/* This is run *after* we've parsed params */
static int munge_tables(void)
{
unsigned int ret;
/* By default, all syscall entries will be disabled.
* If we didn't pass -c, -x or -r, mark all syscalls active.
*/
if ((do_specific_syscall == FALSE) && (do_exclude_syscall == FALSE) && (random_selection == FALSE))
mark_all_syscalls_active();
if (desired_group != GROUP_NONE) {
ret = setup_syscall_group(desired_group);
if (ret == FALSE)
return FALSE;
}
if (random_selection == TRUE)
enable_random_syscalls();
/* If we saw a '-x', set all syscalls to enabled, then selectively disable.
* Unless we've started enabling them already (with -r)
*/
if (do_exclude_syscall == TRUE) {
if (random_selection == FALSE)
mark_all_syscalls_active();
deactivate_disabled_syscalls();
}
/* if we passed -n, make sure there's no VM/VFS syscalls enabled. */
if (no_files == TRUE)
disable_non_net_syscalls();
sanity_check_tables();
count_syscalls_enabled();
if (verbose == TRUE)
display_enabled_syscalls();
if (validate_syscall_tables() == FALSE) {
printf("No syscalls were enabled!\n");
printf("Use 32bit:%d 64bit:%d\n", use_32bit, use_64bit);
return FALSE;
}
return TRUE;
}
int main(int argc, char* argv[])
{
int ret = EXIT_SUCCESS;
unsigned int i;
printf("Trinity v" __stringify(VERSION) " Dave Jones <*****@*****.**> 2012\n");
progname = argv[0];
setup_syscall_tables();
parse_args(argc, argv);
/* If we didn't pass -c or -x, mark all syscalls active. */
if ((do_specific_syscall == FALSE) && (do_exclude_syscall == FALSE))
mark_all_syscalls_active();
if (getuid() == 0) {
if (dangerous == TRUE) {
printf("DANGER: RUNNING AS ROOT.\n");
printf("Unless you are running in a virtual machine, this could cause serious problems such as overwriting CMOS\n");
printf("or similar which could potentially make this machine unbootable without a firmware reset.\n\n");
printf("ctrl-c now unless you really know what you are doing.\n");
for (i = 10; i > 0; i--) {
printf("Continuing in %d seconds.\r", i);
(void)fflush(stdout);
sleep(1);
}
} else {
printf("Don't run as root (or pass --dangerous if you know what you are doing).\n");
exit(EXIT_FAILURE);
}
}
if (create_shm())
exit(EXIT_FAILURE);
/* Set seed in parent thread*/
set_seed(0);
if (desired_group != GROUP_NONE) {
ret = setup_syscall_group(desired_group);
if (ret == FALSE) {
ret = EXIT_FAILURE;
goto cleanup_shm;
}
}
if (show_syscall_list == TRUE) {
dump_syscall_tables();
goto cleanup_shm;
}
if (validate_syscall_tables() == FALSE) {
printf("No syscalls were enabled!\n");
printf("Use 32bit:%d 64bit:%d\n", use_32bit, use_64bit);
goto cleanup_shm;
}
sanity_check_tables();
if (logging == TRUE)
open_logfiles();
if (do_specific_syscall == FALSE) {
if (biarch == TRUE)
output(0, "Fuzzing %d 32-bit syscalls & %d 64-bit syscalls.\n",
max_nr_32bit_syscalls, max_nr_64bit_syscalls);
else
output(0, "Fuzzing %d syscalls.\n", max_nr_syscalls);
}
if (do_specific_proto == TRUE)
find_specific_proto(specific_proto_optarg);
page_size = getpagesize();
init_buffers();
mask_signals();
if (check_tainted() != 0) {
output(0, "Kernel was tainted on startup. Will keep running if trinity causes an oops.\n");
do_check_tainted = TRUE;
}
/* just in case we're not using the test.sh harness. */
chmod("tmp/", 0755);
ret = chdir("tmp/");
if (!ret) {
/* nothing right now */
}
if (shm->exit_reason != STILL_RUNNING)
goto cleanup_fds;
init_watchdog();
do_main_loop();
printf("\nRan %ld syscalls. Successes: %ld Failures: %ld\n",
shm->total_syscalls_done - 1, shm->successes, shm->failures);
ret = EXIT_SUCCESS;
cleanup_fds:
for (i = 0; i < nr_sockets; i++) {
struct linger ling;
ling.l_onoff = FALSE; /* linger active */
setsockopt(shm->socket_fds[i], SOL_SOCKET, SO_LINGER, &ling, sizeof(struct linger));
shutdown(shm->socket_fds[i], SHUT_RDWR);
close(shm->socket_fds[i]);
}
destroy_maps();
if (logging == TRUE)
close_logfiles();
cleanup_shm:
if (shm != NULL)
munmap(shm, sizeof(struct shm_s));
exit(ret);
}