From 499cc60e728ff7225fd7cac158ff772435c27b62 Mon Sep 17 00:00:00 2001 From: Lucas Fryzek Date: Tue, 6 Aug 2024 22:27:40 +0100 Subject: drv: Attempt to add mapping support Map allocated buffers so we can clear them and then write copied dumps from proprietary driver to them. Currently memory allocations fail with `MAP_FAILED` in mmap. --- src/wrap.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'src/wrap.c') diff --git a/src/wrap.c b/src/wrap.c index 01ae2a3..7115b53 100644 --- a/src/wrap.c +++ b/src/wrap.c @@ -215,9 +215,10 @@ static void clear_mem(struct mem_entry *mem) { || heap == PVR_HEAP_SYNC_INFO || heap == PVR_HEAP_TA_DATA; IMG_HANDLE handle = mem->mem_info.hKernelMemInfo; - bool is_special_heap = (uintptr_t)handle == 0x14 || - (uintptr_t)handle == 0x15 || - (uintptr_t)handle == 0x10; + bool is_special_heap = (uintptr_t)handle == 0x14 + //|| (uintptr_t)handle == 0x15 + //|| (uintptr_t)handle == 0x10 + ; if(mem->type == MEM_TYPE_NORMAL && (valid_heap || is_special_heap)) { printf("Clearing heap\n"); for (int i = 0; i < 2; i++) @@ -242,6 +243,7 @@ static void clear_mem(struct mem_entry *mem) { static struct mem_entry *add_mmap_pointer(void* data, int prot, size_t length, uintptr_t pgoffset) { int track_arr_size = sizeof(mem_trackings)/sizeof(mem_trackings[0]); + printf("Tracking %p with length 0x%x and prot %d\n", data, length, prot); for(int i = 0; i < track_arr_size; i++) { struct mem_entry *mem = &mem_trackings[i]; @@ -640,6 +642,7 @@ static void pvrsrv_ioctl_post(int fd, PVRSRV_BRIDGE_PACKAGE *bridge_package, int { PVRSRV_BRIDGE_IN_MHANDLE_TO_MMAP_DATA *in_data = bridge_package->pvParamIn; PVRSRV_BRIDGE_OUT_MHANDLE_TO_MMAP_DATA *out_data = bridge_package->pvParamOut; + PPRINT(stdout, out_data, PVRSRV_BRIDGE_OUT_MHANDLE_TO_MMAP_DATA); add_mmap_data(fd, in_data->hMHandle, out_data); printf("MHANDLE to MMAP data %p\n", in_data->hMHandle); } @@ -714,6 +717,7 @@ static bool pvrsrv_ioctl(int fd, PVRSRV_BRIDGE_PACKAGE *bridge_package) { switch(ioctl_nr) { case _IOC_NR(PVRSRV_BRIDGE_MHANDLE_TO_MMAP_DATA): /* TODO track memory */ + PPRINT(stdout, bridge_package->pvParamIn, PVRSRV_BRIDGE_IN_MHANDLE_TO_MMAP_DATA); break; case _IOC_NR(PVRSRV_BRIDGE_ALLOC_DEVICEMEM): { @@ -751,6 +755,7 @@ static bool pvrsrv_ioctl(int fd, PVRSRV_BRIDGE_PACKAGE *bridge_package) { PVRSRV_BRIDGE_IN_SGX_REGISTER_HW_RENDER_CONTEXT *data = bridge_package->pvParamIn; printf("HW Render Context %p\n", data); #if 1 + ((IMG_UINT32*)(data->pHWRenderContextCpuVAddr))[17] = 0x0; for (IMG_UINT32 i = 0; i < data->ui32HWRenderContextSize; i += sizeof(IMG_UINT32)) { IMG_UINT32 *t = (IMG_UINT32*)(data->pHWRenderContextCpuVAddr+i); printf("\t0x%x\n", *t); @@ -918,7 +923,9 @@ static bool pvrsrv_ioctl(int fd, PVRSRV_BRIDGE_PACKAGE *bridge_package) { case _IOC_NR(PVRSRV_BRIDGE_ENUM_DISPCLASS_DIMS): case _IOC_NR(PVRSRV_BRIDGE_GET_DISPCLASS_SYSBUFFER): case _IOC_NR(PVRSRV_BRIDGE_ENUM_CLASS): + break; case _IOC_NR(PVRSRV_BRIDGE_SGX_GETINTERNALDEVINFO): + PPRINT(stdout, bridge_package->pvParamOut, PVRSRV_BRIDGE_OUT_GETINTERNALDEVINFO); break; case _IOC_NR(PVRSRV_BRIDGE_CONNECT_SERVICES): PPRINT(stdout, bridge_package->pvParamIn, PVRSRV_BRIDGE_IN_CONNECT_SERVICES); @@ -1093,9 +1100,10 @@ long syscall(long number, ...) { unsigned long flags = va_arg(args, unsigned long); unsigned long fd = va_arg(args, unsigned long); unsigned long pgoffset = va_arg(args, unsigned long); + va_end(args); long ret = orig_syscall(number, addr, length, prot, flags, fd, pgoffset); if (is_pvr(fd)) { - printf("mmap2 called with 0x%lx\n", ret); + printf("mmap2 called with 0x%lx 0x%x 0x%x %x\n", ret, flags, addr, pgoffset); last_mem_entry = add_mmap_pointer((void*)ret, prot, length, pgoffset); clear_mem(last_mem_entry); } -- cgit