int main(int argc, char **argv){
if(argc != 2)
{
printf("usage : %s nb_threads\n", argv[0]);
exit(1);
}
int nb_threads = atoi(argv[1]);
srand(time(NULL)*getpid());
/*** Linked list ***/
list_init(&list);
/*** Tracing ... ***/
tracing_s tracing;
t = &tracing;
/* set a timeout to kill the process in case of deadlock */
alarm(5);
tracing_init(t, nb_threads);
/* Give a human readable name to events */
tracing_register_event(t, BR_EVENT_ID, "BEGIN READ");
tracing_register_event(t, ER_EVENT_ID, "END READ");
tracing_register_event(t, BW_EVENT_ID, "BEGIN WRITE");
tracing_register_event(t, EW_EVENT_ID, "END WRITE");
/*** Thread creation ***/
pthread_t *tids = malloc(sizeof(pthread_t) * nb_threads -1);
long int i;
for(i = 0; i < nb_threads-1; i++){
pthread_create(tids+i, NULL, thread_func, (void*)(i+1));
}
thread_func((void*)0);
for(i = 0; i < nb_threads-1; i++){
pthread_join(tids[i], NULL);
}
PrintList();
print_all_events_per_date(t);
exit(EXIT_SUCCESS);
}
plugin_interface_t * init_plugin() {
if (0x80000000 == VMI_guest_kernel_base)
comparestring = strcasecmp;
else
comparestring = strcmp;
tracing_interface.plugin_cleanup = tracing_cleanup;
tracing_interface.mon_cmds = tracing_term_cmds;
tracing_interface.info_cmds = tracing_info_cmds;
//for now, receive block begin callback globally
DECAF_stop_vm();
// register for insn begin/end
insn_begin_cb_handle = DECAF_register_callback(DECAF_INSN_BEGIN_CB,
tracing_insn_begin, &should_monitor);
insn_end_cb_handle = DECAF_register_callback(DECAF_INSN_END_CB,
tracing_insn_end, &should_monitor);
#ifdef CONFIG_TCG_TAINT
// //register taint nic callback
nic_rec_cb_handle = DECAF_register_callback(DECAF_NIC_REC_CB,
tracing_nic_recv, NULL);
nic_send_cb_handle = DECAF_register_callback(DECAF_NIC_SEND_CB,
tracing_nic_send, NULL);
printf("register nic callback \n");
//check EIP tainted
check_eip_handle = DECAF_register_callback(DECAF_EIP_CHECK_CB, check_eip, NULL);
printf("register eip check callback\n");
#endif /*CONFIG_TCG_TAINT*/
DECAF_start_vm();
removeproc_handle = VMI_register_callback(VMI_REMOVEPROC_CB,
my_removeproc_notify, NULL);
loadmainmodule_handle = VMI_register_callback(VMI_CREATEPROC_CB,
my_loadmainmodule_notify, NULL);
loadmodule_handle = VMI_register_callback(VMI_LOADMODULE_CB,
my_loadmodule_notify, NULL);
tracing_init();
return &tracing_interface;
}
/* Plugin initialization */
plugin_interface_t * init_plugin()
{
/* Select string comparison function */
if (0x80000000 == kernel_mem_start)
comparestring = strcasecmp;
else
comparestring = strcmp;
#ifdef TAINT_ENABLED
taint_config->taint_record_size = sizeof(taint_record_t);
taint_config->taint_propagate = tracing_taint_propagate;
taint_config->taint_disk = tracing_taint_disk;
taint_config->read_disk_taint = tracing_read_disk_taint;
taint_config->eip_tainted = taintedeip_detection;
#endif // #ifdef TAINT_ENABLED
/* Set interface fields */
tracing_interface.plugin_cleanup = tracing_cleanup;
tracing_interface.mon_cmds = tracing_term_cmds;
tracing_interface.info_cmds = tracing_info_cmds;
tracing_interface.after_loadvm = tracing_after_loadvm;
// No Sleuthkit for now
//tracing_interface.bdrv_open = tracing_bdrv_open;
#if 0
tracing_interface.cjmp = tracing_cjmp;
#endif
/* Register callbacks */
DECAF_stop_vm();
nic_rec_cb_handle=
DECAF_register_callback(DECAF_NIC_REC_CB, tracing_nic_recv, NULL);
nic_send_cb_handle=
DECAF_register_callback(DECAF_NIC_SEND_CB, tracing_nic_send, NULL);
DECAF_start_vm();
// Insn begin and end callback are registered when tracing starts
block_begin_cb_handle = DECAF_NULL_HANDLE;
insn_begin_cb_handle = DECAF_NULL_HANDLE;
insn_end_cb_handle = DECAF_NULL_HANDLE;
// Keystroke handler will be registered later if needed
keystroke_cb_handle = DECAF_NULL_HANDLE;
removeproc_handle =
procmod_register_callback(PROCMOD_REMOVEPROC_CB,
procexit_detection, NULL);
loadmainmodule_handle =
procmod_register_callback(PROCMOD_LOADMAINMODULE_CB,
tracing_proc_start, NULL);
/* Initialize tracing */
tracing_init();
/* Return plugin interace */
return &tracing_interface;
}