2020-01-17 21:05:03 +08:00
|
|
|
// Copyright 2019 Google LLC
|
2019-03-19 00:21:48 +08:00
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
2022-01-28 17:38:27 +08:00
|
|
|
// https://www.apache.org/licenses/LICENSE-2.0
|
2019-03-19 00:21:48 +08:00
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
#include "sandboxed_api/sandbox2/unwind/ptrace_hook.h"
|
|
|
|
|
2022-01-06 23:32:40 +08:00
|
|
|
#include <elf.h> // For NT_PRSTATUS
|
2019-03-19 00:21:48 +08:00
|
|
|
#include <sys/ptrace.h>
|
|
|
|
#include <sys/uio.h>
|
2022-11-30 21:59:36 +08:00
|
|
|
#include <syscall.h>
|
2019-03-19 00:21:48 +08:00
|
|
|
#include <unistd.h>
|
|
|
|
|
|
|
|
#include <cstdint>
|
|
|
|
#include <cstdio>
|
2022-01-06 23:32:40 +08:00
|
|
|
#include <cstdlib>
|
2019-03-19 00:21:48 +08:00
|
|
|
#include <cstring>
|
2021-04-22 21:56:22 +08:00
|
|
|
#include <vector>
|
2019-03-19 00:21:48 +08:00
|
|
|
|
2022-11-30 21:59:36 +08:00
|
|
|
#include "sandboxed_api/sandbox2/util/syscall_trap.h"
|
|
|
|
|
2021-12-07 19:33:27 +08:00
|
|
|
// Android doesn't use an enum for __ptrace_request, use int instead.
|
|
|
|
#if defined(__ANDROID__)
|
|
|
|
using PtraceRequest = int;
|
|
|
|
#else
|
|
|
|
using PtraceRequest = __ptrace_request;
|
|
|
|
#endif
|
|
|
|
|
2021-04-22 21:56:22 +08:00
|
|
|
namespace sandbox2 {
|
|
|
|
namespace {
|
2019-03-19 00:21:48 +08:00
|
|
|
|
2021-04-22 21:56:22 +08:00
|
|
|
// Register size is `long` for the supported architectures according to the
|
|
|
|
// kernel.
|
|
|
|
using RegType = long; // NOLINT
|
|
|
|
constexpr size_t kRegSize = sizeof(RegType);
|
2019-03-19 00:21:48 +08:00
|
|
|
|
2021-04-22 21:56:22 +08:00
|
|
|
// Contains the register values in a ptrace specified format. This format is
|
|
|
|
// pretty opaque which is why we just forward the raw bytes (up to a certain
|
|
|
|
// limit).
|
|
|
|
auto* g_registers = new std::vector<RegType>();
|
2023-01-19 21:44:11 +08:00
|
|
|
pid_t g_pid;
|
|
|
|
int g_mem_fd;
|
2019-03-19 00:21:48 +08:00
|
|
|
|
2022-11-30 21:59:36 +08:00
|
|
|
// Hooks ptrace.
|
2019-03-19 00:21:48 +08:00
|
|
|
// This wrapper makes use of process_vm_readv to read process memory instead of
|
|
|
|
// issuing ptrace syscalls. Accesses to registers will be emulated, for this the
|
2021-04-22 21:56:22 +08:00
|
|
|
// register values should be set via EnablePtraceEmulationWithUserRegs().
|
2022-11-30 21:59:36 +08:00
|
|
|
long int ptrace_hook( // NOLINT
|
2021-12-07 19:33:27 +08:00
|
|
|
PtraceRequest request, pid_t pid, void* addr, void* data) {
|
2019-03-19 00:21:48 +08:00
|
|
|
switch (request) {
|
|
|
|
case PTRACE_PEEKDATA: {
|
2023-01-19 21:44:11 +08:00
|
|
|
if (pid != g_pid) {
|
|
|
|
return -1;
|
|
|
|
}
|
2022-11-30 21:59:36 +08:00
|
|
|
RegType read_data;
|
2023-01-19 21:44:11 +08:00
|
|
|
if (pread(g_mem_fd, &read_data, sizeof(read_data),
|
|
|
|
reinterpret_cast<uintptr_t>(addr)) != sizeof(read_data)) {
|
2019-03-19 00:21:48 +08:00
|
|
|
return -1;
|
|
|
|
}
|
2022-11-30 21:59:36 +08:00
|
|
|
*reinterpret_cast<RegType*>(data) = read_data;
|
|
|
|
break;
|
2021-04-22 21:56:22 +08:00
|
|
|
}
|
2021-12-07 19:33:27 +08:00
|
|
|
case PTRACE_PEEKUSER: {
|
2019-03-19 00:21:48 +08:00
|
|
|
// Make sure read is in-bounds and aligned.
|
2021-12-07 19:33:27 +08:00
|
|
|
auto offset = reinterpret_cast<uintptr_t>(addr);
|
|
|
|
if (offset + kRegSize > g_registers->size() * kRegSize ||
|
2021-04-22 21:56:22 +08:00
|
|
|
offset % kRegSize != 0) {
|
2019-03-19 00:21:48 +08:00
|
|
|
return -1;
|
|
|
|
}
|
2022-11-30 21:59:36 +08:00
|
|
|
*reinterpret_cast<RegType*>(data) = (*g_registers)[offset / kRegSize];
|
|
|
|
break;
|
2021-12-07 19:33:27 +08:00
|
|
|
}
|
2022-01-06 23:32:40 +08:00
|
|
|
case PTRACE_GETREGSET: {
|
|
|
|
// Only return general-purpose registers.
|
|
|
|
if (auto kind = reinterpret_cast<uintptr_t>(addr); kind != NT_PRSTATUS) {
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
auto reg_set = reinterpret_cast<iovec*>(data);
|
|
|
|
if (reg_set->iov_len > g_registers->size() * kRegSize) {
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
memcpy(reg_set->iov_base, g_registers->data(), reg_set->iov_len);
|
|
|
|
break;
|
|
|
|
}
|
2021-04-22 21:56:22 +08:00
|
|
|
default:
|
2022-11-30 21:59:36 +08:00
|
|
|
fprintf(stderr, "ptrace_hook(): operation not permitted: %d\n", request);
|
2022-01-06 23:32:40 +08:00
|
|
|
abort();
|
2019-03-19 00:21:48 +08:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
2021-04-22 21:56:22 +08:00
|
|
|
|
2022-11-30 21:59:36 +08:00
|
|
|
} // namespace
|
|
|
|
|
2023-01-19 21:44:11 +08:00
|
|
|
void EnablePtraceEmulationWithUserRegs(pid_t pid, absl::string_view regs,
|
|
|
|
int mem_fd) {
|
|
|
|
g_pid = pid;
|
|
|
|
g_mem_fd = mem_fd;
|
2022-11-30 21:59:36 +08:00
|
|
|
g_registers->resize((regs.size() + 1) / kRegSize);
|
|
|
|
memcpy(&g_registers->front(), regs.data(), regs.size());
|
|
|
|
SyscallTrap::Install([](int nr, SyscallTrap::Args args, uintptr_t* rv) {
|
|
|
|
if (nr != __NR_ptrace) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
*rv = ptrace_hook(
|
|
|
|
static_cast<PtraceRequest>(args[0]), static_cast<pid_t>(args[1]),
|
|
|
|
reinterpret_cast<void*>(args[2]), reinterpret_cast<void*>(args[3]));
|
|
|
|
return true;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2021-04-22 21:56:22 +08:00
|
|
|
} // namespace sandbox2
|