diff options
| author | Santo Cariotti <santo@dcariotti.me> | 2023-10-16 21:06:08 +0200 |
|---|---|---|
| committer | Santo Cariotti <santo@dcariotti.me> | 2023-10-16 21:06:08 +0200 |
| commit | 9808de10b9d47eb2341844e31e3db4a938787ddd (patch) | |
| tree | 971d826dc23c819cf336dc0920679bfd3f4f3b21 | |
| parent | ce8fb33087b449f8d0c18dafd35e0d5503d60192 (diff) | |
Show sysname instead of the code
| -rw-r--r-- | src/arch/linux/mod.rs | 1 | ||||
| -rw-r--r-- | src/arch/linux/x86_64.rs | 559 | ||||
| -rw-r--r-- | src/arch/mod.rs | 1 | ||||
| -rw-r--r-- | src/main.rs | 1 | ||||
| -rw-r--r-- | src/registers.rs | 7 |
5 files changed, 567 insertions, 2 deletions
diff --git a/src/arch/linux/mod.rs b/src/arch/linux/mod.rs new file mode 100644 index 0000000..2a99bf5 --- /dev/null +++ b/src/arch/linux/mod.rs @@ -0,0 +1 @@ +pub mod x86_64; diff --git a/src/arch/linux/x86_64.rs b/src/arch/linux/x86_64.rs new file mode 100644 index 0000000..0d378ca --- /dev/null +++ b/src/arch/linux/x86_64.rs @@ -0,0 +1,559 @@ +/// Sys call table as shown at https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md#x86_64-64_bit +/// and https://github.com/torvalds/linux/blob/master/arch/x86/entry/syscalls/syscall_64.tbl +pub const TABLE: [&str; 550] = [ + "read", + "write", + "open", + "close", + "stat", + "fstat", + "lstat", + "poll", + "lseek", + "mmap", + "mprotect", + "munmap", + "brk", + "rt_sigaction", + "rt_sigprocmask", + "rt_sigreturn", + "ioctl", + "pread64", + "pwrite64", + "readv", + "writev", + "access", + "pipe", + "select", + "sched_yield", + "mremap", + "msync", + "mincore", + "madvise", + "shmget", + "shmat", + "shmctl", + "dup", + "dup2", + "pause", + "nanosleep", + "getitimer", + "alarm", + "setitimer", + "getpid", + "sendfile", + "socket", + "connect", + "accept", + "sendto", + "recvfrom", + "sendmsg", + "recvmsg", + "shutdown", + "bind", + "listen", + "getsockname", + "getpeername", + "socketpair", + "setsockopt", + "getsockopt", + "clone", + "fork", + "vfork", + "execve", + "exit", + "wait4", + "kill", + "uname", + "semget", + "semop", + "semctl", + "shmdt", + "msgget", + "msgsnd", + "msgrcv", + "msgctl", + "fcntl", + "flock", + "fsync", + "fdatasync", + "truncate", + "ftruncate", + "getdents", + "getcwd", + "chdir", + "fchdir", + "rename", + "mkdir", + "rmdir", + "creat", + "link", + "unlink", + "symlink", + "readlink", + "chmod", + "fchmod", + "chown", + "fchown", + "lchown", + "umask", + "gettimeofday", + "getrlimit", + "getrusage", + "sysinfo", + "times", + "ptrace", + "getuid", + "syslog", + "getgid", + "setuid", + "setgid", + "geteuid", + "getegid", + "setpgid", + "getppid", + "getpgrp", + "setsid", + "setreuid", + "setregid", + "getgroups", + "setgroups", + "setresuid", + "getresuid", + "setresgid", + "getresgid", + "getpgid", + "setfsuid", + "setfsgid", + "getsid", + "capget", + "capset", + "rt_sigpending", + "rt_sigtimedwait", + "rt_sigqueueinfo", + "rt_sigsuspend", + "sigaltstack", + "utime", + "mknod", + "uselib", + "personality", + "ustat", + "statfs", + "fstatfs", + "sysfs", + "getpriority", + "setpriority", + "sched_setparam", + "sched_getparam", + "sched_setscheduler", + "sched_getscheduler", + "sched_get_priority_max", + "sched_get_priority_min", + "sched_rr_get_interval", + "mlock", + "munlock", + "mlockall", + "munlockall", + "vhangup", + "modify_ldt", + "pivot_root", + "_sysctl", + "prctl", + "arch_prctl", + "adjtimex", + "setrlimit", + "chroot", + "sync", + "acct", + "settimeofday", + "mount", + "umount2", + "swapon", + "swapoff", + "reboot", + "sethostname", + "setdomainname", + "iopl", + "ioperm", + "create_module", + "init_module", + "delete_module", + "get_kernel_syms", + "query_module", + "quotactl", + "nfsservctl", + "getpmsg", + "putpmsg", + "afs_syscall", + "tuxcall", + "security", + "gettid", + "readahead", + "setxattr", + "lsetxattr", + "fsetxattr", + "getxattr", + "lgetxattr", + "fgetxattr", + "listxattr", + "llistxattr", + "flistxattr", + "removexattr", + "lremovexattr", + "fremovexattr", + "tkill", + "time", + "futex", + "sched_setaffinity", + "sched_getaffinity", + "set_thread_area", + "io_setup", + "io_destroy", + "io_getevents", + "io_submit", + "io_cancel", + "get_thread_area", + "lookup_dcookie", + "epoll_create", + "epoll_ctl_old", + "epoll_wait_old", + "remap_file_pages", + "getdents64", + "set_tid_address", + "restart_syscall", + "semtimedop", + "fadvise64", + "timer_create", + "timer_settime", + "timer_gettime", + "timer_getoverrun", + "timer_delete", + "clock_settime", + "clock_gettime", + "clock_getres", + "clock_nanosleep", + "exit_group", + "epoll_wait", + "epoll_ctl", + "tgkill", + "utimes", + "vserver", + "mbind", + "set_mempolicy", + "get_mempolicy", + "mq_open", + "mq_unlink", + "mq_timedsend", + "mq_timedreceive", + "mq_notify", + "mq_getsetattr", + "kexec_load", + "waitid", + "add_key", + "request_key", + "keyctl", + "ioprio_set", + "ioprio_get", + "inotify_init", + "inotify_add_watch", + "inotify_rm_watch", + "migrate_pages", + "openat", + "mkdirat", + "mknodat", + "fchownat", + "futimesat", + "newfstatat", + "unlinkat", + "renameat", + "linkat", + "symlinkat", + "readlinkat", + "fchmodat", + "faccessat", + "pselect6", + "ppoll", + "unshare", + "set_robust_list", + "get_robust_list", + "splice", + "tee", + "sync_file_range", + "vmsplice", + "move_pages", + "utimensat", + "epoll_pwait", + "signalfd", + "timerfd_create", + "eventfd", + "fallocate", + "timerfd_settime", + "timerfd_gettime", + "accept4", + "signalfd4", + "eventfd2", + "epoll_create1", + "dup3", + "pipe2", + "inotify_init1", + "preadv", + "pwritev", + "rt_tgsigqueueinfo", + "perf_event_open", + "recvmmsg", + "fanotify_init", + "fanotify_mark", + "prlimit64", + "name_to_handle_at", + "open_by_handle_at", + "clock_adjtime", + "syncfs", + "sendmmsg", + "setns", + "getcpu", + "process_vm_readv", + "process_vm_writev", + "kcmp", + "finit_module", + "sched_setattr", + "sched_getattr", + "renameat2", + "seccomp", + "getrandom", + "memfd_create", + "kexec_file_load", + "bpf", + "execveat", + "userfaultfd", + "membarrier", + "mlock2", + "copy_file_range", + "preadv2", + "pwritev2", + "pkey_mprotect", + "pkey_alloc", + "pkey_free", + "statx", + "io_pgetevents", + "rseq", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "pidfd_send_signal", + "io_uring_setup", + "io_uring_enter", + "io_uring_register", + "open_tree", + "move_mount", + "fsopen", + "fsconfig", + "fsmount", + "fspick", + "pidfd_open", + "clone3", + "close_range", + "openat2", + "pidfd_getfd", + "faccessat2", + "process_madvise", + "epoll_pwait2", + "mount_setattr", + "quotactl_fd", + "landlock_create_ruleset", + "landlock_add_rule", + "landlock_restrict_self", + "memfd_secret", + "process_mrelease", + "futex_waitv", + "set_mempolicy_home_node", + "cachestat", + "fchmodat2", + "map_shadow_stack", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "rt_sigaction", + "rt_sigreturn", + "ioctl", + "readv", + "writev", + "recvfrom", + "sendmsg", + "recvmsg", + "execve", + "ptrace", + "rt_sigpending", + "rt_sigtimedwait", + "rt_sigqueueinfo", + "sigaltstack", + "timer_create", + "mq_notify", + "kexec_load", + "waitid", + "set_robust_list", + "get_robust_list", + "vmsplice", + "move_pages", + "preadv", + "pwritev", + "rt_tgsigqueueinfo", + "recvmmsg", + "sendmmsg", + "process_vm_readv", + "process_vm_writev", + "setsockopt", + "getsockopt", + "io_setup", + "io_submit", + "execveat", + "preadv2", + "pwritev2", +]; + +/// Returns the name for a `rax` register +pub fn syscall_name(rax: u64) -> &'static str { + TABLE[rax as usize] +} diff --git a/src/arch/mod.rs b/src/arch/mod.rs new file mode 100644 index 0000000..057cec9 --- /dev/null +++ b/src/arch/mod.rs @@ -0,0 +1 @@ +pub mod linux; diff --git a/src/main.rs b/src/main.rs index 4452bf7..f03c271 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,3 +1,4 @@ +mod arch; mod cli; mod registers; mod trace; diff --git a/src/registers.rs b/src/registers.rs index 0fc4296..f31e46d 100644 --- a/src/registers.rs +++ b/src/registers.rs @@ -6,6 +6,9 @@ use ratatui::{ style::Modifier, }; +#[cfg(all(target_arch = "x86_64", target_os = "linux"))] +use crate::arch::linux::x86_64::syscall_name; + /// Struct used to manipulate registers data from https://docs.rs/libc/0.2.147/libc/struct.user_regs_struct.html #[derive(Debug)] pub struct RegistersData { @@ -40,7 +43,7 @@ impl RegistersData { format!( "[{}]: {}({:x}, {:x}, {:x}, ...) = {:x}", self.date(), - self.orig_rax.bold(), + syscall_name(self.orig_rax).bold(), self.rdi, self.rsi, self.rdx, @@ -53,7 +56,7 @@ impl RegistersData { Line::from(vec![ Span::raw(format!("[{}]: ", self.date())), Span::styled( - format!("{}", self.orig_rax), + format!("{}", syscall_name(self.orig_rax)), Style::default().add_modifier(Modifier::BOLD), ), Span::raw(format!( |