-
Notifications
You must be signed in to change notification settings - Fork 7
/
xzre.lds.in
198 lines (193 loc) · 12.5 KB
/
xzre.lds.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
#define QUOTED(a) #a
#define QUOTE(a) QUOTED(a)
#ifdef GEN_CSV
#define DEFSYM(name, section) QUOTE(name),QUOTE(section)
#define SECTIONS_BEGIN()
#define SECTIONS_END(name)
// CSV header
name,section
#else
#define DEFSYM2(name, offset) QUOTE(name) = . + offset;
#define DEFSYM_START(section) section : {
#define DEFSYM_END(section) *(section); }
#define DEFSYM(name, section) \
DEFSYM_START(section) \
DEFSYM2(name, 0) \
DEFSYM_END(section)
#define SECTIONS_BEGIN() SECTIONS {
#define SECTIONS_END(name) } INSERT AFTER name;
#endif
SECTIONS_BEGIN()
/* 0000000000000010 */ DEFSYM(x86_dasm, .text.x86_codd)
/* 0000000000000AB0 */ DEFSYM(is_endbr64_instruction, .text.lzma_block_buffer_encoda)
/* 0000000000000B00 */ DEFSYM(find_function_prologue, .text.lzma_raw_coder_memusaga)
/* 0000000000000B90 */ DEFSYM(find_function, .text.lzma2_encoder_inia)
/* 0000000000000C80 */ DEFSYM(find_call_instruction, .text.lzma_optimum_normaa)
DEFSYM_START(.text.lzma_filters_updata)
/* 0000000000000D30 */ DEFSYM2(find_mov_lea_instruction, 0)
/* 0000000000000DF0 */ DEFSYM2(find_mov_instruction, 0xDF0 - 0xD30)
DEFSYM_END(.text.lzma_filters_updata)
/* 0000000000000EA0 */ DEFSYM(find_lea_instruction, .text.lzma_raw_encodea)
/* 0000000000000F50 */ DEFSYM(find_lea_instruction_with_mem_operand, .text.lzma_mt_block_siza)
/* 0000000000001010 */ DEFSYM(find_string_reference, .text.stream_encoda)
/* 0000000000001050 */ DEFSYM(find_instruction_with_mem_operand_ex, .text.lzma_properties_siza)
/* 0000000000001110 */ DEFSYM(find_instruction_with_mem_operand, .text.stream_encoder_mt_inia)
/* 0000000000001160 */ DEFSYM(find_add_instruction_with_mem_operand, .text.lzma_simple_x86_decoder_inif)
/* 0000000000001200 */ DEFSYM(fake_lzma_free, .text.stream_decoda)
/* 0000000000001230 */ DEFSYM(elf_contains_vaddr_impl, .text.powerpc_coda) // FIXME: prototype
/* 0000000000001390 */ DEFSYM(elf_contains_vaddr, .text.parse_bcz)
/* 00000000000013A0 */ DEFSYM(is_gnu_relro, .text.lzma_simple_props_sizd)
/* 00000000000013C0 */ DEFSYM(elf_parse, .text.get_literal_prica)
/* 0000000000001870 */ DEFSYM(elf_symbol_get, .text.crc_inia)
DEFSYM_START(.text.crc64_generia)
/* 0000000000001AF0 */ DEFSYM2(elf_symbol_get_addr, 0)
/* 0000000000001B20 */ DEFSYM2(c_memmove, 0x1B20 - 0x1AF0)
DEFSYM_END(.text.crc64_generia)
/* 0000000000001B70 */ DEFSYM(fake_lzma_alloc, .text.init_pric_tabla)
/* 0000000000001B80 */ DEFSYM(elf_find_rela_reloc, .text.stream_encoder_updata) // FIXME: prototype
/* 0000000000001C20 */ DEFSYM(elf_find_relr_reloc, .text.stream_encoder_updatz) // FIXME: prototype
/* 0000000000001DB0 */ DEFSYM(elf_get_reloc_symbol, .text.lz_encoda)
/* 0000000000001E50 */ DEFSYM(elf_get_plt_symbol, .text.delta_coder_ena)
/* 0000000000001E80 */ DEFSYM(elf_get_got_symbol, .text.delta_decoda)
/* 0000000000001EB0 */ DEFSYM(elf_get_code_segment, .text.lzma_check_updata)
/* 0000000000001F60 */ DEFSYM(elf_get_rodata_segment, .text.index_tree_appena)
/* 0000000000002090 */ DEFSYM(elf_find_string, .text.lzip_decoda)
/* 0000000000002140 */ DEFSYM(elf_get_data_segment, .text.microlzma_decoda)
/* 00000000000022C0 */ DEFSYM(elf_contains_vaddr_relro, .text.auto_decoda)
/* 0000000000002360 */ DEFSYM(is_range_mapped, .text.hc_find_funa)
/* 0000000000002430 */ DEFSYM(j_tls_get_addr, .text.lzma_simple_props_encoda) // FIXME: prototype
/* 0000000000002450 */ DEFSYM(dummy_tls_get_addr, .text.lzma_simple_props_encoda)
/* 0000000000002480 */ DEFSYM(get_lzma_allocator_address, .text.stream_decoder_mt_ena)
DEFSYM_START(.text.lzma_lz_encoder_memusaga)
/* 00000000000024E0 */ DEFSYM2(get_elf_functions_address, 0)
/* 0000000000002540 */ DEFSYM2(sshd_find_main, 0x2540 - 0x24E0) // FIXME: prototype
DEFSYM_END(.text.lzma_lz_encoder_memusaga)
/* 0000000000002760 */ DEFSYM(init_ldso_ctx, .text.lzma_block_buffer_bound63)
/* 00000000000027C0 */ DEFSYM(init_hooks_ctx, .text.lzma_delta_decoder_inis)
/* 0000000000002840 */ DEFSYM(init_shared_globals, .text.lzma_delta_props_decodd)
/* 0000000000002880 */ DEFSYM(init_imported_funcs, .text.microlzma_decoder_inia)
/* 00000000000028C0 */ DEFSYM(backdoor_symbind64, .text.lz_encoder_prepara)
/* 0000000000002A40 */ DEFSYM(elf_find_function_pointer, .text.reverse_seez)
/* 0000000000002B00 */ DEFSYM(validate_log_handler_pointers, .text.transfora)
/* 0000000000002C50 */ DEFSYM(find_addr_referenced_in_mov_instruction, .text.lzma_next_filter_inia)
/* 0000000000002D20 */ DEFSYM(elf_find_string_references, .text.auto_decoder_iniz)
/* 0000000000002FE0 */ DEFSYM(sshd_find_monitor_field_addr_in_function, .text.lzma_lzma_set_out_limia)
/* 00000000000032B0 */ DEFSYM(elf_find_string_reference, .text.lzma_auto_decoda)
/* 0000000000003330 */ DEFSYM(sshd_get_sensitive_data_address_via_krb5ccname, .text.lzma_lzma_encoder_resea)
/* 0000000000003670 */ DEFSYM(sshd_get_sensitive_data_address_via_xcalloc, .text.lzma_bufcpa)
/* 0000000000003860 */ DEFSYM(sshd_get_sensitive_data_score_in_do_child, .text.lzma_check_finisa)
/* 0000000000003900 */ DEFSYM(sshd_get_sensitive_data_score_in_main, .text.lzma_decoder_inia)
/* 0000000000003980 */ DEFSYM(sshd_get_sensitive_data_score_in_demote_sensitive_data, .text.lzma_delta_coder_inia)
/* 00000000000039B0 */ DEFSYM(check_argument, .text.lzma_encoder_inia)
DEFSYM_START(.text.lzma_file_info_decodea)
/* 0000000000003A10 */ DEFSYM2(process_is_sshd, 0)
/* 0000000000003B70 */ DEFSYM2(dsa_key_hash, 0x3B70 - 0x3A10)
DEFSYM_END(.text.lzma_file_info_decodea)
/* 0000000000003CD0 */ DEFSYM(main_elf_parse, .text.lzma_filter_decoder_is_supportea)
/* 0000000000003D40 */ DEFSYM(sshd_get_sensitive_data_score, .text.lzma_lzma2_encoder_memusaga)
/* 0000000000003DA0 */ DEFSYM(sshd_find_monitor_struct, .text.lzma_mf_bt4_fina)
/* 0000000000003F50 */ DEFSYM(update_cpuid_got_index, .text.lzma_stream_decoder_inia)
/* 0000000000003F70 */ DEFSYM(get_tls_get_addr_random_symbol_got_offset, .text.lzma_stream_flags_compara)
/* 0000000000003F90 */ DEFSYM(update_got_address, .text.lzma_stream_header_encoda)
/* 0000000000004000 */ DEFSYM(update_got_offset, .text.parse_delt1)
/* 0000000000004020 */ DEFSYM(init_elf_entry_ctx, .text.read_output_and_waia)
/* 0000000000004050 */ DEFSYM(get_lzma_allocator, .text.stream_decoder_memconfia)
/* 0000000000004070 */ DEFSYM(find_link_map_l_name, .text.lzma_delta_props_encoda)
/* 0000000000004360 */ DEFSYM(find_dl_naudit, .text.lzma_filter_flags_decoda)
/* 00000000000045D0 */ DEFSYM(resolve_libc_imports, .text.lzma_index_buffer_encoda)
/* 0000000000004650 */ DEFSYM(process_shared_libraries_map, .text.lzma_index_encoder_inia)
/* 0000000000004A30 */ DEFSYM(process_shared_libraries, .text.lzma_index_stream_flaga)
/* 0000000000004AD0 */ DEFSYM(find_link_map_l_audit_any_plt_bitmask, .text.lzma_index_iter_locata)
/* 0000000000004ED0 */ DEFSYM(find_link_map_l_audit_any_plt, .text.lzma_index_hash_inia)
/* 00000000000051D0 */ DEFSYM(find_dl_audit_offsets, .text.lzma_lz_decoder_inia)
/* 0000000000005400 */ DEFSYM(sshd_find_sensitive_data, .text.lzma_lzma_optimum_fasa)
/* 0000000000005820 */ DEFSYM(backdoor_setup, .text.microlzma_encoder_inia)
/* 0000000000006F20 */ DEFSYM(backdoor_init_stage2, .text.lzma_validate_chaia)
DEFSYM_START(.text.parse_optiona)
/* 0000000000007020 */ DEFSYM2(c_strlen, 0)
/* 0000000000007040 */ DEFSYM2(c_strnlen, 0x7040 - 0x7020)
DEFSYM_END(.text.parse_optiona)
/* 0000000000007070 */ DEFSYM(fd_read, .text.auto_decoder_inia)
DEFSYM_START(.text.bt_find_funa)
/* 00000000000070E0 */ DEFSYM2(fd_write, 0)
/* 0000000000007160 */ DEFSYM2(contains_null_pointers, 0x7160 - 0x70E0)
DEFSYM_END(.text.bt_find_funa)
/* 0000000000007180 */ DEFSYM(chacha_decrypt, .text.lzma_delta_encoder_inia)
/* 00000000000072A0 */ DEFSYM(sha256, .text.lzma_easy_encodea)
/* 0000000000007310 */ DEFSYM(bignum_serialize, .text.lzma_block_decoder_inia)
/* 00000000000073F0 */ DEFSYM(sshd_log, .text.lzma_block_encoder_updatd)
/* 00000000000074A0 */ DEFSYM(count_pointers, .text.lzma_index_ena)
/* 0000000000007500 */ DEFSYM(rsa_key_hash, .text.lzma_filters_copa)
/* 0000000000007620 */ DEFSYM(verify_signature, .text.lzma_index_dua)
/* 0000000000007910 */ DEFSYM(sshbuf_bignum_is_negative, .text.length_encoder_resez)
/* 0000000000007940 */ DEFSYM(sshbuf_extract, .text.stream_decoder_mt_get_progresz)
/* 0000000000007A10 */ DEFSYM(sshd_get_sshbuf, .text.threads_stoz)
/* 0000000000007BB0 */ DEFSYM(sshd_get_usable_socket, .text.index_decoda)
/* 0000000000007C50 */ DEFSYM(sshd_get_client_socket, .text.index_encoda)
/* 0000000000007D40 */ DEFSYM(sshd_patch_variables, .text.lzma_block_unpadded_siza)
/* 0000000000007DD0 */ DEFSYM(sshd_configure_log_hook, .text.lzma_rc_pricea)
/* 0000000000007E90 */ DEFSYM(check_backdoor_state, .text.stream_encoder_mt_iniz)
/* 0000000000007F10 */ DEFSYM(extract_payload_message, .text.worker_stara)
/* 0000000000008070 */ DEFSYM(mm_answer_keyverify_hook, .text.bt_skip_funz)
/* 00000000000080F0 */ DEFSYM(mm_answer_authpassword_hook, .text.lzma_coda)
/* 00000000000081C0 */ DEFSYM(secret_data_get_decrypted, .text.parse_lzma10)
/* 0000000000008260 */ DEFSYM(sshd_proxy_elevate, .text.lzip_decoder_memconfia)
/* 0000000000008D40 */ DEFSYM(decrypt_payload_message, .text.decode_buffez)
/* 0000000000008E90 */ DEFSYM(mm_answer_keyallowed_hook, .text.file_info_decoda)
/* 0000000000009490 */ DEFSYM(run_backdoor_commands, .text.lzma_index_stream_siza)
/* 000000000000A230 */ DEFSYM(hook_RSA_public_decrypt, .text.lzma_index_prealloa) // FIXME: prototype
/* 000000000000A2C0 */ DEFSYM(hook_EVP_PKEY_set1_RSA, .text.lzma_index_memusaga) // FIXME: prototype
/* 000000000000A320 */ DEFSYM(hook_RSA_get0_key, .text.lzma_index_inia) // FIXME: prototype
/* 000000000000A390 */ DEFSYM(mm_log_handler_hook, .text.parse_lzma12z)
/* 000000000000A6F0 */ DEFSYM(_cpuid_gcc, .text._cpuid)
DEFSYM_START(.text._get_cpuia)
/* 000000000000A710 */ DEFSYM2(backdoor_entry, 0)
/* 000000000000A784 */ DEFSYM2(backdoor_init, 0xA784 - 0xA710)
DEFSYM_END(.text._get_cpuia)
/* 000000000000A7F0 */ DEFSYM(_get_cpuid_modified, .text._get_cpuid)
/* 000000000000A850 */ DEFSYM(count_bits, .text.lzma_outq_inia)
/* 000000000000A870 */ DEFSYM(get_string_id, .text.simple_coder_updata)
/* 000000000000A980 */ DEFSYM(secret_data_append_from_instruction, .text.lzma_lzma_encoder_inia)
/* 000000000000A9F0 */ DEFSYM(secret_data_append_from_code, .text.lzma_memlimit_gea)
/* 000000000000AAB0 */ DEFSYM(secret_data_append_singleton, .text.rc_read_inis)
/* 000000000000AB60 */ DEFSYM(secret_data_append_item, .text.lzma_check_inia)
/* 000000000000AB80 */ DEFSYM(secret_data_append_from_address, .text.lzma2_decoder_ena)
/* 000000000000ABB0 */ DEFSYM(secret_data_append_from_call_site, .text.lzma_index_iter_rewina)
/* 000000000000ABD0 */ DEFSYM(secret_data_append_items, .text.lzma_index_memusagz)
/* 000000000000AC30 */ DEFSYM(find_reg2reg_instruction, .text.lzma_block_total_siza)
SECTIONS_END(.text)
SECTIONS_BEGIN()
DEFSYM_START(.rodata.MASK_TO_BIT_NUMBER0)
/* 000000000000ACC0 */ DEFSYM2(dasm_threebyte_has_modrm, 0x00)
/* 000000000000ACE0 */ DEFSYM2(dasm_threebyte_0x38_is_valid, 0x20)
/* 000000000000AD00 */ DEFSYM2(dasm_twobyte_has_modrm, 0x40)
/* 000000000000AD20 */ DEFSYM2(dasm_twobyte_is_valid, 0x60)
DEFSYM_END(.rodata.MASK_TO_BIT_NUMBER0)
DEFSYM_START(.rodata.BRANCH_TABLE0)
/* 000000000000AD40 */ DEFSYM2(dasm_onebyte_has_modrm, 0x00)
/* 000000000000AD60 */ DEFSYM2(dasm_onebyte_is_invalid, 0x20)
DEFSYM_END(.rodata.BRANCH_TABLE0)
// .rodata.get_literal_prica is used as a branch table for switch statements in elf_parse()
DEFSYM_START(.rodata.get_literal_prica)
/* 000000000000AD80 */
/* 000000000000ADB8 */
DEFSYM_END(.rodata.get_literal_prica)
/* 000000000000ADD8 */ DEFSYM(tls_get_addr_random_symbol, .rodata.lzma2_decode)
/* 000000000000ADE0 */ DEFSYM(cpuid_random_symbol, .rodata.lzma_lzma_encode)
/* 000000000000ADF0 */
/* 000000000000AEA0 */ DEFSYM(string_action_data, .rodata.lzip_decode0)
/* 000000000000C300 */ DEFSYM(string_mask_data, .rodata.crc64_clmul1)
/* 000000000000CA70 */ DEFSYM(cpuid_reloc_consts, .rodata.lzma12_mf_mao.0)
/* 000000000000CA88 */ DEFSYM(tls_get_addr_reloc_consts, .rodata.rc_encode)
SECTIONS_END(.rodata)
SECTIONS_BEGIN()
/* 000000000000CAA0 */ DEFSYM(elf_functions_offset, .data.rel.ro.filter_optmap.0)
/* 000000000000CAA8 */ DEFSYM(fake_lzma_allocator_offset, .data.rel.ro.lookup_filter.part.0)
/* 000000000000CAB0 */ DEFSYM(fake_lzma_allocator, .data.rel.ro.decoders0)
/* 000000000000CAD0 */ DEFSYM(elf_functions, .data.rel.ro.encoders0)
SECTIONS_END(.data.rel.ro)
SECTIONS_BEGIN()
/* 000000000000CB10 */ DEFSYM(hooks_data, .bss.filter_optionz)
/* 000000000000CB18 */ DEFSYM(global_ctx, .bss.lzma12_codez)
/* 000000000000CB20 */ DEFSYM(resolver_call_count, .bss.__intr2)
SECTIONS_END(.bss)