LIEF: Library to Instrument Executable Formats Version 0.15.0
Loading...
Searching...
No Matches
CorePrStatus.hpp
1/* Copyright 2017 - 2024 R. Thomas
2 * Copyright 2017 - 2024 Quarkslab
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16#ifndef LIEF_ELF_CORE_PRSTATUS_H
17#define LIEF_ELF_CORE_PRSTATUS_H
18
19#include <vector>
20#include <ostream>
21#include <utility>
22
23#include "LIEF/visibility.h"
24#include "LIEF/ELF/enums.hpp"
25#include "LIEF/ELF/Note.hpp"
26
27namespace LIEF {
28namespace ELF {
29
30class Parser;
31class Builder;
32class Binary;
33
35class LIEF_API CorePrStatus : public Note {
36 public:
37 struct siginfo_t {
38 int32_t signo = 0;
39 int32_t code = 0;
40 int32_t err = 0;
41 };
42
43 struct timeval_t {
44 uint64_t sec = 0;
45 uint64_t usec = 0;
46 };
47
48 struct pr_status_t {
49 siginfo_t info;
50
51 uint16_t cursig = 0;
52 uint16_t reserved = 0;
53
54 uint64_t sigpend = 0;
55 uint64_t sighold = 0;
56
57 int32_t pid = 0;
58 int32_t ppid = 0;
59 int32_t pgrp = 0;
60 int32_t sid = 0;
61
62 timeval_t utime;
63 timeval_t stime;
64 timeval_t cutime;
65 timeval_t cstime;
66 };
67
68 struct Registers {
70 enum class X86 {
71 EBX = 0, ECX, EDX, ESI, EDI, EBP, EAX,
72 DS, ES, FS, GS, ORIG_EAX, EIP, CS, EFLAGS, ESP, SS,
73 _COUNT
74 };
75
77 enum class X86_64 {
78 R15 = 0, R14, R13, R12, RBP, RBX, R11, R10,
79 R9, R8, RAX, RCX, RDX, RSI, RDI, ORIG_RAX,
80 RIP, CS, EFLAGS, RSP, SS,
81 _COUNT
82 };
83
85 enum class ARM {
86 R0 = 0, R1, R2, R3, R4, R5, R6, R7, R8, R9, R10, R11, R12, R13, R14, R15,
87 CPSR,
88 _COUNT
89 };
90
92 enum class AARCH64 {
93 X0 = 0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X12, X13, X14, X15,
94 X16, X17, X18, X19, X20, X21, X22, X23, X24, X25, X26, X27, X28, X29, X30,
95 X31, PC, PSTATE,
96 _COUNT
97 };
98 };
99
100 public:
101 CorePrStatus(ARCH arch, Header::CLASS cls, std::string name,
102 uint32_t type, description_t description) :
103 Note(std::move(name), TYPE::CORE_PRSTATUS, type, std::move(description)),
104 arch_(arch), class_(cls)
105 {}
106
107 std::unique_ptr<Note> clone() const override {
108 return std::unique_ptr<CorePrStatus>(new CorePrStatus(*this));
109 }
110
112 pr_status_t status() const;
113 void status(const pr_status_t& status);
114
115 ARCH architecture() const {
116 return arch_;
117 }
118
120 result<uint64_t> pc() const;
121
123 result<uint64_t> sp() const;
124
127 result<uint64_t> return_value() const;
128
130 result<uint64_t> get(Registers::X86 reg) const;
132 result<uint64_t> get(Registers::X86_64 reg) const;
134 result<uint64_t> get(Registers::ARM reg) const;
136 result<uint64_t> get(Registers::AARCH64 reg) const;
137
138 ok_error_t set(Registers::X86 reg, uint64_t value);
139 ok_error_t set(Registers::X86_64 reg, uint64_t value);
140 ok_error_t set(Registers::ARM reg, uint64_t value);
141 ok_error_t set(Registers::AARCH64 reg, uint64_t value);
142
155 std::vector<uint64_t> register_values() const;
156
157 result<uint64_t> operator[](Registers::X86 reg) const {
158 return get(reg);
159 }
160
161 result<uint64_t> operator[](Registers::X86_64 reg) const {
162 return get(reg);
163 }
164
165 result<uint64_t> operator[](Registers::ARM reg) const {
166 return get(reg);
167 }
168
169 result<uint64_t> operator[](Registers::AARCH64 reg) const {
170 return get(reg);
171 }
172
173 void dump(std::ostream& os) const override;
174 void accept(Visitor& visitor) const override;
175
176 static bool classof(const Note* note) {
177 return note->type() == Note::TYPE::CORE_PRSTATUS;
178 }
179
180 ~CorePrStatus() override = default;
181
182 LIEF_API friend
183 std::ostream& operator<<(std::ostream& os, const CorePrStatus& note) {
184 note.dump(os);
185 return os;
186 }
187
188 private:
189 ARCH arch_ = ARCH::NONE;
190 Header::CLASS class_ = Header::CLASS::NONE;
191};
192
193LIEF_API const char* to_string(CorePrStatus::Registers::X86 e);
194LIEF_API const char* to_string(CorePrStatus::Registers::X86_64 e);
195LIEF_API const char* to_string(CorePrStatus::Registers::ARM e);
196LIEF_API const char* to_string(CorePrStatus::Registers::AARCH64 e);
197
198} // namepsace ELF
199} // namespace LIEF
200
201#endif
LIEF::ELF::CorePrStatus
Class representing core PrPsInfo object.
Definition CorePrStatus.hpp:35
LIEF::ELF::CorePrStatus::get
result< uint64_t > get(Registers::X86 reg) const
Get the value for the given X86 register or return an error.
LIEF::ELF::CorePrStatus::status
pr_status_t status() const
Return the pr_status_t structure.
LIEF::ELF::CorePrStatus::clone
std::unique_ptr< Note > clone() const override
Clone the current note and keep its polymorphic type.
Definition CorePrStatus.hpp:107
LIEF::ELF::CorePrStatus::get
result< uint64_t > get(Registers::X86_64 reg) const
Get the value for the given X86_64 register or return an error.
LIEF::ELF::CorePrStatus::get
result< uint64_t > get(Registers::AARCH64 reg) const
Get the value for the given AARCH64 register or return an error.
LIEF::ELF::CorePrStatus::get
result< uint64_t > get(Registers::ARM reg) const
Get the value for the given ARM register or return an error.
LIEF::ELF::CorePrStatus::register_values
std::vector< uint64_t > register_values() const
A list of the register values. This list is guarantee to be as long as the Registers::ARM::_COUNT or ...
LIEF::ELF::CorePrStatus::return_value
result< uint64_t > return_value() const
The value of the register that holds the return value according to the calling convention.
LIEF::ELF::CorePrStatus::sp
result< uint64_t > sp() const
The stack pointer or an error if not found.
LIEF::ELF::CorePrStatus::pc
result< uint64_t > pc() const
The program counter or an error if not found.
LIEF::ELF::Header::CLASS
CLASS
Match the result of Elfxx_Ehdr.e_ident[EI_CLASS]
Definition ELF/Header.hpp:76
LIEF::ELF::Note
Class which represents an ELF note. This class can be instantiated using the static Note::create func...
Definition Note.hpp:36
LIEF::ELF::ARCH
ARCH
Machine architectures See current registered ELF machine architectures at: http://www....
Definition ELF/enums.hpp:30
LIEF
LIEF namespace.
Definition Abstract/Binary.hpp:32
LIEF::ok_error_t
result< ok_t > ok_error_t
Opaque structure that is used by LIEF to avoid writing result<void> f(...). Instead,...
Definition errors.hpp:106
LIEF::result
tl::expected< T, lief_errors > result
Wrapper that contains an Object (T) or an error.
Definition errors.hpp:72
LIEF::ELF::CorePrStatus::Registers
Definition CorePrStatus.hpp:68
LIEF::ELF::CorePrStatus::Registers::ARM
ARM
Register for the ARM architecture (ARCH::ARM).
Definition CorePrStatus.hpp:85
LIEF::ELF::CorePrStatus::Registers::X86_64
X86_64
Register for the x86-64 architecture (ARCH::X86_64).
Definition CorePrStatus.hpp:77
LIEF::ELF::CorePrStatus::Registers::AARCH64
AARCH64
Register for the AARCH64 architecture (ARCH::AARCH64).
Definition CorePrStatus.hpp:92
LIEF::ELF::CorePrStatus::Registers::X86
X86
Register for the x86 architecture (ARCH::I386).
Definition CorePrStatus.hpp:70
LIEF::ELF::CorePrStatus::pr_status_t
Definition CorePrStatus.hpp:48
LIEF::ELF::CorePrStatus::siginfo_t
Definition CorePrStatus.hpp:37
LIEF::ELF::CorePrStatus::timeval_t
Definition CorePrStatus.hpp:43
Generated by doxygen 1.10.0