示例#1
0
/*
 * Kernel setup code, called from startup().
 */
void
kern_setup1(void)
{
	proc_t *pp;

	pp = &p0;

	proc_sched = pp;

	/*
	 * Initialize process 0 data structures
	 */
	pp->p_stat = SRUN;
	pp->p_flag = SSYS;

	pp->p_pidp = &pid0;
	pp->p_pgidp = &pid0;
	pp->p_sessp = &session0;
	pp->p_tlist = &t0;
	pid0.pid_pglink = pp;
	pid0.pid_pgtail = pp;

	/*
	 * XXX - we asssume that the u-area is zeroed out except for
	 * ttolwp(curthread)->lwp_regs.
	 */
	PTOU(curproc)->u_cmask = (mode_t)CMASK;

	thread_init();		/* init thread_free list */
	pid_init();		/* initialize pid (proc) table */
	contract_init();	/* initialize contracts */

	init_pages_pp_maximum();
}
/**
 * Populates the result reference with the supplied file and its details.
 *
 * \param r The result reference to populate.
 * \param fs_file The file to populate into the result structure
 * \param a_path The path containing the file.
 */
static void populate_sleuth_result(result_t r, TSK_FS_FILE * fs_file, const char *a_path)
{
  if ((fs_file->meta == NULL) || (fs_file->meta->size == 0))
  {
    return;
  }

  if (fs_file->name->flags == TSK_FS_NAME_FLAG_UNALLOC)
  {
    debug_log("Not allocated: %" PRIdINUM " -> %s", fs_file->name->meta_addr, fs_file->name->name);
    return;
  }
  // Removing '.' and '..' entries
  if (fs_file->name->name[0] == '.')
  {
    if (fs_file->name->name[1] == '\0')
    {
      return;
    } else if (fs_file->name->name[1] == '.')
    {
      if (fs_file->name->name[2] == '\0')
      {
        return;
      }
    }
  }

  if (inode_lookup == NULL)
  {
    inode_lookup = g_tree_new_full((GCompareDataFunc) unsigned_long_long_compare, NULL, g_free, NULL);
  }

  if (g_tree_lookup(inode_lookup, &(fs_file->name->meta_addr)) != NULL)
  {
    // This can happen if we have a directory and a child of that directory called '..'
    // Or we have a hard link on the filesystem
    debug_log("Duplicate inode detected: %" PRIdINUM " -> %s", fs_file->name->meta_addr, fs_file->name->name);
    return;
  }
  unsigned long long *l = (unsigned long long *) g_malloc(sizeof(unsigned long long));

  *l = fs_file->name->meta_addr;
  g_tree_insert(inode_lookup, l, NULL);

  // No point walking the filesystem if it's not needed
  if (r != NULL)
  {
    contract_t c = contract_init(NULL, 0);

    char *inode_string = g_strdup_printf("%s/%" PRIdINUM, mountpoint, fs_file->name->meta_addr);

    contract_set_path(c, inode_string);
    g_free(inode_string);

    // We can't guarantee the file is contiguous
    contract_set_contiguous(c, 0);

    // Only do this if the original_contract is on contiguous space
    if ((is_contiguous == 1) && (absolute_offset >= 0))
    {
      // Getting the block list
      tsk_fs_file_walk(fs_file, TSK_FS_FILE_WALK_FLAG_SLACK, (TSK_FS_FILE_WALK_CB) walk_file, c);
    }

    if (fs_file->meta->type == TSK_FS_META_TYPE_REG)
    {
      // Only add it if it's actually a file
      result_add_new_contract(r, c);
    }
    contract_close(c);
  }

  // Add it to the virtual filesystem
  char* full_file_path = g_strdup_printf("%s%s", a_path, fs_file->name->name);
  add_file(fs_file->name->meta_addr, full_file_path, fs_file->meta->size);
  g_free(full_file_path);
}
示例#3
0
/**
 * Starts the harness.
 *
 * \param argc Num of args
 * \param argv The args
 * \returns 0 on success, -1 on error
 */
int main(int argc, char *argv[])
{
  SHORT_PROCESS_NAME = basename_safe(argv[0]);
  PROCESS_NAME = argv[0];

  // We accept only one argument, namely the transport address of the
  // global configuration server
  if (argc != 2)
  {
    print_usage();
    return -1;
  }

  if (config_init(argv[1]) != 0)
  {
    error_log("Unable to setup test harness. Is there a problem with the endpoint syntax? %s", argv[1]);
    return -1;
  }

  int ret = 0;

  ret = logger_config_init();

  if (ret != 0)
  {
    error_log("Failed to create log transport");
    cleanup(NULL);
    return -1;
  }

  char *test_harness_listen_endpoint = g_strdup_printf("%s-%d", TEST_SOCKET, getpid());

  debug_log("Test harness is listening on %s", test_harness_listen_endpoint);
  transport_t transport = transport_init(TRANSPORT_TYPE_PUSHPULL, test_harness_listen_endpoint);

  if (transport == NULL)
  {
    error_log("Unable to create transport");
    g_free(test_harness_listen_endpoint);
    cleanup(NULL);
    return -1;
  }

  if (spawn_subcontractor(argv[1], test_harness_listen_endpoint) != 0)
  {
    error_log("Unable to spawn subcontractor");
    g_free(test_harness_listen_endpoint);
    cleanup(transport);
    return -1;
  }
  g_free(test_harness_listen_endpoint);
  test_harness_listen_endpoint = NULL;

  char *input_file;

  if ((config_get(NULL, CONFIG_INPUT_FILE_OPTION_NAME, &input_file) != 0) || (input_file == NULL))
  {
    error_log("Could not get input file name");
    cleanup(transport);
    return -1;
  }

  char *subcontractor;

  if ((config_get(NULL, CONFIG_TEST_HARNESS_SUBCONTRACTOR_TO_TEST_OPTION_NAME, &subcontractor) != 0) || (subcontractor == NULL))
  {
    error_log("Unable to get the name of the subcontractor which means I couldn't calculate the timeout!");
    return -1;
  }

  const char *sub_name = basename_safe(subcontractor);

  long timeout = CONFIG_CONTRACTOR_SUBCONTRACTOR_TRANSPORT_TIMEOUT_DEFAULT;

  if (config_get_long_group_or_general_with_default_macro(sub_name, CONFIG_CONTRACTOR_SUBCONTRACTOR_TRANSPORT_TIMEOUT, &timeout) != 0)
  {
    info_log("Couldn't find out what timeout option to use, using default");
  }

  transport_set_recv_timeout(transport, timeout);
  debug_log("Using %li for timeout to subcontractor", timeout);

  unsigned int contract_string_size;
  contract_t c = contract_init(NULL, 0);

  contract_set_path(c, input_file);
  contract_set_contiguous(c, 1);
  contract_set_absolute_offset(c, 0);
  char *contract_string = contract_serialise(c, &contract_string_size);

  contract_close(c);
  g_free(input_file);
  if (contract_string == NULL)
  {
    perror("Failed to create contract_string");
    g_free(contract_string);
    g_free(subcontractor);
    cleanup(transport);
    return -1;
  }

  info_log("Sending message");

  unsigned int subcontractor_result_msg_size;
  const char *subcontractor_result_msg = transport_sendrecv(transport, contract_string, contract_string_size, &child_pid, &subcontractor_result_msg_size);

  if (subcontractor_result_msg == NULL)
  {

    if (errno == EAGAIN)
    {
      // Timeout.
      error_log
        ("Timeout in receiving message from subcontractor! Either your subcontractor hung (it will be killed when running in pronghorn) or it didn't compelete in time. You need to make sure that the timeout is long enough, by setting subcontractor_timeout (specifcally for your sub contractor or the general case). In pronghorn, this would be via the config file. Using the test harness, you can specificy this using \"-o %s.subcontractor_timeout=<timeout in milliseconds>\" or \"-o general.subcontractor_timeout=<timeout in milliseconds>\" at the end of the command line",
         sub_name);

    } else if (errno == EINTR)
    {
      // Interupted.
      error_log("Something when wrong waiting for your subcontractor to return. Did it crash?! You might like to try adding \"-o %s.valgrind_opts=<path to valgrind>\" when testing.", sub_name);
    }

    cleanup(transport);
    g_free(contract_string);
    g_free(subcontractor);
    return -1;
  }

  g_free(subcontractor);

  contract_completion_report_t report = contract_completion_report_init(subcontractor_result_msg, subcontractor_result_msg_size);

  if (report == NULL)
  {
    perror("Recreating contract_completion_report");
    g_free(contract_string);
    cleanup(transport);
    return -1;
  } else
  {
    info_log("Reconstructed message");
  }

  info_log("=====================");
  info_log("Results: ");
  unsigned int results_count;
  const result_t *results = contract_completion_report_get_results(report, &results_count);

  c = contract_completion_report_get_original_contract(report);;

  for (int i = 0; i < results_count; i++)
  {
    const result_t r = results[i];

    info_log("Path=%s. Type=(%s) %s. Confidence=%d", contract_get_path(c), result_get_brief_data_description(r), result_get_data_description(r), result_get_confidence(r));

#if PRINT_BLOCK_ARRAY
    unsigned int block_range_size;
    const block_range_t *ranges = result_get_block_ranges(r, &block_range_size);

    if (block_range_size > 0)
    {
      int j;

      info_log("Blocks:");

      // This is inefficient. But it works and this function is rarely used
      char *big_s = g_strdup("");

      for (j = 0; j < block_range_size; j++)
      {
        unsigned long long pos;
        unsigned long long len;

        block_range_get_range(ranges[j], &pos, &len);
        char *new_s = g_strdup_printf("%s %llu-%llu", big_s, pos, pos + len - 1);

        g_free(big_s);
        big_s = new_s;
      }
      info_log("%s", big_s);
      g_free(big_s);
    }
#endif // PRINT_BLOCK_ARRAY

    unsigned int new_contracts_count;

#if SIMPLE_CONTRACT_ENUMERATION
    result_get_new_contracts(r, &new_contracts_count);

    info_log("\t- With %d new contracts!", new_contracts_count);
#else // SIMPLE_CONTRACT_ENUMERATION
    // Yes, this looks dodgy, but it's fine until r gets destroyed (which is after we destroy our copy)
    const contract_t *new_contracts_const = result_get_new_contracts(r, &new_contracts_count);
    contract_t *new_contracts = (contract_t *) g_malloc(sizeof(contract_t) * new_contracts_count);

    memcpy(new_contracts, new_contracts_const, sizeof(contract_t) * new_contracts_count);

    if (new_contracts_count > 0)
    {
      // Sorting the array
#if SORT_CONTRACT_ARRAY
      {
        int j;

        for (j = 0; j < new_contracts_count - 1; j++)
        {
          int k;

          for (k = 0; k < new_contracts_count - j - 1; k++)
          {
            int a = atoi(contract_get_path(new_contracts[k]));
            int b = atoi(contract_get_path(new_contracts[k + 1]));

            if (a > b)
            {
              contract_t temp = new_contracts[k];

              new_contracts[k] = new_contracts[k + 1];
              new_contracts[k + 1] = temp;
            } else if (a == b)
            {
              warning_log("Duplicate entry found! %s", contract_get_path(new_contracts[k]));
            }
          }
        }
      }
#endif // SORT_CONTRACT_ARRAY
#if PRINT_CONTRACT_ARRAY
      {
        info_log("New contracts: ");
        int j;

        for (j = new_contracts_count - 1; j >= 0; j--)
        {
          const char *path = contract_get_path(new_contracts[j]);

          if (access(path, R_OK) == 0)
          {
            info_log("OK %s", path);
            print_md5(path);
          } else
          {
            info_log("Couldn't access advertised new path %s", path);
          }
        }
      }
#endif // PRINT_CONTRACT_ARRAY
    }
    g_free(new_contracts);
#endif // SIMPLE_CONTRACT_ENUMERATION
  }
  contract_completion_report_close(report);


  if (NUM_EXERCISE_LOOPS != 0)
  {
    info_log("=====================");
    info_log("Exercising the plugin");
    for (int i = 0; i < NUM_EXERCISE_LOOPS; i++)
    {
      subcontractor_result_msg = transport_sendrecv(transport, (char *) contract_string, contract_string_size, &child_pid, &subcontractor_result_msg_size);
    }

    info_log("Finished exercising the plugin");
  }

  info_log("=====================");

  info_log("Telling subcontractor to close nicely");

  g_free(contract_string);

  // Send empty contract to tell child to close
  c = contract_init(NULL, 0);
  contract_set_path(c, "");
  contract_string = contract_serialise(c, &contract_string_size);
  contract_close(c);
  subcontractor_result_msg = transport_sendrecv(transport, (char *) contract_string, contract_string_size, &child_pid, &subcontractor_result_msg_size);
  g_free(contract_string);

  if (child_pid != -1)
  {
    sleep(100);
  }

  volatile int local_child_pid = child_pid;

  if (local_child_pid != -1)
  {
    warning_log("Process hasn't died automatically. Sending SIGTERM");
    kill(local_child_pid, SIGTERM);
    sleep(10);
    local_child_pid = child_pid;
    if (local_child_pid != -1)
    {
      warning_log("Process STILL hasn't died... Killing it");
      kill(local_child_pid, SIGKILL);
    }
  }

  cleanup(transport);

  return 0;
}