SKRoot-linuxKernelRoot/Lite_version/src/patch_kernel_root/patch_base.h at master · abcz316/SKRoot-linuxKernelRoot · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
#pragma once
#include <iostream>
#include <vector>
#include "patch_kernel_root.h"
#include "3rdparty/aarch64_asm_helper.h"
#include "3rdparty/aarch64_reg_protect_guard.h"
#include "analyze/symbol_analyze.h"
#include "analyze/init_cred_searcher.h"

#define THREAD_SIZE 0x4000

struct huawei_extra {
	uint64_t kti_addr = 0;
};

struct thread_info {
	uint64_t flags;
	uint64_t addr_limit;
	uint64_t task;
};

class PatchBase {
public:
	PatchBase(const std::vector<char>& file_buf, size_t cred_uid_offset, const huawei_extra& huawei);
	PatchBase(const PatchBase& other);
	~PatchBase();
	uint32_t skip_pac_bti_at_func_start(uint32_t addr);
	size_t patch_jump(size_t patch_addr, size_t jump_addr, std::vector<patch_bytes_data>& vec_out_patch_bytes_data);

protected:
	bool is_CONFIG_THREAD_INFO_IN_TASK();
	bool is_CURRENT_FROM_SP_EL0_THREAD_INFO();
	void emit_get_current(asmjit::a64::Assembler* a, asmjit::a64::GpX x);
	void emit_safe_bl(asmjit::a64::Assembler* a, size_t func_base_addr, size_t target);
	void emit_ret_by_entry_insn(asmjit::a64::Assembler* a, uint32_t entry_insn);

	int count_mrs_sp_el0();
	std::vector<size_t> find_all_aarch64_ret_offsets(size_t offset, size_t size);

	bool is_huawei();
	void update_huawei_kti_calc_base(size_t base);
	void emit_huawei_kti_add(asmjit::a64::Assembler* a, asmjit::a64::GpX x);

	const std::vector<char>& m_file_buf;
	KernelVersionParser m_kernel_ver_parser;
	InitCredSearcher m_init_cred_searcher;
	huawei_extra m_huawei_extra;
	size_t m_huawei_kti_calc_base = 0;
};