qiling ARM64 MACOS flag mapping error

ARM64 MACOS flag mapping error

Open 90n20 opened this issue 6 months ago • 0 comments

Hi all,

I am getting a crash, trying to emulate a linux x86-64 ELF in a MAC m1 (Sonoma 14.6.1), related to flags mappings not defined for the underlaying SO/Host:

[+] 	Profile: default
[+] 	Mapping GDT at 0x30000 with limit 0x1000
[+] 	Mapped 0x555555554000-0x555555555000
[+] 	Mapped 0x555555555000-0x555555556000
[+] 	Mapped 0x555555556000-0x555555557000
[+] 	Mapped 0x555555557000-0x555555559000
[+] 	mem_start : 0x555555554000
[+] 	mem_end   : 0x555555559000
[+] 	Interpreter path: /lib64/ld-linux-x86-64.so.2
[+] 	Interpreter addr: 0x7ffff7dd5000
[+] 	Mapped 0x7ffff7dd5000-0x7ffff7dfc000
[+] 	Mapped 0x7ffff7ffc000-0x7ffff7fff000
[+] 	mmap_address is : 0x7fffb7dd6000
[+] 	rel name b'_ITM_deregisterTMCloneTable'
[+] 	rel name b'__libc_start_main'
[+] 	rel name b'__gmon_start__'
[+] 	rel name b'_ITM_registerTMCloneTable'
[+] 	rel name b'__cxa_finalize'
[+] 	rel name b'getenv'
[+] 	rel name b'strcpy'
[+] 	rel name b'puts'
[+] 	rel name b'__stack_chk_fail'
[+] 	rel name b'strcmp'
[+] 	rel name b'ptrace'
[+] 	rel name b'strcat'
[+] 	rel name b'exit'
[+] 	0x00007ffff7df0ec7: brk(inp = 0x0) = 0x55555555b000
[+] 	0x00007ffff7df2015: uname(buf = 0x7ffffffff9c0) = 0x0
[+] 	access("/etc/ld.so.nohwcap", 00) = -2
[+] 	0x00007ffff7de47dc: access(path = 0x7ffff7df6082, mode = 0x0) = -0x2 (ENOENT)
[+] 	access("/etc/ld.so.preload", 04) = -2
[+] 	0x00007ffff7df1e25: access(path = 0x7ffff7df8dd0, mode = 0x4) = -0x2 (ENOENT)
[x] 	Syscall ERROR: ql_syscall_openat DEBUG: flags were not defined for hosting ARM64 MACOS

Traceback:

File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/posix.py", line 213, in load_syscall
    retval = syscall_hook(self.ql, *params)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/syscall/fcntl.py", line 62, in ql_syscall_openat
    regreturn = absvpath if isinstance(absvpath, int) else __do_open(ql, absvpath, flags, mode)
                                                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/syscall/fcntl.py", line 31, in __do_open
    flags = ql_open_flag_mapping(ql, flags)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/const_mapping.py", line 98, in ql_open_flag_mapping
    raise NotImplementedError(f'flags were not defined for hosting {archtype.name} {ostype.name}')
NotImplementedError: flags were not defined for hosting ARM64 MACOS
Traceback (most recent call last):
  File "/Users/90n20/Projects/CTF/ine.py", line 14, in <module>
    ql.run()
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/core.py", line 588, in run
    self.os.run()
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/linux/linux.py", line 178, in run
    self.ql.emu_start(self.ql.loader.entry_point, entry_address, self.ql.timeout)
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/core.py", line 768, in emu_start
    raise self.internal_exception
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/core_hooks.py", line 141, in wrapper
    return callback(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/core_hooks.py", line 204, in _hook_insn_cb
    ret = hook.call(ql, *hook_args)
          ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/core_hooks_types.py", line 25, in call
    return self.callback(ql, *args)
           ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/linux/linux.py", line 138, in hook_syscall
    return self.load_syscall()
           ^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/posix.py", line 231, in load_syscall
    raise e
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/posix.py", line 213, in load_syscall
    retval = syscall_hook(self.ql, *params)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/syscall/fcntl.py", line 62, in ql_syscall_openat
    regreturn = absvpath if isinstance(absvpath, int) else __do_open(ql, absvpath, flags, mode)
                                                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/syscall/fcntl.py", line 31, in __do_open
    flags = ql_open_flag_mapping(ql, flags)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/90n20/Tools/qilingenv/lib/python3.12/site-packages/qiling/os/posix/const_mapping.py", line 98, in ql_open_flag_mapping
    raise NotImplementedError(f'flags were not defined for hosting {archtype.name} {ostype.name}')
NotImplementedError: flags were not defined for hosting ARM64 MACOS

Any thoughts or ideas to solve this?

Aug 20 '24 08:08 90n20

qiling qiling copied to clipboard

ARM64 MACOS flag mapping error

qiling
qiling copied to clipboard