From owner-freebsd-hackers@FreeBSD.ORG  Tue Mar 27 14:30:15 2012
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9E6AB106566B
	for <freebsd-hackers@freebsd.org>; Tue, 27 Mar 2012 14:30:15 +0000 (UTC)
	(envelope-from jhb@freebsd.org)
Received: from bigwig.baldwin.cx (bigknife-pt.tunnel.tserv9.chi1.ipv6.he.net
	[IPv6:2001:470:1f10:75::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 73E118FC0A
	for <freebsd-hackers@freebsd.org>; Tue, 27 Mar 2012 14:30:15 +0000 (UTC)
Received: from jhbbsd.localnet (unknown [209.249.190.124])
	by bigwig.baldwin.cx (Postfix) with ESMTPSA id CF3D2B970;
	Tue, 27 Mar 2012 10:30:14 -0400 (EDT)
From: John Baldwin <jhb@freebsd.org>
To: freebsd-hackers@freebsd.org
Date: Tue, 27 Mar 2012 07:53:21 -0400
User-Agent: KMail/1.13.5 (FreeBSD/8.2-CBSD-20110714-p10; KDE/4.5.5; amd64; ; )
References: <CAC46K3kjQyqQ0VvjP+UwQkSooqbT1HR=SVYUpz8KQ1CcYovaEA@mail.gmail.com>
In-Reply-To: <CAC46K3kjQyqQ0VvjP+UwQkSooqbT1HR=SVYUpz8KQ1CcYovaEA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201203270753.21534.jhb@freebsd.org>
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7
	(bigwig.baldwin.cx); Tue, 27 Mar 2012 10:30:14 -0400 (EDT)
Cc: Maninya M <maninya@gmail.com>
Subject: Re: __NR_mmap2 in FreeBSD
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2012 14:30:15 -0000

On Monday, March 26, 2012 1:56:08 pm Maninya M wrote:
> I am trying to convert a function written for Linux to FreeBSD.
> What is the equivalent of the __NR_mmap2 system call in FreeBSD?
> 
> I keep getting the error because of this exception:
> warn("Wanted space at address 0x%.8x, mmap2 system call returned 0x%.8x.
> This could be a problem.",addr,temp_regs.eax);

I think you could just use plain mmap() for this?

However, it seems that this is injecting a call into an existing binary,
not calling mmap() directly.  A few things will need to change.  First,
FreeBSD system calls on i386 put their arguments on the stack, not in
registers, so you will need to do a bit more work to push the arguments onto 
the stack rather than just setting registers.

> I changed
> temp_regs.eax = __NR_mmap2;
> to
> temp_regs.eax = 192;
> 
> but it didn't work. I suppose I couldn't understand this function. Please
> help.
> 
> This is the function:
> 
> void map_memory(unsigned long addr, unsigned long size, int flags)
> {
>   int status;
>   struct user_regs_struct regs,temp_regs;
>   unsigned long int_instr = 0x000080cd; /* INT 0x80 */
> 
>   if (ptrace(PTRACE_GETREGS,exec_pid,NULL,&regs) < 0)
>     die_perror("ptrace(PTRACE_GETREGS,%d,NULL,&regs)",exec_pid);
> 
>   /* mmap2 system call seems to take arguments as follows:
>    * eax = __NR_mmap2
>    * ebx = (unsigned long) page aligned address
>    * ecx = (unsigned long) page aligned file size
>    * edx = protection
>    * esi = flags
>    * Other arguments (fd and pgoff) are not required for anonymous mapping
>    */
>   temp_regs = regs;
>   temp_regs.eax = __NR_mmap2;
>   temp_regs.ebx = addr;
>   temp_regs.ecx = size;
>   temp_regs.edx = flags;
>   temp_regs.esi = MAP_PRIVATE | MAP_ANONYMOUS;
>   temp_regs.eip = temp_regs.esp - 4;
> 
>   if (ptrace(PTRACE_POKETEXT,exec_pid,(void
> *)(temp_regs.eip),(void*)int_instr) < 0)
>     die_perror("ptrace(PTRACE_POKETEXT,%d,0x%.8x,INT 0x80) failed while
> allocating memory",exec_pid,temp_regs.eip);
>   if (ptrace(PTRACE_SETREGS,exec_pid,NULL,&temp_regs) < 0) {
>     die_perror("ptrace(PTRACE_SETREGS,%d,...) failed while allocating
> memory",exec_pid);
>   }
>   if (ptrace(PTRACE_SINGLESTEP,exec_pid,NULL,NULL) < 0)
>     die_perror("ptrace(PTRACE_SINGLESTEP,...) failed while executing
> mmap2");
> 
>   wait(&status);
>   if (WIFEXITED(status))
>     die("Restarted process abrubtly (exited with value %d). Aborting
> Restart.",WEXITSTATUS(status));
>   else if (WIFSIGNALED(status))
>     die("Restarted process abrubtly exited because of uncaught signal (%d).
> Aborting Restart.",WTERMSIG(status));
> 
>   if (ptrace(PTRACE_GETREGS,exec_pid,NULL,&temp_regs) < 0) {
>     die_perror("ptrace(PTRACE_GETREGS,...) failed after executing mmap2
> system call");
>   }
> 
>   if (temp_regs.eax != addr)
>     warn("Wanted space at address 0x%.8x, mmap2 system call returned
> 0x%.8x. This could be a problem.",addr,temp_regs.eax);
>   else if (cr_options.verbose)
>     fprintf(stdout,"Successfully allocated [0x%.8lx -
> 0x%.8lx]\n",addr,addr+size);
> 
>   /* Restore original registers */
>   if (ptrace(PTRACE_SETREGS,exec_pid,NULL,&regs) < 0) {
>     die_perror("ptrace(PTRACE_SETREGS,...) when restoring registering after
> allocating memory (mmap2)");
>   }
> }
> 
> -- 
> Maninya
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
> 

-- 
John Baldwin