GP-5185: from the review

GP-5185: don't revert GP-5185: ModelQuery fixes GP-5185: fix for ModelQuery GP-5185: threads GP-5185: attempt at threads GP-5815: main containers working GP-5185 certified GP-5815: new logic ala Volatility GP-5185: better print GP-5185: first pass
2025-10-05 02:39:44 +02:00 · 2024-12-17 11:35:34 -05:00 · 2024-12-17 11:35:34 -05:00 · 84a0108256
commit 84a0108256
parent 57df41297f
16 changed files with 868 additions and 50 deletions
--- a/Ghidra/Debug/Debugger-agent-dbgeng/data/support/kernel-dbgeng.py
+++ b/Ghidra/Debug/Debugger-agent-dbgeng/data/support/kernel-dbgeng.py
@ -1,17 +1,17 @@
 ## ###
-#  IP: GHIDRA
-# 
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  
-#       http://www.apache.org/licenses/LICENSE-2.0
-#  
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
 ##

 import os
@ -38,6 +38,7 @@ else:
 def main():
    # Delay these imports until sys.path is patched
    from ghidradbg import commands as cmd
+    from ghidradbg import util
    from pybag.dbgeng import core as DbgEng
    from ghidradbg.hooks import on_state_changed
    from ghidradbg.util import dbg
@ -47,8 +48,17 @@ def main():
    repl = cmd.repl

    cmd.ghidra_trace_connect(os.getenv('GHIDRA_TRACE_RMI_ADDR'))
+    type = os.getenv('OPT_TARGET_FLAGS')
+    flags = 0
+    if type == "Local":
+        flags = 1
+    if type == "EXDI":
+        print(f"ConfigFile: {os.getenv('EXDI_GDBSRV_XML_CONFIG_FILE')}")
+        print(f"RegMapFile: {os.getenv('EXDI_SYSTEM_REGISTERS_MAP_XML_FILE')}")
+        util.set_convenience_variable('output-radix', 16)
+        flags = 2
    args = os.getenv('OPT_TARGET_ARGS')
-    cmd.ghidra_trace_attach_kernel(args, start_trace=False)
+    cmd.ghidra_trace_attach_kernel(args, flags, start_trace=False)
    
    # TODO: HACK
    try:
@ -56,7 +66,8 @@ def main():
    except KeyboardInterrupt as ki:
        dbg.interrupt()

-    cmd.ghidra_trace_start(os.getenv('OPT_TARGET_IMG'))
+    #cmd.ghidra_trace_start(os.getenv('OPT_TARGET_IMG'))
+    cmd.ghidra_trace_start("System")
    cmd.ghidra_trace_sync_enable()
    
    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS, DbgEng.DEBUG_STATUS_BREAK)