1
0
Fork 0

Basic kernel autogeneration (based on current config) implementation

timestamps
dump_stack() 2018-11-28 22:41:17 +00:00
parent 804e0b4879
commit 8eff63f2b9
5 changed files with 272 additions and 0 deletions

View File

@ -21,6 +21,12 @@ type KernelMask struct {
ReleaseMask string ReleaseMask string
} }
func (km KernelMask) DockerName() string {
distro := strings.ToLower(km.DistroType.String())
release := strings.Replace(km.DistroRelease, ".", "", -1)
return fmt.Sprintf("out_of_tree_%s_%s", distro, release)
}
type ArtifactType int type ArtifactType int
const ( const (

View File

@ -5,15 +5,18 @@ type = "exploit"
[[supported_kernels]] [[supported_kernels]]
distro_type = "Ubuntu" distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.4.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31|32|33|34|35|36|37|38|39|40|41|42|43|44|45|46|47|48|49|50|51|52|53|54|55|56|57|58|59|60|61|62|63|64|65|66|67|68|69|70|71|72|73|74|75|76|77|78|79|80|81|82|83|84|85|86|87|88|89|90|91|92|93|94|95|96|97|98|99|100|101|102|103|104|105|106|107|108|109|110|111|112|113|114|115|116)-.*" release_mask = "4.4.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31|32|33|34|35|36|37|38|39|40|41|42|43|44|45|46|47|48|49|50|51|52|53|54|55|56|57|58|59|60|61|62|63|64|65|66|67|68|69|70|71|72|73|74|75|76|77|78|79|80|81|82|83|84|85|86|87|88|89|90|91|92|93|94|95|96|97|98|99|100|101|102|103|104|105|106|107|108|109|110|111|112|113|114|115|116)-.*"
[[supported_kernels]] [[supported_kernels]]
distro_type = "Ubuntu" distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.8.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31|32|33|34|35|36|37|38|39|40|41|42|43|44|45|46|47|48|49|50|51|52|53|54|55|56|57|58)-.*" release_mask = "4.8.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31|32|33|34|35|36|37|38|39|40|41|42|43|44|45|46|47|48|49|50|51|52|53|54|55|56|57|58)-.*"
[[supported_kernels]] [[supported_kernels]]
# Can be Ubuntu/CentOS/Debian/etc. # Can be Ubuntu/CentOS/Debian/etc.
distro_type = "Ubuntu" distro_type = "Ubuntu"
distro_release = "16.04"
# regex for `uname -r` # regex for `uname -r`
# See also: regex-golang.appspot.com # See also: regex-golang.appspot.com
# stupid way to generate: $ echo '4.4.0-('$(seq 44 | xargs echo | sed 's/ /|/g')')-.*' # stupid way to generate: $ echo '4.4.0-('$(seq 44 | xargs echo | sed 's/ /|/g')')-.*'
@ -21,8 +24,10 @@ release_mask = "4.10.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22
[[supported_kernels]] [[supported_kernels]]
distro_type = "Ubuntu" distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.11.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14)-.*" release_mask = "4.11.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14)-.*"
[[supported_kernels]] [[supported_kernels]]
distro_type = "Ubuntu" distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.13.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21)-.*" release_mask = "4.13.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21)-.*"

View File

@ -6,6 +6,7 @@ type = "module"
[[supported_kernels]] [[supported_kernels]]
# Can be Ubuntu/CentOS/Debian/etc. # Can be Ubuntu/CentOS/Debian/etc.
distro_type = "Ubuntu" distro_type = "Ubuntu"
distro_release = "16.04"
# regex for `uname -r` # regex for `uname -r`
# See also: regex-golang.appspot.com # See also: regex-golang.appspot.com
release_mask = "4.4.0-70-.*" release_mask = "4.4.0-70-.*"
@ -13,5 +14,6 @@ release_mask = "4.4.0-70-.*"
# [[supported_kernels]] may be defined unlimited number of times # [[supported_kernels]] may be defined unlimited number of times
[[supported_kernels]] [[supported_kernels]]
distro_type = "Ubuntu" distro_type = "Ubuntu"
distro_release = "18.04"
# Also you can use only one kernel # Also you can use only one kernel
release_mask = "4.15.0-29-generic" release_mask = "4.15.0-29-generic"

255
kernel.go
View File

@ -7,6 +7,13 @@ package main
import ( import (
"errors" "errors"
"fmt" "fmt"
"io/ioutil"
"log"
"os"
"os/exec"
"os/user"
"regexp"
"strings"
"github.com/jollheef/out-of-tree/config" "github.com/jollheef/out-of-tree/config"
) )
@ -20,3 +27,251 @@ func kernelListHandler(kcfg config.KernelConfig) (err error) {
} }
return return
} }
func matchDebianKernelPkg(container, mask string, generic bool) (pkgs []string,
err error) {
cmd := "apt-cache search linux-image | cut -d ' ' -f 1"
c := dockerCommand(container, "/tmp", "1m", cmd)
rawOutput, err := c.CombinedOutput()
if err != nil {
return
}
r, err := regexp.Compile("linux-image-" + mask)
if err != nil {
return
}
kernels := r.FindAll(rawOutput, -1)
for _, k := range kernels {
pkg := string(k)
if generic && !strings.HasSuffix(pkg, "generic") {
continue
}
pkgs = append(pkgs, pkg)
}
return
}
func dockerImagePath(sk config.KernelMask) (path string, err error) {
usr, err := user.Current()
if err != nil {
return
}
path = usr.HomeDir + "/.out-of-tree/"
path += sk.DistroType.String() + "/" + sk.DistroRelease
return
}
func generateBaseDockerImage(sk config.KernelMask) (err error) {
imagePath, err := dockerImagePath(sk)
if err != nil {
return
}
dockerPath := imagePath + "/Dockerfile"
d := "# BASE\n"
if exists(dockerPath) {
log.Printf("Base image for %s:%s found",
sk.DistroType.String(), sk.DistroRelease)
return
} else {
log.Printf("Base image for %s:%s not found, start generating",
sk.DistroType.String(), sk.DistroRelease)
os.MkdirAll(imagePath, os.ModePerm)
}
d += fmt.Sprintf("FROM %s:%s\n",
strings.ToLower(sk.DistroType.String()),
sk.DistroRelease,
)
switch sk.DistroType {
case config.Ubuntu:
d += "ENV DEBIAN_FRONTEND=noninteractive\n"
d += "RUN apt-get update\n"
d += "RUN apt-get install -y build-essential libelf-dev\n"
d += "RUN apt-get install -y wget git\n"
default:
s := fmt.Sprintf("%s not yet supported", sk.DistroType.String())
err = errors.New(s)
return
}
d += "# END BASE\n\n"
err = ioutil.WriteFile(dockerPath, []byte(d), 0644)
if err != nil {
return
}
cmd := exec.Command("docker", "build", "-t", sk.DockerName(), imagePath)
rawOutput, err := cmd.CombinedOutput()
if err != nil {
log.Printf("Base image for %s:%s generating error, see log",
sk.DistroType.String(), sk.DistroRelease)
log.Println(string(rawOutput))
return
}
log.Printf("Base image for %s:%s generating success",
sk.DistroType.String(), sk.DistroRelease)
return
}
func dockerImageAppend(sk config.KernelMask, pkgname string) (err error) {
imagePath, err := dockerImagePath(sk)
if err != nil {
return
}
raw, err := ioutil.ReadFile(imagePath + "/Dockerfile")
if err != nil {
return
}
if strings.Contains(string(raw), pkgname) {
// already installed kernel
log.Printf("kernel %s for %s:%s is already exists",
pkgname, sk.DistroType.String(), sk.DistroRelease)
return
}
log.Printf("Start adding kernel %s for %s:%s",
pkgname, sk.DistroType.String(), sk.DistroRelease)
//s := fmt.Sprintf("RUN apt-get install -y %s %s\n", pkgname,
s := fmt.Sprintf("RUN apt-get install -y %s %s\n", pkgname,
strings.Replace(pkgname, "image", "headers", -1))
err = ioutil.WriteFile(imagePath+"/Dockerfile",
append(raw, []byte(s)...), 0644)
if err != nil {
return
}
cmd := exec.Command("docker", "build", "-t", sk.DockerName(), imagePath)
rawOutput, err := cmd.CombinedOutput()
if err != nil {
// Fallback to previous state
werr := ioutil.WriteFile(imagePath+"/Dockerfile", raw, 0644)
if werr != nil {
return
}
log.Printf("Add kernel %s for %s:%s error, see log",
pkgname, sk.DistroType.String(), sk.DistroRelease)
log.Println(string(rawOutput))
return
}
log.Printf("Add kernel %s for %s:%s success",
pkgname, sk.DistroType.String(), sk.DistroRelease)
return
}
func kickImage(name string) (err error) {
cmd := exec.Command("docker", "run", name, "bash", "-c", "ls")
_, err = cmd.CombinedOutput()
return
}
func copyKernels(name string) (err error) {
cmd := exec.Command("docker", "ps", "-a")
rawOutput, err := cmd.CombinedOutput()
if err != nil {
log.Println(string(rawOutput))
return
}
r, err := regexp.Compile(".*" + name)
if err != nil {
return
}
var containerID string
what := r.FindAll(rawOutput, -1)
for _, w := range what {
containerID = strings.Fields(string(w))[0]
break
}
usr, err := user.Current()
if err != nil {
return
}
target := usr.HomeDir + "/.out-of-tree/kernels/"
if !exists(target) {
os.MkdirAll(target, os.ModePerm)
}
cmd = exec.Command("docker", "cp", containerID+":/boot/.", target)
rawOutput, err = cmd.CombinedOutput()
if err != nil {
log.Println(string(rawOutput))
return
}
return
}
func kernelAutogenHandler(kcfg config.KernelConfig, workPath string) (err error) {
ka, err := config.ReadArtifactConfig(workPath + "/.out-of-tree.toml")
if err != nil {
return
}
var usedImages []string
for _, sk := range ka.SupportedKernels {
if sk.DistroRelease == "" {
err = errors.New("Please set distro_release")
return
}
err = generateBaseDockerImage(sk)
if err != nil {
return
}
var pkgs []string
pkgs, err = matchDebianKernelPkg(sk.DockerName(),
sk.ReleaseMask, true)
if err != nil {
return
}
for _, pkg := range pkgs {
dockerImageAppend(sk, pkg)
}
usedImages = append(usedImages, sk.DockerName())
}
for _, ui := range usedImages {
err = kickImage(ui)
if err != nil {
log.Println("kick image", ui, ":", err)
continue
}
err = copyKernels(ui)
if err != nil {
log.Println("copy kernels", ui, ":", err)
continue
}
}
log.Println("Currently generation of kernels.toml is not implemented")
log.Println("So next step is up to you hand :)")
return
}

View File

@ -57,6 +57,8 @@ func main() {
kernelCommand := app.Command("kernel", "Manipulate kernels") kernelCommand := app.Command("kernel", "Manipulate kernels")
kernelListCommand := kernelCommand.Command("list", "List kernels") kernelListCommand := kernelCommand.Command("list", "List kernels")
kernelAutogenCommand := kernelCommand.Command("autogen",
"Generate kernels based on a current config")
genCommand := app.Command("gen", "Generate .out-of-tree.toml skeleton") genCommand := app.Command("gen", "Generate .out-of-tree.toml skeleton")
genModuleCommand := genCommand.Command("module", genModuleCommand := genCommand.Command("module",
@ -91,6 +93,8 @@ func main() {
*pewTest, *pewGuess, *qemuTimeout, *dockerTimeout) *pewTest, *pewGuess, *qemuTimeout, *dockerTimeout)
case kernelListCommand.FullCommand(): case kernelListCommand.FullCommand():
err = kernelListHandler(kcfg) err = kernelListHandler(kcfg)
case kernelAutogenCommand.FullCommand():
err = kernelAutogenHandler(kcfg, *path)
case genModuleCommand.FullCommand(): case genModuleCommand.FullCommand():
err = genConfig(config.KernelModule) err = genConfig(config.KernelModule)
case genExploitCommand.FullCommand(): case genExploitCommand.FullCommand():