ptrace.h File Reference

#include <stdlib.h>
#include <stdint.h>
#include <sys/ptrace.h>

Go to the source code of this file.

Functions
void	ptrace_attach_pid (struct pid *sp, void(*cb)(struct pid *sp))
	Attach to process pid.
int	ptrace_attach_child (struct pid *sp, void(*cb)(struct pid *sp))
	Attach to a child which did PTRACE_TRACEME.
void	ptrace_traceme (void)
	Mark this proccess as waiting for ptrace.
int	ptrace_wait (struct pid *sp, int *status)
	Wait for traced child - wrapper around waitpid()
void	ptrace_cont (struct pid *sp, unsigned long sig, bool w8)
	Continue execution until INT3.
void	ptrace_cont_syscall (struct pid *sp, unsigned long sig, bool wait)
	Continue until syscall.
void	ptrace_detach (struct pid *sp, unsigned long sig)
	Detach from process pid.
void	ptrace_kill (struct pid *sp)
	Kill traced child.
void	ptrace_read (struct pid *sp, unsigned long addr, void *vptr, int len)
	Read data from location addr length in bytes.
void	ptrace_write (struct pid *sp, unsigned long addr, void *vptr, int len)
	Write data to location addr length in bytes.
void	ptrace_getregs (struct pid *sp, struct user_regs_struct *regs)
	Get process registers.
void	ptrace_setregs (struct pid *sp, struct user_regs_struct *regs)
	Set process registers.

---

Function Documentation

int ptrace_attach_child	(	struct pid *	sp,
		void(*)(struct pid *sp)	cb
	)

Attach to a child which did PTRACE_TRACEME.

Parameters:

cb	call cb before continuing

Return values:

0	success
-1	attaching failed

Definition at line 70 of file ptrace.c.

Referenced by main(), and ptrace_attach_pid().

void ptrace_attach_pid	(	struct pid *	sp,
		void(*)(struct pid *sp)	cb
	)

Attach to process pid.

Parameters:

cb	call cb before continuing

Definition at line 38 of file ptrace.c.

Referenced by main().

void ptrace_cont	(	struct pid *	sp,
		unsigned long	sig,
		bool	w8
	)

Continue execution until INT3.

Definition at line 147 of file ptrace.c.

Referenced by inject_restore_socketcall(), and inject_socketcall().

void ptrace_cont_syscall	(	struct pid *	sp,
		unsigned long	sig,
		bool	wait
	)

Continue until syscall.

Definition at line 152 of file ptrace.c.

Referenced by inject_escape_socketcall(), main(), and ptrace_attach_child().

void ptrace_detach	(	struct pid *	sp,
		unsigned long	sig
	)

Detach from process pid.

Definition at line 157 of file ptrace.c.

Referenced by pid_detach_all().

void ptrace_getregs	(	struct pid *	sp,
		struct user_regs_struct *	regs
	)

Get process registers.

Definition at line 213 of file ptrace.c.

Referenced by inject_escape_socketcall(), inject_restore_socketcall(), inject_socketcall(), and main().

void ptrace_kill

(

struct pid *

sp

)

Kill traced child.

Definition at line 179 of file ptrace.c.

void ptrace_read	(	struct pid *	sp,
		unsigned long	addr,
		void *	vptr,
		int	len
	)

Read data from location addr length in bytes.

Definition at line 184 of file ptrace.c.

Referenced by inject_restore_socketcall(), inject_socketcall(), and main().

void ptrace_setregs	(	struct pid *	sp,
		struct user_regs_struct *	regs
	)

Set process registers.

Definition at line 218 of file ptrace.c.

Referenced by inject_escape_socketcall(), inject_restore_socketcall(), and inject_socketcall().

void ptrace_traceme

(

void

)

Mark this proccess as waiting for ptrace.

Definition at line 93 of file ptrace.c.

Referenced by main().

int ptrace_wait	(	struct pid *	sp,
		int *	status
	)

Wait for traced child - wrapper around waitpid()

Returns:

pid of the child which has stopped

Parameters:

status	optional addr for process stop info
sp	optional - if NULL, wait for any child

Definition at line 98 of file ptrace.c.

Referenced by _ptrace_cont(), main(), ptrace_attach_child(), and ptrace_detach().

void ptrace_write	(	struct pid *	sp,
		unsigned long	addr,
		void *	vptr,
		int	len
	)

Write data to location addr length in bytes.

Definition at line 199 of file ptrace.c.

Referenced by inject_restore_socketcall(), and inject_socketcall().