rpe (0b + (_PAGE_SIZE \ + - i * TRAMPOLINE_SIZE \ + + i * TRAMP_INFO_PAGE_ENTRY_SIZE)) .rept TRAMPOLINES_PER_PAGE 0: #if defined(__x86_64__) diff --git a/lib/darwin/objc.c b/lib/darwin/objc.c index d457581..0c265a9 100644 --- a/lib/darwin/objc.c +++ b/lib/darwin/objc.c @@ -39,7 +39,8 @@ struct tramp_info_page_entry { _Static_assert(TRAMP_INFO_PAGE_ENTRY_SIZE == sizeof(struct tramp_info_page_entry), "TRAMP_INFO_PAGE_ENTRY_SIZE"); _Static_assert(sizeof(struct tramp_info_page_header) + - TRAMPOLINES_PER_PAGE * sizeof(struct tramp_info_page_entry) <= _PAGE_SIZE, + TRAMPOLINES_PER_PAGE * sizeof(struct tramp_info_page_entry) + <= _PAGE_SIZE, "header+entries too big"); static pthread_mutex_t tramp_mutex = PTHREAD_MUTEX_INITIALIZER; @@ -189,7 +190,8 @@ int substitute_hook_objc_message(Class class, SEL selector, void *replacement, substitute_panic("%s: no superclass but the method didn't exist\n", __func__); } - ret = get_trampoline(class_getMethodImplementation, super, selector, old_ptr); + ret = get_trampoline(class_getMethodImplementation, super, + selector, old_ptr); if (created_imp_ptr) *created_imp_ptr = true; } diff --git a/lib/darwin/substrate-compat.c b/lib/darwin/substrate-compat.c index bb68366..ff47fbd 100644 --- a/lib/darwin/substrate-compat.c +++ b/lib/darwin/substrate-compat.c @@ -40,10 +40,12 @@ void *SubFindSymbol(void *image, const char *name) { #ifdef TARGET_DIS_SUPPORTED EXPORT -void SubHookFunction(void *symbol, void *replace, void **result) __asm__("SubHookFunction"); +void SubHookFunction(void *symbol, void *replace, void **result) + __asm__("SubHookFunction"); void SubHookFunction(void *symbol, void *replace, void **result) { struct substitute_function_hook hook = {symbol, replace, result}; - int ret = substitute_hook_functions(&hook, 1, NULL, SUBSTITUTE_NO_THREAD_SAFETY); + int ret = substitute_hook_functions(&hook, 1, NULL, + SUBSTITUTE_NO_THREAD_SAFETY); if (ret) { substitute_panic("SubHookFunction: substitute_hook_functions returned %s\n", substitute_strerror(ret)); @@ -53,7 +55,7 @@ void SubHookFunction(void *symbol, void *replace, void **result) { EXPORT void SubHookMessageEx(Class _class, SEL sel, IMP imp, IMP *result) - __asm__("SubHookMessageEx"); + __asm__("SubHookMessageEx"); void SubHookMessageEx(Class _class, SEL sel, IMP imp, IMP *result) { int ret = substitute_hook_objc_message(_class, sel, imp, result, NULL); @@ -67,7 +67,9 @@ static inline unsigned bs_set(struct bitslice bs, unsigned new, unsigned op) { return op; } -static inline struct bitslice bs_slice_(struct bitslice bs, struct bitslice_run *runs, int lo, int size) { +static inline struct bitslice bs_slice_(struct bitslice bs, + struct bitslice_run *runs, + int lo, int size) { int nruns = 0; for(int i = 0; i < bs.nruns; i++) { struct bitslice_run inr = bs.runs[i]; diff --git a/lib/hook-functions.c b/lib/hook-functions.c index ee3d049..fed9e3e 100644 --- a/lib/hook-functions.c +++ b/lib/hook-functions.c @@ -82,9 +82,11 @@ static int check_intro_trampoline(void **trampoline_ptr_p, if (trampoline_ptr) { /* Try existing trampoline */ - *patch_size_p = jump_patch_size(pc, (uintptr_t) trampoline_ptr, arch, false); + *patch_size_p = jump_patch_size(pc, (uintptr_t) trampoline_ptr, arch, + false); - if (*patch_size_p != -1 && (size_t) *patch_size_p <= *trampoline_size_left_p) + if (*patch_size_p != -1 && (size_t) *patch_size_p + <= *trampoline_size_left_p) return SUBSTITUTE_OK; } @@ -92,7 +94,8 @@ static int check_intro_trampoline(void **trampoline_ptr_p, * before pc before giving up. */ int ret = execmem_alloc_unsealed(pc, &trampoline_ptr, &trampoline_size_left); if (!ret) { - *patch_size_p = jump_patch_size(pc, (uintptr_t) trampoline_ptr, arch, false); + *patch_size_p = jump_patch_size(pc, (uintptr_t) trampoline_ptr, arch, + false); if (*patch_size_p != -1) { ret = SUBSTITUTE_OK; goto end; @@ -103,9 +106,11 @@ static int check_intro_trampoline(void **trampoline_ptr_p, /* Allocate new trampoline - try before pc (xxx only meaningful on arm64) */ uintptr_t start_address = pc - 0x80000000; - ret = execmem_alloc_unsealed(start_address, &trampoline_ptr, &trampoline_size_left); + ret = execmem_alloc_unsealed(start_address, + &trampoline_ptr, &trampoline_size_left); if (!ret) { - *patch_size_p = jump_patch_size(pc, (uintptr_t) trampoline_ptr, arch, false); + *patch_size_p = jump_patch_size(pc, (uintptr_t) trampoline_ptr, arch, + false); if (*patch_size_p != -1) { *trampoline_ptr_p = trampoline_ptr; *trampoline_size_left_p = trampoline_size_left; @@ -172,7 +177,8 @@ int substitute_hook_functions(const struct substitute_function_hook *hooks, int patch_size; bool need_intro_trampoline; if ((ret = check_intro_trampoline(&trampoline_ptr, &trampoline_size_left, - pc_patch_start, (uintptr_t) hook->replacement, + pc_patch_start, + (uintptr_t) hook->replacement, &patch_size, &need_intro_trampoline, &hi->trampoline_page, arch))) goto end; diff --git a/lib/jump-dis.c b/lib/jump-dis.c index 04a919e..9b8bd18 100644 --- a/lib/jump-dis.c +++ b/lib/jump-dis.c @@ -54,13 +54,15 @@ static void jump_dis_add_to_queue(struct jump_dis_ctx *ctx, uint_tptr pc) { size_t diff = (pc - ctx->pc_patch_start) / MIN_INSN_SIZE; if (diff >= JUMP_ANALYSIS_MAX_INSNS) { #ifdef JUMP_DIS_VERBOSE - printf("jump-dis: not adding %llx - out of range\n", (unsigned long long) pc); + printf("jump-dis: not adding %llx - out of range\n", + (unsigned long long) pc); #endif return; } if (ctx->seen_mask[diff / 8] & 1 << (diff % 8)) { #ifdef JUMP_DIS_VERBOSE - printf("jump-dis: not adding %llx - already seen\n", (unsigned long long) pc); + printf("jump-dis: not adding %llx - already seen\n", + (unsigned long long) pc); #endif return; } @@ -73,7 +75,8 @@ static INLINE UNUSED void jump_dis_data(UNUSED struct jump_dis_ctx *ctx, UNUSED unsigned o0, UNUSED unsigned o1, UNUSED unsigned o2, UNUSED unsigned o3, UNUSED unsigned out_mask) { - /* on ARM, ignore mov PC jumps, as they're unlikely to be in the same function */ + /* on ARM, ignore mov PC jumps, as they're unlikely to be in the same + * function */ } static INLINE UNUSED diff --git a/lib/substitute.h b/lib/substitute.h index 6b7b9f4..034cc26 100644 --- a/lib/substitute.h +++ b/lib/substitute.h @@ -89,7 +89,8 @@ const char *substitute_strerror(int err); struct substitute_function_hook { void *function; void *replacement; - void *old_ptr; /* optional: out *pointer* to function pointer to call old impl */ + void *old_ptr; /* optional: out *pointer* to function pointer to call old + * impl */ }; /* substitute_hook_functions options */ |