From 85a45f382cacb2a243446f5ff263fd5b70b80c26 Mon Sep 17 00:00:00 2001 From: jD91mZM2 Date: Sun, 21 Jul 2019 19:56:19 +0200 Subject: [PATCH] WIP(ptrace): Better support for signals Signals now cause an event, and there's a way to continue until the next signal. I can see this being used for detection of `int3` although I'm not entirely sure as it may prove being too late to stop abortion of process. --- src/data.rs | 13 +++++++------ src/flag.rs | 3 +++ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/src/data.rs b/src/data.rs index b6b261f..6ad8d8b 100644 --- a/src/data.rs +++ b/src/data.rs @@ -305,21 +305,22 @@ impl DerefMut for FloatRegisters { #[derive(Clone, Copy)] #[repr(C)] -pub union PtraceEventContent { +pub union PtraceEventData { pub clone: usize, + pub signal: usize } -impl Default for PtraceEventContent { +impl Default for PtraceEventData { fn default() -> Self { Self { - clone: 0 + clone: 0, } } } -impl fmt::Debug for PtraceEventContent { +impl fmt::Debug for PtraceEventData { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - write!(f, "PtraceEventContent(...)") + write!(f, "PtraceEventData(...)") } } @@ -327,7 +328,7 @@ impl fmt::Debug for PtraceEventContent { #[repr(C)] pub struct PtraceEvent { pub tag: u16, - pub data: PtraceEventContent, + pub data: PtraceEventData, } impl Deref for PtraceEvent { diff --git a/src/flag.rs b/src/flag.rs index 5fc6ba7..9c928b4 100644 --- a/src/flag.rs +++ b/src/flag.rs @@ -69,10 +69,13 @@ pub const PTRACE_CONT: u8 = 0b0000_0001; pub const PTRACE_SINGLESTEP: u8 = 0b0000_0010; pub const PTRACE_SYSCALL: u8 = 0b0000_0011; pub const PTRACE_WAIT: u8 = 0b0000_0100; +pub const PTRACE_SIGNAL: u8 = 0b0000_0101; + pub const PTRACE_OPERATIONMASK: u8 = 0b0000_1111; pub const PTRACE_SYSEMU: u8 = 0b0001_0000; pub const PTRACE_EVENT_CLONE: u16 = 0; +pub const PTRACE_EVENT_SIGNAL: u16 = 1; pub const SEEK_SET: usize = 0; pub const SEEK_CUR: usize = 1;