3 crackhdr, machbytype, machbyname, newmap, setmap, findseg, unusemap,
4 loadmap, attachproc, get1, get2, get4, get8, put1, put2, put4, put8,
5 beswab, beswal, beswav, leswab, leswal, leswav \- machine-independent access to executable files
17 int crackhdr(int fd, Fhdr *fp)
20 void machbytype(int type)
23 int machbyname(char *name)
26 Map *newmap(Map *map, int n)
29 int setmap(Map *map, int fd, ulong base, ulong end,
32 ulong foffset, char *name)
35 int findseg(Map *map, char *name)
38 void unusemap(Map *map, int seg)
41 Map *loadmap(Map *map, int fd, Fhdr *fp)
44 Map *attachproc(int pid, int kflag, int corefd, Fhdr *fp)
47 int get1(Map *map, ulong addr, uchar *buf, int n)
50 int get2(Map *map, ulong addr, ushort *val)
53 int get4(Map *map, ulong addr, long *val)
56 int get8(Map *map, ulong addr, vlong *val)
59 int put1(Map *map, ulong addr, uchar *buf, int n)
62 int put2(Map *map, ulong addr, ushort val)
65 int put4(Map *map, ulong addr, long val)
68 int put8(Map *map, ulong addr, vlong val)
71 ushort beswab(ushort val)
77 long beswav(vlong val)
80 ushort leswab(ushort val)
86 long leswav(vlong val)
92 extern Machdata machdata;
94 These functions provide
95 a processor-independent interface for accessing
96 the executable files or executing images of all
98 Related library functions described in
102 provide similar access to symbol tables and object files.
106 is a file containing an executable program or the
110 file system associated with an executing process as
113 After opening an executable, an application
114 invokes a library function which parses the
116 determines the target architecture and
117 initializes data structures with parameters
118 and pointers to functions appropriate for
119 that architecture. Next, the application
120 invokes functions to construct one or more
122 data structures that translate references
123 in the address space of the executable
124 to offsets in the file. Each
126 comprises one or more
128 each associating a non-overlapping range of
129 memory addresses with a logical section of
131 Other library functions then use a map
132 and the architecture-specific data structures
133 to provide a generic interface to the
134 processor-dependent data.
137 interprets the header of the executable
139 the open file descriptor
141 It loads the data structure
143 with a machine-independent description
144 of the header information and
145 points global variable
149 data structure containing processor-dependent parameters
150 of the target architecture.
153 selects architecture-specific data structures and parameter
155 the code stored in the
162 performs the same selection based
163 on the name of a processor class; see
165 for a list of valid names.
166 Both functions point global variables
174 data structures appropriate for the
175 target architecture and load global variable
177 with the proper disassembler type code.
180 creates an empty map with
185 is zero, the new map is dynamically
186 allocated, otherwise it is assumed to
187 point to an existing dynamically allocated map whose
188 size is adjusted, as necessary.
189 A zero return value indicates an allocation error.
192 loads the first unused segment in
195 segment mapping parameters.
197 is an open file descriptor associated with
202 contain the lowest and highest virtual addresses
203 mapped by the segment.
205 is the offset to the start of the segment in the file.
207 is a name to be attached to the segment.
210 returns the index of the the
215 A return of -1 indicates that no
225 segments in the map remain unaffected.
228 initializes a default map containing
229 segments named `text' and `data' that
230 map the instruction and data segments
231 of the executable described in the
233 structure pointed to by
235 Usually that structure was loaded by
237 and can be passed to this function without
241 is non-zero, that map, which must have been
242 dynamically allocated, is resized to contain two segments;
243 otherwise a new map is allocated.
244 This function returns zero if allocation fails.
246 is usually used to build a map for accessing
247 a static executable, for example, an executable
251 constructs a map for accessing a
253 returns the address of a
255 containing segments mapping the
256 address space of the running process
261 is non-zero, the process is assumed to be
264 is an file descriptor opened to
265 .BR /proc/\fIpid\fP/mem .
269 structure describing the header
270 of the executable. For most architectures
273 contains four segments named `text', `data',
274 `regs' and `fpregs'. The latter two provide access to
275 the general and floating point registers, respectively.
276 If the executable is a kernel process (indicated by a
279 argument), the data segment extends to the maximum
280 supported address, currently 0xffffffff, and the
281 register sets are read-only. In user-level programs,
282 the data segment extends to the
283 top of the stack or 0x7fffffff if the stack top
284 cannot be found, and the register sets are readable
287 returns zero if it is unable to build the map
288 for the specified process.
295 retrieve the data stored at address
297 in the executable associated
303 bytes of data beginning at
311 retrieve 16-bit, 32-bit and 64-bit values respectively,
312 into the location pointed to by
314 The value is byte-swapped if the source
315 byte order differs from that of the current architecture.
316 This implies that the value returned by
321 may not be the same as the byte sequences
326 is two, four or eight; the former may be byte-swapped, the
327 latter reflects the byte order of the target architecture.
328 If the file descriptor associated with the applicable segment in
330 is negative, the address itself is placed in the
331 return location. These functions return the number
332 of bytes read or a \-1 when there is an error.
340 the executable associated with
342 The address is translated using the
343 map parameters and multi-byte quantities are
344 byte-swapped, if necessary, before they are written.
354 write the 16-bit, 32-bit or 64-bit quantity contained in
356 respectively. The number of bytes transferred is returned.
357 A \-1 return value indicates an error.
368 big-endian representation of
375 return the little-endian representation of the