Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
c1a3cb6ce5
|
|||
|
d58226c22c
|
|||
|
9e1d71d1b2
|
|||
|
9c70af4f6f
|
|||
|
7b8cf96b4a
|
17
CHANGELOG.md
17
CHANGELOG.md
@ -4,6 +4,23 @@
|
||||
|
||||
[Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||
|
||||
## [1.2.1] 2019-12-25
|
||||
|
||||
### Fixed
|
||||
|
||||
- macOS support.
|
||||
|
||||
## [1.2.0] 2019-11-15
|
||||
|
||||
### Added
|
||||
|
||||
- Flag for Verbose output. Right now only qemu status messages is
|
||||
implemented.
|
||||
|
||||
### Fixed
|
||||
|
||||
- Kpti settings was not affected for regular runs.
|
||||
|
||||
## [1.1.2] 2019-09-05
|
||||
|
||||
### Added
|
||||
|
||||
@ -15,6 +15,7 @@ import (
|
||||
"os/exec"
|
||||
"os/user"
|
||||
"regexp"
|
||||
"runtime"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
@ -99,6 +100,14 @@ func dockerImagePath(sk config.KernelMask) (path string, err error) {
|
||||
}
|
||||
|
||||
func vsyscallAvailable() (available bool, err error) {
|
||||
if runtime.GOOS != "linux" {
|
||||
// Docker for non-Linux systems is not using the host
|
||||
// kernel but uses kernel inside a virtual machine, so
|
||||
// it builds by the Docker team with vsyscall support.
|
||||
available = true
|
||||
return
|
||||
}
|
||||
|
||||
buf, err := ioutil.ReadFile("/proc/self/maps")
|
||||
if err != nil {
|
||||
return
|
||||
|
||||
12
main.go
12
main.go
@ -84,7 +84,7 @@ func main() {
|
||||
)
|
||||
|
||||
app.Author("Mikhail Klementev <root@dumpstack.io>")
|
||||
app.Version("1.1.2")
|
||||
app.Version("1.2.1")
|
||||
|
||||
pathFlag := app.Flag("path", "Path to work directory")
|
||||
path := pathFlag.Default(".").ExistingDir()
|
||||
@ -155,6 +155,9 @@ func main() {
|
||||
pewTagFlag := pewCommand.Flag("tag", "Log tagging")
|
||||
pewTag := pewTagFlag.String()
|
||||
|
||||
pewVerboseFlag := pewCommand.Flag("verbose", "Show more information")
|
||||
pewVerbose := pewVerboseFlag.Bool()
|
||||
|
||||
kernelCommand := app.Command("kernel", "Manipulate kernels")
|
||||
kernelNoDownload := kernelCommand.Flag("no-download",
|
||||
"Do not download qemu image while kernel generation").Bool()
|
||||
@ -264,6 +267,10 @@ func main() {
|
||||
log.Fatalln("Only one of disable/enable can be used at once")
|
||||
}
|
||||
|
||||
if *yekpti && *nokpti {
|
||||
log.Fatalln("Only one of disable/enable can be used at once")
|
||||
}
|
||||
|
||||
kcfg, err := config.ReadKernelConfig(*kcfgPath)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
@ -299,7 +306,8 @@ func main() {
|
||||
case pewCommand.FullCommand():
|
||||
err = pewHandler(kcfg, *path, *pewKernel, *pewBinary,
|
||||
*pewTest, *pewGuess, stop, *qemuTimeout, *dockerTimeout,
|
||||
*pewMax, *pewRuns, *pewDist, *pewTag, *pewThreads, db)
|
||||
*pewMax, *pewRuns, *pewDist, *pewTag, *pewThreads,
|
||||
db, *pewVerbose)
|
||||
case kernelListCommand.FullCommand():
|
||||
err = kernelListHandler(kcfg)
|
||||
case kernelAutogenCommand.FullCommand():
|
||||
|
||||
3
pack.go
3
pack.go
@ -51,7 +51,8 @@ func packHandler(db *sql.DB, path, registry string, stop time.Time,
|
||||
|
||||
pewHandler(kcfg, workPath, "", "", "", false,
|
||||
stop, dockerTimeout, qemuTimeout,
|
||||
kernelRuns, exploitRuns, pathDevNull, tag, threads, db)
|
||||
kernelRuns, exploitRuns, pathDevNull,
|
||||
tag, threads, db, false)
|
||||
}
|
||||
|
||||
return
|
||||
|
||||
23
pew.go
23
pew.go
@ -303,7 +303,7 @@ func copyTest(q *qemu.System, testPath string, ka config.Artifact) (
|
||||
func whatever(swg *sizedwaitgroup.SizedWaitGroup, ka config.Artifact,
|
||||
ki config.KernelInfo, binaryPath, testPath string,
|
||||
qemuTimeout, dockerTimeout time.Duration, dist, tag string,
|
||||
db *sql.DB) {
|
||||
db *sql.DB, verbose bool) {
|
||||
|
||||
defer swg.Done()
|
||||
|
||||
@ -328,6 +328,7 @@ func whatever(swg *sizedwaitgroup.SizedWaitGroup, ka config.Artifact,
|
||||
q.SetKASLR(!ka.Mitigations.DisableKaslr)
|
||||
q.SetSMEP(!ka.Mitigations.DisableSmep)
|
||||
q.SetSMAP(!ka.Mitigations.DisableSmap)
|
||||
q.SetKPTI(!ka.Mitigations.DisableKpti)
|
||||
|
||||
err = q.Start()
|
||||
if err != nil {
|
||||
@ -336,6 +337,18 @@ func whatever(swg *sizedwaitgroup.SizedWaitGroup, ka config.Artifact,
|
||||
}
|
||||
defer q.Stop()
|
||||
|
||||
if verbose {
|
||||
go func() {
|
||||
for !q.Died {
|
||||
time.Sleep(time.Minute)
|
||||
log.Println(ka.Name, ki.DistroType,
|
||||
ki.DistroRelease, ki.KernelRelease,
|
||||
"still alive")
|
||||
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
usr, err := user.Current()
|
||||
if err != nil {
|
||||
return
|
||||
@ -394,7 +407,7 @@ func performCI(ka config.Artifact, kcfg config.KernelConfig, binaryPath,
|
||||
testPath string, stop time.Time,
|
||||
qemuTimeout, dockerTimeout time.Duration,
|
||||
max, runs int64, dist, tag string, threads int,
|
||||
db *sql.DB) (err error) {
|
||||
db *sql.DB, verbose bool) (err error) {
|
||||
|
||||
found := false
|
||||
|
||||
@ -420,7 +433,7 @@ func performCI(ka config.Artifact, kcfg config.KernelConfig, binaryPath,
|
||||
swg.Add()
|
||||
go whatever(&swg, ka, kernel, binaryPath,
|
||||
testPath, qemuTimeout, dockerTimeout,
|
||||
dist, tag, db)
|
||||
dist, tag, db, verbose)
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -477,7 +490,7 @@ func pewHandler(kcfg config.KernelConfig,
|
||||
workPath, ovrrdKrnl, binary, test string, guess bool,
|
||||
stop time.Time, qemuTimeout, dockerTimeout time.Duration,
|
||||
max, runs int64, dist, tag string, threads int,
|
||||
db *sql.DB) (err error) {
|
||||
db *sql.DB, verbose bool) (err error) {
|
||||
|
||||
ka, err := config.ReadArtifactConfig(workPath + "/.out-of-tree.toml")
|
||||
if err != nil {
|
||||
@ -507,7 +520,7 @@ func pewHandler(kcfg config.KernelConfig,
|
||||
|
||||
err = performCI(ka, kcfg, binary, test,
|
||||
stop, qemuTimeout, dockerTimeout,
|
||||
max, runs, dist, tag, threads, db)
|
||||
max, runs, dist, tag, threads, db, verbose)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user