From bc03b2dbee8a7458a3ed89abd643bf004f0f403b Mon Sep 17 00:00:00 2001 From: Amlal El Mahrouss Date: Wed, 26 Mar 2025 09:29:01 +0100 Subject: feat(debugger): Better design for LibDebugger, and a patch for the POSIX CLI. Signed-off-by: Amlal El Mahrouss --- dev/LibDebugger/DebuggerContract.h | 42 ++++++++++++ dev/LibDebugger/POSIX.h | 124 --------------------------------- dev/LibDebugger/POSIXContract.h | 106 +++++++++++++++++++++++++++++ dev/LibDebugger/src/POSIX.cc | 126 ---------------------------------- dev/LibDebugger/src/POSIXContract.cc | 128 +++++++++++++++++++++++++++++++++++ 5 files changed, 276 insertions(+), 250 deletions(-) create mode 100644 dev/LibDebugger/DebuggerContract.h delete mode 100644 dev/LibDebugger/POSIX.h create mode 100644 dev/LibDebugger/POSIXContract.h delete mode 100644 dev/LibDebugger/src/POSIX.cc create mode 100644 dev/LibDebugger/src/POSIXContract.cc (limited to 'dev') diff --git a/dev/LibDebugger/DebuggerContract.h b/dev/LibDebugger/DebuggerContract.h new file mode 100644 index 0000000..5d4f728 --- /dev/null +++ b/dev/LibDebugger/DebuggerContract.h @@ -0,0 +1,42 @@ +/*** + (C) 2025 Amlal El Mahrouss + */ + +#pragma once + +#include +#include + +namespace LibDebugger +{ + typedef uint64_t ProcessID; + typedef char* CAddress; + + /// \brief Debugger contract class in C++, as per the design states. + /// \author Amlal El Mahrouss + class DebuggerContract + { + public: + explicit DebuggerContract() = default; + virtual ~DebuggerContract() = default; + + public: + DebuggerContract& operator=(const DebuggerContract&) = default; + DebuggerContract(const DebuggerContract&) = default; + + public: + virtual bool Attach(ProcessID pid) noexcept = 0; + virtual bool Break(CAddress addr) noexcept = 0; + virtual bool Continue() noexcept = 0; + virtual bool Detach() noexcept = 0; + + virtual std::unordered_map& Get() + { + return m_breakpoints; + } + + protected: + pid_t m_pid; + std::unordered_map m_breakpoints; + }; +} // namespace LibDebugger::POSIX diff --git a/dev/LibDebugger/POSIX.h b/dev/LibDebugger/POSIX.h deleted file mode 100644 index b863f58..0000000 --- a/dev/LibDebugger/POSIX.h +++ /dev/null @@ -1,124 +0,0 @@ -/*** - (C) 2025 Amlal El Mahrouss - */ - -#pragma once - -#ifdef _WIN32 -#error Windows doesn't have a POSIX subsystem, please combine with windows instead. -#endif - -#include -#include - -#include -#include -#include -#include -#include -#include - -#ifdef __APPLE__ -#define PTRACE_ATTACH PT_ATTACHEXC -#define PTRACE_DETACH PT_DETACH -#define PTRACE_POKETEXT PT_WRITE_I -#define PTRACE_CONT PT_CONTINUE -#define PTRACE_PEEKTEXT PT_READ_I -#endif - -namespace LibDebugger::POSIX -{ -#ifdef __APPLE__ - typedef caddr_t CAddr; -#else - typedef char* CAddr; -#endif - - /// \brief LocalDebuggerPOSIX engine interface class in C++ - /// \author Amlal El Mahrouss - class LocalDebuggerPOSIX final - { - public: - explicit LocalDebuggerPOSIX() = default; - ~LocalDebuggerPOSIX() = default; - - public: - LocalDebuggerPOSIX& operator=(const LocalDebuggerPOSIX&) = default; - LocalDebuggerPOSIX(const LocalDebuggerPOSIX&) = default; - - public: - bool Attach(pid_t pid) - { - if (ptrace(PTRACE_ATTACH, pid, nullptr, 0) == -1) - { - return false; - } - - this->m_pid = pid; - - waitpid(m_pid, nullptr, 0); - - return true; - } - - bool Break(CAddr addr) - { - uintptr_t original_data = ptrace(PTRACE_PEEKTEXT, m_pid, addr, 0); - - if (original_data == -1) - { - return false; - } - - constexpr uint8_t kInt3x86 = 0xCC; - - uintptr_t data_with_int3 = (original_data & ~0xFF) | kInt3x86; // Insert INT3 (0xCC) - - if (ptrace(PTRACE_POKETEXT, m_pid, addr, data_with_int3) == -1) - { - return false; - } - - m_breakpoints[reinterpret_cast(addr)] = original_data; // Store original data - - return true; - } - - bool Continue() - { - if (ptrace(PTRACE_CONT, m_pid, nullptr, 0) == -1) - { - return false; - } - - int status; - waitpid(m_pid, &status, 0); - - if (WIFSTOPPED(status) && WSTOPSIG(status) == SIGTRAP) - { - std::cout << "[!] Breakpoint has been hit!" << std::endl; - } - - return true; - } - - bool Detach() - { - if (ptrace(PTRACE_DETACH, m_pid, nullptr, 0) == -1) - { - return false; - } - - return true; - } - - std::unordered_map& Get() - { - return m_breakpoints; - } - - private: - pid_t m_pid; - std::unordered_map m_breakpoints; - }; -} // namespace LibDebugger::POSIX diff --git a/dev/LibDebugger/POSIXContract.h b/dev/LibDebugger/POSIXContract.h new file mode 100644 index 0000000..5a8ae48 --- /dev/null +++ b/dev/LibDebugger/POSIXContract.h @@ -0,0 +1,106 @@ +/*** + (C) 2025 Amlal El Mahrouss + */ + +#pragma once + +#ifdef _WIN32 +#error Windows doesn't have a POSIX subsystem, please combine with windows instead. +#endif + +#include + +#include +#include +#include +#include +#include +#include + +#ifdef __APPLE__ +#define PTRACE_ATTACH PT_ATTACHEXC +#define PTRACE_DETACH PT_DETACH +#define PTRACE_POKETEXT PT_WRITE_I +#define PTRACE_CONT PT_CONTINUE +#define PTRACE_PEEKTEXT PT_READ_I +#endif + +namespace LibDebugger::POSIX +{ + /// \brief POSIXDebuggerContract engine interface class in C++ + /// \author Amlal El Mahrouss + class POSIXDebuggerContract final : public DebuggerContract + { + public: + explicit POSIXDebuggerContract() = default; + ~POSIXDebuggerContract() override = default; + + public: + POSIXDebuggerContract& operator=(const POSIXDebuggerContract&) = default; + POSIXDebuggerContract(const POSIXDebuggerContract&) = default; + + public: + bool Attach(ProcessID pid) noexcept override + { + if (ptrace(PTRACE_ATTACH, pid, nullptr, 0) == -1) + { + return false; + } + + this->m_pid = pid; + + waitpid(m_pid, nullptr, 0); + + return true; + } + + bool Break(CAddress addr) noexcept override + { + uintptr_t original_data = ptrace(PTRACE_PEEKTEXT, m_pid, addr, 0); + + if (original_data == -1) + { + return false; + } + + constexpr uint8_t kInt3x86 = 0xCC; + + uintptr_t data_with_int3 = (original_data & ~0xFF) | kInt3x86; // Insert INT3 (0xCC) + + if (ptrace(PTRACE_POKETEXT, m_pid, addr, data_with_int3) == -1) + { + return false; + } + + m_breakpoints[reinterpret_cast(addr)] = original_data; // Store original data + + return true; + } + + bool Continue() noexcept override + { + if (ptrace(PTRACE_CONT, m_pid, nullptr, 0) == -1) + { + return false; + } + + int status; + waitpid(m_pid, &status, 0); + + return WIFSTOPPED(status) && WSTOPSIG(status) == SIGTRAP; + } + + bool Detach() noexcept override + { + if (ptrace(PTRACE_DETACH, m_pid, nullptr, 0) == -1) + { + return false; + } + + return true; + } + + private: + pid_t m_pid; + }; +} // namespace LibDebugger::POSIX diff --git a/dev/LibDebugger/src/POSIX.cc b/dev/LibDebugger/src/POSIX.cc deleted file mode 100644 index b8c92ae..0000000 --- a/dev/LibDebugger/src/POSIX.cc +++ /dev/null @@ -1,126 +0,0 @@ -/*** - (C) 2025 Amlal El Mahrouss - */ - -#include -#include -#include -#include -#include - -#ifndef _WIN32 - -static bool kKeepRunning = false; -static LibDebugger::POSIX::LocalDebuggerPOSIX kDebugger; -static pid_t kPID = 0L; - -static void DebuggerCtrlCHandler(std::int32_t _) -{ - if (!kPID) - { - return; - } - - auto list = kDebugger.Get(); - - LibDebugger::POSIX::CAddr addr = (LibDebugger::POSIX::CAddr)list[list.size() - 1]; - - if (!addr) - { - pfd::notify("Debugger Event", "Invalid breakpoint at: " + std::to_string(list[list.size() - 1])); - return; - } - - kDebugger.Break(addr); - - pfd::notify("Debugger Event", "Breakpoint at: " + std::to_string(list[list.size() - 1])); - - kKeepRunning = false; -} - -LIBCOMPILER_MODULE(DebuggerPOSIX) -{ - if (argc < 1) - { - return EXIT_FAILURE; - } - - if (argc >= 3 && std::string(argv[1]) == "-p" && - argv[2] != nullptr) - { - kPID = std::stoi(argv[2]); - kDebugger.Attach(kPID); - } - - ::signal(SIGINT, DebuggerCtrlCHandler); - - while (YES) - { - if (kKeepRunning) - { - continue; - } - - std::string cmd; - std::getline(std::cin, cmd); - - if (cmd == "c" || - cmd == "cont") - { - kDebugger.Continue(); - kKeepRunning = true; - } - - if (cmd == "d" || - cmd == "detach") - kDebugger.Detach(); - - if (cmd == "attach") - { - std::cout << "[?] Enter a PID to attach on: "; - - std::getline(std::cin, cmd); - kPID = std::stoi(cmd.c_str()); - - pfd::notify("Debugger Event", "Attach process: " + std::to_string(kPID)); - - kDebugger.Attach(kPID); - } - - if (cmd == "exit") - { - if (kPID > 0) - kDebugger.Detach(); - - break; - } - - if (cmd == "break" || - cmd == "b") - { - std::cout << "[?] Enter an address/symbol to add a break on: "; - - std::getline(std::cin, cmd); - - auto addr = std::stoul(cmd.c_str(), nullptr, 16); - - try - { - pfd::notify("Debugger Event", "Add Breakpoint at: " + std::to_string(addr)); - } - catch (...) - { - pfd::notify("Debugger Event", "Add Breakpoint at: " + cmd); - } - - LibDebugger::POSIX::CAddr breakpoint_addr = reinterpret_cast(addr); - - if (breakpoint_addr) - kDebugger.Break(breakpoint_addr); - } - } - - return EXIT_SUCCESS; -} - -#endif \ No newline at end of file diff --git a/dev/LibDebugger/src/POSIXContract.cc b/dev/LibDebugger/src/POSIXContract.cc new file mode 100644 index 0000000..3caeabf --- /dev/null +++ b/dev/LibDebugger/src/POSIXContract.cc @@ -0,0 +1,128 @@ +/*** + (C) 2025 Amlal El Mahrouss + */ + +#include +#include +#include +#include +#include + +#ifndef _WIN32 + +static bool kKeepRunning = false; +static LibDebugger::POSIX::POSIXDebuggerContract kDebugger; +static pid_t kPID = 0L; + +/// @internal +/// @brief Handles CTRL-C signal on debugger. +static void dbgl_ctrlc_handler(std::int32_t _) +{ + if (!kPID) + { + return; + } + + auto list = kDebugger.Get(); + + LibDebugger::CAddress addr = (LibDebugger::CAddress)list[list.size() - 1]; + + if (!addr) + { + pfd::notify("Debugger Event", "Invalid breakpoint at: " + std::to_string(list[list.size() - 1])); + return; + } + + kDebugger.Break(addr); + + pfd::notify("Debugger Event", "Breakpoint at: " + std::to_string(list[list.size() - 1])); + + kKeepRunning = false; +} + +LIBCOMPILER_MODULE(DebuggerPOSIX) +{ + pfd::notify("Debugger Event", "NeKernel Debugger\n(C) 2025 Amlal El Mahrouss, all rights reserved."); + + if (argc >= 3 && std::string(argv[1]) == "-p" && + argv[2] != nullptr) + { + kPID = std::stoi(argv[2]); + kDebugger.Attach(kPID); + } + + ::signal(SIGINT, dbgl_ctrlc_handler); + + while (YES) + { + if (kKeepRunning) + { + continue; + } + + std::string cmd; + std::getline(std::cin, cmd); + + if (cmd == "c" || + cmd == "cont") + { + kDebugger.Continue(); + kKeepRunning = true; + + std::cout << "[+] Continuing...\n"; + pfd::notify("Debugger Event", "Continuing..."); + } + + if (cmd == "d" || + cmd == "detach") + kDebugger.Detach(); + + if (cmd == "attach") + { + std::cout << "[?] Enter a PID to attach on: "; + + std::getline(std::cin, cmd); + kPID = std::stoi(cmd.c_str()); + + pfd::notify("Debugger Event", "Attach process: " + std::to_string(kPID)); + + kDebugger.Attach(kPID); + } + + if (cmd == "exit") + { + if (kPID > 0) + kDebugger.Detach(); + + break; + } + + if (cmd == "break" || + cmd == "b") + { + std::cout << "[?] Enter an address/symbol to add a break on: "; + + std::getline(std::cin, cmd); + + auto addr = std::stoul(cmd.c_str(), nullptr, 16); + + try + { + pfd::notify("Debugger Event", "Add Breakpoint at: " + std::to_string(addr)); + } + catch (...) + { + pfd::notify("Debugger Event", "Add Breakpoint at: " + cmd); + } + + LibDebugger::CAddress breakpoint_addr = reinterpret_cast(addr); + + if (breakpoint_addr) + kDebugger.Break(breakpoint_addr); + } + } + + return EXIT_SUCCESS; +} + +#endif \ No newline at end of file -- cgit v1.2.3