Attribute Macro panda_macros::on_rec_auxv

source ·

#[on_rec_auxv]

Expand description

(Callback) Runs when proc_start_linux recieves the AuxvValues for a given process.

Can be treated as a “on program start” callback, but one which provides a lot of info about the contents of the initial program state and how it is being loaded. The state at time of callback is before the C runtime is initialized, and before the entrypoint is jumped to.

See AuxvValues to get a better understanding of the values provided.

Args

cpu - a reference to the currently executing CPUState object
tb - the current TranslationBlock at time of recieving
auxv - the auxillary vector (AuxvValues) of the program starting

Example

use panda::prelude::*;
use panda::plugins::proc_start_linux::AuxvValues;

#[panda::on_rec_auxv]
fn on_proc_start(cpu: &mut CPUState, tb: &mut TranslationBlock, auxv: AuxvValues) {
    // do stuff when a process starts
}