tracedump
single application IP packet sniffer
Defines | Functions

ptrace.c File Reference

#include "tracedump.h"

Go to the source code of this file.

Defines

#define run_ptrace(a, b, c, d)   _run_ptrace(a, b, ((void *) (c)), ((void *) (d)), __func__)

Functions

static long _run_ptrace (enum __ptrace_request request, struct pid *sp, void *addr, void *data, const char *func)
void ptrace_attach_pid (struct pid *sp, void(*cb)(struct pid *sp))
 Attach to process pid.
int ptrace_attach_child (struct pid *sp, void(*cb)(struct pid *sp))
 Attach to a child which did PTRACE_TRACEME.
void ptrace_traceme (void)
 Mark this proccess as waiting for ptrace.
int ptrace_wait (struct pid *sp, int *st)
 Wait for traced child - wrapper around waitpid()
static void _ptrace_cont (bool syscall, struct pid *sp, unsigned long sig, bool w8)
void ptrace_cont (struct pid *sp, unsigned long sig, bool w8)
 Continue execution until INT3.
void ptrace_cont_syscall (struct pid *sp, unsigned long sig, bool w8)
 Continue until syscall.
void ptrace_detach (struct pid *sp, unsigned long sig)
 Detach from process pid.
void ptrace_kill (struct pid *sp)
 Kill traced child.
void ptrace_read (struct pid *sp, unsigned long addr, void *vptr, int len)
 Read data from location addr length in bytes.
void ptrace_write (struct pid *sp, unsigned long addr, void *vptr, int len)
 Write data to location addr length in bytes.
void ptrace_getregs (struct pid *sp, struct user_regs_struct *regs)
 Get process registers.
void ptrace_setregs (struct pid *sp, struct user_regs_struct *regs)
 Set process registers.

Define Documentation

#define run_ptrace (   a,
  b,
  c,
 
)    _run_ptrace(a, b, ((void *) (c)), ((void *) (d)), __func__)

Definition at line 36 of file ptrace.c.

Referenced by _ptrace_cont(), ptrace_attach_child(), ptrace_attach_pid(), ptrace_detach(), ptrace_getregs(), ptrace_read(), ptrace_setregs(), ptrace_traceme(), and ptrace_write().

Function Documentation

static void _ptrace_cont ( bool  syscall,
struct pid sp,
unsigned long  sig,
bool  w8 
) [inline, static]

Definition at line 128 of file ptrace.c.

Referenced by ptrace_cont(), and ptrace_cont_syscall().

static long _run_ptrace ( enum __ptrace_request  request,
struct pid sp,
void *  addr,
void *  data,
const char *  func 
) [static]

Definition at line 9 of file ptrace.c.

int ptrace_attach_child ( struct pid sp,
void(*)(struct pid *sp)  cb 
)

Attach to a child which did PTRACE_TRACEME.

Parameters:
cbcall cb before continuing
Return values:
0success
-1attaching failed

Definition at line 70 of file ptrace.c.

Referenced by main(), and ptrace_attach_pid().

void ptrace_attach_pid ( struct pid sp,
void(*)(struct pid *sp)  cb 
)

Attach to process pid.

Parameters:
cbcall cb before continuing

Definition at line 38 of file ptrace.c.

Referenced by main().

void ptrace_cont ( struct pid sp,
unsigned long  sig,
bool  w8 
)

Continue execution until INT3.

Definition at line 147 of file ptrace.c.

Referenced by inject_restore_socketcall(), and inject_socketcall().

void ptrace_cont_syscall ( struct pid sp,
unsigned long  sig,
bool  w8 
)

Continue until syscall.

Definition at line 152 of file ptrace.c.

Referenced by inject_escape_socketcall(), main(), and ptrace_attach_child().

void ptrace_detach ( struct pid sp,
unsigned long  sig 
)

Detach from process pid.

Definition at line 157 of file ptrace.c.

Referenced by pid_detach_all().

void ptrace_getregs ( struct pid sp,
struct user_regs_struct *  regs 
)

Get process registers.

Definition at line 213 of file ptrace.c.

Referenced by inject_escape_socketcall(), inject_restore_socketcall(), inject_socketcall(), and main().

void ptrace_kill ( struct pid sp)

Kill traced child.

Definition at line 179 of file ptrace.c.

void ptrace_read ( struct pid sp,
unsigned long  addr,
void *  vptr,
int  len 
)

Read data from location addr length in bytes.

Definition at line 184 of file ptrace.c.

Referenced by inject_restore_socketcall(), inject_socketcall(), and main().

void ptrace_setregs ( struct pid sp,
struct user_regs_struct *  regs 
)

Set process registers.

Definition at line 218 of file ptrace.c.

Referenced by inject_escape_socketcall(), inject_restore_socketcall(), and inject_socketcall().

void ptrace_traceme ( void  )

Mark this proccess as waiting for ptrace.

Definition at line 93 of file ptrace.c.

Referenced by main().

int ptrace_wait ( struct pid sp,
int *  status 
)

Wait for traced child - wrapper around waitpid()

Returns:
pid of the child which has stopped
Parameters:
statusoptional addr for process stop info
spoptional - if NULL, wait for any child

Definition at line 98 of file ptrace.c.

Referenced by _ptrace_cont(), main(), ptrace_attach_child(), and ptrace_detach().

void ptrace_write ( struct pid sp,
unsigned long  addr,
void *  vptr,
int  len 
)

Write data to location addr length in bytes.

Definition at line 199 of file ptrace.c.

Referenced by inject_restore_socketcall(), and inject_socketcall().

 All Data Structures Files Functions Variables Enumerations Enumerator Defines
Generated on Mon Feb 6 2012 14:57:52 for tracedump by  doxygen 1.7.3