hypervisor/html/eh__frame_8cpp_source.html

 //
 // Bareflank Unwind Library
 //
 // Copyright (C) 2015 Assured Information Security, Inc.
 // Author: Rian Quinn        <quinnr@ainfosec.com>
 // Author: Brendan Kerrigan  <kerriganb@ainfosec.com>
 //
 // This library is free software; you can redistribute it and/or
 // modify it under the terms of the GNU Lesser General Public
 // License as published by the Free Software Foundation; either
 // version 2.1 of the License, or (at your option) any later version.
 //
 // This library is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 // Lesser General Public License for more details.
 //
 // You should have received a copy of the GNU Lesser General Public
 // License along with this library; if not, write to the Free Software
 // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

 #include <log.h>
 #include <misc.h>
 #include <abort.h>
 #include <dwarf4.h>
 #include <eh_frame.h>

 // -----------------------------------------------------------------------------
 // Helpers
 // -----------------------------------------------------------------------------

 uint64_t
 decode_pointer(char **addr, uint64_t encoding)
 {
     uint64_t result = 0;

     if (encoding == DW_EH_PE_omit)
         return 0;

     // The following are defined in the DWARF Exception Header Encodings
     // section 10.5.1. For some reason, GCC adds a 0x80 to the upper 4 bits
     // that are not documented in the LSB. Thefore, only 3 of the upper 4 bits
     // are actually used.

     switch (encoding & 0x70)
     {
         case DW_EH_PE_absptr:
             break;

         case DW_EH_PE_pcrel:
             result += reinterpret_cast<uint64_t>(*addr);
             break;

         case DW_EH_PE_textrel:
             ABORT("DW_EH_PE_textrel pointer encodings not supported");
             break;

         case DW_EH_PE_datarel:
             ABORT("DW_EH_PE_datarel pointer encodings not supported");
             break;

         case DW_EH_PE_funcrel:
             ABORT("DW_EH_PE_funcrel pointer encodings not supported");
             break;

         case DW_EH_PE_aligned:
             ABORT("DW_EH_PE_aligned pointer encodings not supported");
             break;

         default:
             ABORT("unknown upper pointer encoding bits");
     }

     switch (encoding & 0x0F)
     {
         case DW_EH_PE_absptr:
             result += *reinterpret_cast<uintptr_t *>(*addr);
             *addr += sizeof(void *);
             break;

         case DW_EH_PE_uleb128:
             result += dwarf4::decode_uleb128(addr);
             break;

         case DW_EH_PE_udata2:
             result += *reinterpret_cast<uint16_t *>(*addr);
             *addr += sizeof(uint16_t);
             break;

         case DW_EH_PE_udata4:
             result += *reinterpret_cast<uint32_t *>(*addr);
             *addr += sizeof(uint32_t);
             break;

         case DW_EH_PE_udata8:
             result += *reinterpret_cast<uint64_t *>(*addr);
             *addr += sizeof(uint64_t);
             break;

         case DW_EH_PE_sleb128:
             result = add_offset(result, dwarf4::decode_sleb128(addr));
             break;

         case DW_EH_PE_sdata2:
             result = add_offset(result, *reinterpret_cast<int16_t *>(*addr));
             *addr += sizeof(int16_t);
             break;

         case DW_EH_PE_sdata4:
             result = add_offset(result, *reinterpret_cast<int32_t *>(*addr));
             *addr += sizeof(int32_t);
             break;

         case DW_EH_PE_sdata8:
             result = add_offset(result, *reinterpret_cast<int64_t *>(*addr));
             *addr += sizeof(int64_t);
             break;

         default:
             ABORT("unknown lower pointer encoding bits");
     }

     return result;
 }

 // -----------------------------------------------------------------------------
 // CIE / FDE Common
 // -----------------------------------------------------------------------------

 common_entry::common_entry() :
     m_is_cie(false),
     m_entry_start(nullptr),
     m_entry_end(nullptr),
     m_payload_start(nullptr),
     m_payload_end(nullptr),
     m_eh_frame{nullptr, 0}
 {
 }

 common_entry::common_entry(const eh_frame_t &eh_frame) :
     m_is_cie(false),
     m_entry_start(nullptr),
     m_entry_end(nullptr),
     m_payload_start(nullptr),
     m_payload_end(nullptr),
     m_eh_frame(eh_frame)
 {
 }

 common_entry &common_entry::operator++()
 {
     if (m_entry_start == nullptr)
         return *this;

     if (m_entry_end + 4 < reinterpret_cast<char *>(m_eh_frame.addr) + m_eh_frame.size)
         parse(m_entry_end);
     else
         parse(nullptr);

     return *this;
 }

 void
 common_entry::non_virtual_parse(char *addr)
 {
     auto len = 0ULL;

     if ((m_entry_start = addr) == nullptr)
         goto failure;

     if (m_entry_start < m_eh_frame.addr)
         goto failure;

     if (*reinterpret_cast<uint32_t *>(m_entry_start) != 0xFFFFFFFF)
     {
         len = *reinterpret_cast<uint32_t *>(m_entry_start + 0);
         m_payload_start = m_entry_start + 4;
     }
     else
     {
         len = *reinterpret_cast<uint64_t *>(m_entry_start + 4);
         m_payload_start = m_entry_start + 12;
     }

     if (len == 0)
         goto failure;

     m_payload_end = m_payload_start + len;
     m_entry_end = m_payload_end;

     if (m_entry_end > reinterpret_cast<char *>(m_eh_frame.addr) + m_eh_frame.size)
         goto failure;

     m_is_cie = (*reinterpret_cast<uint32_t *>(m_payload_start) == 0);
     return;

 failure:

     m_is_cie = false;
     m_entry_start = nullptr;
     m_entry_end = nullptr;
     m_payload_start = nullptr;
     m_payload_end = nullptr;
 }

 // -----------------------------------------------------------------------------
 // Common Information Entry Record (CIE)
 // -----------------------------------------------------------------------------

 ci_entry::ci_entry() :
     m_augmentation_string(nullptr),
     m_code_alignment(0),
     m_data_alignment(0),
     m_return_address_reg(0),
     m_pointer_encoding(0),
     m_lsda_encoding(0),
     m_personality_encoding(0),
     m_personality_function(0),
     m_initial_instructions(nullptr)
 {
 }

 ci_entry::ci_entry(const eh_frame_t &eh_frame) :
     common_entry(eh_frame),

     m_augmentation_string(nullptr),
     m_code_alignment(0),
     m_data_alignment(0),
     m_return_address_reg(0),
     m_pointer_encoding(0),
     m_lsda_encoding(0),
     m_personality_encoding(0),
     m_personality_function(0),
     m_initial_instructions(nullptr)
 {
     non_virtual_parse(reinterpret_cast<char *>(eh_frame.addr));
 }

 ci_entry::ci_entry(const eh_frame_t &eh_frame, void *addr) :
     common_entry(eh_frame),

     m_augmentation_string(nullptr),
     m_code_alignment(0),
     m_data_alignment(0),
     m_return_address_reg(0),
     m_pointer_encoding(0),
     m_lsda_encoding(0),
     m_personality_encoding(0),
     m_personality_function(0),
     m_initial_instructions(nullptr)
 {
     non_virtual_parse(reinterpret_cast<char *>(addr));
 }

 void
 ci_entry::parse(char *addr)
 {
     non_virtual_parse(addr);
 }

 void
 ci_entry::non_virtual_parse(char *addr)
 {
     common_entry::non_virtual_parse(addr);

     if (!*this)
         return;

     if (!is_cie())
         return;

     auto p = payload_start();

     p += sizeof(uint32_t);
     p += sizeof(uint8_t);

     m_augmentation_string = p;

     while (*p++ != 0);

     m_code_alignment = dwarf4::decode_uleb128(&p);
     m_data_alignment = dwarf4::decode_sleb128(&p);
     m_return_address_reg = dwarf4::decode_uleb128(&p);

     if (m_augmentation_string[0] == 'z')
     {
         auto len = dwarf4::decode_uleb128(&p);

         for (auto i = 1U; m_augmentation_string[i] != 0 && i <= len; i++)
         {
             switch (m_augmentation_string[i])
             {
                 case 'L':
                     m_lsda_encoding = *reinterpret_cast<uint8_t *>(p++);
                     break;

                 case 'P':
                     m_personality_encoding = *reinterpret_cast<uint8_t *>(p++);
                     m_personality_function =
                         decode_pointer(&p, m_personality_encoding);
                     break;

                 case 'R':
                     m_pointer_encoding = *reinterpret_cast<uint8_t *>(p++);
                     break;

                 default:
                     ABORT("unknown augmentation string character");
             }
         }
     }

     m_initial_instructions = p;
 }

 // -----------------------------------------------------------------------------
 // Frame Description Entry Record (FDE)
 // -----------------------------------------------------------------------------

 fd_entry::fd_entry() :
     m_pc_begin(0),
     m_pc_range(0),
     m_lsda(0),
     m_instructions(nullptr)
 {
 }

 fd_entry::fd_entry(const eh_frame_t &eh_frame) :
     common_entry(eh_frame),

     m_pc_begin(0),
     m_pc_range(0),
     m_lsda(0),
     m_instructions(nullptr)
 {
     non_virtual_parse(reinterpret_cast<char *>(eh_frame.addr));
 }

 fd_entry::fd_entry(const eh_frame_t &eh_frame, void *addr) :
     common_entry(eh_frame),

     m_pc_begin(0),
     m_pc_range(0),
     m_lsda(0),
     m_instructions(nullptr)
 {
     non_virtual_parse(reinterpret_cast<char *>(addr));
 }

 void
 fd_entry::parse(char *addr)
 {
     non_virtual_parse(addr);
 }

 void
 fd_entry::non_virtual_parse(char *addr)
 {
     common_entry::non_virtual_parse(addr);

     if (!*this)
         return;

     if (!is_fde())
         return;

     auto p = payload_start();
     auto p_cie = reinterpret_cast<char *>(reinterpret_cast<uint64_t>(p) - *reinterpret_cast<uint32_t *>(p));

     m_cie = ci_entry(eh_frame(), p_cie);
     p += sizeof(uint32_t);

     m_pc_begin = decode_pointer(&p, m_cie.pointer_encoding());
     m_pc_range = decode_pointer(&p, m_cie.pointer_encoding() & 0xF);

     if (m_cie.augmentation_string(0) == 'z')
     {
         auto len = dwarf4::decode_uleb128(&p);

         for (auto i = 1U; m_cie.augmentation_string(i) != 0 && i <= len; i++)
         {
             switch (m_cie.augmentation_string(i))
             {
                 case 'L':
                     m_lsda = decode_pointer(&p, m_cie.lsda_encoding());
                     break;

                 case 'P':
                     break;

                 case 'R':
                     break;

                 default:
                     ABORT("unknown augmentation string character");
             }
         }
     }

     m_instructions = p;
 }

 // -----------------------------------------------------------------------------
 // Exception Handler Framework (eh_frame)
 // -----------------------------------------------------------------------------

 fd_entry
 eh_frame::find_fde(register_state *state)
 {
     auto eh_frame_list = get_eh_frame_list();

     for (auto m = 0U; m < MAX_NUM_MODULES; m++)
     {
         for (auto fde = fd_entry(eh_frame_list[m]); fde; ++fde)
         {
             if (fde.is_cie())
                 continue;

             if (fde.is_in_range(state->get_ip()))
                 return fde;
         }
     }

     log("ERROR: An exception was thrown, but the unwinder was unable to "
         "locate a stack frame for RIP = %p. Possible reasons include\n",
         reinterpret_cast<void *>(state->get_ip()));
     log("  - Throwing from a destructor\n");
     log("  - Throwing from a function labeled noexcept\n");
     log("  - Bug in the unwinder\n");
     log("\n\nAborting!!!\n\n")

     state->dump();

     return fd_entry();
 }
fd_entry::parse
void parse(char *addr) override
Definition: eh_frame.cpp:351

ci_entry::augmentation_string
char augmentation_string(uint64_t index) const
Definition: eh_frame.h:415

common_entry::non_virtual_parse
void non_virtual_parse(char *addr)
Definition: eh_frame.cpp:164

DW_EH_PE_textrel
#define DW_EH_PE_textrel
Definition: eh_frame.h:110

common_entry::m_entry_end
char * m_entry_end
Definition: eh_frame.h:334

ci_entry::m_personality_function
uint64_t m_personality_function
Definition: eh_frame.h:495

DW_EH_PE_aligned
#define DW_EH_PE_aligned
Definition: eh_frame.h:113

misc.h

ci_entry::m_return_address_reg
uint64_t m_return_address_reg
Definition: eh_frame.h:491

DW_EH_PE_funcrel
#define DW_EH_PE_funcrel
Definition: eh_frame.h:112

dwarf4::decode_uleb128
static uint64_t decode_uleb128(char **addr)
Definition: dwarf4.cpp:1644

ci_entry::pointer_encoding
uint64_t pointer_encoding() const
Definition: eh_frame.h:449

common_entry::m_payload_start
char * m_payload_start
Definition: eh_frame.h:336

DW_EH_PE_pcrel
#define DW_EH_PE_pcrel
Definition: eh_frame.h:109

ci_entry::m_data_alignment
int64_t m_data_alignment
Definition: eh_frame.h:490

ci_entry::m_pointer_encoding
uint64_t m_pointer_encoding
Definition: eh_frame.h:492

get_eh_frame_list
struct eh_frame_t * get_eh_frame_list() noexcept
Definition: test.cpp:75

register_state
Definition: registers.h:43

ABORT
#define ABORT(a)
Definition: abort.h:51

common_entry::m_is_cie
bool m_is_cie
Definition: eh_frame.h:331

ci_entry
Definition: eh_frame.h:360

eh_frame_t::addr
void * addr
Definition: eh_frame_list.h:45

DW_EH_PE_datarel
#define DW_EH_PE_datarel
Definition: eh_frame.h:111

DW_EH_PE_sdata4
#define DW_EH_PE_sdata4
Definition: eh_frame.h:105

dwarf4::decode_sleb128
static int64_t decode_sleb128(char **addr)
Definition: dwarf4.cpp:1622

DW_EH_PE_sdata8
#define DW_EH_PE_sdata8
Definition: eh_frame.h:106

register_state::dump
virtual void dump() const
Definition: registers.h:154

decode_pointer
uint64_t decode_pointer(char **addr, uint64_t encoding)
Definition: eh_frame.cpp:33

ci_entry::m_initial_instructions
char * m_initial_instructions
Definition: eh_frame.h:496

ci_entry::parse
void parse(char *addr) override
Definition: eh_frame.cpp:256

ci_entry::non_virtual_parse
void non_virtual_parse(char *addr)
Definition: eh_frame.cpp:262

DW_EH_PE_udata4
#define DW_EH_PE_udata4
Definition: eh_frame.h:101

add_offset
uint64_t add_offset(uint64_t value, int64_t offset)
Definition: misc.h:32

MAX_NUM_MODULES
#define MAX_NUM_MODULES
Definition: constants.h:177

DW_EH_PE_udata8
#define DW_EH_PE_udata8
Definition: eh_frame.h:102

common_entry::is_fde
bool is_fde() const
Definition: eh_frame.h:285

x64::cpuid::addr_size::addr
constexpr const auto addr
Definition: cpuid_x64.h:80

eh_frame::find_fde
static fd_entry find_fde(register_state *state)
Definition: eh_frame.cpp:408

common_entry::payload_start
char * payload_start() const
Definition: eh_frame.h:307

ci_entry::m_code_alignment
uint64_t m_code_alignment
Definition: eh_frame.h:489

DW_EH_PE_uleb128
#define DW_EH_PE_uleb128
Definition: eh_frame.h:99

ci_entry::ci_entry
ci_entry()
Definition: eh_frame.cpp:210

DW_EH_PE_udata2
#define DW_EH_PE_udata2
Definition: eh_frame.h:100

common_entry::is_cie
bool is_cie() const
Definition: eh_frame.h:278

fd_entry::non_virtual_parse
void non_virtual_parse(char *addr)
Definition: eh_frame.cpp:357

DW_EH_PE_omit
#define DW_EH_PE_omit
Definition: eh_frame.h:116

fd_entry::fd_entry
fd_entry()
Definition: eh_frame.cpp:320

common_entry::operator++
common_entry & operator++()
Definition: eh_frame.cpp:150

common_entry::parse
virtual void parse(char *addr)=0

common_entry::common_entry
common_entry()
Definition: eh_frame.cpp:130

common_entry::m_eh_frame
eh_frame_t m_eh_frame
Definition: eh_frame.h:339

eh_frame_t
Definition: eh_frame_list.h:43

ci_entry::m_augmentation_string
const char * m_augmentation_string
Definition: eh_frame.h:488

DW_EH_PE_sleb128
#define DW_EH_PE_sleb128
Definition: eh_frame.h:103

common_entry::m_payload_end
char * m_payload_end
Definition: eh_frame.h:337

eh_frame_t::size
uint64_t size
Definition: eh_frame_list.h:46

dwarf4.h

common_entry
Definition: eh_frame.h:219

log
#define log(...)
Definition: log.h:32

fd_entry
Definition: eh_frame.h:510

register_state::get_ip
virtual uint64_t get_ip() const
Definition: registers.h:75

eh_frame.h

common_entry::m_entry_start
char * m_entry_start
Definition: eh_frame.h:333

log.h

DW_EH_PE_sdata2
#define DW_EH_PE_sdata2
Definition: eh_frame.h:104

common_entry::eh_frame
eh_frame_t eh_frame() const
Definition: eh_frame.h:323

ci_entry::lsda_encoding
uint64_t lsda_encoding() const
Definition: eh_frame.h:456

ci_entry::m_personality_encoding
uint64_t m_personality_encoding
Definition: eh_frame.h:494

ci_entry::m_lsda_encoding
uint64_t m_lsda_encoding
Definition: eh_frame.h:493

DW_EH_PE_absptr
#define DW_EH_PE_absptr
Definition: eh_frame.h:98

abort.h

eh_frame
Definition: eh_frame.h:205