├── .gitignore ├── .travis.yml ├── CMakeLists.txt ├── LICENSE ├── README.md ├── cmake ├── cmake_uninstall.cmake.in ├── find_capstone.cmake ├── test_header.h └── toolchain_features.cmake ├── codecov.yml ├── debian ├── changelog ├── compat ├── control ├── copyright ├── libsyscall-intercept-dev.install ├── libsyscall-intercept-dev.lintian-overrides ├── libsyscall-intercept-dev.manpages ├── libsyscall-intercept0.install ├── libsyscall-intercept0.lintian-overrides ├── rules └── source │ └── format ├── doc ├── CMakeLists.txt ├── default.man ├── generated │ └── libsyscall_intercept.3 └── libsyscall_intercept.3.md ├── examples ├── CMakeLists.txt ├── fork_ban.c ├── icap.c ├── syscall_desc.c ├── syscall_desc.h └── syscall_logger.c ├── include └── libsyscall_intercept_hook_point.h ├── libsyscall_intercept.pc.in ├── src ├── asm_wrapper.md ├── capstone_wrapper.h ├── cmdline_filter.c ├── cpp_compile_mock.c ├── cpp_compile_test.cc ├── disasm_wrapper.c ├── disasm_wrapper.h ├── intercept.c ├── intercept.h ├── intercept_desc.c ├── intercept_log.c ├── intercept_log.h ├── intercept_template.S ├── intercept_util.c ├── intercept_util.h ├── intercept_wrapper.S ├── magic_syscalls.c ├── magic_syscalls.h ├── patcher.c ├── syscall_formats.c ├── syscall_formats.h └── util.S ├── syscall_intercept.spec ├── test ├── CMakeLists.txt ├── asm_pattern.c ├── check.cmake ├── check_log.cmake ├── executable_with_syscall.S ├── filter_test.c ├── fork_logging.c ├── hook_test.c ├── hook_test_clone_preload.c ├── hook_test_data.h ├── hook_test_preload.c ├── intercept_sys_write.c ├── libcintercept0.log.match ├── libcintercept0_child.log.match ├── libcintercept1.log.match ├── libcintercept2.log.match ├── mock_trampoline_table.S ├── nosyscall.in.S ├── nosyscall.out.S ├── pattern1.in.S ├── pattern1.out.S ├── pattern2.in.S ├── pattern2.out.S ├── pattern3.in.S ├── pattern3.out.S ├── pattern4.in.S ├── pattern4.out.S ├── pattern_double_syscall.in.S ├── pattern_double_syscall.out.S ├── pattern_jmps.in.S ├── pattern_jmps.out.S ├── pattern_loop.in.S ├── pattern_loop.out.S ├── pattern_loop2.in.S ├── pattern_loop2.out.S ├── pattern_nop_padding0.in.S ├── pattern_nop_padding0.out.S ├── pattern_nop_padding1.in.S ├── pattern_nop_padding1.out.S ├── pattern_nop_padding2.in.S ├── pattern_nop_padding2.out.S ├── pattern_nop_padding3.in.S ├── pattern_nop_padding3.out.S ├── pattern_nop_padding4.in.S ├── pattern_nop_padding4.out.S ├── pattern_nop_padding5.in.S ├── pattern_nop_padding5.out.S ├── pattern_nop_padding6.in.S ├── pattern_nop_padding6.out.S ├── pattern_nop_padding7.in.S ├── pattern_nop_padding7.out.S ├── pattern_nop_padding8.in.S ├── pattern_nop_padding8.out.S ├── pattern_nop_padding9.in.S ├── pattern_nop_padding9.out.S ├── pattern_rets.in.S ├── pattern_rets.out.S ├── pattern_symbol_boundary0.in.S ├── pattern_symbol_boundary0.out.S ├── pattern_symbol_boundary1.in.S ├── pattern_symbol_boundary1.out.S ├── pattern_symbol_boundary2.in.S ├── pattern_symbol_boundary2.out.S ├── pattern_symbol_boundary3.in.S ├── pattern_symbol_boundary3.out.S ├── syscall_format.c ├── syscall_format.log.match ├── test_clone_thread.c ├── test_clone_thread_preload.c └── vfork_logging.c └── utils ├── build-deb.sh ├── build-rpm.sh ├── check_license ├── check-headers.sh ├── check-license.c └── file-exceptions.sh ├── check_whitespace.pl ├── cstyle.pl ├── docker ├── 0001-travis-fix-travisci_build_coverity_scan.sh.patch ├── build.sh ├── images │ ├── Dockerfile.fedora-25 │ ├── Dockerfile.ubuntu-16.04 │ ├── build-capstone.sh │ ├── build-image.sh │ ├── build-pmemfile.sh │ ├── install-nvml.sh │ └── push-image.sh ├── pull-or-rebuild-image.sh ├── run-build-package.sh ├── run-build.sh ├── run-coverage.sh └── run-coverity.sh ├── match.pl └── md2man.sh /.gitignore: -------------------------------------------------------------------------------- 1 | tags 2 | /.project 3 | /.cproject 4 | /.settings 5 | /build-deb 6 | /syscall_intercept-*.tar.gz 7 | build 8 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: c 2 | 3 | services: 4 | - docker 5 | 6 | env: 7 | matrix: 8 | - PUSH_IMAGE=1 MAKE_PKG=1 OS=ubuntu OS_VER=16.04 9 | - PUSH_IMAGE=1 MAKE_PKG=1 OS=fedora OS_VER=25 10 | - MAKE_PKG=0 OS=ubuntu OS_VER=16.04 C_COMPILER=clang CPP_COMPILER=clang++ 11 | - MAKE_PKG=0 OS=fedora OS_VER=25 C_COMPILER=clang CPP_COMPILER=clang++ 12 | - MAKE_PKG=0 OS=ubuntu OS_VER=16.04 13 | - MAKE_PKG=0 OS=fedora OS_VER=25 14 | - MAKE_PKG=0 CAPSTONE_EXPERIMENTAL=1 OS=ubuntu OS_VER=16.04 15 | - COVERITY=1 OS=ubuntu OS_VER=16.04 16 | - COVERAGE=1 OS=ubuntu OS_VER=16.04 17 | 18 | before_install: 19 | - export HOST_WORKDIR=`pwd` 20 | - export GITHUB_REPO=${GITHUB_REPO:-pmem/syscall_intercept} 21 | - export DOCKERHUB_REPO=${DOCKERHUB_REPO:-pmem/syscall_intercept} 22 | - export PROJECT=syscall_intercept 23 | - export EXTRA_DOCKER_ARGS=-t 24 | - cd utils/docker 25 | - ./pull-or-rebuild-image.sh 26 | - if [[ -f push_image_to_repo_flag ]]; then PUSH_THE_IMAGE=1; fi 27 | - rm -f push_image_to_repo_flag 28 | 29 | script: 30 | - ./build.sh 31 | 32 | after_success: 33 | - if [[ $PUSH_THE_IMAGE -eq 1 ]]; then images/push-image.sh $OS-$OS_VER; fi 34 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2016-2017, Intel Corporation 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions 5 | are met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | 10 | * Redistributions in binary form must reproduce the above copyright 11 | notice, this list of conditions and the following disclaimer in 12 | the documentation and/or other materials provided with the 13 | distribution. 14 | 15 | * Neither the name of the copyright holder nor the names of its 16 | contributors may be used to endorse or promote products derived 17 | from this software without specific prior written permission. 18 | 19 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 22 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 23 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 24 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 25 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | 31 | 32 | Everything in this source tree is covered by the previous license 33 | with the following exceptions: 34 | 35 | * utils/cstyle (used only during development) licensed under CDDL. 36 | * cmake/cmake_uninstall.cmake.in licensed under Creative Commons. 37 | -------------------------------------------------------------------------------- /cmake/cmake_uninstall.cmake.in: -------------------------------------------------------------------------------- 1 | # From: https://cmake.org/Wiki/CMake_FAQ 2 | 3 | if(NOT EXISTS "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt") 4 | message(FATAL_ERROR "Cannot find install manifest: @CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt") 5 | endif(NOT EXISTS "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt") 6 | 7 | file(READ "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt" files) 8 | string(REGEX REPLACE "\n" ";" files "${files}") 9 | foreach(file ${files}) 10 | message(STATUS "Uninstalling $ENV{DESTDIR}${file}") 11 | if(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}") 12 | exec_program("@CMAKE_COMMAND@" ARGS "-E remove \"$ENV{DESTDIR}${file}\"" 13 | OUTPUT_VARIABLE rm_out 14 | RETURN_VALUE rm_retval 15 | ) 16 | if(NOT "${rm_retval}" STREQUAL 0) 17 | message(FATAL_ERROR "Problem when removing $ENV{DESTDIR}${file}") 18 | endif(NOT "${rm_retval}" STREQUAL 0) 19 | else(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}") 20 | message(STATUS "File $ENV{DESTDIR}${file} does not exist.") 21 | endif(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}") 22 | endforeach(file) 23 | -------------------------------------------------------------------------------- /cmake/find_capstone.cmake: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | find_package(capstone QUIET) 33 | 34 | if(NOT capstone_FOUND) 35 | find_package(PkgConfig QUIET) 36 | if(PKG_CONFIG_FOUND) 37 | pkg_search_module(capstone capstone QUIET) 38 | endif() 39 | endif() 40 | 41 | if(NOT capstone_FOUND) 42 | message(FATAL_ERROR 43 | "Unable to find capstone. Please install pkg-config and capstone development files, e.g.: 44 | sudo apt-get install pkg-config libcapstone-dev (on Debian, Ubuntu) 45 | or 46 | sudo dnf install capstone-devel (on Fedora) 47 | or see instructions for other ways of installing capstone: http://www.capstone-engine.org/download.html 48 | If casptone is installed, but cmake didn't manage to find it, there is a slight chance of fixing things by setting some of the following environment variables: 49 | PKG_CONFIG_PATH, CMAKE_PREFIX_PATH, CMAKE_MODULE_PATH") 50 | endif() 51 | -------------------------------------------------------------------------------- /cmake/test_header.h: -------------------------------------------------------------------------------- 1 | /* Used in toolchain_features.cmake */ 2 | #pragma GCC system_header 3 | -------------------------------------------------------------------------------- /codecov.yml: -------------------------------------------------------------------------------- 1 | ignore: 2 | - utils/check_license/check-license.c 3 | - src/cpp_compile_mock.c 4 | - src/cpp_compile_test.cc 5 | - examples/icap.c 6 | - examples/fork_ban.c 7 | - test/ 8 | -------------------------------------------------------------------------------- /debian/changelog: -------------------------------------------------------------------------------- 1 | syscall-intercept (0.1-1) UNRELEASED; urgency=medium 2 | 3 | * Initial release. 4 | 5 | -- Marcin Ślusarz Mon, 13 Feb 2017 13:31:12 +0100 6 | -------------------------------------------------------------------------------- /debian/compat: -------------------------------------------------------------------------------- 1 | 9 2 | -------------------------------------------------------------------------------- /debian/control: -------------------------------------------------------------------------------- 1 | Source: syscall-intercept 2 | Maintainer: Marcin Ślusarz 3 | Section: misc 4 | Priority: optional 5 | Standards-version: 3.9.8 6 | Build-Depends: cmake (>= 3.3), debhelper (>= 9), libcapstone-dev (>= 3.0), pkg-config 7 | 8 | Package: libsyscall-intercept0 9 | Architecture: amd64 10 | Depends: ${misc:Depends}, ${shlibs:Depends} 11 | Description: System call intercepting library 12 | The system call intercepting library provides a low-level interface 13 | for hooking Linux system calls in user space. This is achieved 14 | by hotpatching the machine code of the standard C library in the 15 | memory of a process. The user of this library can provide the 16 | functionality of almost any syscall in user space, using the very 17 | simple API specified in the libsyscall_intercept_hook_point.h header file. 18 | 19 | Package: libsyscall-intercept-dev 20 | Section: libdevel 21 | Architecture: amd64 22 | Depends: ${misc:Depends}, libsyscall-intercept0 (=${binary:Version}) 23 | Description: Development files for libsyscall_intercept 24 | Development files for libsyscall_intercept library. 25 | -------------------------------------------------------------------------------- /debian/copyright: -------------------------------------------------------------------------------- 1 | Copyright 2016-2017, Intel Corporation 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions 5 | are met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | 10 | * Redistributions in binary form must reproduce the above copyright 11 | notice, this list of conditions and the following disclaimer in 12 | the documentation and/or other materials provided with the 13 | distribution. 14 | 15 | * Neither the name of the copyright holder nor the names of its 16 | contributors may be used to endorse or promote products derived 17 | from this software without specific prior written permission. 18 | 19 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 22 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 23 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 24 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 25 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | -------------------------------------------------------------------------------- /debian/libsyscall-intercept-dev.install: -------------------------------------------------------------------------------- 1 | usr/lib/*/pkgconfig/libsyscall_intercept.pc 2 | usr/lib/*/libsyscall_intercept.so 3 | usr/lib/*/libsyscall_intercept.a 4 | usr/include/libsyscall_intercept_hook_point.h 5 | -------------------------------------------------------------------------------- /debian/libsyscall-intercept-dev.lintian-overrides: -------------------------------------------------------------------------------- 1 | # https://lintian.debian.org/tags/new-package-should-close-itp-bug.html 2 | new-package-should-close-itp-bug 3 | -------------------------------------------------------------------------------- /debian/libsyscall-intercept-dev.manpages: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /debian/libsyscall-intercept0.install: -------------------------------------------------------------------------------- 1 | usr/lib/*/libsyscall_intercept.so.* 2 | -------------------------------------------------------------------------------- /debian/libsyscall-intercept0.lintian-overrides: -------------------------------------------------------------------------------- 1 | # https://lintian.debian.org/tags/new-package-should-close-itp-bug.html 2 | new-package-should-close-itp-bug 3 | 4 | # https://lintian.debian.org/tags/shlib-with-executable-stack.html 5 | # by design 6 | shlib-with-executable-stack usr/lib/x86_64-linux-gnu/libsyscall_intercept.so.0.1.0 7 | -------------------------------------------------------------------------------- /debian/rules: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make -f 2 | #export DH_VERBOSE=1 3 | %: 4 | dh $@ --buildsystem=cmake 5 | -------------------------------------------------------------------------------- /debian/source/format: -------------------------------------------------------------------------------- 1 | 3.0 (quilt) 2 | -------------------------------------------------------------------------------- /doc/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | find_program(PANDOC pandoc) 33 | if (NOT PANDOC) 34 | message(WARNING "pandoc not found") 35 | endif() 36 | 37 | add_custom_target(manpages) 38 | 39 | function(generate_manpage name) 40 | add_custom_target(manpage-${name} 41 | COMMAND ${CMAKE_SOURCE_DIR}/utils/md2man.sh 42 | ${CMAKE_CURRENT_SOURCE_DIR}/${name}.md 43 | ${CMAKE_CURRENT_SOURCE_DIR}/default.man 44 | ${CMAKE_CURRENT_SOURCE_DIR}/generated/${name}) 45 | add_dependencies(manpages manpage-${name}) 46 | endfunction() 47 | 48 | generate_manpage(libsyscall_intercept.3) 49 | 50 | install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/generated/libsyscall_intercept.3 51 | DESTINATION ${CMAKE_INSTALL_MANDIR}/man3 CONFIGURATIONS Release None) 52 | -------------------------------------------------------------------------------- /doc/default.man: -------------------------------------------------------------------------------- 1 | $if(has-tables)$ 2 | .\"t 3 | $endif$ 4 | $if(pandoc-version)$ 5 | .\" Automatically generated by Pandoc $pandoc-version$ 6 | .\" 7 | $endif$ 8 | $if(adjusting)$ 9 | .ad $adjusting$ 10 | $endif$ 11 | .TH "$title$" "$section$" "$version$" "$date$" "$footer$" "$header$" 12 | $if(hyphenate)$ 13 | .hy 14 | $else$ 15 | .nh \" Turn off hyphenation by default. 16 | $endif$ 17 | $for(header-includes)$ 18 | $header-includes$ 19 | $endfor$ 20 | .\" Copyright 2016-$year$, Intel Corporation 21 | .\" 22 | .\" Redistribution and use in source and binary forms, with or without 23 | .\" modification, are permitted provided that the following conditions 24 | .\" are met: 25 | .\" 26 | .\" * Redistributions of source code must retain the above copyright 27 | .\" notice, this list of conditions and the following disclaimer. 28 | .\" 29 | .\" * Redistributions in binary form must reproduce the above copyright 30 | .\" notice, this list of conditions and the following disclaimer in 31 | .\" the documentation and/or other materials provided with the 32 | .\" distribution. 33 | .\" 34 | .\" * Neither the name of the copyright holder nor the names of its 35 | .\" contributors may be used to endorse or promote products derived 36 | .\" from this software without specific prior written permission. 37 | .\" 38 | .\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 39 | .\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 40 | .\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 41 | .\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 42 | .\" OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 43 | .\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 44 | .\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 45 | .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 46 | .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 47 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 48 | .\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 49 | $for(include-before)$ 50 | $include-before$ 51 | $endfor$ 52 | $body$ 53 | $for(include-after)$ 54 | $include-after$ 55 | $endfor$ 56 | $if(author)$ 57 | .SH AUTHORS 58 | $for(author)$$author$$sep$; $endfor$. 59 | $endif$ 60 | -------------------------------------------------------------------------------- /examples/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | add_library(icap SHARED icap.c) 33 | 34 | target_link_libraries(icap PRIVATE syscall_intercept_shared) 35 | 36 | add_library(fork_ban SHARED fork_ban.c) 37 | 38 | target_link_libraries(fork_ban PRIVATE syscall_intercept_shared) 39 | 40 | add_library(syscall_logger SHARED syscall_logger.c syscall_desc.c) 41 | target_link_libraries(syscall_logger PRIVATE syscall_intercept_shared) 42 | -------------------------------------------------------------------------------- /examples/icap.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016-2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | /* 34 | * icap.c -- tiny syscall intercepting example library, turning every 35 | * lower case letter 'i' to on upper case 'I' in buffers used in write syscalls. 36 | */ 37 | #include 38 | #include 39 | #include 40 | 41 | #include "libsyscall_intercept_hook_point.h" 42 | 43 | static int hook(long syscall_number, 44 | long arg0, long arg1, 45 | long arg2, long arg3, 46 | long arg4, long arg5, 47 | long *result) 48 | { 49 | (void) arg3; 50 | (void) arg4; 51 | (void) arg5; 52 | 53 | if (syscall_number == SYS_write) { 54 | char buf_copy[0x1000]; 55 | size_t size = (size_t)arg2; 56 | 57 | if (size > sizeof(buf_copy)) 58 | size = sizeof(buf_copy); 59 | 60 | memcpy(buf_copy, (char *)arg1, size); 61 | 62 | /* Capitalize the letter 'i', for fun */ 63 | for (size_t i = 0; i < size; ++i) { 64 | if (buf_copy[i] == 'i') 65 | buf_copy[i] = 'I'; 66 | } 67 | *result = syscall_no_intercept(SYS_write, arg0, buf_copy, size); 68 | return 0; 69 | } 70 | return 1; 71 | } 72 | 73 | static __attribute__((constructor)) void 74 | start(void) 75 | { 76 | intercept_hook_point = &hook; 77 | } 78 | -------------------------------------------------------------------------------- /examples/syscall_desc.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | #ifndef SYSCALL_INTERCEPT_EXAMPLE_LOGGING_H 34 | #define SYSCALL_INTERCEPT_EXAMPLE_LOGGING_H 35 | 36 | enum arg_type { 37 | arg_none, 38 | arg_fd, 39 | arg_atfd, 40 | arg_cstr, 41 | arg_open_flags, 42 | arg_mode, 43 | arg_ /* no special formatting implemented yet, print as hex number */ 44 | }; 45 | 46 | enum return_type { 47 | rhex, 48 | rdec, 49 | runsigned, 50 | rmode, 51 | rnoreturn 52 | }; 53 | 54 | struct syscall_desc { 55 | const char *name; 56 | enum return_type return_type; 57 | enum arg_type args[6]; 58 | }; 59 | 60 | const struct syscall_desc *get_syscall_desc(long syscall_number, 61 | const long args[static 6]); 62 | 63 | #endif 64 | -------------------------------------------------------------------------------- /libsyscall_intercept.pc.in: -------------------------------------------------------------------------------- 1 | prefix=@CMAKE_INSTALL_PREFIX@ 2 | libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ 3 | version=@VERSION@ 4 | includedir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_INCLUDEDIR@ 5 | 6 | Name: libsyscall_intercept 7 | Description: libsyscall_intercept - system call intercepting library 8 | Version: @VERSION@ 9 | URL: http://github.com/pmem/syscall_intercept 10 | Requires.private: capstone 11 | Libs: -L@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ -lsyscall_intercept 12 | Libs.private: -ldl 13 | Cflags: -I@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_INCLUDEDIR@ 14 | -------------------------------------------------------------------------------- /src/capstone_wrapper.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016-2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | /* 34 | * The syscall_intercept library might be compiled with stricter warning 35 | * settings than what is by capstone developers. The system header pragma 36 | * is used to make sure some diagnostics triggered by the capstone header 37 | * don't break syscall_intercept build. 38 | */ 39 | #ifdef HAS_GCC_PRAGMA_SYSH 40 | #pragma GCC system_header 41 | #endif 42 | 43 | #include 44 | -------------------------------------------------------------------------------- /src/cpp_compile_mock.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | /* 34 | * check if the public header file is useable from C++ 35 | * 36 | * These are mock definitions of symbols used in the 37 | * cpp_compile_test.cc C++ source file. This way, it is verified that a C 38 | * implementation can be linked correctly with a C++ code using the header, 39 | * before building syscall_intercept. 40 | */ 41 | 42 | #include "libsyscall_intercept_hook_point.h" 43 | 44 | int (*intercept_hook_point)(long syscall_number, 45 | long arg0, long arg1, 46 | long arg2, long arg3, 47 | long arg4, long arg5, 48 | long *result); 49 | 50 | long 51 | syscall_no_intercept(long syscall_number, ...) 52 | { 53 | (void) syscall_number; 54 | return 0; 55 | } 56 | 57 | int 58 | syscall_hook_in_process_allowed(void) 59 | { 60 | return 0; 61 | } 62 | -------------------------------------------------------------------------------- /src/cpp_compile_test.cc: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | /* Check if the public header file is useable from C++ */ 34 | 35 | #include "libsyscall_intercept_hook_point.h" 36 | 37 | int main() 38 | { 39 | intercept_hook_point = nullptr; 40 | (void) syscall_no_intercept(0); 41 | (void) syscall_hook_in_process_allowed(); 42 | } 43 | -------------------------------------------------------------------------------- /src/intercept_log.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016-2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | #ifndef INTERCEPT_LOG_H 34 | #define INTERCEPT_LOG_H 35 | 36 | #include 37 | 38 | struct patch_desc; 39 | struct syscall_desc; 40 | 41 | void intercept_setup_log(const char *path_base, const char *trunc); 42 | void intercept_log(const char *buffer, size_t len); 43 | 44 | enum intercept_log_result { KNOWN, UNKNOWN }; 45 | 46 | void intercept_log_syscall(const struct patch_desc *, 47 | const struct syscall_desc *, 48 | enum intercept_log_result result_known, 49 | long result); 50 | 51 | void intercept_log_close(void); 52 | 53 | #endif 54 | -------------------------------------------------------------------------------- /src/intercept_util.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016-2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | #ifndef INTERCEPT_UTIL_H 34 | #define INTERCEPT_UTIL_H 35 | 36 | #include 37 | 38 | #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) 39 | 40 | /* 41 | * syscall_no_intercept - syscall without interception 42 | * 43 | * Call syscall_no_intercept to make syscalls 44 | * from the interceptor library, once glibc is already patched. 45 | * Don't use the syscall function from glibc, that 46 | * would just result in an infinite recursion. 47 | */ 48 | long syscall_no_intercept(long syscall_number, ...); 49 | 50 | /* 51 | * xmmap_anon - get new memory mapping 52 | * 53 | * Not intercepted - does not call libc. 54 | * Always succeeds if returns - aborts the process on failure. 55 | */ 56 | void *xmmap_anon(size_t size); 57 | 58 | /* 59 | * xmremap - no fail mremap 60 | */ 61 | void *xmremap(void *addr, size_t old, size_t new); 62 | 63 | /* 64 | * xmunmap - no fail munmap 65 | */ 66 | void xmunmap(void *addr, size_t len); 67 | 68 | /* 69 | * xlseek - no fail lseek 70 | * 71 | * Not intercepted - does not call libc. 72 | * Always succeeds if returns - aborts the process on failure. 73 | */ 74 | long xlseek(long fd, unsigned long off, int whence); 75 | 76 | /* 77 | * xread - no fail read 78 | * 79 | * Not intercepted - does not call libc. 80 | * Always succeeds reading size bytes returns - aborts the process on failure. 81 | */ 82 | void xread(long fd, void *buffer, size_t size); 83 | 84 | /* 85 | * strerror_no_intercept - returns a pointer to a C string associated with 86 | * an errno value. 87 | * Does not go through libc, MT-safe, signal-safe, never returns NULL. 88 | */ 89 | const char *strerror_no_intercept(long errnum); 90 | 91 | #endif 92 | -------------------------------------------------------------------------------- /src/magic_syscalls.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | #ifndef SYSCALL_INTERCEPT_WITHOUT_MAGIC_SYSCALLS 34 | 35 | #include 36 | #include 37 | 38 | #include "magic_syscalls.h" 39 | #include "intercept.h" 40 | #include "intercept_util.h" 41 | #include "intercept_log.h" 42 | 43 | /* 44 | * handle_magic_syscalls - this routine performs two tasks: 45 | * recognizes 'magic' syscalls, and, if executes commands based 46 | * on messages from 'magic' syscalls. 47 | * It returns zero if some magic syscall was handled, 48 | * -1 otherwise (i.e.: the syscall shall be treated as a regular syscall). 49 | */ 50 | int 51 | handle_magic_syscalls(struct syscall_desc *desc, long *result) 52 | { 53 | if (desc->nr != SYS_write) 54 | return -1; 55 | 56 | if (desc->args[0] != SYSCALL_INT_MAGIC_WRITE_FD) 57 | return -1; 58 | 59 | const char *message = (void *)(uintptr_t)desc->args[1]; 60 | size_t len = (size_t)desc->args[2]; 61 | 62 | if (strncmp(message, start_log_message, len) == 0) { 63 | const char *path = (const void *)(uintptr_t)desc->args[3]; 64 | const char *trunc = (const void *)(uintptr_t)desc->args[4]; 65 | intercept_setup_log(path, trunc); 66 | *result = (long)len; 67 | return 0; 68 | } 69 | 70 | if (strncmp(message, stop_log_message, len) == 0) { 71 | intercept_log_close(); 72 | *result = (long)len; 73 | return 0; 74 | } 75 | 76 | return -1; 77 | } 78 | 79 | #endif /* SYSCALL_INTERCEPT_WITHOUT_MAGIC_SYSCALLS */ 80 | -------------------------------------------------------------------------------- /src/util.S: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016-2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | .global has_ymm_registers; 34 | .hidden has_ymm_registers; 35 | .type has_ymm_registers, @function 36 | 37 | .global syscall_no_intercept; 38 | .type syscall_no_intercept, @function 39 | 40 | .text 41 | 42 | has_ymm_registers: 43 | 44 | .size has_ymm_registers, .-has_ymm_registers 45 | 46 | syscall_no_intercept: 47 | mov x8, x0 48 | mov x0, x1 49 | mov x1, x2 50 | mov x2, x3 51 | mov x3, x4 52 | mov x4, x5 53 | mov x5, x6 54 | svc #0 55 | ret 56 | 57 | .size syscall_no_intercept, .-syscall_no_intercept 58 | -------------------------------------------------------------------------------- /syscall_intercept.spec: -------------------------------------------------------------------------------- 1 | Name: syscall_intercept 2 | Version: 0.1 3 | Release: 1%{?dist} 4 | Summary: System call intercepting library 5 | License: BSD 6 | URL: http://github.com/pmem/syscall_intercept 7 | Source0: syscall_intercept-%{version}.tar.gz 8 | #Source0: https://github.com/pmem/syscall_intercept/archive/%{version}.tar.gz#/syscall_intercept-%{version}.tar.gz 9 | 10 | BuildRequires: glibc-devel 11 | BuildRequires: cmake 12 | BuildRequires: pkgconfig 13 | BuildRequires: capstone-devel 14 | 15 | ExclusiveArch: x86_64 16 | 17 | %description 18 | The system call intercepting library provides a low-level interface 19 | for hooking Linux system calls in user space. This is achieved 20 | by hotpatching the machine code of the standard C library in the 21 | memory of a process. The user of this library can provide the 22 | functionality of almost any syscall in user space, using the very 23 | simple API specified in the libsyscall_intercept_hook_point.h header 24 | file. 25 | 26 | %package -n libsyscall_intercept 27 | Summary: System call intercepting library 28 | Group: System Environment/Libraries 29 | %description -n libsyscall_intercept 30 | The system call intercepting library provides a low-level interface 31 | for hooking Linux system calls in user space. This is achieved 32 | by hotpatching the machine code of the standard C library in the 33 | memory of a process. The user of this library can provide the 34 | functionality of almost any syscall in user space, using the very 35 | simple API specified in the libsyscall_intercept_hook_point.h header 36 | file. 37 | 38 | %files -n libsyscall_intercept 39 | %defattr(-,root,root,-) 40 | %{_libdir}/libsyscall_intercept.so.* 41 | %license LICENSE 42 | %doc README.md 43 | 44 | %package -n libsyscall_intercept-devel 45 | Summary: Development files for libsyscall_intercept 46 | Group: Development/Libraries 47 | Requires: libsyscall_intercept = %{version}-%{release} 48 | %description -n libsyscall_intercept-devel 49 | Development files for libsyscall_intercept library 50 | 51 | %files -n libsyscall_intercept-devel 52 | %defattr(-,root,root,-) 53 | %{_libdir}/libsyscall_intercept.so 54 | %{_libdir}/libsyscall_intercept.a 55 | %{_libdir}/pkgconfig/libsyscall_intercept.pc 56 | %{_includedir}/libsyscall_intercept_hook_point.h 57 | %{_mandir}/man3/libsyscall_intercept.3.gz 58 | %license LICENSE 59 | %doc 60 | 61 | %prep 62 | %setup -q -n %{name}-%{version} 63 | 64 | %build 65 | mkdir build && cd build 66 | %cmake -DCMAKE_BUILD_TYPE=Release .. 67 | make %{?_smp_mflags} 68 | 69 | %install 70 | cd build 71 | make install DESTDIR=%{buildroot} 72 | 73 | %check 74 | cd build 75 | ctest -V %{?_smp_mflags} 76 | 77 | %post -n libsyscall_intercept -p /sbin/ldconfig 78 | %postun -n libsyscall_intercept -p /sbin/ldconfig 79 | 80 | %changelog 81 | * Tue Feb 14 2017 Marcin Ślusarz - 0.1-1 82 | - Initial RPM release 83 | -------------------------------------------------------------------------------- /test/check.cmake: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | 33 | if(FILTER_PLUS_ONECHAR) 34 | string(SUBSTRING "${FILTER_PLUS_ONECHAR}" 1 -1 FILTER) 35 | endif() 36 | 37 | if(FILTER) 38 | set(ENV{INTERCEPT_HOOK_CMDLINE_FILTER} ${FILTER}) 39 | message("FILTER: ${FILTER}") 40 | endif() 41 | 42 | if(LIB_FILE) 43 | if(TEST_EXTRA_PRELOAD) 44 | set(ENV{LD_PRELOAD} ${TEST_EXTRA_PRELOAD}:${LIB_FILE}) 45 | else() 46 | set(ENV{LD_PRELOAD} ${LIB_FILE}) 47 | endif() 48 | endif() 49 | 50 | endif() 51 | 52 | if(INTERCEPT_ALL) 53 | set(ENV{INTERCEPT_ALL_OBJS} 1) 54 | else() 55 | unset(ENV{INTERCEPT_ALL_OBJS}) 56 | endif() 57 | 58 | execute_process(COMMAND ${TEST_PROG} ${TEST_PROG_ARGS} RESULT_VARIABLE HAD_ERROR) 59 | 60 | unset(ENV{LD_PRELOAD}) 61 | 62 | if(HAD_ERROR) 63 | message(FATAL_ERROR "Error: ${HAD_ERROR}") 64 | endif() 65 | -------------------------------------------------------------------------------- /test/executable_with_syscall.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # A program with a syscall instruction. 33 | # This only serves for testing syscall_intercept's ability to 34 | # patch syscalls in the main executable object of a process. 35 | 36 | .intel_syntax noprefix 37 | 38 | .global main; 39 | 40 | .text 41 | 42 | main: 43 | cmp rdi, 2 # cmp argc with 2 44 | jl 0f # jump if argc < 2 45 | add rsi, 8 # inc argv 46 | mov rsi, [rsi] # syscall argument: argv[1] 47 | mov rdi, rsi # copy argv[1] to rdi 48 | xor rcx, rcx 49 | not rcx 50 | shr rcx, 1 # scan -- max iteration count: SSIZE_MAX 51 | sub al, al # scan -- byte to look for: '\0' 52 | cld # scan -- setup direction: forward 53 | repne scasb # scan memory to find null terminator 54 | sub rdi, rsi # compute strlen 55 | mov rdx, rdi # syscall argument: buffer len 56 | mov rdi, 1 # syscall argument: stdout 57 | mov rax, 1 # syscall number: SYS_write 58 | syscall 59 | mov rdi, 1 # syscall argument: stdout 60 | lea rsi, [rip + newline] # syscall argument: buffer 61 | mov rdx, 1 # syscall argument: length 62 | mov rax, 1 # syscall number: SYS_write 63 | syscall 64 | mov rax, 0 # return 0 65 | ret 66 | 0: mov rax, 1 # return 1 67 | ret 68 | 69 | .data 70 | newline: .byte 0xa 71 | -------------------------------------------------------------------------------- /test/filter_test.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | #include 34 | #include 35 | #include 36 | #include 37 | 38 | #include "libsyscall_intercept_hook_point.h" 39 | 40 | static int 41 | hook(long syscall_number, 42 | long arg0, long arg1, 43 | long arg2, long arg3, 44 | long arg4, long arg5, 45 | long *result) 46 | { 47 | (void) syscall_number; 48 | (void) arg0; 49 | (void) arg1; 50 | (void) arg2; 51 | (void) arg3; 52 | (void) arg4; 53 | (void) arg5; 54 | (void) result; 55 | 56 | static bool already_printed; 57 | static const char *msg = "hooked - "; 58 | 59 | if (!already_printed) { 60 | already_printed = true; 61 | syscall_no_intercept(SYS_write, 1, msg, strlen(msg)); 62 | } 63 | 64 | return 1; 65 | } 66 | 67 | int 68 | main() 69 | { 70 | intercept_hook_point = hook; 71 | 72 | if (syscall_hook_in_process_allowed()) 73 | puts("allowed"); 74 | else 75 | puts("disallowed"); 76 | 77 | return 0; 78 | } 79 | -------------------------------------------------------------------------------- /test/fork_logging.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016-2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | /* 34 | * fork_logging.c -- dummy program, to issue fork via libc 35 | */ 36 | 37 | #include 38 | #include 39 | #include 40 | #include 41 | #include 42 | #include 43 | 44 | #include 45 | 46 | #include "magic_syscalls.h" 47 | 48 | static const char *log_parent; 49 | static const char *log_child; 50 | 51 | static void * 52 | busy(void *arg) 53 | { 54 | FILE *f; 55 | const char *path = (const char *)arg; 56 | char buffer[0x100]; 57 | size_t s; 58 | 59 | if ((f = fopen(path, "r")) == NULL) 60 | exit(EXIT_FAILURE); 61 | 62 | s = fread(buffer, 1, sizeof(buffer), f); 63 | if (s < 4) 64 | exit(EXIT_FAILURE); 65 | fwrite(buffer, 1, 1, stdout); 66 | fflush(stdout); 67 | fwrite(buffer, 2, 1, stdout); 68 | fflush(stdout); 69 | fwrite(buffer, 3, 1, stdout); 70 | fflush(stdout); 71 | putchar('\n'); 72 | fflush(stdout); 73 | puts("Done being busy here"); 74 | fflush(stdout); 75 | fclose(f); 76 | 77 | magic_syscall_stop_log(); 78 | 79 | return NULL; 80 | } 81 | 82 | int 83 | main(int argc, char *argv[]) 84 | { 85 | if (argc < 4) 86 | return EXIT_FAILURE; 87 | 88 | log_parent = argv[2]; 89 | log_child = argv[3]; 90 | 91 | magic_syscall_start_log(log_parent, "1"); 92 | 93 | int r = fork(); 94 | if (r < 0) 95 | err(EXIT_FAILURE, "fork"); 96 | 97 | if (r == 0) { 98 | magic_syscall_start_log(log_child, "1"); 99 | busy(argv[1]); 100 | } else { 101 | wait(NULL); 102 | busy(argv[1]); 103 | } 104 | 105 | magic_syscall_stop_log(); 106 | 107 | return EXIT_SUCCESS; 108 | } 109 | -------------------------------------------------------------------------------- /test/hook_test.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | /* 34 | * hook_test.c -- dummy program, using syscall hooking 35 | */ 36 | 37 | #ifdef NDEBUG 38 | #undef NDEBUG 39 | #endif 40 | 41 | #include 42 | #include 43 | #include 44 | #include 45 | #include 46 | #include 47 | 48 | #include "magic_syscalls.h" 49 | 50 | #include "hook_test_data.h" 51 | 52 | int 53 | main(int argc, char *argv[]) 54 | { 55 | if (argc < 3) 56 | return EXIT_FAILURE; 57 | 58 | magic_syscall_start_log(argv[2], "1"); 59 | 60 | assert(write(hook_test_fd, dummy_data, sizeof(dummy_data)) == 61 | hook_test_dummy_return_value); 62 | assert(write(hook_test_fd, "thing", 4) == -1); 63 | assert(write(hook_test_fd, dummy_data, sizeof(dummy_data)) == 64 | hook_test_dummy_return_value); 65 | 66 | magic_syscall_stop_log(); 67 | 68 | return EXIT_SUCCESS; 69 | } 70 | -------------------------------------------------------------------------------- /test/hook_test_clone_preload.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | 34 | #ifdef NDEBUG 35 | #undef NDEBUG 36 | #endif 37 | 38 | #include 39 | #include 40 | #include 41 | #include 42 | #include 43 | #include 44 | #include 45 | 46 | #include "libsyscall_intercept_hook_point.h" 47 | 48 | static int hook_counter; 49 | static bool deinit_called; 50 | 51 | static int 52 | hook(long syscall_number, 53 | long arg0, long arg1, 54 | long arg2, long arg3, 55 | long arg4, long arg5, 56 | long *result) 57 | { 58 | (void) arg0; 59 | (void) arg1; 60 | (void) arg2; 61 | (void) arg3; 62 | (void) arg4; 63 | (void) arg5; 64 | (void) result; 65 | 66 | if (syscall_number == SYS_clone) 67 | hook_counter++; 68 | 69 | return 1; 70 | } 71 | 72 | static __attribute__((constructor)) void 73 | init(void) 74 | { 75 | intercept_hook_point = hook; 76 | } 77 | 78 | static __attribute__((destructor)) void 79 | deinit(void) 80 | { 81 | assert(!deinit_called); 82 | deinit_called = true; 83 | assert(hook_counter == 1); 84 | } 85 | -------------------------------------------------------------------------------- /test/intercept_sys_write.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | #include "libsyscall_intercept_hook_point.h" 34 | 35 | #include 36 | #include 37 | #include 38 | 39 | static int 40 | hook(long syscall_number, 41 | long arg0, long arg1, 42 | long arg2, long arg3, 43 | long arg4, long arg5, 44 | long *result) 45 | { 46 | (void) arg0; 47 | (void) arg2; 48 | (void) arg3; 49 | (void) arg4; 50 | (void) arg5; 51 | (void) result; 52 | 53 | if (syscall_number == SYS_write) { 54 | const char interc[] = "intercepted_"; 55 | const char *src = interc; 56 | 57 | /* write(fd, buf, len) */ 58 | size_t len = (size_t)arg2; 59 | char *buf = (char *)arg1; 60 | 61 | #ifdef EXPECT_SPURIOUS_SYSCALLS 62 | if (strcmp(buf, "original_syscall") != 0) 63 | return 1; 64 | #endif 65 | 66 | if (len > sizeof(interc)) { 67 | while (*src != '\0') 68 | *buf++ = *src++; 69 | } 70 | } 71 | 72 | return 1; 73 | } 74 | 75 | static __attribute__((constructor)) void 76 | init(void) 77 | { 78 | intercept_hook_point = hook; 79 | } 80 | -------------------------------------------------------------------------------- /test/libcintercept0.log.match: -------------------------------------------------------------------------------- 1 | $(S) $(XX) -- clone(CLONE_CHILD_CLEARTID | CLONE_CHILD_SETTID | 0x11, (null), (null), $(XX), $(XX)) = ? 2 | $(OPT)$(S) $(XX) -- clone(CLONE_CHILD_CLEARTID | CLONE_CHILD_SETTID | 0x11, (null), (null), $(XX), $(XX)) = 0 3 | $(S) $(XX) -- clone(CLONE_CHILD_CLEARTID | CLONE_CHILD_SETTID | 0x11, (null), (null), $(XX), $(XX)) = $(N) 4 | $(OPT)$(S) $(XX) -- clone(CLONE_CHILD_CLEARTID | CLONE_CHILD_SETTID | 0x11, (null), (null), $(XX), $(XX)) = 0 5 | $(S) $(XX) -- wait4($(N), 0x0, 0x0, 0x0) = ? 6 | $(OPT)$(S) $(XX) -- clone(CLONE_CHILD_CLEARTID | CLONE_CHILD_SETTID | 0x11, (null), (null), $(XX), $(XX)) = 0 7 | $(OPT)$(S) $(XX) -- set_robust_list($(XX), $(N)) = ? 8 | $(OPT)$(S) $(XX) -- set_robust_list($(XX), $(N)) = $(N) 9 | $(S) $(XX) -- wait4($(N), 0x0, 0x0, 0x0) = $(N) 10 | $(OPT)$(S) $(XX) -- open($(S), O_RDONLY) = ? 11 | $(OPT)$(S) $(XX) -- open($(S), O_RDONLY) = $(N) 12 | $(OPT)$(S) $(XX) -- openat(AT_FDCWD, $(S), O_RDONLY) = ? 13 | $(OPT)$(S) $(XX) -- openat(AT_FDCWD, $(S), O_RDONLY) = $(N) 14 | $(S) $(XX) -- fstat($(N), $(XX)) = ? 15 | $(S) $(XX) -- fstat($(N), $(XX)) = 0 16 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = ? 17 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = $(N) 18 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = ? 19 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = $(N) 20 | $(S) $(XX) -- read($(N), $(XX), $(N)) = ? 21 | $(S) $(XX) -- read($(N), "/*\n * Copyright 2016-2017, Intel Corporation\n *\n * Redistribution and use in source and binary forms, with or without\n...", $(N)) = $(N) 22 | $(S) $(XX) -- fstat(1, $(XX)) = ? 23 | $(S) $(XX) -- fstat(1, $(XX)) = 0 24 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = ? 25 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = $(N) 26 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = ? 27 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = $(N) 28 | $(S) $(XX) -- write(1, "/", 1) = ? 29 | $(S) $(XX) -- write(1, "/", 1) = 1 30 | $(S) $(XX) -- write(1, "/*", 2) = ? 31 | $(S) $(XX) -- write(1, "/*", 2) = 2 32 | $(S) $(XX) -- write(1, "/*\n", 3) = ? 33 | $(S) $(XX) -- write(1, "/*\n", 3) = 3 34 | $(S) $(XX) -- write(1, "\n", 1) = ? 35 | $(S) $(XX) -- write(1, "\n", 1) = 1 36 | $(S) $(XX) -- write(1, "Done being busy here\n", 21) = ? 37 | $(S) $(XX) -- write(1, "Done being busy here\n", 21) = 21 38 | $(S) $(XX) -- close($(N)) = ? 39 | $(S) $(XX) -- close($(N)) = 0 40 | $(OPT)$(S) $(XX) -- munmap($(XX), $(N)) = ? 41 | $(OPT)$(S) $(XX) -- munmap($(XX), $(N)) = 0 42 | -------------------------------------------------------------------------------- /test/libcintercept0_child.log.match: -------------------------------------------------------------------------------- 1 | $(OPT)$(S) $(XX) -- open($(S), O_RDONLY) = ? 2 | $(OPT)$(S) $(XX) -- open($(S), O_RDONLY) = $(N) 3 | $(OPT)$(S) $(XX) -- openat(AT_FDCWD, $(S), O_RDONLY) = ? 4 | $(OPT)$(S) $(XX) -- openat(AT_FDCWD, $(S), O_RDONLY) = $(N) 5 | $(S) $(XX) -- fstat($(N), $(XX)) = ? 6 | $(S) $(XX) -- fstat($(N), $(XX)) = 0 7 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = ? 8 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = $(N) 9 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = ? 10 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = $(N) 11 | $(S) $(XX) -- read($(N), $(XX), $(N)) = ? 12 | $(S) $(XX) -- read($(N), "/*\n * Copyright 2016-2017, Intel Corporation\n *\n * Redistribution and use in source and binary forms, with or without\n...", $(N)) = $(N) 13 | $(S) $(XX) -- fstat(1, $(XX)) = ? 14 | $(S) $(XX) -- fstat(1, $(XX)) = 0 15 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = ? 16 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = $(N) 17 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = ? 18 | $(OPT)$(S) $(XX) -- mmap($(XX), $(N), $(N), $(N), $(N), $(XX)) = $(N) 19 | $(S) $(XX) -- write(1, "/", 1) = ? 20 | $(S) $(XX) -- write(1, "/", 1) = 1 21 | $(S) $(XX) -- write(1, "/*", 2) = ? 22 | $(S) $(XX) -- write(1, "/*", 2) = 2 23 | $(S) $(XX) -- write(1, "/*\n", 3) = ? 24 | $(S) $(XX) -- write(1, "/*\n", 3) = 3 25 | $(S) $(XX) -- write(1, "\n", 1) = ? 26 | $(S) $(XX) -- write(1, "\n", 1) = 1 27 | $(S) $(XX) -- write(1, "Done being busy here\n", 21) = ? 28 | $(S) $(XX) -- write(1, "Done being busy here\n", 21) = 21 29 | $(S) $(XX) -- close($(N)) = ? 30 | $(S) $(XX) -- close($(N)) = 0 31 | $(OPT)$(S) $(XX) -- munmap($(XX), $(N)) = ? 32 | $(OPT)$(S) $(XX) -- munmap($(XX), $(N)) = 0 33 | -------------------------------------------------------------------------------- /test/libcintercept1.log.match: -------------------------------------------------------------------------------- 1 | $(S) $(XX) -- write(8765, "dummy_data\0", 11) = ? 2 | $(S) $(XX) -- write(8765, "dummy_data\0", 11) = 5 3 | $(S) $(XX) -- write(8765, "thin", 4) = ? 4 | $(S) $(XX) -- write(8765, "thin", 4) = -9 EBADF (Bad file number) 5 | $(S) $(XX) -- write(8765, "dummy_data\0", 11) = ? 6 | $(S) $(XX) -- write(8765, "dummy_data\0", 11) = 5 7 | -------------------------------------------------------------------------------- /test/libcintercept2.log.match: -------------------------------------------------------------------------------- 1 | $(S) $(XX) -- vfork() 2 | $(S) $(XX) -- exit_group(0) 3 | $(S) $(XX) -- write(1, "In original process, after first vfork\n", 39) = ? 4 | $(S) $(XX) -- write(1, "In original process, after first vfork\n", 39) = 39 5 | $(S) $(XX) -- vfork() 6 | $(S) $(XX) -- execve("$(S)", $(XX), $(XX)) = ? 7 | $(S) $(XX) -- write(1, "In original process, after second vfork\n", 40) = ? 8 | $(S) $(XX) -- write(1, "In original process, after second vfork\n", 40) = 40 9 | -------------------------------------------------------------------------------- /test/nosyscall.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A simple test, the text contains no syscall instructions, patching 34 | # is expected to alter no bytes whatsoever. 35 | 36 | .intel_syntax noprefix 37 | 38 | .global text_start; 39 | .global text_end; 40 | .global fibonacci; 41 | .type fibonacci, @function 42 | 43 | #include "mock_trampoline_table.S" 44 | 45 | .text 46 | 47 | text_start: 48 | fibonacci: 49 | .cfi_startproc 50 | .cfi_def_cfa_offset 0 51 | xor rax, rax 52 | mov rcx, rsi 53 | .loop: xadd rax, rdi 54 | loop .loop 55 | ret 56 | .cfi_endproc 57 | text_end: 58 | -------------------------------------------------------------------------------- /test/nosyscall.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see nosyscall.in.S 33 | .intel_syntax noprefix 34 | 35 | .global text_start; 36 | .global text_end; 37 | .global fibonacci; 38 | .type fibonacci, @function 39 | 40 | #include "mock_trampoline_table.S" 41 | 42 | .text 43 | 44 | text_start: 45 | fibonacci: 46 | .cfi_startproc 47 | .cfi_def_cfa_offset 0 48 | xor rax, rax 49 | mov rcx, rsi 50 | .loop: xadd rax, rdi 51 | loop .loop 52 | ret 53 | .cfi_endproc 54 | text_end: 55 | -------------------------------------------------------------------------------- /test/pattern1.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A simple test with a single syscall instruction. 34 | # 35 | 36 | .intel_syntax noprefix 37 | 38 | .global text_start; 39 | .global text_end; 40 | 41 | #include "mock_trampoline_table.S" 42 | 43 | .text 44 | 45 | text_start: 46 | mov rax, 1 47 | syscall 48 | cmp rax, -1 49 | text_end: 50 | -------------------------------------------------------------------------------- /test/pattern1.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern1.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | jmp dst0 45 | int3 46 | int3 47 | int3 48 | int3 49 | int3 50 | int3 51 | int3 52 | int3 53 | text_end: 54 | -------------------------------------------------------------------------------- /test/pattern2.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A simple test with two syscall instructions. The resulting patched 34 | # text is expected to have two jump instructions, to two different 35 | # entries in the mock trampoline table. 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | xor rax, rax 48 | mov rax, 1 49 | syscall 50 | cmp rax, -1 51 | mov rax, 2 52 | syscall 53 | cmp rax, -1 54 | text_end: 55 | -------------------------------------------------------------------------------- /test/pattern2.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern2.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | jmp dst0 45 | int3 46 | int3 47 | int3 48 | int3 49 | int3 50 | int3 51 | int3 52 | int3 53 | int3 54 | int3 55 | int3 56 | jmp dst1 57 | int3 58 | int3 59 | int3 60 | int3 61 | int3 62 | int3 63 | int3 64 | int3 65 | text_end: 66 | -------------------------------------------------------------------------------- /test/pattern3.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A simple test with a syscall instruction. The patcher is expected 34 | # to recognize that the nop instruction preceding the syscall 35 | # can not be overritten, as the mov instruction followin it is 36 | # a jump destination. 37 | 38 | .intel_syntax noprefix 39 | 40 | .global text_start; 41 | .global text_end; 42 | 43 | #include "mock_trampoline_table.S" 44 | 45 | .text 46 | 47 | text_start: 48 | xor rax, rax 49 | mov rax, 1 50 | jmp 0f 51 | cmp rax, -1 52 | cmp rax, -1 53 | cmp rax, -1 54 | nop 55 | 0: mov rax, 2 56 | syscall 57 | cmp rax, -1 58 | text_end: 59 | -------------------------------------------------------------------------------- /test/pattern3.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern3.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | xor rax, rax 45 | mov rax, 1 46 | jmp 0f 47 | cmp rax, -1 48 | cmp rax, -1 49 | cmp rax, -1 50 | nop 51 | 0: jmp dst0 52 | int3 53 | int3 54 | int3 55 | int3 56 | int3 57 | int3 58 | int3 59 | int3 60 | text_end: 61 | -------------------------------------------------------------------------------- /test/pattern4.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # Same as pattern3.in.S, except with a call instruction this time. 34 | 35 | .intel_syntax noprefix 36 | 37 | .global text_start; 38 | .global text_end; 39 | 40 | #include "mock_trampoline_table.S" 41 | 42 | .text 43 | 44 | text_start: 45 | xor rax, rax 46 | mov rax, 1 47 | call 0f 48 | cmp rax, -1 49 | cmp rax, -1 50 | cmp rax, -1 51 | nop 52 | 0: mov rax, 2 53 | syscall 54 | cmp rax, -1 55 | text_end: 56 | -------------------------------------------------------------------------------- /test/pattern4.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern4.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | xor rax, rax 45 | mov rax, 1 46 | call 0f 47 | cmp rax, -1 48 | cmp rax, -1 49 | cmp rax, -1 50 | nop 51 | 0: jmp dst0 52 | int3 53 | int3 54 | int3 55 | int3 56 | int3 57 | int3 58 | int3 59 | int3 60 | text_end: 61 | -------------------------------------------------------------------------------- /test/pattern_double_syscall.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A simple test with a two syscall instruction. Patching is expected to fail, 34 | # as there is not enough space for patching. 35 | # 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | nop 48 | syscall 49 | syscall 50 | nop 51 | text_end: 52 | -------------------------------------------------------------------------------- /test/pattern_double_syscall.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see double_syscall.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | nop 45 | syscall 46 | syscall 47 | nop 48 | text_end: 49 | -------------------------------------------------------------------------------- /test/pattern_jmps.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A simple test with a syscall sourronded by jmp instructions. 34 | # Patching is expected to fail. 35 | # 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | mov rax, 1 48 | mov rax, 1 49 | mov rax, 1 50 | mov rax, 1 51 | jmp 0f 52 | nop 53 | syscall 54 | jmp 0f 55 | cmp rax, -1 56 | cmp rax, -1 57 | cmp rax, -1 58 | 0: cmp rax, -1 59 | text_end: 60 | -------------------------------------------------------------------------------- /test/pattern_jmps.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see jmps.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | mov rax, 1 45 | mov rax, 1 46 | mov rax, 1 47 | mov rax, 1 48 | jmp 0f 49 | nop 50 | syscall 51 | jmp 0f 52 | cmp rax, -1 53 | cmp rax, -1 54 | cmp rax, -1 55 | 0: cmp rax, -1 56 | text_end: 57 | -------------------------------------------------------------------------------- /test/pattern_loop.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A test with a loop instruction following a syscall instruction. The 34 | # patching code is expected to recognize that the loop instruction can 35 | # not be relocated. 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | .L0: xor rax, rax 48 | mov rax, 1 49 | syscall 50 | cmp rax, -1 51 | mov rax, 2 52 | syscall 53 | loop .L0 # this instruction should not be touched 54 | text_end: 55 | -------------------------------------------------------------------------------- /test/pattern_loop.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_loop.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | .L0: jmp dst0 45 | int3 46 | int3 47 | int3 48 | int3 49 | int3 50 | int3 51 | int3 52 | int3 53 | int3 54 | int3 55 | int3 56 | jmp dst1 57 | int3 58 | int3 59 | int3 60 | int3 61 | loop .L0 62 | text_end: 63 | -------------------------------------------------------------------------------- /test/pattern_loop2.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # Two syscall instructions in the test text, one of them followed by a 34 | # loop instruction. The patching must recognize the destination of the 35 | # loop instruction (at label '0:') can not be merged with the previous 36 | # instruction. 37 | # Also, the loop instruction can not be relocated. 38 | 39 | .intel_syntax noprefix 40 | 41 | .global text_start; 42 | .global text_end; 43 | 44 | #include "mock_trampoline_table.S" 45 | 46 | .text 47 | 48 | text_start: 49 | xor rax, rax # this instruction should be left unchanged 50 | .L0: mov rax, 1 51 | syscall 52 | cmp rax, -1 53 | mov rax, 2 54 | syscall 55 | loop .L0 # this one as well 56 | text_end: 57 | -------------------------------------------------------------------------------- /test/pattern_loop2.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_loop2.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | xor rax, rax 45 | .L0: jmp dst0 46 | int3 47 | int3 48 | int3 49 | int3 50 | int3 51 | int3 52 | int3 53 | int3 54 | jmp dst1 55 | int3 56 | int3 57 | int3 58 | int3 59 | loop .L0 60 | text_end: 61 | -------------------------------------------------------------------------------- /test/pattern_nop_padding0.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A single syscall instruction, with a suitable NOP close to it. The patching 34 | # code is expected to recognize, that altering the instructions right next to 35 | # the syscall is not necessary. The 2 byte syscall instruction can be 36 | # overwritten with a jmp instruction of the same size, and a jump with a longer 37 | # range can be inserted into the unused bytes in the nop instruction. 38 | 39 | .intel_syntax noprefix 40 | 41 | .global text_start; 42 | .global text_end; 43 | 44 | .global dummy_symbol; 45 | .type dummy_symbol, @function; 46 | 47 | #include "mock_trampoline_table.S" 48 | 49 | .text 50 | 51 | text_start: 52 | xor rax, rax 53 | mov rax, 1 54 | syscall # should be replaced with a jmp having 8bit disp. 55 | cmp rax, -1 56 | mov rax, 2 57 | inc rax 58 | .byte 0x0f # nop DWORD PTR [rax+rax*1+0x0] 59 | .byte 0x1f # this nop should be overwritten 60 | .byte 0x84 # to provide the jump that actually 61 | .byte 0x00 # jumps out of the text segment 62 | .byte 0x00 63 | .byte 0x00 64 | .byte 0x00 65 | .byte 0x00 66 | inc rax 67 | 68 | text_end: 69 | -------------------------------------------------------------------------------- /test/pattern_nop_padding0.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding0.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | xor rax, rax 48 | mov rax, 1 49 | jmp 0f # short jump to the newly created jmp below 50 | cmp rax, -1 51 | mov rax, 2 52 | inc rax 53 | jmp 1f # the nop started here, skip to the next instruction 54 | 0: jmp dst0 # a jump with 32 bit displacement, starting at the 55 | .byte 0x00 # second byte of the original nop instruction 56 | 1: inc rax 57 | text_end: 58 | -------------------------------------------------------------------------------- /test/pattern_nop_padding1.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding0.in.S 33 | # 34 | # This time the nop instruction is at a lower address than the syscall 35 | # instruction. There is another syscall as well, that one is expected to be 36 | # patched using the default method, i.e. relocating some of the surrounding 37 | # instructions. 38 | 39 | .intel_syntax noprefix 40 | 41 | .global text_start; 42 | .global text_end; 43 | 44 | .global dummy_symbol; 45 | .type dummy_symbol, @function; 46 | 47 | #include "mock_trampoline_table.S" 48 | 49 | .text 50 | 51 | text_start: 52 | xor rax, rax 53 | .byte 0x0f # nop DWORD PTR [rax+rax*1+0x0] 54 | .byte 0x1f 55 | .byte 0x84 56 | .byte 0x00 57 | .byte 0x00 58 | .byte 0x00 59 | .byte 0x00 60 | .byte 0x00 61 | inc rax 62 | inc rax 63 | inc rax 64 | mov rax, 1 65 | syscall 66 | cmp rax, -1 67 | mov rax, 2 68 | inc rax 69 | mov rax, 1 70 | syscall 71 | cmp rax, -1 72 | mov rax, 2 73 | inc rax 74 | text_end: 75 | -------------------------------------------------------------------------------- /test/pattern_nop_padding1.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding1.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | xor rax, rax 48 | jmp .L1 # where a nop was originally 49 | .L0: jmp dst0 50 | .byte 0x00 51 | .L1: inc rax 52 | inc rax 53 | inc rax 54 | mov rax, 1 55 | jmp .L0 # where a syscall was originally 56 | cmp rax, -1 57 | mov rax, 2 58 | jmp dst1 59 | int3 60 | int3 61 | int3 62 | int3 63 | int3 64 | int3 65 | int3 66 | int3 67 | int3 68 | int3 69 | int3 70 | mov rax, 2 71 | inc rax 72 | text_end: 73 | -------------------------------------------------------------------------------- /test/pattern_nop_padding2.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding1.in.S 33 | # 34 | # The same test as in pattern_nop_padding1, except using a different nop 35 | # instruction (notice the 'cs:' segment specifier). 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | .global dummy_symbol; 43 | .type dummy_symbol, @function; 44 | 45 | #include "mock_trampoline_table.S" 46 | 47 | .text 48 | 49 | text_start: 50 | xor rax, rax 51 | .byte 0x66 # nop WORD PTR cs:[rax+rax*1+0x0] 52 | .byte 0x2e 53 | .byte 0x0f 54 | .byte 0x1f 55 | .byte 0x84 56 | .byte 0x00 57 | .byte 0x00 58 | .byte 0x00 59 | .byte 0x00 60 | .byte 0x00 61 | inc rax 62 | inc rax 63 | inc rax 64 | mov rax, 1 65 | syscall 66 | cmp rax, -1 67 | mov rax, 2 68 | inc rax 69 | mov rax, 1 70 | syscall 71 | cmp rax, -1 72 | mov rax, 2 73 | inc rax 74 | text_end: 75 | -------------------------------------------------------------------------------- /test/pattern_nop_padding2.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding2.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | xor rax, rax 48 | jmp .L1 49 | .L0: jmp dst0 50 | .byte 0x00 51 | .byte 0x00 52 | .byte 0x00 53 | .L1: inc rax 54 | inc rax 55 | inc rax 56 | mov rax, 1 57 | jmp .L0 58 | cmp rax, -1 59 | mov rax, 2 60 | jmp dst1 61 | int3 62 | int3 63 | int3 64 | int3 65 | int3 66 | int3 67 | int3 68 | int3 69 | int3 70 | int3 71 | int3 72 | mov rax, 2 73 | inc rax 74 | text_end: 75 | -------------------------------------------------------------------------------- /test/pattern_nop_padding3.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding3.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | xor rax, rax 48 | jmp .L1 49 | .L0: jmp dst0 50 | .byte 0x00 51 | .byte 0x00 52 | .byte 0x00 53 | .L1: inc rax 54 | inc rax 55 | dec rax 56 | dec rax 57 | dec rax 58 | dec rax 59 | dec rax 60 | dec rax 61 | dec rax 62 | dec rax 63 | dec rax 64 | dec rax 65 | dec rax 66 | dec rax 67 | dec rax 68 | dec rax 69 | dec rax 70 | dec rax 71 | dec rax 72 | dec rax 73 | dec rax 74 | dec rax 75 | dec rax 76 | dec rax 77 | dec rax 78 | dec rax 79 | dec rax 80 | dec rax 81 | dec rax 82 | dec rax 83 | dec rax 84 | dec rax 85 | dec rax 86 | dec rax 87 | dec rax 88 | dec rax 89 | inc rax 90 | mov rax, 1 91 | jmp .L0 92 | cmp rax, -1 93 | mov rax, 2 94 | jmp dst1 95 | int3 96 | int3 97 | int3 98 | int3 99 | int3 100 | int3 101 | int3 102 | int3 103 | int3 104 | int3 105 | int3 106 | mov rax, 2 107 | inc rax 108 | text_end: 109 | -------------------------------------------------------------------------------- /test/pattern_nop_padding4.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding3.in.S 33 | # 34 | # Similar to the test in pattern_nop_padding3, except the nop is too far 35 | # to be used as a trampline. 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | .global dummy_symbol; 43 | .type dummy_symbol, @function; 44 | 45 | #include "mock_trampoline_table.S" 46 | 47 | .text 48 | 49 | text_start: 50 | xor rax, rax 51 | .byte 0x66 # nop WORD PTR cs:[rax+rax*1+0x0] 52 | .byte 0x2e 53 | .byte 0x0f 54 | .byte 0x1f 55 | .byte 0x84 56 | .byte 0x00 57 | .byte 0x00 58 | .byte 0x00 59 | .byte 0x00 60 | .byte 0x00 61 | inc rax 62 | inc rax 63 | dec rax 64 | dec rax 65 | dec rax 66 | dec rax 67 | dec rax 68 | dec rax 69 | dec rax 70 | dec rax 71 | dec rax 72 | dec rax 73 | dec rax 74 | dec rax 75 | dec rax 76 | dec rax 77 | dec rax 78 | dec rax 79 | dec rax 80 | dec rax 81 | dec rax 82 | dec rax 83 | dec rax 84 | dec rax 85 | dec rax 86 | dec rax 87 | dec rax 88 | dec rax 89 | dec rax 90 | dec rax 91 | dec rax 92 | dec rax 93 | dec rax 94 | dec rax 95 | dec rax 96 | dec rax 97 | dec rax 98 | inc rax 99 | mov rax, 1 100 | syscall 101 | cmp rax, -1 102 | mov rax, 2 103 | inc rax 104 | mov rax, 1 105 | syscall 106 | cmp rax, -1 107 | mov rax, 2 108 | inc rax 109 | text_end: 110 | -------------------------------------------------------------------------------- /test/pattern_nop_padding5.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding3.in.S 33 | # 34 | # The same test as in pattern_nop_padding3, except the nop after 35 | # the syscall, not before it. 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | .global dummy_symbol; 43 | .type dummy_symbol, @function; 44 | 45 | #include "mock_trampoline_table.S" 46 | 47 | .text 48 | 49 | text_start: 50 | xor rax, rax 51 | inc rax 52 | mov rax, 1 53 | syscall 54 | cmp rax, -1 55 | mov rax, 2 56 | mov rax, 2 57 | inc rax 58 | inc rax 59 | dec rax 60 | dec rax 61 | dec rax 62 | dec rax 63 | dec rax 64 | dec rax 65 | dec rax 66 | dec rax 67 | dec rax 68 | dec rax 69 | dec rax 70 | dec rax 71 | dec rax 72 | dec rax 73 | dec rax 74 | dec rax 75 | dec rax 76 | dec rax 77 | dec rax 78 | dec rax 79 | dec rax 80 | dec rax 81 | dec rax 82 | dec rax 83 | dec rax 84 | dec rax 85 | dec rax 86 | dec rax 87 | dec rax 88 | dec rax 89 | dec rax 90 | dec rax 91 | dec rax 92 | .byte 0x66 # nop WORD PTR cs:[rax+rax*1+0x0] 93 | .byte 0x2e 94 | .byte 0x0f 95 | .byte 0x1f 96 | .byte 0x84 97 | .byte 0x00 98 | .byte 0x00 99 | .byte 0x00 100 | .byte 0x00 101 | .byte 0x00 102 | inc rax 103 | text_end: 104 | -------------------------------------------------------------------------------- /test/pattern_nop_padding5.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding3.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | xor rax, rax 48 | inc rax 49 | mov rax, 1 50 | jmp 0f 51 | cmp rax, -1 52 | mov rax, 2 53 | mov rax, 2 54 | inc rax 55 | inc rax 56 | dec rax 57 | dec rax 58 | dec rax 59 | dec rax 60 | dec rax 61 | dec rax 62 | dec rax 63 | dec rax 64 | dec rax 65 | dec rax 66 | dec rax 67 | dec rax 68 | dec rax 69 | dec rax 70 | dec rax 71 | dec rax 72 | dec rax 73 | dec rax 74 | dec rax 75 | dec rax 76 | dec rax 77 | dec rax 78 | dec rax 79 | dec rax 80 | dec rax 81 | dec rax 82 | dec rax 83 | dec rax 84 | dec rax 85 | dec rax 86 | dec rax 87 | dec rax 88 | dec rax 89 | jmp 1f 90 | 0: jmp dst0 91 | .byte 0x00 92 | .byte 0x00 93 | .byte 0x00 94 | 1: inc rax 95 | text_end: 96 | -------------------------------------------------------------------------------- /test/pattern_nop_padding6.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding4.in.S 33 | # 34 | # Similar to the test in pattern_nop_padding4, except the nop is after 35 | # the syscall, not before it. 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | .global dummy_symbol; 43 | .type dummy_symbol, @function; 44 | 45 | #include "mock_trampoline_table.S" 46 | 47 | .text 48 | 49 | text_start: 50 | inc rax 51 | mov rax, 1 52 | syscall 53 | cmp rax, -1 54 | mov rax, 2 55 | xor rax, rax 56 | inc rax 57 | inc rax 58 | dec rax 59 | dec rax 60 | dec rax 61 | dec rax 62 | dec rax 63 | dec rax 64 | dec rax 65 | dec rax 66 | dec rax 67 | dec rax 68 | dec rax 69 | dec rax 70 | dec rax 71 | dec rax 72 | dec rax 73 | dec rax 74 | dec rax 75 | dec rax 76 | dec rax 77 | dec rax 78 | dec rax 79 | dec rax 80 | dec rax 81 | dec rax 82 | dec rax 83 | dec rax 84 | dec rax 85 | dec rax 86 | dec rax 87 | dec rax 88 | dec rax 89 | dec rax 90 | dec rax 91 | dec rax 92 | dec rax 93 | dec rax 94 | .byte 0x66 # nop WORD PTR cs:[rax+rax*1+0x0] 95 | .byte 0x2e 96 | .byte 0x0f 97 | .byte 0x1f 98 | .byte 0x84 99 | .byte 0x00 100 | .byte 0x00 101 | .byte 0x00 102 | .byte 0x00 103 | .byte 0x00 104 | inc rax 105 | text_end: 106 | -------------------------------------------------------------------------------- /test/pattern_nop_padding6.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding6.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | jmp dst0 48 | int3 49 | int3 50 | int3 51 | int3 52 | int3 53 | int3 54 | int3 55 | int3 56 | int3 57 | int3 58 | int3 59 | mov rax, 2 60 | xor rax, rax 61 | inc rax 62 | inc rax 63 | dec rax 64 | dec rax 65 | dec rax 66 | dec rax 67 | dec rax 68 | dec rax 69 | dec rax 70 | dec rax 71 | dec rax 72 | dec rax 73 | dec rax 74 | dec rax 75 | dec rax 76 | dec rax 77 | dec rax 78 | dec rax 79 | dec rax 80 | dec rax 81 | dec rax 82 | dec rax 83 | dec rax 84 | dec rax 85 | dec rax 86 | dec rax 87 | dec rax 88 | dec rax 89 | dec rax 90 | dec rax 91 | dec rax 92 | dec rax 93 | dec rax 94 | dec rax 95 | dec rax 96 | dec rax 97 | dec rax 98 | dec rax 99 | .byte 0x66 # nop WORD PTR cs:[rax+rax*1+0x0] 100 | .byte 0x2e 101 | .byte 0x0f 102 | .byte 0x1f 103 | .byte 0x84 104 | .byte 0x00 105 | .byte 0x00 106 | .byte 0x00 107 | .byte 0x00 108 | .byte 0x00 109 | inc rax 110 | text_end: 111 | -------------------------------------------------------------------------------- /test/pattern_nop_padding7.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # This test has a nop instruction right before a syscall. 33 | # The patching code can use that nop as a local trampoline jump for 34 | # another syscall, therefore it should not treat it as a relocatable 35 | # instruction. 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | .global dummy_symbol; 43 | .type dummy_symbol, @function; 44 | 45 | #include "mock_trampoline_table.S" 46 | 47 | .text 48 | 49 | text_start: 50 | inc rax 51 | mov rax, 1 52 | syscall 53 | cmp rax, -1 54 | mov rax, 2 55 | xor rax, rax 56 | inc rax 57 | inc rax 58 | dec rax 59 | dec rax 60 | dec rax 61 | .byte 0x66 # nop WORD PTR cs:[rax+rax*1+0x0] 62 | .byte 0x2e 63 | .byte 0x0f 64 | .byte 0x1f 65 | .byte 0x84 66 | .byte 0x00 67 | .byte 0x00 68 | .byte 0x00 69 | .byte 0x00 70 | .byte 0x00 71 | syscall # should not use the previous instruction 72 | inc rax 73 | inc rax 74 | text_end: 75 | -------------------------------------------------------------------------------- /test/pattern_nop_padding7.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding7.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | inc rax 48 | mov rax, 1 49 | jmp 0f 50 | cmp rax, -1 51 | mov rax, 2 52 | xor rax, rax 53 | inc rax 54 | inc rax 55 | dec rax 56 | dec rax 57 | dec rax 58 | jmp 1f 59 | 0: jmp dst0 60 | .byte 0x00 61 | .byte 0x00 62 | .byte 0x00 63 | 1: jmp dst1 64 | inc rax 65 | text_end: 66 | -------------------------------------------------------------------------------- /test/pattern_nop_padding8.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # This test has a nop instruction as the second instruction before a syscall. 33 | # The patching code can use that nop as a local trampoline jump for 34 | # another syscall, therefore it should not treat it as a relocatable 35 | # instruction. 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | .global dummy_symbol; 43 | .type dummy_symbol, @function; 44 | 45 | #include "mock_trampoline_table.S" 46 | 47 | .text 48 | 49 | text_start: 50 | inc rax 51 | mov rax, 1 52 | syscall 53 | cmp rax, -1 54 | mov rax, 2 55 | xor rax, rax 56 | inc rax 57 | inc rax 58 | dec rax 59 | dec rax 60 | dec rax 61 | .byte 0x66 # nop WORD PTR cs:[rax+rax*1+0x0] 62 | .byte 0x2e 63 | .byte 0x0f 64 | .byte 0x1f 65 | .byte 0x84 66 | .byte 0x00 67 | .byte 0x00 68 | .byte 0x00 69 | .byte 0x00 70 | .byte 0x00 71 | inc rax 72 | syscall # should not use the previous nop 73 | inc rax 74 | inc rax 75 | text_end: 76 | -------------------------------------------------------------------------------- /test/pattern_nop_padding8.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding8.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | inc rax 48 | mov rax, 1 49 | jmp 0f 50 | cmp rax, -1 51 | mov rax, 2 52 | xor rax, rax 53 | inc rax 54 | inc rax 55 | dec rax 56 | dec rax 57 | dec rax 58 | jmp 1f 59 | 0: jmp dst0 60 | .byte 0x00 61 | .byte 0x00 62 | .byte 0x00 63 | 1: jmp dst1 64 | int3 65 | int3 66 | int3 67 | inc rax 68 | text_end: 69 | -------------------------------------------------------------------------------- /test/pattern_nop_padding9.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # This test has a nop instruction right after a syscall. 33 | # The patching code can use that nop as a local trampoline jump for 34 | # another syscall, therefore it should not treat it as a relocatable 35 | # instruction. 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | .global dummy_symbol; 43 | .type dummy_symbol, @function; 44 | 45 | #include "mock_trampoline_table.S" 46 | 47 | .text 48 | 49 | text_start: 50 | inc rax 51 | mov rax, 1 52 | syscall 53 | cmp rax, -1 54 | mov rax, 2 55 | xor rax, rax 56 | inc rax 57 | inc rax 58 | dec rax 59 | dec rax 60 | dec rax 61 | syscall # should not use the following instruction 62 | .byte 0x66 # nop WORD PTR cs:[rax+rax*1+0x0] 63 | .byte 0x2e 64 | .byte 0x0f 65 | .byte 0x1f 66 | .byte 0x84 67 | .byte 0x00 68 | .byte 0x00 69 | .byte 0x00 70 | .byte 0x00 71 | .byte 0x00 72 | inc rax 73 | inc rax 74 | text_end: 75 | -------------------------------------------------------------------------------- /test/pattern_nop_padding9.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_nop_padding9.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | inc rax 48 | mov rax, 1 49 | jmp 0f 50 | cmp rax, -1 51 | mov rax, 2 52 | xor rax, rax 53 | inc rax 54 | inc rax 55 | dec rax 56 | jmp dst1 57 | int3 58 | int3 59 | int3 60 | jmp 1f 61 | 0: jmp dst0 62 | .byte 0x00 63 | .byte 0x00 64 | .byte 0x00 65 | 1: inc rax 66 | inc rax 67 | text_end: 68 | -------------------------------------------------------------------------------- /test/pattern_rets.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A simple test with a syscall sourronded by ret instructions. 34 | # Patching is expected to fail. 35 | # 36 | 37 | .intel_syntax noprefix 38 | 39 | .global text_start; 40 | .global text_end; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | mov rax, 1 48 | mov rax, 1 49 | mov rax, 1 50 | mov rax, 1 51 | ret 52 | syscall 53 | ret 54 | cmp rax, -1 55 | cmp rax, -1 56 | cmp rax, -1 57 | cmp rax, -1 58 | text_end: 59 | -------------------------------------------------------------------------------- /test/pattern_rets.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see rets.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | #include "mock_trampoline_table.S" 40 | 41 | .text 42 | 43 | text_start: 44 | mov rax, 1 45 | mov rax, 1 46 | mov rax, 1 47 | mov rax, 1 48 | ret 49 | syscall 50 | ret 51 | cmp rax, -1 52 | cmp rax, -1 53 | cmp rax, -1 54 | cmp rax, -1 55 | text_end: 56 | -------------------------------------------------------------------------------- /test/pattern_symbol_boundary0.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # One of the syscall instructions in this test is a jump destination, therefore 34 | # the patching code is expected to recognize that it can not be merged with 35 | # the previous instruction. In order to recognize this, it is necessary to 36 | # parse a symbol table of the object file being patched. 37 | 38 | .intel_syntax noprefix 39 | 40 | .global text_start; 41 | .global text_end; 42 | 43 | .global dummy_symbol; 44 | .type dummy_symbol, @function; 45 | 46 | #include "mock_trampoline_table.S" 47 | 48 | .text 49 | 50 | text_start: 51 | xor rax, rax 52 | mov rax, 1 53 | nop 54 | dummy_symbol: syscall 55 | cmp rax, -1 56 | mov rax, 2 57 | .size dummy_symbol, .-dummy_symbol 58 | syscall 59 | inc rax 60 | inc rax 61 | text_end: 62 | -------------------------------------------------------------------------------- /test/pattern_symbol_boundary0.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_symbol_boundary0.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | xor rax, rax 48 | mov rax, 1 49 | nop 50 | dummy_symbol: jmp dst0 51 | int3 52 | mov rax, 2 53 | .size dummy_symbol, .-dummy_symbol 54 | jmp dst1 55 | inc rax 56 | text_end: 57 | -------------------------------------------------------------------------------- /test/pattern_symbol_boundary1.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # see pattern_symbol_boundary0.in.S 34 | # 35 | # This test has two overlapping symbols in the text, it should not 36 | # confuse the patcher. 37 | 38 | .intel_syntax noprefix 39 | 40 | .global text_start; 41 | .global text_end; 42 | 43 | .global dummy_symbol0; 44 | .type dummy_symbol, @function; 45 | .global dummy_symbol1; 46 | .type dummy_symbol1, @function; 47 | 48 | #include "mock_trampoline_table.S" 49 | 50 | .text 51 | 52 | text_start: 53 | xor rax, rax 54 | mov rax, 1 55 | dummy_symbol0: nop 56 | dummy_symbol1: syscall 57 | cmp rax, -1 58 | .size dummy_symbol0, .-dummy_symbol0 59 | mov rax, 2 60 | .size dummy_symbol1, .-dummy_symbol1 61 | syscall 62 | inc rax 63 | inc rax 64 | text_end: 65 | -------------------------------------------------------------------------------- /test/pattern_symbol_boundary1.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_symbol_boundary1.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol0; 40 | .type dummy_symbol, @function; 41 | .global dummy_symbol1; 42 | .type dummy_symbol1, @function; 43 | 44 | #include "mock_trampoline_table.S" 45 | 46 | .text 47 | 48 | text_start: 49 | xor rax, rax 50 | mov rax, 1 51 | dummy_symbol0: nop 52 | dummy_symbol1: jmp dst0 53 | int3 54 | .size dummy_symbol0, .-dummy_symbol0 55 | mov rax, 2 56 | .size dummy_symbol1, .-dummy_symbol1 57 | jmp dst1 58 | inc rax 59 | text_end: 60 | -------------------------------------------------------------------------------- /test/pattern_symbol_boundary2.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # see pattern_symbol_boundary0.in.S 34 | # 35 | # This test has two overlapping symbols in the text, it should not 36 | # confuse the patcher. Both symbols start at the same address. 37 | 38 | .intel_syntax noprefix 39 | 40 | .global text_start; 41 | .global text_end; 42 | 43 | .global dummy_symbol0; 44 | .type dummy_symbol, @function; 45 | .global dummy_symbol1; 46 | .type dummy_symbol1, @function; 47 | 48 | #include "mock_trampoline_table.S" 49 | 50 | .text 51 | 52 | text_start: 53 | xor rax, rax 54 | mov rax, 1 55 | dummy_symbol0: 56 | dummy_symbol1: syscall 57 | cmp rax, -1 58 | .size dummy_symbol0, .-dummy_symbol0 59 | mov rax, 2 60 | .size dummy_symbol1, .-dummy_symbol1 61 | syscall 62 | inc rax 63 | inc rax 64 | text_end: 65 | -------------------------------------------------------------------------------- /test/pattern_symbol_boundary2.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_symbol_boundary2.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol0; 40 | .type dummy_symbol, @function; 41 | .global dummy_symbol1; 42 | .type dummy_symbol1, @function; 43 | 44 | #include "mock_trampoline_table.S" 45 | 46 | .text 47 | 48 | text_start: 49 | xor rax, rax 50 | mov rax, 1 51 | dummy_symbol0: 52 | dummy_symbol1: jmp dst0 53 | int3 54 | .size dummy_symbol0, .-dummy_symbol0 55 | mov rax, 2 56 | .size dummy_symbol1, .+7-dummy_symbol1 57 | jmp dst1 58 | inc rax 59 | text_end: 60 | -------------------------------------------------------------------------------- /test/pattern_symbol_boundary3.in.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # A syscall instruction is at a jump destination in this code. The corresponding 34 | # jump is a symbol. 35 | 36 | .intel_syntax noprefix 37 | 38 | .global text_start; 39 | .global text_end; 40 | 41 | .global dummy_symbol; 42 | .type dummy_symbol, @function; 43 | 44 | #include "mock_trampoline_table.S" 45 | 46 | .text 47 | 48 | text_start: 49 | xor rax, rax 50 | mov rax, 1 51 | nop 52 | dummy_symbol: not rax 53 | jmp 0f 54 | cmp rax, -1 55 | mov rax, 2 56 | .size dummy_symbol, .-dummy_symbol 57 | nop 58 | 0: syscall 59 | inc rax 60 | inc rax 61 | text_end: 62 | -------------------------------------------------------------------------------- /test/pattern_symbol_boundary3.out.S: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # see pattern_symbol_boundary3.in.S 33 | 34 | .intel_syntax noprefix 35 | 36 | .global text_start; 37 | .global text_end; 38 | 39 | .global dummy_symbol; 40 | .type dummy_symbol, @function; 41 | 42 | #include "mock_trampoline_table.S" 43 | 44 | .text 45 | 46 | text_start: 47 | xor rax, rax 48 | mov rax, 1 49 | nop 50 | dummy_symbol: not rax 51 | jmp 0f 52 | cmp rax, -1 53 | mov rax, 2 54 | .size dummy_symbol, .-dummy_symbol 55 | nop 56 | 0: jmp dst0 57 | inc rax 58 | text_end: 59 | -------------------------------------------------------------------------------- /test/test_clone_thread.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | /* 34 | * This program exercises thread creation. The clone syscall used for 35 | * creating threads has some special code paths in libsyscall_intercept. 36 | * A library built with test_clone_thread_preload.c hooks into syscalls 37 | * in this executable. 38 | */ 39 | 40 | #ifdef NDEBUG 41 | #undef NDEBUG 42 | #endif 43 | 44 | #include 45 | #include 46 | #include 47 | #include 48 | 49 | #define THREAD_ARG ((void *)77) 50 | #define THREAD_RET ((void *)99) 51 | 52 | static void * 53 | t(void *arg) 54 | { 55 | assert(arg == THREAD_ARG); 56 | return THREAD_RET; 57 | } 58 | 59 | int 60 | main() 61 | { 62 | pthread_t thread; 63 | pthread_attr_t attr; 64 | void *ret; 65 | 66 | assert(pthread_attr_init(&attr) == 0); 67 | assert(pthread_create(&thread, &attr, t, THREAD_ARG) == 0); 68 | assert(pthread_join(thread, &ret) == 0); 69 | assert(ret == THREAD_RET); 70 | 71 | return EXIT_SUCCESS; 72 | } 73 | -------------------------------------------------------------------------------- /test/vfork_logging.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 11 | * * Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in 13 | * the documentation and/or other materials provided with the 14 | * distribution. 15 | * 16 | * * Neither the name of the copyright holder nor the names of its 17 | * contributors may be used to endorse or promote products derived 18 | * from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | #ifdef NDEBUG 34 | #undef NDEBUG 35 | #endif 36 | 37 | #include 38 | #include 39 | #include 40 | #include 41 | #include 42 | 43 | #include 44 | 45 | #include "magic_syscalls.h" 46 | 47 | int 48 | main(int argc, char *argv[]) 49 | { 50 | static char msg[] = "in_child_created_using_vfork"; 51 | 52 | if (strcmp(argv[0], msg) == 0) { 53 | puts(msg); 54 | return EXIT_SUCCESS; 55 | } 56 | 57 | if (argc < 2) 58 | return EXIT_FAILURE; 59 | 60 | char *log_path = argv[1]; 61 | 62 | magic_syscall_start_log(log_path, "1"); 63 | 64 | pid_t r = vfork(); 65 | if (r < 0) 66 | err(EXIT_FAILURE, "vfork"); 67 | 68 | if (r == 0) { 69 | /* In vfork child process */ 70 | _exit(EXIT_SUCCESS); 71 | } 72 | 73 | const char *line = 74 | "In original process, after first vfork\n"; 75 | 76 | assert(write(1, line, strlen(line)) == (ssize_t)strlen(line)); 77 | 78 | r = vfork(); 79 | if (r < 0) 80 | err(EXIT_FAILURE, "vfork"); 81 | 82 | if (r == 0) { 83 | /* In vfork child process again */ 84 | execve(argv[0], (char *[]) {msg, NULL}, (char *[]) {NULL}); 85 | err(EXIT_FAILURE, "execve returned"); 86 | } 87 | 88 | line = "In original process, after second vfork\n"; 89 | 90 | assert(write(1, line, strlen(line)) == (ssize_t)strlen(line)); 91 | 92 | magic_syscall_stop_log(); 93 | 94 | return EXIT_SUCCESS; 95 | } 96 | -------------------------------------------------------------------------------- /utils/build-deb.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | # 3 | # Copyright 2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | # 33 | 34 | export LC_ALL=C 35 | 36 | rm -rf build-deb 37 | mkdir -p build-deb/syscall_intercept 38 | git archive HEAD | gzip > build-deb/syscall-intercept_0.1.orig.tar.gz 39 | cd build-deb/syscall_intercept 40 | tar xf ../syscall-intercept_0.1.orig.tar.gz 41 | debuild -us -uc 42 | -------------------------------------------------------------------------------- /utils/build-rpm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | # 3 | # Copyright 2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | # 33 | 34 | set -o pipefail 35 | 36 | export LC_ALL=C 37 | export VER=0.1 38 | 39 | git archive --prefix=syscall_intercept-$VER/ HEAD | gzip > syscall_intercept-$VER.tar.gz 40 | rpmbuild -ta syscall_intercept-$VER.tar.gz 41 | -------------------------------------------------------------------------------- /utils/check_license/file-exceptions.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | # 3 | # Copyright 2019, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | # 33 | 34 | # file-exceptions.sh - filter out files not checked for copyright and license 35 | 36 | grep -v -E -e 'test_header\.h$' 37 | -------------------------------------------------------------------------------- /utils/docker/0001-travis-fix-travisci_build_coverity_scan.sh.patch: -------------------------------------------------------------------------------- 1 | From b5179dc4822eaab192361da05aa95d98f523960f Mon Sep 17 00:00:00 2001 2 | From: Lukasz Dorau 3 | Date: Mon, 7 May 2018 12:05:40 +0200 4 | Subject: [PATCH] travis: fix travisci_build_coverity_scan.sh 5 | 6 | --- 7 | travisci_build_coverity_scan.sh | 4 ++-- 8 | 1 file changed, 2 insertions(+), 2 deletions(-) 9 | 10 | diff --git a/travisci_build_coverity_scan.sh b/travisci_build_coverity_scan.sh 11 | index ad9d4afcf..562b08bcc 100644 12 | --- a/travisci_build_coverity_scan.sh 13 | +++ b/travisci_build_coverity_scan.sh 14 | @@ -92,8 +92,8 @@ response=$(curl \ 15 | --form description="Travis CI build" \ 16 | $UPLOAD_URL) 17 | status_code=$(echo "$response" | sed -n '$p') 18 | -if [ "$status_code" != "201" ]; then 19 | +if [ "$status_code" != "200" ]; then 20 | TEXT=$(echo "$response" | sed '$d') 21 | - echo -e "\033[33;1mCoverity Scan upload failed: $TEXT.\033[0m" 22 | + echo -e "\033[33;1mCoverity Scan upload failed: $response.\033[0m" 23 | exit 1 24 | fi 25 | -- 26 | 2.13.6 27 | 28 | -------------------------------------------------------------------------------- /utils/docker/images/Dockerfile.fedora-25: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2016-2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # Dockerfile - a 'recipe' for Docker to build an image of fedora-based 34 | # environment for building syscall_intercept 35 | # 36 | 37 | # Pull base image 38 | FROM fedora:25 39 | MAINTAINER gabor.buella@intel.com 40 | 41 | # Install basic tools 42 | RUN dnf install -y \ 43 | capstone-devel \ 44 | clang \ 45 | cmake \ 46 | gcc \ 47 | git \ 48 | libcap-devel \ 49 | libunwind-devel \ 50 | make \ 51 | pandoc \ 52 | perl-Text-Diff \ 53 | rpm-build \ 54 | passwd \ 55 | sudo \ 56 | sqlite \ 57 | tcl-devel \ 58 | wget \ 59 | which \ 60 | whois 61 | 62 | # Add user 63 | ENV USER user 64 | ENV USERPASS pass 65 | RUN useradd -m $USER 66 | RUN echo $USERPASS | passwd $USER --stdin 67 | RUN gpasswd wheel -a $USER 68 | 69 | # Install nvml 70 | COPY install-nvml.sh install-nvml.sh 71 | RUN ./install-nvml.sh rpm 72 | 73 | USER $USER 74 | 75 | # Build pmemfile 76 | COPY libsyscall_intercept_hook_point.h libsyscall_intercept_hook_point.h 77 | COPY build-pmemfile.sh build-pmemfile.sh 78 | RUN ./build-pmemfile.sh 79 | 80 | # Build capstone - experimental version 81 | COPY build-capstone.sh build-capstone.sh 82 | RUN ./build-capstone.sh 83 | 84 | # Set required environment variables 85 | ENV OS fedora 86 | ENV OS_VER 25 87 | ENV PACKAGE_MANAGER rpm 88 | ENV NOTTY 1 89 | -------------------------------------------------------------------------------- /utils/docker/images/Dockerfile.ubuntu-16.04: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2016-2017, Intel Corporation 3 | # 4 | # Redistribution and use in source and binary forms, with or without 5 | # modification, are permitted provided that the following conditions 6 | # are met: 7 | # 8 | # * Redistributions of source code must retain the above copyright 9 | # notice, this list of conditions and the following disclaimer. 10 | # 11 | # * Redistributions in binary form must reproduce the above copyright 12 | # notice, this list of conditions and the following disclaimer in 13 | # the documentation and/or other materials provided with the 14 | # distribution. 15 | # 16 | # * Neither the name of the copyright holder nor the names of its 17 | # contributors may be used to endorse or promote products derived 18 | # from this software without specific prior written permission. 19 | # 20 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | # 33 | # Dockerfile - a 'recipe' for Docker to build an image of ubuntu-based 34 | # environment for building syscall_intercept 35 | # 36 | 37 | # Pull base image 38 | FROM ubuntu:16.04 39 | MAINTAINER gabor.buella@intel.com 40 | 41 | # Update the Apt cache and install basic tools 42 | RUN apt-get update 43 | RUN apt-get install -y \ 44 | autoconf \ 45 | automake \ 46 | clang \ 47 | curl \ 48 | cmake \ 49 | debhelper \ 50 | devscripts \ 51 | doxygen \ 52 | git \ 53 | libcap-dev \ 54 | libcapstone-dev \ 55 | libunwind-dev \ 56 | pandoc \ 57 | libtext-diff-perl \ 58 | pkg-config \ 59 | debhelper \ 60 | devscripts \ 61 | ruby \ 62 | sudo \ 63 | sqlite3 \ 64 | tcl-dev \ 65 | wget \ 66 | whois 67 | 68 | # Add user 69 | ENV USER user 70 | ENV USERPASS pass 71 | RUN useradd -m $USER -g sudo -p `mkpasswd $USERPASS` 72 | 73 | # Install nvml 74 | COPY install-nvml.sh install-nvml.sh 75 | RUN ./install-nvml.sh dpkg 76 | 77 | USER $USER 78 | 79 | # Build pmemfile 80 | COPY libsyscall_intercept_hook_point.h libsyscall_intercept_hook_point.h 81 | COPY build-pmemfile.sh build-pmemfile.sh 82 | RUN ./build-pmemfile.sh 83 | 84 | # Build capstone - experimental version 85 | COPY build-capstone.sh build-capstone.sh 86 | RUN ./build-capstone.sh 87 | 88 | # Set required environment variables 89 | ENV OS ubuntu 90 | ENV OS_VER 16.04 91 | ENV PACKAGE_MANAGER deb 92 | ENV NOTTY 1 93 | -------------------------------------------------------------------------------- /utils/docker/images/build-capstone.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | # 3 | # Copyright 2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | # 34 | # build-capstone.sh - builds capstone 35 | # 36 | 37 | cd 38 | git clone https://github.com/aquynh/capstone.git capstone_4_0_aplha5 39 | cd capstone_4_0_aplha5 40 | git checkout 4.0-alpha5 41 | mkdir build 42 | cd build 43 | cmake -DCMAKE_BUILD_TYPE=Release \ 44 | -DCAPSTONE_X86_SUPPORT=ON \ 45 | -DCAPSTONE_ARM_SUPPORT=OFF \ 46 | -DCAPSTONE_ARM64_SUPPORT=OFF \ 47 | -DCAPSTONE_M68K_SUPPORT=OFF \ 48 | -DCAPSTONE_MIPS_SUPPORT=OFF \ 49 | -DCAPSTONE_PPC_SUPPORT=OFF \ 50 | -DCAPSTONE_SPARC_SUPPORT=OFF \ 51 | -DCAPSTONE_SYSZ_SUPPORT=OFF \ 52 | -DCAPSTONE_XCORE_SUPPORT=OFF \ 53 | -DCAPSTONE_TMS320C64X_SUPPORT=OFF \ 54 | -DCAPSTONE_BUILD_STATIC=OFF \ 55 | -DCAPSTONE_BUILD_STATIC_RUNTIME=OFF \ 56 | -DCAPSTONE_BUILD_TESTS=OFF \ 57 | -DCAPSTONE_BUILD_DIET=ON \ 58 | .. 59 | make 60 | 61 | # This branch in capstone does not install a package config file, but it is easy 62 | # to mock one that works for a specific version of capstone. 63 | echo Name: capstone > capstone.pc 64 | echo Description: Capstone disassembly engine >> capstone.pc 65 | echo Version: 4.0-alpha5 >> capstone.pc 66 | echo libdir=$PWD >> capstone.pc 67 | echo includedir=$PWD/../include/capstone >> capstone.pc 68 | echo archive=\${libdir}/libcapstone.a >> capstone.pc 69 | echo Libs: -L\${libdir} -lcapstone >> capstone.pc 70 | echo Cflags: -I\${includedir} >> capstone.pc 71 | 72 | cd 73 | -------------------------------------------------------------------------------- /utils/docker/images/build-image.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | # 3 | # Copyright 2016-2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | # 34 | # build-image.sh - prepares a Docker image with -based 35 | # environment for building the project, according 36 | # to the Dockerfile. file located 37 | # in the same directory. 38 | # 39 | # The script can be run locally. 40 | # 41 | 42 | function usage { 43 | echo "Usage:" 44 | echo " build-image.sh " 45 | echo "where , for example, can be 'ubuntu-16.04', provided " \ 46 | "a Dockerfile named 'Dockerfile.ubuntu-16.04' exists in the " \ 47 | "current directory." 48 | } 49 | 50 | # Check if the first two arguments are nonempty 51 | if [ -z "$1" -o -z "$2" ]; then 52 | usage 53 | exit 1 54 | fi 55 | 56 | # Check if the file Dockerfile.OS-VER exists 57 | if [[ ! -f "Dockerfile.$2" ]]; then 58 | echo "ERROR: wrong argument." 59 | usage 60 | exit 1 61 | fi 62 | 63 | cp ../../../include/libsyscall_intercept_hook_point.h libsyscall_intercept_hook_point.h 64 | 65 | # Build a Docker image tagged with ${DOCKERHUB_REPO}:OS-VER 66 | docker build -t $1:$2 \ 67 | --build-arg http_proxy=$http_proxy \ 68 | --build-arg https_proxy=$https_proxy \ 69 | -f Dockerfile.$2 . 70 | -------------------------------------------------------------------------------- /utils/docker/images/install-nvml.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | # 3 | # Copyright 2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | # 34 | # install-nvml.sh - installs libpmem & libpmemobj 35 | # 36 | 37 | mkdir nvml 38 | cd nvml 39 | 40 | if [ "$1" = "dpkg" ]; then 41 | wget https://github.com/pmem/nvml/releases/download/1.3/nvml-1.3-dpkgs.tar.gz 42 | tar -xzf nvml-1.3-dpkgs.tar.gz 43 | sudo dpkg -i libpmem_*.deb libpmem-dev_*.deb libpmemobj_*.deb libpmemobj-dev_*.deb 44 | elif [ "$1" = "rpm" ]; then 45 | wget https://github.com/pmem/nvml/releases/download/1.3/nvml-1.3-rpms.tar.gz 46 | tar -xzf nvml-1.3-rpms.tar.gz 47 | sudo rpm -i x86_64/libpmem-*.rpm x86_64/libpmemobj-*.rpm 48 | fi 49 | 50 | cd .. 51 | rm -rf nvml 52 | -------------------------------------------------------------------------------- /utils/docker/images/push-image.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # Copyright 2016-2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | # 34 | # push-image.sh - pushes the Docker image tagged with OS-VER 35 | # to Docker Hub 36 | # 37 | # The script utilizes $DOCKERHUB_USER and $DOCKERHUB_PASSWORD variables to log 38 | # in to Docker Hub. The variables can be set in the Travis project's 39 | # configuration for automated builds. 40 | # 41 | 42 | function usage { 43 | echo "Usage:" 44 | echo " push-image.sh " 45 | echo "where , for example, can be 'ubuntu-16.04', provided " \ 46 | "a Docker image tagged with ${DOCKERHUB_REPO}:ubuntu-16.04 exists locally." 47 | } 48 | 49 | # Check if the first argument is nonempty 50 | if [[ -z "$1" ]]; then 51 | usage 52 | exit 1 53 | fi 54 | 55 | # Check if the image tagged with ${DOCKERHUB_REPO}:OS-VER exists locally 56 | if [[ ! $(docker images -a | awk -v pattern="^${DOCKERHUB_REPO}:$1\$" \ 57 | '$1":"$2 ~ pattern') ]] 58 | then 59 | echo "ERROR: wrong argument." 60 | usage 61 | exit 1 62 | fi 63 | 64 | # Log in to the Docker Hub 65 | docker login -u="${DOCKERHUB_USER}" -p="${DOCKERHUB_PASSWORD}" 66 | 67 | # Push the image to the repository 68 | docker push ${DOCKERHUB_REPO}:$1 69 | -------------------------------------------------------------------------------- /utils/docker/run-build-package.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | # 3 | # Copyright 2016-2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | # 34 | # run-build-package.sh - is called inside a Docker container; 35 | # starts a build of the project 36 | # 37 | 38 | # Build all and run tests 39 | cd $WORKDIR 40 | ./utils/build-${PACKAGE_MANAGER}.sh 41 | -------------------------------------------------------------------------------- /utils/docker/run-build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | # 3 | # Copyright 2016-2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | # 34 | # run-build.sh - is called inside a Docker container; 35 | # starts a build of the project 36 | # 37 | 38 | # Which capstone to use? 39 | # One can verify this by looking at ldd output in build logs 40 | if [ -n "$CAPSTONE_EXPERIMENTAL" ]; then 41 | export PKG_CONFIG_LIBDIR=~/capstone_4_0_aplha5/build 42 | fi 43 | 44 | # Build all and run tests 45 | cd $WORKDIR 46 | if [ -n "$C_COMPILER" ]; then 47 | export CC=$C_COMPILER 48 | fi 49 | if [ -n "$CPP_COMPILER" ]; then 50 | export CXX=$CPP_COMPILER 51 | fi 52 | 53 | 54 | mkdir build 55 | cd build 56 | cmake .. -DCMAKE_INSTALL_PREFIX=/tmp/${PROJECT} \ 57 | -DCMAKE_BUILD_TYPE=Debug \ 58 | 59 | make -j2 60 | ldd ./libsyscall_intercept.so 61 | ctest --output-on-failure -j2 62 | make install 63 | cd .. 64 | rm -r build 65 | 66 | mkdir build 67 | cd build 68 | cmake .. -DCMAKE_INSTALL_PREFIX=/tmp/${PROJECT} \ 69 | -DCMAKE_BUILD_TYPE=Release \ 70 | 71 | make -j2 72 | ldd ./libsyscall_intercept.so 73 | ctest --output-on-failure -j2 74 | make install 75 | cd .. 76 | rm -r build 77 | -------------------------------------------------------------------------------- /utils/docker/run-coverage.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | # 3 | # Copyright 2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | # 34 | # run-coverage.sh - is called inside a Docker container; 35 | # builds syscall_intercept with the aim of collecting 36 | # information on code coverage 37 | 38 | cd $WORKDIR 39 | 40 | mkdir build 41 | cd build 42 | CC=gcc cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo \ 43 | -DCMAKE_C_FLAGS=-coverage \ 44 | -DCMAKE_CXX_FLAGS=-coverage \ 45 | -DEXPECT_SPURIOUS_SYSCALLS=ON 46 | 47 | make 48 | ctest --output-on-failure 49 | bash <(curl -s https://codecov.io/bash) -c -F regular_tests 50 | find . -name ".coverage" -exec rm {} \; 51 | find . -name "coverage.xml" -exec rm {} \; 52 | find . -name "*.gcov" -exec rm {} \; 53 | find . -name "*.gcda" -exec rm {} \; 54 | 55 | pushd ~/pmemfile/build 56 | LD_LIBRARY_PATH=$WORKDIR/build ctest --output-on-failure -R preload_ 57 | popd 58 | bash <(curl -s https://codecov.io/bash) -c -F pmemfile_tests 59 | 60 | cd .. 61 | rm -r build 62 | -------------------------------------------------------------------------------- /utils/docker/run-coverity.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | # 3 | # Copyright 2017-2019, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | # 34 | # run-coverity.sh - runs the Coverity scan build 35 | # 36 | 37 | cd $WORKDIR 38 | 39 | mkdir build 40 | cd build 41 | cmake .. -DCMAKE_BUILD_TYPE=Debug 42 | 43 | export COVERITY_SCAN_PROJECT_NAME="${PROJECT}" 44 | [[ "$TRAVIS_EVENT_TYPE" == "cron" ]] \ 45 | && export COVERITY_SCAN_BRANCH_PATTERN="master" \ 46 | || export COVERITY_SCAN_BRANCH_PATTERN="coverity_scan" 47 | export COVERITY_SCAN_BUILD_COMMAND="make" 48 | 49 | # Run the Coverity scan 50 | 51 | # XXX: Patch the Coverity script. 52 | # Recently, this script regularly exits with an error, even though 53 | # the build is successfully submitted. Probably because the status code 54 | # is missing in response, or it's not 201. 55 | # Changes: 56 | # 1) change the expected status code to 200 and 57 | # 2) print the full response string. 58 | # 59 | # This change should be reverted when the Coverity script is fixed. 60 | # 61 | # The previous version was: 62 | # curl -s https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh | bash 63 | 64 | wget https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh 65 | patch < ../utils/docker/0001-travis-fix-travisci_build_coverity_scan.sh.patch 66 | bash ./travisci_build_coverity_scan.sh 67 | -------------------------------------------------------------------------------- /utils/md2man.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # Copyright 2016-2017, Intel Corporation 4 | # 5 | # Redistribution and use in source and binary forms, with or without 6 | # modification, are permitted provided that the following conditions 7 | # are met: 8 | # 9 | # * Redistributions of source code must retain the above copyright 10 | # notice, this list of conditions and the following disclaimer. 11 | # 12 | # * Redistributions in binary form must reproduce the above copyright 13 | # notice, this list of conditions and the following disclaimer in 14 | # the documentation and/or other materials provided with the 15 | # distribution. 16 | # 17 | # * Neither the name of the copyright holder nor the names of its 18 | # contributors may be used to endorse or promote products derived 19 | # from this software without specific prior written permission. 20 | # 21 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 | # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 | # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | # 33 | 34 | # 35 | # md2man.sh -- convert markdown to groff man pages 36 | # 37 | # usage: md2man.sh file template outfile 38 | # 39 | # This script converts markdown file into groff man page using pandoc. 40 | # It performs some pre- and post-processing for better results: 41 | # - parse input file for YAML metadata block and read man page title, 42 | # section and version 43 | # - cut-off metadata block and license 44 | # - unindent code blocks 45 | # 46 | 47 | set -o pipefail 48 | 49 | filename=$1 50 | template=$2 51 | outfile=$3 52 | title=`sed -n 's/^title:\ *\([a-z_-]*\).*$/\1/p' $filename` 53 | section=`sed -n 's/^title:.*(\([0-9]\)).*$/\1/p' $filename` 54 | version=`sed -n 's/^date:\ *\(.*\)$/\1/p' $filename` 55 | 56 | cat $filename | sed -n -e '/# NAME #/,$p' |\ 57 | pandoc -s -t man -o $outfile --template=$template \ 58 | -V title=$title -V section=$section \ 59 | -V description='"NVM Library"' -V version="$version" \ 60 | -V year=$(date +"%Y") |\ 61 | sed '/^\.IP/{ 62 | N 63 | /\n\.nf/{ 64 | s/IP/PP/ 65 | } 66 | }' 67 | --------------------------------------------------------------------------------