glenda.party
term% ls -F
term% cat index.txt
MACH(2)                       System Calls Manual                      MACH(2)



NAME
       crackhdr,  machbytype,  machbyname,  newmap, setmap, findseg, unusemap,
       loadmap, attachproc, get1, get2, get4, get8, geta,  put1,  put2,  put4,
       put8,  puta,  beswab, beswal, beswav, leswab, leswal, leswav - machine-
       independent access to executable files

SYNOPSIS
       #include <u.h>
       #include <libc.h>
       #include <bio.h>
       #include <mach.h>

       int crackhdr(int fd, Fhdr *fp)

       void machbytype(int type)

       int machbyname(char *name)

       Map *newmap(Map *map, int n)

       int setmap(Map *map, int fd, ulong base, ulong end,

                   ulong foffset, char *name)

       int findseg(Map *map, char *name)

       void unusemap(Map *map, int seg)

       Map *loadmap(Map *map, int fd, Fhdr *fp)

       Map *attachproc(int pid, int kflag, int corefd, Fhdr *fp)

       int get1(Map *map, ulong addr, uchar *buf, int n)

       int get2(Map *map, ulong addr, ushort *val)

       int get4(Map *map, ulong addr, long *val)

       int get8(Map *map, ulong addr, vlong *val)

       int geta(Map *map, uvlong addr, uvlong *val)

       int put1(Map *map, ulong addr, uchar *buf, int n)

       int put2(Map *map, ulong addr, ushort val)

       int put4(Map *map, ulong addr, long val)

       int put8(Map *map, ulong addr, vlong val)

       int puta(Map *map, uvlong addr, uvlong val)

       ushort beswab(ushort val)

       long beswal(long val)

       long beswav(vlong val)

       ushort leswab(ushort val)

       long leswal(long val)

       long leswav(vlong val)

       extern Mach mach;

       extern Machdata machdata;

DESCRIPTION
       These functions provide a processor-independent interface for accessing
       the executable files or executing images of all architectures.  Related
       library functions described in symbol(2) and object(2) provide  similar
       access to symbol tables and object files.

       An  executable  is  a file containing an executable program or the text
       file of the /proc file system associated with an executing  process  as
       described  in proc(3).  After opening an executable, an application in‐
       vokes a library function which parses the file header,  determines  the
       target architecture and initializes data structures with parameters and
       pointers to functions appropriate for that architecture.  Next, the ap‐
       plication  invokes functions to construct one or more maps, data struc‐
       tures that translate references in the address space of the  executable
       to  offsets in the file.  Each map comprises one or more segments, each
       associating a non-overlapping range of memory addresses with a  logical
       section  of the executable.  Other library functions then use a map and
       the architecture-specific data structures to provide a  generic  inter‐
       face to the processor-dependent data.

       Crackhdr  interprets  the  header of the executable associated with the
       open file descriptor fd.  It loads the data structure  fp  with  a  ma‐
       chine-independent  description  of  the  header  information and points
       global variable mach to the Mach data structure  containing  processor-
       dependent parameters of the target architecture.

       Machbytype  selects architecture-specific data structures and parameter
       values based on the code stored in the field named  type  in  the  Fhdr
       data  structure.   Machbyname  performs the same selection based on the
       name of a processor class; see 8c(1) for a list of valid  names.   Both
       functions  point  global  variables  mach  and machdata to the Mach and
       Machdata data structures appropriate for the  target  architecture  and
       load global variable asstype with the proper disassembler type code.

       Newmap  creates  an empty map with n segments.  If map is zero, the new
       map is dynamically allocated, otherwise it is assumed to  point  to  an
       existing  dynamically  allocated  map whose size is adjusted, as neces‐
       sary.  A zero return value indicates an allocation error.

       Setmap loads the first unused segment in map with the  segment  mapping
       parameters.   Fd  is  an  open  file descriptor associated with an exe‐
       cutable.  Base and end contain the lowest and highest virtual addresses
       mapped  by the segment.  Foffset is the offset to the start of the seg‐
       ment in the file.  Name is a name to be attached to the segment.

       Findseg returns the index of the the segment named name in map.  A  re‐
       turn of -1 indicates that no segment matches name.

       Unusemap marks segment number seg in map map unused.  Other segments in
       the map remain unaffected.

       Loadmap initializes a default map containing segments named `text'  and
       `data' that map the instruction and data segments of the executable de‐
       scribed in the Fhdr structure pointed to by fp.  Usually that structure
       was loaded by crackhdr and can be passed to this function without modi‐
       fication.  If map is non-zero, that map, which must have  been  dynami‐
       cally  allocated,  is  resized to contain two segments; otherwise a new
       map is allocated.  This function  returns  zero  if  allocation  fails.
       Loadmap  is  usually  used  to  build a map for accessing a static exe‐
       cutable, for example, an executable program file.

       Attachproc constructs a map for accessing a running  process.   It  re‐
       turns  the  address  of  a  Map containing segments mapping the address
       space of the running process whose process ID is pid.  If kflag is non-
       zero, the process is assumed to be a kernel process.  Corefd is an file
       descriptor opened to /proc/pid/mem.  Fp points to  the  Fhdr  structure
       describing  the  header  of the executable.  For most architectures the
       resulting Map contains four segments named `text', `data',  `regs'  and
       `fpregs'.   The  latter  two provide access to the general and floating
       point registers, respectively.  If the executable is a  kernel  process
       (indicated  by  a non-zero kflag argument), the data segment extends to
       the maximum supported address, currently 0xffffffff, and  the  register
       sets  are  read-only.  In user-level programs, the data segment extends
       to the top of the stack or 0x7fffffff if the stack top cannot be found,
       and  the  register  sets are readable and writable.  Attachproc returns
       zero if it is unable to build the map for the specified process.

       Get1, get2, get4, and get8 retrieve the data stored at address addr  in
       the executable associated with map.  Get1 retrieves n bytes of data be‐
       ginning at addr into buf.  Get2, get4 and get8 retrieve 16-bit,  32-bit
       and  64-bit  values  respectively, into the location pointed to by val.
       The value is byte-swapped if the source byte order differs from that of
       the  current  architecture.   This  implies  that the value returned by
       get2, get4, and get8 may not be the same as the byte sequences returned
       by  get1  when n is two, four or eight; the former may be byte-swapped,
       the latter reflects the byte order of the target architecture.  If  the
       file  descriptor associated with the applicable segment in map is nega‐
       tive, the address itself is placed in the return location.  These func‐
       tions return the number of bytes read or a -1 when there is an error.

       Put1, put2, put4, and put8 write to the executable associated with map.
       The address is translated using the map parameters and multi-byte quan‐
       tities  are  byte-swapped, if necessary, before they are written.  Put1
       transfers n bytes stored at buf; put2, put4, and put8 write the 16-bit,
       32-bit  or  64-bit quantity contained in val, respectively.  The number
       of bytes transferred is returned.  A -1 return value indicates  an  er‐
       ror.

       Beswab,  beswal,  and beswav return the ushort, long, and vlong big-en‐
       dian representation of val, respectively.  Leswab, leswal,  and  leswav
       return  the little-endian representation of the ushort, long, and vlong
       contained in val.

SOURCE
       /sys/src/libmach

SEE ALSO
       8c(1), symbol(2), object(2), errstr(2), proc(3), a.out(6)

DIAGNOSTICS
       These routines set errstr.



                                                                       MACH(2)