1
0
out-of-tree/config/config.go

417 lines
8.2 KiB
Go
Raw Normal View History

2018-11-17 20:20:59 +00:00
// Copyright 2018 Mikhail Klementev. All rights reserved.
// Use of this source code is governed by a AGPLv3 license
// (or later) that can be found in the LICENSE file.
package config
import (
"errors"
2018-11-17 20:20:59 +00:00
"fmt"
"io/ioutil"
"os"
"regexp"
"strconv"
2018-11-17 20:20:59 +00:00
"strings"
"time"
2018-11-17 20:20:59 +00:00
"github.com/naoina/toml"
)
type kernel struct {
Version []int
Major []int
Minor []int
Patch []int
}
2019-08-17 08:51:42 +00:00
// KernelMask defines the kernel
2018-11-17 20:20:59 +00:00
type KernelMask struct {
DistroType DistroType
2023-05-12 20:05:44 +00:00
DistroRelease string // 18.04/7/9
2018-11-17 20:20:59 +00:00
ReleaseMask string
// Overrides ReleaseMask
Kernel kernel
2018-11-17 20:20:59 +00:00
}
2019-08-17 08:51:42 +00:00
// DockerName is returns stable name for docker container
func (km KernelMask) DockerName() string {
distro := strings.ToLower(km.DistroType.String())
release := strings.Replace(km.DistroRelease, ".", "__", -1)
return fmt.Sprintf("out_of_tree_%s_%s", distro, release)
}
2019-08-17 08:51:42 +00:00
// ArtifactType is the kernel module or exploit
2018-11-17 20:20:59 +00:00
type ArtifactType int
const (
2019-08-17 09:35:36 +00:00
// KernelModule is any kind of kernel module
2018-11-17 20:20:59 +00:00
KernelModule ArtifactType = iota
2019-08-17 09:47:13 +00:00
// KernelExploit is the privilege escalation exploit
2018-11-17 20:20:59 +00:00
KernelExploit
2023-03-22 20:56:44 +00:00
// Script for information gathering or automation
Script
2018-11-17 20:20:59 +00:00
)
func (at ArtifactType) String() string {
2023-03-22 20:56:44 +00:00
return [...]string{"module", "exploit", "script"}[at]
2018-11-17 20:20:59 +00:00
}
2019-08-17 08:51:42 +00:00
// UnmarshalTOML is for support github.com/naoina/toml
2018-11-17 20:20:59 +00:00
func (at *ArtifactType) UnmarshalTOML(data []byte) (err error) {
stype := strings.Trim(string(data), `"`)
stypelower := strings.ToLower(stype)
if strings.Contains(stypelower, "module") {
*at = KernelModule
} else if strings.Contains(stypelower, "exploit") {
*at = KernelExploit
2023-03-22 20:56:44 +00:00
} else if strings.Contains(stypelower, "script") {
*at = Script
2018-11-17 20:20:59 +00:00
} else {
2018-12-10 02:45:17 +00:00
err = fmt.Errorf("Type %s is unsupported", stype)
2018-11-17 20:20:59 +00:00
}
return
}
2019-08-17 08:51:42 +00:00
// MarshalTOML is for support github.com/naoina/toml
2018-11-23 09:00:30 +00:00
func (at ArtifactType) MarshalTOML() (data []byte, err error) {
s := ""
switch at {
case KernelModule:
s = "module"
case KernelExploit:
s = "exploit"
2023-03-22 20:56:44 +00:00
case Script:
s = "script"
2018-11-23 09:00:30 +00:00
default:
2018-12-10 02:45:17 +00:00
err = fmt.Errorf("Cannot marshal %d", at)
2018-11-23 09:00:30 +00:00
}
data = []byte(`"` + s + `"`)
return
}
// Duration type with toml unmarshalling support
type Duration struct {
time.Duration
}
// UnmarshalTOML for Duration
func (d *Duration) UnmarshalTOML(data []byte) (err error) {
duration := strings.Replace(string(data), "\"", "", -1)
d.Duration, err = time.ParseDuration(duration)
return
}
2019-08-19 19:01:29 +00:00
// MarshalTOML for Duration
func (d Duration) MarshalTOML() (data []byte, err error) {
data = []byte(`"` + d.Duration.String() + `"`)
return
}
2020-06-14 20:14:59 +00:00
type PreloadModule struct {
Repo string
Path string
TimeoutAfterLoad Duration
}
// Extra test files to copy over
type FileTransfer struct {
2023-01-30 20:15:17 +00:00
User string
Local string
Remote string
}
2023-02-16 10:21:44 +00:00
type Patch struct {
Path string
Source string
Script string
}
2019-08-17 08:51:42 +00:00
// Artifact is for .out-of-tree.toml
2018-11-17 20:20:59 +00:00
type Artifact struct {
Name string
Type ArtifactType
2023-01-30 20:15:17 +00:00
TestFiles []FileTransfer
2018-11-17 20:20:59 +00:00
SourcePath string
SupportedKernels []KernelMask
2023-03-22 20:56:44 +00:00
Script string
Qemu struct {
2019-08-19 19:03:59 +00:00
Cpus int
Memory int
Timeout Duration
}
Docker struct {
Timeout Duration
}
Mitigations struct {
2019-08-19 19:03:59 +00:00
DisableSmep bool
DisableSmap bool
DisableKaslr bool
2019-08-20 00:05:19 +00:00
DisableKpti bool
}
2020-06-14 20:14:59 +00:00
2023-02-16 10:21:44 +00:00
Patches []Patch
2023-02-15 16:54:46 +00:00
Make struct {
Target string
}
2023-02-15 11:48:25 +00:00
StandardModules bool
2020-06-14 20:14:59 +00:00
Preload []PreloadModule
2018-11-17 20:20:59 +00:00
}
func (ka Artifact) checkSupport(ki KernelInfo, km KernelMask) (
supported bool, err error) {
if ki.DistroType != km.DistroType {
supported = false
return
}
// DistroRelease is optional
if km.DistroRelease != "" && ki.DistroRelease != km.DistroRelease {
supported = false
return
}
supported, err = regexp.MatchString(km.ReleaseMask, ki.KernelRelease)
return
}
2019-08-17 08:51:42 +00:00
// Supported returns true if given kernel is supported by artifact
2018-11-17 20:20:59 +00:00
func (ka Artifact) Supported(ki KernelInfo) (supported bool, err error) {
for _, km := range ka.SupportedKernels {
supported, err = ka.checkSupport(ki, km)
if supported {
break
}
}
return
}
2019-08-17 08:51:42 +00:00
// DistroType is enum with all supported distros
2018-11-17 20:20:59 +00:00
type DistroType int
const (
2019-08-17 09:35:36 +00:00
// Ubuntu https://ubuntu.com/
2018-11-17 20:20:59 +00:00
Ubuntu DistroType = iota
2019-08-17 09:35:36 +00:00
// CentOS https://www.centos.org/
2018-11-17 20:20:59 +00:00
CentOS
2019-08-17 09:35:36 +00:00
// Debian https://www.debian.org/
2018-11-17 20:20:59 +00:00
Debian
2023-05-09 14:40:06 +00:00
// OracleLinux https://www.oracle.com/linux/
OracleLinux
2018-11-17 20:20:59 +00:00
)
2019-08-17 09:35:36 +00:00
// DistroTypeStrings is the string version of enum DistroType
2023-05-09 14:40:06 +00:00
var DistroTypeStrings = [...]string{
"Ubuntu",
"CentOS",
"Debian",
"OracleLinux",
}
2018-11-17 20:20:59 +00:00
2019-08-17 08:51:42 +00:00
// NewDistroType is create new Distro object
2018-11-17 20:20:59 +00:00
func NewDistroType(dType string) (dt DistroType, err error) {
err = dt.UnmarshalTOML([]byte(dType))
return
}
func (dt DistroType) String() string {
return DistroTypeStrings[dt]
}
2019-08-17 08:51:42 +00:00
// UnmarshalTOML is for support github.com/naoina/toml
2018-11-17 20:20:59 +00:00
func (dt *DistroType) UnmarshalTOML(data []byte) (err error) {
sDistro := strings.Trim(string(data), `"`)
if strings.EqualFold(sDistro, "Ubuntu") {
*dt = Ubuntu
} else if strings.EqualFold(sDistro, "CentOS") {
*dt = CentOS
} else if strings.EqualFold(sDistro, "Debian") {
*dt = Debian
2023-05-09 14:40:06 +00:00
} else if strings.EqualFold(sDistro, "OracleLinux") {
*dt = OracleLinux
2018-11-17 20:20:59 +00:00
} else {
2018-12-10 02:45:17 +00:00
err = fmt.Errorf("Distro %s is unsupported", sDistro)
2018-11-17 20:20:59 +00:00
}
return
}
2019-08-17 08:51:42 +00:00
// MarshalTOML is for support github.com/naoina/toml
2018-11-23 09:00:30 +00:00
func (dt DistroType) MarshalTOML() (data []byte, err error) {
s := ""
switch dt {
case Ubuntu:
s = "Ubuntu"
case CentOS:
s = "CentOS"
case Debian:
s = "Debian"
2023-05-09 14:40:06 +00:00
case OracleLinux:
s = "OracleLinux"
2018-11-23 09:00:30 +00:00
default:
2018-12-10 02:45:17 +00:00
err = fmt.Errorf("Cannot marshal %d", dt)
2018-11-23 09:00:30 +00:00
}
data = []byte(`"` + s + `"`)
return
}
2019-08-17 09:35:36 +00:00
// ByRootFS is sorting by .RootFS lexicographically
type ByRootFS []KernelInfo
func (a ByRootFS) Len() int { return len(a) }
func (a ByRootFS) Swap(i, j int) { a[i], a[j] = a[j], a[i] }
func (a ByRootFS) Less(i, j int) bool { return a[i].RootFS < a[j].RootFS }
2019-08-17 09:35:36 +00:00
// KernelInfo defines kernels.toml entries
2018-11-17 20:20:59 +00:00
type KernelInfo struct {
DistroType DistroType
DistroRelease string // 18.04/7.4.1708/9.1
// Must be *exactly* same as in `uname -r`
KernelRelease string
// Build-time information
KernelSource string // module/exploit will be build on host
2018-11-17 20:20:59 +00:00
ContainerName string
// Runtime information
2023-02-15 10:52:36 +00:00
KernelPath string
InitrdPath string
ModulesPath string
RootFS string
// Debug symbols
VmlinuxPath string
2018-11-17 20:20:59 +00:00
}
2019-08-17 08:51:42 +00:00
// KernelConfig is the ~/.out-of-tree/kernels.toml configuration description
2018-11-17 20:20:59 +00:00
type KernelConfig struct {
Kernels []KernelInfo
}
func readFileAll(path string) (buf []byte, err error) {
f, err := os.Open(path)
if err != nil {
return
}
defer f.Close()
buf, err = ioutil.ReadAll(f)
return
}
2019-08-17 08:51:42 +00:00
// ReadKernelConfig is for read kernels.toml
2018-11-17 20:20:59 +00:00
func ReadKernelConfig(path string) (kernelCfg KernelConfig, err error) {
buf, err := readFileAll(path)
if err != nil {
return
}
err = toml.Unmarshal(buf, &kernelCfg)
if err != nil {
return
}
return
}
func rangeRegexp(start, end int) (s string) {
s += "("
for i := start; i <= end; i++ {
s += strconv.Itoa(i)
if i != end {
s += "|"
}
}
s += ")"
return
}
func versionRegexp(l []int) (s string, err error) {
switch len(l) {
case 1:
s += strconv.Itoa(l[0])
case 2:
s += rangeRegexp(l[0], l[1])
default:
err = errors.New("version must contain one value or range")
return
}
return
}
func genReleaseMask(km kernel) (mask string, err error) {
s, err := versionRegexp(km.Version)
if err != nil {
return
}
2019-08-17 15:30:42 +00:00
mask += s + "[.]"
s, err = versionRegexp(km.Major)
if err != nil {
return
}
2019-08-17 15:30:42 +00:00
mask += s + "[.]"
s, err = versionRegexp(km.Minor)
if err != nil {
return
}
mask += s
switch len(km.Patch) {
case 0:
// ok
case 1:
2019-08-17 15:30:42 +00:00
mask += "-" + strconv.Itoa(km.Patch[0]) + "-"
case 2:
2019-08-17 15:30:42 +00:00
mask += "-" + rangeRegexp(km.Patch[0], km.Patch[1]) + "-"
default:
err = errors.New("version must contain one value or range")
return
}
2019-08-17 15:30:42 +00:00
mask += ".*"
return
}
2019-08-17 08:51:42 +00:00
// ReadArtifactConfig is for read .out-of-tree.toml
func ReadArtifactConfig(path string) (ka Artifact, err error) {
2018-11-17 20:20:59 +00:00
buf, err := readFileAll(path)
if err != nil {
return
}
err = toml.Unmarshal(buf, &ka)
2018-11-17 20:20:59 +00:00
if err != nil {
return
}
for i, _ := range ka.SupportedKernels {
km := &ka.SupportedKernels[i]
if len(km.Kernel.Version) != 0 && km.ReleaseMask != "" {
s := "Only one way to define kernel version is allowed"
err = errors.New(s)
return
}
if km.ReleaseMask == "" {
km.ReleaseMask, err = genReleaseMask(km.Kernel)
if err != nil {
return
}
}
}
2018-11-17 20:20:59 +00:00
return
}