static PyObject *
pax_setstrflags(PyObject *self, PyObject *args)
{
char *f_name, *sflags;
int fd, rdwr_pt_pax = 1;
uint16_t oflags, nflags, flags;
if (!PyArg_ParseTuple(args, "ss", &f_name, &sflags))
{
PyErr_SetString(PaxError, "pax_setstrflags: PyArg_ParseTuple failed");
return NULL;
}
if((fd = open(f_name, O_RDWR)) < 0)
{
#ifdef PTPAX
rdwr_pt_pax = 0;
#endif
if((fd = open(f_name, O_RDONLY)) < 0)
{
PyErr_SetString(PaxError, "pax_setstrflags: open() failed");
return NULL;
}
}
flags = parse_sflags(sflags);
#ifdef PTPAX
if(rdwr_pt_pax)
{
oflags = get_pt_flags(fd);
if( oflags == UINT16_MAX )
oflags = PF_NOEMUTRAMP ;
nflags = update_flags( oflags, flags);
set_pt_flags(fd, nflags);
}
#endif
#ifdef XTPAX
oflags = get_xt_flags(fd);
if( oflags == UINT16_MAX )
oflags = PF_NOEMUTRAMP ;
nflags = update_flags( oflags, flags);
set_xt_flags(fd, nflags);
#endif
close(fd);
return Py_BuildValue("");
}
static gui_bool
update_control(struct control_window *control, struct gui_stack *stack,
struct gui_input *in, struct gui_config *config)
{
gui_bool running;
struct gui_panel_layout layout;
struct gui_panel_layout tab;
running = gui_panel_begin_stacked(&layout, &control->hook, stack, "Control", in);
control->flag_tab = gui_panel_tab_begin(&layout, &tab, "Options", control->flag_tab);
update_flags(&tab, control);
gui_panel_tab_end(&layout, &tab);
control->style_tab = gui_panel_tab_begin(&layout, &tab, "Properties", control->style_tab);
properties_tab(&tab, config);
gui_panel_tab_end(&layout, &tab);
control->round_tab = gui_panel_tab_begin(&layout, &tab, "Rounding", control->round_tab);
round_tab(&tab, config);
gui_panel_tab_end(&layout, &tab);
control->color_tab = gui_panel_tab_begin(&layout, &tab, "Color", control->color_tab);
color_tab(&tab, control, config);
gui_panel_tab_end(&layout, &tab);
gui_panel_end(&layout, &control->hook);
return running;
}
void TextStack::clear() {
message_stack.clear();
stack_iterator = message_stack.end();
update_flags();
}
void TextStack::add_new(std::string new_message) {
message_stack.push_back(new_message);
if(stack_iterator == message_stack.end()){
stack_iterator = message_stack.begin();
}
update_flags();
}
static int set_professional_spdif(struct echoaudio *chip, char prof)
{
if (prof)
chip->comm_page->flags |=
cpu_to_le32(DSP_FLAG_PROFESSIONAL_SPDIF);
else
chip->comm_page->flags &=
~cpu_to_le32(DSP_FLAG_PROFESSIONAL_SPDIF);
chip->professional_spdif = prof;
return update_flags(chip);
}
static int set_professional_spdif(struct echoaudio *chip, char prof)
{
DE_ACT(("set_professional_spdif %d\n", prof));
if (prof)
chip->comm_page->flags |=
__constant_cpu_to_le32(DSP_FLAG_PROFESSIONAL_SPDIF);
else
chip->comm_page->flags &=
~__constant_cpu_to_le32(DSP_FLAG_PROFESSIONAL_SPDIF);
chip->professional_spdif = prof;
return update_flags(chip);
}
/*
* Call this to do a TLS accept on a sockbuf.
* Everything else is the same as with tls_connect.
*/
int
ldap_pvt_tls_accept( Sockbuf *sb, void *ctx_arg )
{
int err;
tls_session *ssl = NULL;
if ( HAS_TLS( sb )) {
ber_sockbuf_ctrl( sb, LBER_SB_OPT_GET_SSL, (void *)&ssl );
} else {
ssl = alloc_handle( ctx_arg, 1 );
if ( ssl == NULL ) return -1;
#ifdef LDAP_DEBUG
ber_sockbuf_add_io( sb, &ber_sockbuf_io_debug,
LBER_SBIOD_LEVEL_TRANSPORT, (void *)"tls_" );
#endif
ber_sockbuf_add_io( sb, tls_imp->ti_sbio,
LBER_SBIOD_LEVEL_TRANSPORT, (void *)ssl );
}
err = tls_imp->ti_session_accept( ssl );
#ifdef HAVE_WINSOCK
errno = WSAGetLastError();
#endif
if ( err < 0 )
{
if ( update_flags( sb, ssl, err )) return 1;
if ( DebugTest( LDAP_DEBUG_ANY ) ) {
char buf[256], *msg;
msg = tls_imp->ti_session_errmsg( ssl, err, buf, sizeof(buf) );
Debug( LDAP_DEBUG_ANY,"TLS: can't accept: %s.\n",
msg ? msg : "(unknown)", 0, 0 );
}
ber_sockbuf_remove_io( sb, tls_imp->ti_sbio,
LBER_SBIOD_LEVEL_TRANSPORT );
#ifdef LDAP_DEBUG
ber_sockbuf_remove_io( sb, &ber_sockbuf_io_debug,
LBER_SBIOD_LEVEL_TRANSPORT );
#endif
return -1;
}
return 0;
}
std::string TextStack::backward() {
// Empty stack
if (message_stack.empty()) {
_reached_end = true;
return ("");
}
// Don't go off the en... start.
if (stack_iterator == message_stack.begin()) {
_reached_end = true;
return ("");
}
//else it's fine
--stack_iterator;
update_flags();
return *stack_iterator;
}
std::string TextStack::forward() {
// Empty stack
if (message_stack.empty()) {
_reached_end = true;
return ("");
}
++stack_iterator;
// Don't go off the end.
if(stack_iterator == message_stack.end())
{
//restore it to the one before end
--stack_iterator;
_reached_end = true;
return ("");
}
update_flags();
return *stack_iterator;
}
static int
ldap_int_tls_connect( LDAP *ld, LDAPConn *conn )
{
Sockbuf *sb = conn->lconn_sb;
int err;
tls_session *ssl = NULL;
if ( HAS_TLS( sb )) {
ber_sockbuf_ctrl( sb, LBER_SB_OPT_GET_SSL, (void *)&ssl );
} else {
struct ldapoptions *lo;
tls_ctx *ctx;
ctx = ld->ld_options.ldo_tls_ctx;
ssl = alloc_handle( ctx, 0 );
if ( ssl == NULL ) return -1;
#ifdef LDAP_DEBUG
ber_sockbuf_add_io( sb, &ber_sockbuf_io_debug,
LBER_SBIOD_LEVEL_TRANSPORT, (void *)"tls_" );
#endif
ber_sockbuf_add_io( sb, tls_imp->ti_sbio,
LBER_SBIOD_LEVEL_TRANSPORT, (void *)ssl );
lo = LDAP_INT_GLOBAL_OPT();
if( ctx == NULL ) {
ctx = lo->ldo_tls_ctx;
ld->ld_options.ldo_tls_ctx = ctx;
tls_ctx_ref( ctx );
}
if ( ld->ld_options.ldo_tls_connect_cb )
ld->ld_options.ldo_tls_connect_cb( ld, ssl, ctx,
ld->ld_options.ldo_tls_connect_arg );
if ( lo && lo->ldo_tls_connect_cb && lo->ldo_tls_connect_cb !=
ld->ld_options.ldo_tls_connect_cb )
lo->ldo_tls_connect_cb( ld, ssl, ctx, lo->ldo_tls_connect_arg );
}
err = tls_imp->ti_session_connect( ld, ssl );
#ifdef HAVE_WINSOCK
errno = WSAGetLastError();
#endif
if ( err < 0 )
{
char buf[256], *msg;
if ( update_flags( sb, ssl, err )) {
return 1;
}
msg = tls_imp->ti_session_errmsg( ssl, err, buf, sizeof(buf) );
if ( msg ) {
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
}
ld->ld_error = LDAP_STRDUP( msg );
#ifdef HAVE_EBCDIC
if ( ld->ld_error ) __etoa(ld->ld_error);
#endif
}
Debug( LDAP_DEBUG_ANY,"TLS: can't connect: %s.\n",
ld->ld_error ? ld->ld_error : "" ,0,0);
ber_sockbuf_remove_io( sb, tls_imp->ti_sbio,
LBER_SBIOD_LEVEL_TRANSPORT );
#ifdef LDAP_DEBUG
ber_sockbuf_remove_io( sb, &ber_sockbuf_io_debug,
LBER_SBIOD_LEVEL_TRANSPORT );
#endif
return -1;
}
return 0;
}
/*
* @func encrypt_or_clear_ip_sections modifies the content of some sections.
* 1. If section content cannot be modified without disrupting enclave signing or loading flows
* then section content is not modified
* 2. Allocable sections (copied to application address space at shared object's load time)
* are encrypted.
* 3. The content of sections that are not allocable is zeroed
* @param IN pcl_data_t* dat, ELF data
* @param IN uint8_t* key, the AES key for GCM encrypt
* @param INOUT uint8_t* elf_buf, base address of ELF binary buffer
* @param OUT pcl_table_t* tbl, pointer to PCL table
* @param OUT uint32_t* num_rvas_out, total number of sections that are encrypted
* @param bool debug, true iff enclave is requried to support debug
* @return encip_ret_e:
* ENCIP_ERROR_ENCSECS_INVALID_PARAM any input parameter is NULL
* PCL_MAX_NUM_ENCRYPTED_SECTIONS if out of entires in PCL table
* Respective error results in case any of the functions encrypt or update_flags fail.
* ENCIP_SUCCESS if success
*/
static encip_ret_e encrypt_or_clear_ip_sections(
IN pcl_data_t* dat,
IN uint8_t* key,
INOUT uint8_t* elf_buf,
size_t elf_size,
OUT pcl_table_t* tbl,
OUT uint32_t* num_rvas_out,
bool debug)
{
if(
NULL == dat ||
NULL == key ||
NULL == elf_buf ||
NULL == tbl ||
NULL == num_rvas_out)
return ENCIP_ERROR_ENCSECS_INVALID_PARAM;
uint32_t num_rvas = 0;
// Go over sections headers to find sections to encrypt or clear:
char* sec_name = NULL;
for(uint16_t secidx = 1; secidx < dat->nsections; secidx++)
{
if(dat->elf_sec[secidx].sh_name >= dat->elf_sec[dat->shstrndx].sh_size)
return ENCIP_ERROR_PARSE_ELF_INVALID_IMAGE;
sec_name = dat->sections_names + dat->elf_sec[secidx].sh_name;
/*
* Verifying string starts before end of section. Assuming (but not checking)
* that string ends before end of section. Additional check will complicate code.
* Assuming the platform this application is running on is not compromized.
*/
if((uint8_t*)sec_name > elf_buf + elf_size)
return ENCIP_ERROR_PARSE_ELF_INVALID_IMAGE;
if(can_modify(sec_name, debug))
{
uint8_t* va = (uint8_t *)(elf_buf + dat->elf_sec[secidx].sh_offset);
size_t size = dat->elf_sec[secidx].sh_size;
if((va >= elf_buf + elf_size) ||
(va + size < va) ||
(va + size > elf_buf + elf_size))
return ENCIP_ERROR_PARSE_ELF_INVALID_IMAGE;
// If section is allocable (mapped into process's virtual memory), decrypt it:
if(SHF_ALLOC & dat->elf_sec[secidx].sh_flags)
{
if(PCL_MAX_NUM_ENCRYPTED_SECTIONS <= num_rvas)
{
/*
* No more empty entries in PCL table.
* To fix - redefine PCL_MAX_NUM_ENCRYPTED_SECTIONS in pcl_common.h
*/
printf("Error: No more empty entries in Intel(R) SGX PCL table\n");
printf("To fix - redefine PCL_MAX_NUM_ENCRYPTED_SECTIONS in pcl_common.h\n");
return ENCIP_ERROR_ENCSECS_RVAS_OVERFLOW;
}
if(PCL_GCM_NUM_BLOCKS(size) > PCL_GCM_MAX_NUM_BLOCKS)
{
/*
* Size in 16-bytes-blocks exceeds (2^32 - 2).
* Only happen if cipher-text size is ~64GB.
*/
return ENCIP_ERROR_ENCSECS_COUNTER_OVERFLOW;
}
uint8_t* iv = (uint8_t*)&(tbl->rvas_sizes_tags_ivs[num_rvas].iv.val);
encip_ret_e ret = init_random_iv(iv);
if(ENCIP_ERROR(ret))
return ret;
uint8_t* tag = (uint8_t*)&(tbl->rvas_sizes_tags_ivs[num_rvas].tag);
ret = gcm_encrypt(va, size, NULL, 0, (uint8_t *)key, iv, va, tag);
if(ENCIP_ERROR(ret))
{
printf("Failed to gcm-encrypt section %s\n", sec_name);
return ret;
}
// Insert entry to table:
tbl->rvas_sizes_tags_ivs[num_rvas].rva = dat->elf_sec[secidx].sh_addr;
tbl->rvas_sizes_tags_ivs[num_rvas].size = size;
// Update flags to writable:
ret = update_flags(secidx, dat);
if(ENCIP_ERROR(ret))
return ret;
// Increment num_rvas:
num_rvas++;
}
// Else (section is not allocable), zero it:
else
{
memset(va, 0, size);
}
}
}
*num_rvas_out = num_rvas;
return ENCIP_SUCCESS;
}
/* -----------------------------------------------------------------
* RUN
* ----------------------------------------------------------------- */
static void
run_demo(struct demo_gui *gui)
{
struct gui_panel_layout layout;
struct state *state = &gui->state;
struct gui_panel_layout tab;
struct gui_config *config = &gui->config;
/* first panel */
gui_panel_begin(&layout, &gui->panel);
{
/* header */
gui->running = !gui_panel_header(&layout, "Demo",
GUI_CLOSEABLE|GUI_MINIMIZABLE, GUI_CLOSEABLE, GUI_HEADER_RIGHT);
/* menubar */
gui_panel_menubar_begin(&layout);
{
gui_int sel;
gui_panel_row_begin(&layout, GUI_STATIC, 25, 2);
{
gui_panel_row_push(&layout, config->font.width(config->font.userdata, "__FILE__", 8));
sel = gui_panel_menu(&layout, "FILE", file_items, LEN(file_items), 25, 100,
&state->file_open, gui_vec2(0,0));
switch (sel) {
case MENU_FILE_OPEN:
fprintf(stdout, "[Menu:File] open clicked!\n"); break;
case MENU_FILE_CLOSE:
fprintf(stdout, "[Menu:File] close clicked!\n"); break;
case MENU_FILE_QUIT:
fprintf(stdout, "[Menu:File] quit clicked!\n"); break;
case GUI_NONE:
default: break;
}
gui_panel_row_push(&layout, config->font.width(config->font.userdata, "__EDIT__", 8));
sel = gui_panel_menu(&layout, "EDIT", edit_items, LEN(edit_items), 25, 100,
&state->edit_open, gui_vec2(0,0));
switch (sel) {
case MENU_EDIT_COPY:
fprintf(stdout, "[Menu:Edit] copy clicked!\n"); break;
case MENU_EDIT_CUT:
fprintf(stdout, "[Menu:Edit] cut clicked!\n"); break;
case MENU_EDIT_DELETE:
fprintf(stdout, "[Menu:Edit] delete clicked!\n"); break;
case MENU_EDIT_PASTE:
fprintf(stdout, "[Menu:Edit] paste clicked!\n"); break;
case GUI_NONE:
default: break;
}
}
gui_panel_row_end(&layout);
}
gui_panel_menubar_end(&layout);
/* panel style configuration */
if (gui_panel_layout_push(&layout, GUI_LAYOUT_TAB, "Style", &state->config_tab))
{
if (gui_panel_layout_push(&layout, GUI_LAYOUT_NODE, "Options", &state->flag_tab)) {
update_flags(&layout);
gui_panel_layout_pop(&layout);
}
if (gui_panel_layout_push(&layout, GUI_LAYOUT_NODE, "Properties", &state->style_tab)) {
properties_tab(&layout, config);
gui_panel_layout_pop(&layout);
}
if (gui_panel_layout_push(&layout, GUI_LAYOUT_NODE, "Rounding", &state->round_tab)) {
round_tab(&layout, config);
gui_panel_layout_pop(&layout);
}
if (gui_panel_layout_push(&layout, GUI_LAYOUT_NODE, "Color", &state->color_tab)) {
color_tab(&layout, state, config);
gui_panel_layout_pop(&layout);
}
gui_panel_layout_pop(&layout);
}
/* widgets examples */
if (gui_panel_layout_push(&layout, GUI_LAYOUT_TAB, "Widgets", &state->widget_tab)) {
widget_panel(&layout, state);
gui_panel_layout_pop(&layout);
}
/* popup panel */
if (state->popup) {
gui_panel_popup_begin(&layout, &tab, GUI_POPUP_STATIC, gui_rect(20, 100, 220, 150), gui_vec2(0,0));
{
if (gui_panel_header(&tab, "Popup", GUI_CLOSEABLE, GUI_CLOSEABLE, GUI_HEADER_LEFT)) {
gui_panel_popup_close(&tab);
state->popup = gui_false;
}
gui_panel_row_dynamic(&tab, 30, 1);
gui_panel_label(&tab, "Are you sure you want to exit?", GUI_TEXT_LEFT);
gui_panel_row_dynamic(&tab, 30, 4);
gui_panel_spacing(&tab, 1);
if (gui_panel_button_text(&tab, "Yes", GUI_BUTTON_DEFAULT)) {
gui_panel_popup_close(&tab);
state->popup = gui_false;
}
if (gui_panel_button_text(&tab, "No", GUI_BUTTON_DEFAULT)) {
gui_panel_popup_close(&tab);
state->popup = gui_false;
}
}
gui_panel_popup_end(&layout, &tab);
}
{
/* shelf + graphes */
static const char *shelfs[] = {"Histogram", "Lines"};
gui_panel_row_dynamic(&layout, 180, 1);
state->shelf_selection = gui_panel_shelf_begin(&layout, &tab, shelfs,
LEN(shelfs), state->shelf_selection, state->shelf);
graph_panel(&tab, state->shelf_selection);
state->shelf = gui_panel_shelf_end(&layout, &tab);
}
/* tables */
gui_panel_row_dynamic(&layout, 180, 1);
gui_panel_group_begin(&layout, &tab, "Table", state->table);
table_panel(&tab);
state->table = gui_panel_group_end(&layout, &tab);
{
/* tree */
struct gui_tree tree;
gui_panel_row_dynamic(&layout, 250, 1);
gui_panel_tree_begin(&layout, &tree, "Tree", 20, state->tree);
upload_tree(&state->test, &tree, &state->test.root);
state->tree = gui_panel_tree_end(&layout, &tree);
}
}
gui_panel_end(&layout, &gui->panel);
/* second panel */
gui_panel_begin(&layout, &gui->sub);
{
enum {EASY, HARD};
gui_panel_header(&layout, "Show", GUI_CLOSEABLE, 0, GUI_HEADER_LEFT);
gui_panel_row_static(&layout, 30, 80, 1);
if (gui_panel_button_text(&layout, "button", GUI_BUTTON_DEFAULT)) {
/* event handling */
}
gui_panel_row_dynamic(&layout, 30, 2);
if (gui_panel_option(&layout, "easy", state->op == EASY)) state->op = EASY;
if (gui_panel_option(&layout, "hard", state->op == HARD)) state->op = HARD;
}
gui_panel_end(&layout, &gui->sub);
}
