• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Rosetta and Code Injection
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Rosetta and Code Injection

  • Subject: Rosetta and Code Injection
  • From: Bob Murphy <email@hidden>
  • Date: Wed, 23 Apr 2008 10:01:17 -0700
Has anybody gotten Jonathan Rentzsch's mach_star system to work with Rosetta?

The latest versions of mach_star, modified by Bertrand Guihéneuf and others, work fine if the target process's executable is a PPC exe running on a PPC chip, or an x86 exe running on an x86 chip.

However, code injection doesn't work for a PPC exe running under Rosetta. I've been trying to get this to work, but have run into some problems, and was hoping that either somebody has succeeded at this, or can at least provide some pointers.

Here are a few things I've discovered:

- A PPC source exe that works fine at injecting particular PPC target exes on a PowerMac G5, fails when running in Rosetta on a MacBook.

- Most of the injection process (allocating memory in the target process, etc.) succeeds. Where things fail is inside thread_create_running(). When you feed it a PPC_THREAD_STATE thread state flavor when running on an x86 CPU, it returns an error code of KERN_INVALID_ARGUMENT. This happens no matter whether the calling process is an x86 or PPC exe.

- It looks like things are failing in xnu, in machine_thread_set_state (). This is a routine that sets up the thread based on register contents and so on. In recent kernels, there are two versions of this, one for x86 (osfmk/i386/pcb.c) and one for PPC (osfmk/ppc/ status.c). Each of these has a switch block that handles the allowable thread state flavors for the hardware. And if you try to use a thread state flavor for PPC in an x86 kernel (or vice versa), the switch block hits the default and returns KERN_INVALID_ARGUMENT.

There may be other places code injection on Rosetta will also fail; I haven't determined that yet.

The only solution I've been able to think of so far is to abstract the PPC thread setup code from osfmk/ppc/status.c and do it in my injector. But if there's an easier, or proven, way to accomplish the task, that would be better.

And any advice will be gratefully appreciated.

- Bob



_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: Rosetta and Code Injection

      • From: Shantonu Sen <email@hidden>
      • 



    

  • Prev by Date:
Re: Which structure does sysctl fill when KERN_FILE parameter	is	given as input on Mac Os X 10.4.7?

    • 

  • Next by Date:
Re: Rosetta and Code Injection

    • 

  • Previous by thread:
Re: IOCommandGate and IOThread

    • 

  • Next by thread:
Re: Rosetta and Code Injection

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •