Syscall Generator Scripts
Syscall Generator Scripts
FreeBSD Syscall Generator
Parses syscalls.master from the FreeBSD kernel source to generate Qiling syscall name-to-number mappings.
Source: https://github.com/freebsd/freebsd/blob/master/sys/kern/syscalls.master
1#!/usr/bin/env python3
2import re
3
4def is_number(s):
5 try:
6 float(s)
7 return True
8 except ValueError:
9 pass
10 try:
11 import unicodedata
12 unicodedata.numeric(s)
13 return True
14 except (TypeError, ValueError):
15 pass
16 return False
17
18def read_file(f):
19 line = f.readline()
20 while line:
21 if is_number(line[0]):
22 index = re.findall(r"\d+\.?\d*", line)
23 line = f.readline()
24 if not is_number(line[0]) and line[0] != ';':
25 name = line.split('(')[0].split(' ')[-1]
26 if name != '\n':
27 print(f' "{name}": ({index[0]}),')
28 else:
29 continue
30 line = f.readline()
31
32if __name__ == '__main__':
33 read_file(open('./syscalls.master'))
macOS Syscall Generator
Merges macOS and iOS syscall tables into a unified mapping with (mac_index, ios_index) tuples.
Sources:
- macOS:
https://opensource.apple.com/source/xnu/xnu-1504.3.12/bsd/kern/syscalls.master - iOS: radare2 sflib darwin-arm-64
1#!/usr/bin/env python3
2
3def merge(mac_dict, ios_dict):
4 for key in mac_dict:
5 mac_dict[key] = (mac_dict[key], -1)
6 for key in ios_dict:
7 if key in mac_dict:
8 mac_dict[key] = (int(mac_dict[key][0]), int(ios_dict[key]))
9 else:
10 mac_dict[key] = (-1, int(ios_dict[key]))
11 for name, indices in mac_dict.items():
12 print(f' "{name}": {indices},')
13
14if __name__ == '__main__':
15 # Load mac_dict from macos_syscall file and ios_dict from ios_syscall file
16 # then call merge(mac_dict, ios_dict)
17 pass