-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathparser_defs.h
More file actions
336 lines (314 loc) · 9.39 KB
/
parser_defs.h
File metadata and controls
336 lines (314 loc) · 9.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
// Copyright (C) 2024-present, Guanyou.Chen. All rights reserved.
#ifndef PARSER_DEFS_H_
#define PARSER_DEFS_H_
#include "defs.h"
#define PARSER_OFFSET(X) (OFFSET_verify(parser_offset_table.X, (char *)__FUNCTION__, __FILE__, __LINE__, #X))
#define PARSER_SIZE(X) (SIZE_verify(parser_size_table.X, (char *)__FUNCTION__, __FILE__, __LINE__, #X))
#define PARSER_VALID_MEMBER(X) (parser_offset_table.X >= 0)
#define PARSER_ASSIGN_OFFSET(X) (parser_offset_table.X)
#define PARSER_MEMBER_OFFSET_INIT(X, Y, Z) (PARSER_ASSIGN_OFFSET(X) = MEMBER_OFFSET(Y, Z))
#define PARSER_ASSIGN_SIZE(X) (parser_size_table.X)
#define PARSER_MEMBER_SIZE_INIT(X, Y, Z) (PARSER_ASSIGN_SIZE(X) = MEMBER_SIZE(Y, Z))
#define PARSER_STRUCT_SIZE_INIT(X, Y) (PARSER_ASSIGN_SIZE(X) = STRUCT_SIZE(Y))
#define VM_READ 0x00000001
#define VM_WRITE 0x00000002
#define VM_EXEC 0x00000004
#define VM_SHARED 0x00000008
#define VM_MAYREAD 0x00000010 /* limits for mprotect() etc */
#define VM_MAYWRITE 0x00000020
#define VM_MAYEXEC 0x00000040
#define VM_MAYSHARE 0x00000080
#define ANON_BUFSIZE (1024)
struct parser_offset_table {
long mm_struct_saved_auxv;
long mm_struct_task_size;
long mm_struct_mmap;
long mm_struct_mm_mt;
long mm_struct_start_stack;
long mm_struct_start_brk;
long mm_struct_brk;
long mm_struct_arg_start;
long mm_struct_arg_end;
long thread_info_flags;
long vm_area_struct_vm_next;
long vm_area_struct_vm_start;
long vm_area_struct_vm_end;
long vm_area_struct_vm_flags;
long vm_area_struct_vm_file;
long vm_area_struct_vm_pgoff;
long vm_area_struct_anon_name;
long vm_area_struct_anon_vma;
long vm_area_struct_vm_mm;
long vm_area_struct_detached;
long task_struct_flags;
long task_struct_thread;
long thread_struct_sctlr_user;
long thread_struct_mte_ctrl;
long swap_info_struct_bdev;
long swap_info_struct_swap_file;
long swap_info_struct_swap_vfsmnt;
long swap_info_struct_old_block_size;
long swap_info_struct_pages;
long block_device_bd_disk;
long gendisk_private_data;
long page_private;
long page_freelist;
long page_index;
long file_f_inode;
long anon_vma_name_name;
long inode_i_mapping;
long address_space_page_tree;
long address_space_i_pages;
long binder_proc_proc_node;
long binder_proc_pid;
long binder_proc_context;
long binder_proc_threads;
long binder_proc_todo;
long binder_proc_refs_by_desc;
long binder_context_name;
long binder_thread_rb_node;
long binder_thread_pid;
long binder_thread_looper;
long binder_thread_looper_need_return;
long binder_thread_tmp_ref;
long binder_thread_transaction_stack;
long binder_thread_proc;
long binder_transaction_from;
long binder_transaction_from_parent;
long binder_transaction_to_thread;
long binder_transaction_to_parent;
long binder_transaction_to_proc;
long binder_transaction_code;
long binder_transaction_flags;
long binder_transaction_priority;
long binder_transaction_debug_id;
long binder_transaction_need_reply;
long binder_transaction_buffer;
long binder_transaction_work;
long binder_transaction_start_time;
long binder_node_debug_id;
long binder_node_work;
long binder_node_ptr;
long binder_node_cookie;
long binder_node_proc;
long binder_ref_data;
long binder_ref_rb_node_desc;
long binder_ref_node;
long binder_ref_death;
long page_owner_order;
long page_owner_gfp_mask;
long page_owner_handle;
long page_owner_ts_nsec;
long page_owner_free_ts_nsec;
long page_owner_comm;
long page_owner_pid;
long page_owner_tgid;
long mem_section_page_ext;
long page_ext_flags;
long page_ext_operations_offset;
long stack_record_entries;
long stack_record_size;
long tk_core_seq;
long tk_core_timekeeper;
long timekeeper_tkr_mono;
long tk_read_base_base;
long tk_read_base_xtime_nsec;
long tk_read_base_shift;
long trace_array_array_buffer;
long trace_array_buffer_disabled;
long trace_array_current_trace;
long array_buffer_buffer;
long trace_buffer_record_disabled;
long tracer_name;
// dmabuf
long task_struct_files;
long files_struct_fdt;
long fdtable_fd;
long fdtable_max_fds;
long file_f_op;
long file_private_data;
long dma_buf_size;
long dma_buf_name;
long dma_buf_exp_name;
long dma_buf_attachments;
long dma_buf_file;
long dma_buf_list_node;
// zram
long zram_disksize;
long zram_compressor;
long zram_table;
long zram_mem_pool;
long zram_comp;
long zram_comps;
long zram_table_entry_flags;
long zram_table_entry_handle;
long zram_table_entry_element;
long zcomp_name;
// zsmalloc
long zspool_size_class;
long size_class_size;
long zspage_huge;
};
struct parser_size_table {
long mm_struct_saved_auxv;
long mm_struct_task_size;
long mm_struct_mmap;
long mm_struct_mm_mt;
long mm_struct_start_stack;
long mm_struct_start_brk;
long mm_struct_brk;
long mm_struct_arg_start;
long mm_struct_arg_end;
long thread_info_flags;
long vm_area_struct_vm_next;
long vm_area_struct_vm_start;
long vm_area_struct_vm_end;
long vm_area_struct_vm_flags;
long vm_area_struct_vm_file;
long vm_area_struct_vm_pgoff;
long vm_area_struct_anon_name;
long vm_area_struct_anon_vma;
long vm_area_struct_vm_mm;
long vm_area_struct_detached;
long task_struct_flags;
long task_struct_thread;
long thread_struct_sctlr_user;
long thread_struct_mte_ctrl;
long pt_regs;
long swap_info_struct;
long swap_info_struct_bdev;
long swap_info_struct_swap_file;
long swap_info_struct_swap_vfsmnt;
long swap_info_struct_old_block_size;
long swap_info_struct_pages;
long block_device_bd_disk;
long gendisk_private_data;
long page;
long page_private;
long page_freelist;
long page_index;
long file_f_inode;
long anon_vma_name_name;
long inode_i_mapping;
long address_space;
long address_space_i_pages;
long binder_proc;
long binder_proc_pid;
long binder_proc_context;
long binder_proc_threads;
long binder_proc_todo;
long binder_context_name;
long binder_thread;
long binder_thread_pid;
long binder_thread_looper;
long binder_thread_looper_need_return;
long binder_thread_tmp_ref;
long binder_thread_transaction_stack;
long binder_thread_proc;
long binder_transaction;
long binder_transaction_from;
long binder_transaction_from_parent;
long binder_transaction_to_thread;
long binder_transaction_to_parent;
long binder_transaction_to_proc;
long binder_transaction_code;
long binder_transaction_flags;
long binder_transaction_priority;
long binder_transaction_debug_id;
long binder_transaction_need_reply;
long binder_transaction_buffer;
long binder_transaction_work;
long binder_transaction_start_time;
long binder_node_debug_id;
long binder_node_work;
long binder_node_ptr;
long binder_node_cookie;
long page_owner;
long page_owner_order;
long page_owner_gfp_mask;
long page_owner_handle;
long page_owner_ts_nsec;
long page_owner_free_ts_nsec;
long page_owner_comm;
long page_owner_pid;
long page_owner_tgid;
long mem_section;
long mem_section_page_ext;
long page_ext;
long page_ext_flags;
long page_ext_operations_offset;
long stack_record_entries;
long stack_record_size;
long tk_core;
long tk_core_seq;
long tk_core_timekeeper;
long timekeeper_tkr_mono;
long tk_read_base_base;
long tk_read_base_xtime_nsec;
long tk_read_base_shift;
long trace_array_array_buffer;
long trace_array_buffer_disabled;
long trace_array_current_trace;
long array_buffer_buffer;
long trace_buffer_record_disabled;
long tracer_name;
// dmabuf
long task_struct_files;
long files_struct_fdt;
long fdtable_fd;
long fdtable_max_fds;
long file_f_op;
long file_private_data;
long dma_buf_size;
long dma_buf_name;
long dma_buf_exp_name;
long dma_buf_attachments;
long dma_buf_file;
long dma_buf_list_node;
// zram
long zram;
long zram_disksize;
long zram_compressor;
long zram_table;
long zram_mem_pool;
long zram_comp;
long zram_comps;
long zram_table_entry;
long zram_table_entry_flags;
long zram_table_entry_handle;
long zram_table_entry_element;
long zcomp_name;
// zsmalloc
long zspool_size_class;
long size_class_size;
long zspage_huge;
};
extern struct parser_offset_table parser_offset_table;
extern struct parser_size_table parser_size_table;
typedef void (*parser_main)();
typedef void (*parser_usage)();
struct parser_commands {
char* cmd;
parser_main main;
parser_usage usage;
};
struct vma_cache_data {
ulong vm_start;
ulong vm_end;
ulong vm_flags;
ulong vm_pgoff;
ulong vm_file;
ulong anon_name;
ulong anon_vma;
ulong vm_mm;
char buf[BUFSIZE];
};
uint64_t align_down(uint64_t x, uint64_t n);
uint64_t align_up(uint64_t x, uint64_t n);
void parser_convert_ascii(ulong value, char *ascii);
int parser_vma_caches(struct task_context *tc, struct vma_cache_data **vma_cache);
// crypto
void *crypto_comp_get_decompress(const char* name);
// sched
const char* convert_sched(int i);
#endif // PARSER_DEFS_H_