static int filehash_cb (const char *p, const char *f, void *ptr, const SEXP_t *filters)
{
SEXP_t *itm, *r0, *r1;
SEXP_t *cobj = (SEXP_t *) ptr;
char pbuf[PATH_MAX+1];
size_t plen, flen;
int fd;
if (f == NULL)
return (0);
/*
* Prepare path
*/
plen = strlen (p);
flen = strlen (f);
if (plen + flen + 1 > PATH_MAX)
return (-1);
memcpy (pbuf, p, sizeof (char) * plen);
if (p[plen - 1] != FILE_SEPARATOR) {
pbuf[plen] = FILE_SEPARATOR;
++plen;
}
memcpy (pbuf + plen, f, sizeof (char) * flen);
pbuf[plen+flen] = '\0';
/*
* Open the file
*/
fd = open (pbuf, O_RDONLY);
if (fd < 0) {
itm = probe_item_create(OVAL_INDEPENDENT_FILE_MD5, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
NULL);
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Can't get context for %s: %s\n", pbuf, strerror(errno));
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
} else {
uint8_t md5_dst[16];
size_t md5_dstlen = sizeof md5_dst;
char md5_str[32+1];
/*
* Compute hash values
*/
if (crapi_digest_fd (fd, CRAPI_DIGEST_MD5, &md5_dst, &md5_dstlen) != 0)
{
close (fd);
return (-1);
}
close (fd);
mem2hex (md5_dst, sizeof md5_dst, md5_str, sizeof md5_str);
/*
* Create and add the item
*/
itm = probe_item_create(OVAL_INDEPENDENT_FILE_MD5, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"md5", OVAL_DATATYPE_STRING, md5_str,
NULL);
}
probe_cobj_add_item(cobj, itm, filters);
SEXP_free (itm);
return (0);
}
static void
handle_exception (int exceptionVector)
{
int sigval;
int addr, length, reg;
char *ptr;
gdb_i386vector = exceptionVector;
if (remote_debug)
printf ("vector=%d, sr=0x%x, pc=0x%x\n",
exceptionVector,
registers[PS],
registers[PC]);
/* Reply to host that an exception has occurred. Always return the
PC, SP, and FP, since gdb always wants them. */
ptr = remcomOutBuffer;
*ptr++ = 'T';
sigval = computeSignal (exceptionVector);
*ptr++ = hexchars[sigval >> 4];
*ptr++ = hexchars[sigval % 16];
*ptr++ = hexchars[ESP];
*ptr++ = ':';
mem2hex ((char *) ®isters[ESP], ptr, REGBYTES, 0);
ptr += REGBYTES * 2;
*ptr++ = ';';
*ptr++ = hexchars[EBP];
*ptr++ = ':';
mem2hex ((char *) ®isters[EBP], ptr, REGBYTES, 0);
ptr += REGBYTES * 2;
*ptr++ = ';';
*ptr++ = hexchars[PC];
*ptr++ = ':';
mem2hex ((char *) ®isters[PC], ptr, REGBYTES, 0);
ptr += REGBYTES * 2;
*ptr++ = ';';
*ptr = '\0';
putpacket (remcomOutBuffer);
while (1 == 1)
{
error = 0;
remcomOutBuffer[0] = 0;
getpacket (remcomInBuffer);
switch (remcomInBuffer[0])
{
case '?':
remcomOutBuffer[0] = 'S';
remcomOutBuffer[1] = hexchars[sigval >> 4];
remcomOutBuffer[2] = hexchars[sigval % 16];
remcomOutBuffer[3] = 0;
break;
case 'd':
remote_debug = !(remote_debug); /* toggle debug flag */
break;
case 'g': /* return the value of the CPU registers */
mem2hex ((char *) registers, remcomOutBuffer, NUMREGBYTES, 0);
break;
case 'G': /* set the value of the CPU registers - return OK */
hex2mem (&remcomInBuffer[1], (char *) registers, NUMREGBYTES, 0);
strcpy (remcomOutBuffer, "OK");
break;
case 'P': /* Set specific register */
ptr = &remcomInBuffer[1];
if (hexToInt (&ptr, ®)
&& *ptr++ == '=')
{
hex2mem (ptr, (char *) ®isters[reg], REGBYTES, 0);
strcpy (remcomOutBuffer, "OK");
}
else
{
strcpy (remcomOutBuffer, "E01");
debug_error ("malformed register set command; %s",
remcomInBuffer);
}
break;
/* mAA..AA,LLLL Read LLLL bytes at address AA..AA */
case 'm':
/* TRY TO READ %x,%x. IF SUCCEED, SET PTR = 0 */
ptr = &remcomInBuffer[1];
if (hexToInt (&ptr, &addr))
if (*(ptr++) == ',')
if (hexToInt (&ptr, &length))
{
ptr = 0;
mem_err = 0;
mem2hex ((char *) addr, remcomOutBuffer, length, 1);
if (mem_err)
{
strcpy (remcomOutBuffer, "E03");
debug_error ("memory fault", 0);
}
}
if (ptr)
{
strcpy (remcomOutBuffer, "E01");
debug_error ("malformed read memory command: %s", remcomInBuffer);
}
break;
/* MAA..AA,LLLL: Write LLLL bytes at address AA.AA return OK */
case 'M':
/* TRY TO READ '%x,%x:'. IF SUCCEED, SET PTR = 0 */
ptr = &remcomInBuffer[1];
if (hexToInt (&ptr, &addr))
if (*(ptr++) == ',')
if (hexToInt (&ptr, &length))
if (*(ptr++) == ':')
{
mem_err = 0;
hex2mem (ptr, (char *) addr, length, 1);
if (mem_err)
{
strcpy (remcomOutBuffer, "E03");
debug_error ("memory fault", 0);
}
else
{
strcpy (remcomOutBuffer, "OK");
}
ptr = 0;
}
if (ptr)
{
strcpy (remcomOutBuffer, "E02");
debug_error ("malformed write memory command: %s", remcomInBuffer);
}
break;
/* cAA..AA Continue at address AA..AA(optional) */
/* sAA..AA Step one instruction from AA..AA(optional) */
case 'c':
case 's':
/* try to read optional parameter, pc unchanged if no parm */
ptr = &remcomInBuffer[1];
if (hexToInt (&ptr, &addr))
registers[PC] = addr;
/* clear the trace bit */
registers[PS] &= 0xfffffeff;
/* set the trace bit if we're stepping */
if (remcomInBuffer[0] == 's')
registers[PS] |= 0x100;
_returnFromException (); /* this is a jump */
break;
/* Detach. */
case 'D':
putpacket (remcomOutBuffer);
registers[PS] &= 0xfffffeff;
_returnFromException (); /* this is a jump */
break;
/* kill the program */
case 'k': /* do nothing */
break;
} /* switch */
/* reply to the request */
putpacket (remcomOutBuffer);
}
}
/*
* This function does all command procesing for interfacing to gdb.
*/
void
gdb_handle_exception (db_regs_t *raw_regs, int type, int code)
{
int sigval;
long addr;
int length;
char * ptr;
struct x86_64regs {
unsigned long rax;
unsigned long rbx;
unsigned long rcx;
unsigned long rdx;
unsigned long rsi;
unsigned long rdi;
unsigned long rbp;
unsigned long rsp;
unsigned long r8;
unsigned long r9;
unsigned long r10;
unsigned long r11;
unsigned long r12;
unsigned long r13;
unsigned long r14;
unsigned long r15;
unsigned long rip;
unsigned long rflags;
unsigned int cs;
unsigned int ss;
};
struct x86_64regs registers;
registers.rax = raw_regs->tf_rax;
registers.rbx = raw_regs->tf_rbx;
registers.rcx = raw_regs->tf_rcx;
registers.rdx = raw_regs->tf_rdx;
registers.rsp = raw_regs->tf_rsp;
registers.rbp = raw_regs->tf_rbp;
registers.rsi = raw_regs->tf_rsi;
registers.rdi = raw_regs->tf_rdi;
registers.r8 = raw_regs->tf_r8;
registers.r9 = raw_regs->tf_r9;
registers.r10 = raw_regs->tf_r10;
registers.r11 = raw_regs->tf_r11;
registers.r12 = raw_regs->tf_r12;
registers.r13 = raw_regs->tf_r13;
registers.r14 = raw_regs->tf_r14;
registers.r15 = raw_regs->tf_r15;
registers.rip = raw_regs->tf_rip;
registers.rflags = raw_regs->tf_rflags;
registers.cs = raw_regs->tf_cs;
registers.ss = raw_regs->tf_ss;
/* reply to host that an exception has occurred */
sigval = computeSignal (type);
ptr = remcomOutBuffer;
*ptr++ = 'T';
*ptr++ = hexchars[sigval >> 4];
*ptr++ = hexchars[sigval & 0xf];
*ptr++ = hexchars[PC >> 4];
*ptr++ = hexchars[PC & 0xf];
*ptr++ = ':';
ptr = mem2hex ((vm_offset_t)®isters.rip, ptr, 8);
*ptr++ = ';';
*ptr++ = hexchars[FP >> 4];
*ptr++ = hexchars[FP & 0xf];
*ptr++ = ':';
ptr = mem2hex ((vm_offset_t)®isters.rbp, ptr, 8);
*ptr++ = ';';
*ptr++ = hexchars[SP >> 4];
*ptr++ = hexchars[SP & 0xf];
*ptr++ = ':';
ptr = mem2hex ((vm_offset_t)®isters.rsp, ptr, 8);
*ptr++ = ';';
*ptr++ = 0;
putpacket (remcomOutBuffer);
while (1)
{
remcomOutBuffer[0] = 0;
getpacket (remcomInBuffer);
switch (remcomInBuffer[0])
{
case '?':
remcomOutBuffer[0] = 'S';
remcomOutBuffer[1] = hexchars[sigval >> 4];
remcomOutBuffer[2] = hexchars[sigval % 16];
remcomOutBuffer[3] = 0;
break;
case 'D': /* detach; say OK and turn off gdb */
putpacket(remcomOutBuffer);
boothowto &= ~RB_GDB;
return;
case 'g': /* return the value of the CPU registers */
mem2hex ((vm_offset_t)®isters, remcomOutBuffer, NUMREGBYTES);
break;
case 'G': /* set the value of the CPU registers - return OK */
hex2mem (&remcomInBuffer[1], (vm_offset_t)®isters, NUMREGBYTES);
strcpy (remcomOutBuffer, "OK");
break;
case 'P': /* Set the value of one register */
{
int regno;
ptr = &remcomInBuffer[1];
if (hexToInt (&ptr, ®no)
&& *ptr++ == '='
&& regno < NUM_REGS)
{
/* JG */
hex2mem (ptr, (vm_offset_t)®isters + regno * 8, 8);
strcpy(remcomOutBuffer,"OK");
}
else
strcpy (remcomOutBuffer, "P01");
break;
}
case 'm': /* mAA..AA,LLLL Read LLLL bytes at address AA..AA */
/* Try to read %x,%x. */
ptr = &remcomInBuffer[1];
if (hexToLong (&ptr, &addr)
&& *(ptr++) == ','
&& hexToInt (&ptr, &length))
{
if (mem2hex((vm_offset_t) addr, remcomOutBuffer, length) == NULL)
strcpy (remcomOutBuffer, "E03");
break;
}
else
strcpy (remcomOutBuffer, "E01");
break;
case 'M': /* MAA..AA,LLLL: Write LLLL bytes at address AA.AA return OK */
/* Try to read '%x,%x:'. */
ptr = &remcomInBuffer[1];
if (hexToLong(&ptr,&addr)
&& *(ptr++) == ','
&& hexToInt(&ptr, &length)
&& *(ptr++) == ':')
{
if (hex2mem(ptr, (vm_offset_t) addr, length) == NULL)
strcpy (remcomOutBuffer, "E03");
else
strcpy (remcomOutBuffer, "OK");
}
else
strcpy (remcomOutBuffer, "E02");
break;
/* cAA..AA Continue at address AA..AA(optional) */
/* sAA..AA Step one instruction from AA..AA(optional) */
case 'c' :
case 's' :
/* try to read optional parameter, pc unchanged if no parm */
ptr = &remcomInBuffer[1];
if (hexToLong(&ptr,&addr))
registers.rip = addr;
/* set the trace bit if we're stepping */
if (remcomInBuffer[0] == 's')
registers.rflags |= PSL_T;
else
registers.rflags &= ~PSL_T;
raw_regs->tf_rax = registers.rax;
raw_regs->tf_rbx = registers.rbx;
raw_regs->tf_rcx = registers.rcx;
raw_regs->tf_rdx = registers.rdx;
raw_regs->tf_rsp = registers.rsp;
raw_regs->tf_rbp = registers.rbp;
raw_regs->tf_rsi = registers.rsi;
raw_regs->tf_rdi = registers.rdi;
raw_regs->tf_r8 = registers.r8;
raw_regs->tf_r9 = registers.r9;
raw_regs->tf_r10 = registers.r10;
raw_regs->tf_r11 = registers.r11;
raw_regs->tf_r12 = registers.r12;
raw_regs->tf_r13 = registers.r13;
raw_regs->tf_r14 = registers.r14;
raw_regs->tf_r15 = registers.r15;
raw_regs->tf_rip = registers.rip;
raw_regs->tf_rflags = registers.rflags;
raw_regs->tf_cs = registers.cs;
raw_regs->tf_ss = registers.ss;
return;
} /* switch */
/* reply to the request */
putpacket (remcomOutBuffer);
}
}
/*
* This function does all command procesing for interfacing to gdb.
*/
void
gdb_handle_exception (db_regs_t *raw_regs, int type, int code)
{
int sigval;
long addr, length;
char * ptr;
struct alpharegs {
u_int64_t r[32];
u_int64_t f[32];
u_int64_t pc, vfp;
};
static struct alpharegs registers;
int i;
clear_single_step(raw_regs);
bzero(®isters, sizeof registers);
/*
* Map trapframe to registers.
* Ignore float regs for now.
*/
for (i = 0; i < FRAME_SIZE; i++)
if (tf2gdb[i] >= 0)
registers.r[tf2gdb[i]] = raw_regs->tf_regs[i];
registers.pc = raw_regs->tf_regs[FRAME_PC];
/* reply to host that an exception has occurred */
sigval = computeSignal (type, code);
ptr = remcomOutBuffer;
*ptr++ = 'T';
*ptr++ = hexchars[sigval >> 4];
*ptr++ = hexchars[sigval & 0xf];
*ptr++ = hexchars[PC >> 4];
*ptr++ = hexchars[PC & 0xf];
*ptr++ = ':';
ptr = mem2hex ((vm_offset_t)®isters.pc, ptr, 8);
*ptr++ = ';';
*ptr++ = hexchars[FP >> 4];
*ptr++ = hexchars[FP & 0xf];
*ptr++ = ':';
ptr = mem2hex ((vm_offset_t)®isters.r[FP], ptr, 8);
*ptr++ = ';';
*ptr++ = hexchars[SP >> 4];
*ptr++ = hexchars[SP & 0xf];
*ptr++ = ':';
ptr = mem2hex ((vm_offset_t)®isters.r[SP], ptr, 8);
*ptr++ = ';';
*ptr++ = 0;
putpacket (remcomOutBuffer);
while (1)
{
remcomOutBuffer[0] = 0;
getpacket (remcomInBuffer);
switch (remcomInBuffer[0])
{
case '?':
remcomOutBuffer[0] = 'S';
remcomOutBuffer[1] = hexchars[sigval >> 4];
remcomOutBuffer[2] = hexchars[sigval % 16];
remcomOutBuffer[3] = 0;
break;
case 'D': /* detach; say OK and turn off gdb */
putpacket(remcomOutBuffer);
boothowto &= ~RB_GDB;
return;
case 'k':
prom_halt();
/*NOTREACHED*/
break;
case 'g': /* return the value of the CPU registers */
mem2hex ((vm_offset_t)®isters, remcomOutBuffer, NUMREGBYTES);
break;
case 'G': /* set the value of the CPU registers - return OK */
hex2mem (&remcomInBuffer[1], (vm_offset_t)®isters, NUMREGBYTES);
strcpy (remcomOutBuffer, "OK");
break;
case 'P': /* Set the value of one register */
{
long regno;
ptr = &remcomInBuffer[1];
if (hexToInt (&ptr, ®no)
&& *ptr++ == '='
&& regno < NUM_REGS)
{
hex2mem (ptr, (vm_offset_t)®isters + regno * 8, 8);
strcpy(remcomOutBuffer,"OK");
}
else
strcpy (remcomOutBuffer, "P01");
break;
}
case 'm': /* mAA..AA,LLLL Read LLLL bytes at address AA..AA */
/* Try to read %x,%x. */
ptr = &remcomInBuffer[1];
if (hexToInt (&ptr, &addr)
&& *(ptr++) == ','
&& hexToInt (&ptr, &length))
{
if (mem2hex((vm_offset_t) addr, remcomOutBuffer, length) == NULL)
strcpy (remcomOutBuffer, "E03");
break;
}
else
strcpy (remcomOutBuffer, "E01");
break;
case 'M': /* MAA..AA,LLLL: Write LLLL bytes at address AA.AA return OK */
/* Try to read '%x,%x:'. */
ptr = &remcomInBuffer[1];
if (hexToInt(&ptr,&addr)
&& *(ptr++) == ','
&& hexToInt(&ptr, &length)
&& *(ptr++) == ':')
{
if (hex2mem(ptr, (vm_offset_t) addr, length) == NULL)
strcpy (remcomOutBuffer, "E03");
else
strcpy (remcomOutBuffer, "OK");
}
else
strcpy (remcomOutBuffer, "E02");
break;
/* cAA..AA Continue at address AA..AA(optional) */
/* sAA..AA Step one instruction from AA..AA(optional) */
case 'c' :
case 's' :
/* try to read optional parameter, pc unchanged if no parm */
ptr = &remcomInBuffer[1];
if (hexToInt(&ptr,&addr))
registers.pc = addr;
/*
* Map gdb registers back to trapframe (ignoring fp regs).
*/
for (i = 0; i < NUM_REGS; i++)
if (gdb2tf[i] >= 0)
raw_regs->tf_regs[gdb2tf[i]] = registers.r[i];
raw_regs->tf_regs[FRAME_PC] = registers.pc;
if (remcomInBuffer[0] == 's')
if (!set_single_step(raw_regs))
printf("Can't set single step breakpoint\n");
return;
} /* switch */
/* reply to the request */
putpacket (remcomOutBuffer);
}
}
static int filehash58_cb (const char *p, const char *f, const char *h, probe_ctx *ctx)
{
SEXP_t *itm;
char pbuf[PATH_MAX+1];
size_t plen, flen;
int fd;
if (f == NULL)
return (0);
/*
* Prepare path
*/
plen = strlen (p);
flen = strlen (f);
if (plen + flen + 1 > PATH_MAX)
return (-1);
memcpy (pbuf, p, sizeof (char) * plen);
if (p[plen - 1] != FILE_SEPARATOR) {
pbuf[plen] = FILE_SEPARATOR;
++plen;
}
memcpy (pbuf + plen, f, sizeof (char) * flen);
pbuf[plen+flen] = '\0';
/*
* Open the file
*/
fd = open (pbuf, O_RDONLY);
if (fd < 0) {
strerror_r (errno, pbuf, PATH_MAX);
pbuf[PATH_MAX] = '\0';
itm = probe_item_create (OVAL_INDEPENDENT_FILE_HASH58, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"hash_type",OVAL_DATATYPE_STRING, h,
NULL);
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Can't open \"%s\": errno=%d, %s.", pbuf, errno, strerror (errno));
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
} else {
uint8_t hash_dst[1025];
size_t hash_dstlen = sizeof hash_dst;
char hash_str[2051];
crapi_alg_t hash_type;
hash_type = oscap_string_to_enum(CRAPI_ALG_MAP, h);
hash_dstlen = oscap_string_to_enum(CRAPI_ALG_MAP_SIZE, h);
/*
* Compute hash value
*/
if (crapi_mdigest_fd (fd, 1, hash_type, hash_dst, &hash_dstlen) != 0) {
close (fd);
return (-1);
}
close (fd);
hash_str[0] = '\0';
mem2hex (hash_dst, hash_dstlen, hash_str, sizeof hash_str);
/*
* Create and add the item
*/
itm = probe_item_create(OVAL_INDEPENDENT_FILE_HASH58, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"hash_type",OVAL_DATATYPE_STRING, h,
"hash", OVAL_DATATYPE_STRING, hash_str,
NULL);
if (hash_dstlen == 0) {
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Unable to compute %s hash value of \"%s\".", h, pbuf);
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
}
}
probe_item_collect(ctx, itm);
return (0);
}
