S2E · al0wner · Feb 23, 2024 · Feb 26, 2024 · Feb 27, 2024 · Feb 27, 2024
diff --git a/Makefile b/Makefile
@@ -490,6 +490,8 @@ LIBS2E_CONFIGURE_FLAGS = --with-cc=$(CLANG_CC)
                          --with-libcpu-src=$(S2E_SRC)/libcpu                        \
                          --with-libs2ecore-src=$(S2E_SRC)/libs2ecore                \
                          --with-libs2eplugins-src=$(S2E_SRC)/libs2eplugins          \
+                         --with-libps-incdir=$(S2E_PREFIX)/include                  \
+                         --with-libps-libdir=$(S2E_PREFIX)/lib                      \
                          --prefix=$(S2E_PREFIX)                                     \
 
 LIBS2E_DEBUG_FLAGS = --with-llvm=$(LLVM_BUILD)/llvm-debug                           \

diff --git a/guest/CMakeLists.txt b/guest/CMakeLists.txt
@@ -28,6 +28,7 @@ set(guesttools_VERSION_MINOR 1)
 set(guesttools_VERSION_PATCH 0)
 set(guesttools_PACKAGE_VERSION
     "${guesttools_VERSION_MAJOR}.${guesttools_VERSION_MINOR}.${guesttools_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")

diff --git a/guest/common/include/s2e/opcodes.h b/guest/common/include/s2e/opcodes.h
@@ -97,6 +97,13 @@ extern "C" {
 // Maximum S2E opcode allowed
 #define BASE_S2E_MAX_OPCODE     0x70
 
+// Mimesis custom instructions
+#define MIMESIS_OPCODE          0x99
+#define MIMESIS_OP_USER_RECV    0x00
+#define MIMESIS_OP_USER_SEND    0x01
+#define MIMESIS_OP_KERNEL_RECV  0x02
+#define MIMESIS_OP_KERNEL_SEND  0x03
+
 // clang-format on
 
 #ifdef __cplusplus

diff --git a/guest/linux/scripts/launch.sh b/guest/linux/scripts/launch.sh
@@ -44,5 +44,5 @@ echo "$SECRET_MESSAGE_SAVEVM" > /dev/ttyS0
 
 ./s2ecmd get bootstrap.sh
 chmod +x bootstrap.sh
-./bootstrap.sh 2>&1 > /dev/ttyS0
+./bootstrap.sh > /dev/ttyS0 2>&1
 ./s2ecmd kill 0 "bootstrap terminated"
diff --git a/klee/CMakeLists.txt b/klee/CMakeLists.txt
@@ -18,6 +18,7 @@ set(KLEE_VERSION_MINOR 0)
 set(KLEE_VERSION_PATCH 0)
 set(KLEE_PACKAGE_VERSION
     "${KLEE_VERSION_MAJOR}.${KLEE_VERSION_MINOR}.${KLEE_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")

diff --git a/libcoroutine/CMakeLists.txt b/libcoroutine/CMakeLists.txt
@@ -10,6 +10,7 @@ set(LIBCOROUTINE_VERSION_MINOR 0)
 set(LIBCOROUTINE_VERSION_PATCH 0)
 set(LIBCOROUTINE_PACKAGE_VERSION
     "${LIBCOROUTINE_VERSION_MAJOR}.${LIBCOROUTINE_VERSION_MINOR}.${LIBCOROUTINE_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")

diff --git a/libcpu/CMakeLists.txt b/libcpu/CMakeLists.txt
@@ -9,6 +9,7 @@ set(LIBCPU_VERSION_MINOR 0)
 set(LIBCPU_VERSION_PATCH 50)
 set(LIBCPU_PACKAGE_VERSION
     "${LIBCPU_VERSION_MAJOR}.${LIBCPU_VERSION_MINOR}.${LIBCPU_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")

diff --git a/libfsigc++/CMakeLists.txt b/libfsigc++/CMakeLists.txt
@@ -26,6 +26,7 @@ set(FSIGCXX_VERSION_MINOR 0)
 set(FSIGCXX_VERSION_PATCH 0)
 set(FSIGCXX_PACKAGE_VERSION
     "${FSIGCXX_VERSION_MAJOR}.${FSIGCXX_VERSION_MINOR}.${FSIGCXX_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")

diff --git a/libq/CMakeLists.txt b/libq/CMakeLists.txt
@@ -9,6 +9,7 @@ set(LIBQ_VERSION_MINOR 0)
 set(LIBQ_VERSION_PATCH 0)
 set(LIBQ_PACKAGE_VERSION
     "${LIBQ_VERSION_MAJOR}.${LIBQ_VERSION_MINOR}.${LIBQ_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")

diff --git a/libs2e/CMakeLists.txt b/libs2e/CMakeLists.txt
@@ -27,6 +27,7 @@ set(LIBS2E_VERSION_MINOR 0)
 set(LIBS2E_VERSION_PATCH 0)
 set(LIBS2E_PACKAGE_VERSION
     "${LIBS2E_VERSION_MAJOR}.${LIBS2E_VERSION_MINOR}.${LIBS2E_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")
@@ -83,6 +84,15 @@ message(STATUS "Found libvmi ${VMI_PACKAGE_VERSION}")
 find_package(LIBCOROUTINE REQUIRED)
 message(STATUS "Found libcoroutine ${LIBCOROUTINE_PACKAGE_VERSION}")
 
+find_library(libps ps PATHS ${LIBPS_LIBRARY_DIR} NO_DEFAULT_PATH)
+message(STATUS "Found libps ${libps}")
+
+find_library(liblace lace PATHS ${LIBPS_LIBRARY_DIR} NO_DEFAULT_PATH)
+message(STATUS "Found lace ${liblace}")
+
+find_library(libsylvan sylvan PATHS ${LIBPS_LIBRARY_DIR} NO_DEFAULT_PATH)
+message(STATUS "Found sylvan ${libsylvan}")
+
 if(WITH_TARGET MATCHES "s2e")
     # TODO: look at libcpu compile options to figure this out
     find_package(LIBS2ECORE REQUIRED)

diff --git a/libs2e/configure b/libs2e/configure
@@ -44,6 +44,8 @@ echo "  --with-z3-incdir=PATH            Z3 include directory"
 echo "  --with-z3-libdir=PATH            Z3 library directory"
 echo "  --enable-debug                   Compile library with debug information"
 echo "  --with-s2e-guest-incdir=PATH     Path to S2E guest headers"
+echo "  --with-libps-incdir=PATH         libps include directory"
+echo "  --with-libps-libdir=PATH         libps library directory"
 }
 
 LLVM_ROOT=
@@ -132,6 +134,14 @@ for opt do
         S2EGUEST_INCDIR="$optarg"
     ;;
 
+    --with-libps-incdir=*)
+      LIBPS_INCDIR="$optarg"
+    ;;
+
+    --with-libps-libdir=*)
+      LIBPS_LIBDIR="$optarg"
+    ;;
+
     *) echo "Unknown option $opt"
     ;;
   esac
@@ -309,6 +319,8 @@ cmake -DCMAKE_C_COMPILER="$CC" -DCMAKE_CXX_COMPILER="$CXX"  \
     -DLIBQ_DIR=$LIBQ_DIR                                    \
     -DLUA_DIR=$LIBLUA_LIB                                   \
     -DS2EGUEST_INCLUDE_DIR=$S2EGUEST_INCDIR                 \
+    -DLIBPS_INCLUDE_DIR="$LIBPS_INCDIR"                     \
+    -DLIBPS_LIBRARY_DIR="$LIBPS_LIBDIR"                     \
     "$LIBS2EPLUGINS_SRC"
 
 if [ $? -ne 0 ]; then
@@ -339,6 +351,8 @@ cmake -DCMAKE_C_COMPILER="$CC" -DCMAKE_CXX_COMPILER="$CXX"  \
     -DFSIGCXX_DIR="$FSIGCXX_DIR"                            \
     -DZ3_DIR="$Z3_LIBDIR"                                   \
     -DWITH_TARGET="$target"                                 \
+    -DLIBPS_INCLUDE_DIR="$LIBPS_INCDIR"                     \
+    -DLIBPS_LIBRARY_DIR="$LIBPS_LIBDIR"                     \
     "$SRC_DIR"
 
 if [ $? -ne 0 ]; then

diff --git a/libs2e/src/CMakeLists.txt b/libs2e/src/CMakeLists.txt
@@ -39,7 +39,7 @@ add_executable(
 # Specify whole path for libraries so that libs2e can be relinked if any of them changes.
 # Just specifying the short library name prevents cmake from detecting the dependency.
 if(WITH_TARGET MATCHES "s2e")
-set(LIBS -Wl,--whole-archive ${LIBS2EPLUGINS_LIBRARY_DIR}/libs2eplugins.a ${LIBS2ECORE_LIBRARY_DIR}/libs2ecore.a -Wl,--no-whole-archive ${LIBS})
+set(LIBS -Wl,--whole-archive ${LIBS2EPLUGINS_LIBRARY_DIR}/libs2eplugins.a ${LIBS2ECORE_LIBRARY_DIR}/libs2ecore.a ${libps} ${liblace} ${libsylvan} -Wl,--no-whole-archive ${LIBS})
 endif()
 
 set(LIBS ${LIBS} ${LIBCPU_LIBRARY_DIR}/libcpu.a ${LIBTCG_LIBRARY_DIR}/libtcg.a)

diff --git a/libs2ecore/CMakeLists.txt b/libs2ecore/CMakeLists.txt
@@ -26,6 +26,7 @@ set(LIBS2ECORE_VERSION_MINOR 0)
 set(LIBS2ECORE_VERSION_PATCH 0)
 set(LIBS2ECORE_PACKAGE_VERSION
     "${LIBS2ECORE_VERSION_MAJOR}.${LIBS2ECORE_VERSION_MINOR}.${LIBS2ECORE_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")

diff --git a/libs2eplugins/CMakeLists.txt b/libs2eplugins/CMakeLists.txt
@@ -26,6 +26,7 @@ set(LIBS2EPLUGINS_VERSION_MINOR 0)
 set(LIBS2EPLUGINS_VERSION_PATCH 0)
 set(LIBS2EPLUGINS_PACKAGE_VERSION
     "${LIBS2EPLUGINS_VERSION_MAJOR}.${LIBS2EPLUGINS_VERSION_MINOR}.${LIBS2EPLUGINS_VERSION_PATCH}")
+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
 
 include(CMakePackageConfigHelpers)
 set(CMAKE_VERSION_FILE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Version.cmake")
@@ -110,6 +111,8 @@ include_directories(${GLIB_PKG_INCLUDE_DIRS}
                     ${FSIGCXX_INCLUDE_DIR}
                     ${KLEE_INCLUDE_DIR}
                     ${LUA_DIR}
-                    ${S2EGUEST_INCLUDE_DIR})
+                    ${S2EGUEST_INCLUDE_DIR}
+                    ${LIBPS_INCLUDE_DIR}
+                    /usr/lib/glib-2.0/include)
 
 add_subdirectory(src)
diff --git a/libs2eplugins/src/CMakeLists.txt b/libs2eplugins/src/CMakeLists.txt
@@ -23,6 +23,8 @@ PROTOBUF_GENERATE_CPP(PROTO_SRCS PROTO_HDRS ${CMAKE_CURRENT_SOURCE_DIR}/s2e/Plug
 add_library(
     s2eplugins
 
+    s2e/Plugins/Mimesis.cpp
+
     # Core plugins
     s2e/Plugins/Core/BaseInstructions.cpp
     s2e/Plugins/Core/HostFiles.cpp

diff --git a/libs2eplugins/src/s2e/Plugins/ExecutionTracers/TestCaseGenerator.cpp b/libs2eplugins/src/s2e/Plugins/ExecutionTracers/TestCaseGenerator.cpp
@@ -104,7 +104,7 @@ TestCaseGenerator::TestCaseGenerator(S2E *s2e) : Plugin(s2e) {
 
 void TestCaseGenerator::initialize() {
     m_tracer = s2e()->getPlugin<ExecutionTracer>();
-    enable();
+    // enable();
 }
 
 void TestCaseGenerator::enable() {

diff --git a/libs2eplugins/src/s2e/Plugins/InstructionTracker.cpp b/libs2eplugins/src/s2e/Plugins/InstructionTracker.cpp
@@ -0,0 +1,133 @@
+///
+/// Copyright (C) 2024, Kuan-Yen Chou
+///
+/// Permission is hereby granted, free of charge, to any person obtaining a copy
+/// of this software and associated documentation files (the "Software"), to deal
+/// in the Software without restriction, including without limitation the rights
+/// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+/// copies of the Software, and to permit persons to whom the Software is
+/// furnished to do so, subject to the following conditions:
+///
+/// The above copyright notice and this permission notice shall be included in all
+/// copies or substantial portions of the Software.
+///
+/// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+/// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+/// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+/// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+/// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+/// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+/// SOFTWARE.
+///
+
+#include "InstructionTracker.h"
+
+#include "s2e/ConfigFile.h"
+#include "s2e/S2E.h"
+#include "s2e/Utils.h"
+#include "fsigc++/fsigc++.h"
+
+namespace s2e {
+namespace plugins {
+
+namespace {
+
+class InstructionTrackerState : public PluginState {
+private:
+    int m_count;
+
+public:
+    InstructionTrackerState() : m_count(0) {
+    }
+
+    virtual ~InstructionTrackerState() {
+        // Destroy any object if needed
+    }
+
+    static PluginState *factory(Plugin *p, S2EExecutionState *s) {
+        return new InstructionTrackerState();
+    }
+
+    virtual InstructionTrackerState *clone() const {
+        return new InstructionTrackerState(*this);
+    }
+
+    void increment() {
+        ++m_count;
+    }
+
+    int get() const {
+        return m_count;
+    }
+};
+
+} // namespace
+
+S2E_DEFINE_PLUGIN(InstructionTracker, "Tracking instructions. S2E tutorial", "InstructionTracker", );
+
+void InstructionTracker::initialize() {
+    m_address = s2e()->getConfig()->getInt(getConfigKey() + ".addressToTrack");
+
+    s2e()->getCorePlugin()->onTranslateInstructionStart.connect(
+        sigc::mem_fun(*this, &InstructionTracker::onTranslateInstruction));
+}
+
+void InstructionTracker::onTranslateInstruction(ExecutionSignal *signal, S2EExecutionState *state, TranslationBlock *tb,
+                                                uint64_t pc) {
+    // s2e()->getInfoStream() << "onTranslateInstruction " << hexval(pc) << "\n";
+
+    if (m_address == pc) {
+        s2e()->getInfoStream() << "Registering onInstructionExecution for " << hexval(pc) << "\n";
+        // Found the interesting address. Ask S2E to invoke our callback when
+        // the address is actually executed.
+        signal->connect(sigc::mem_fun(*this, &InstructionTracker::onInstructionExecution));
+    }
+}
+
+// This callback is triggered only when the instruction is executed.
+// It incurs no overhead for all other instructions.
+void InstructionTracker::onInstructionExecution(S2EExecutionState *state, uint64_t pc) {
+    // This declares the plgState variable of type InstructionTrackerState. It
+    // automatically retrieves the right plugin state attached to the specified
+    // execution state.
+    DECLARE_PLUGINSTATE(InstructionTrackerState, state);
+
+    s2e()->getDebugStream() << "Executing instruction at " << hexval(pc) << '\n';
+    // The plugins can arbitrarily modify/observe the current execution state
+    // via the execution state pointer. Plugins can also call the s2e() method
+    // to use the S2E API.
+
+    plgState->increment();
+
+    // Trigger the exported event.
+    if ((plgState->get() % 10) == 0) {
+        onPeriodicEvent.emit(state, pc);
+    }
+}
+
+void InstructionTracker::handleOpcodeInvocation(S2EExecutionState *state, uint64_t guestDataPtr,
+                                                uint64_t guestDataSize) {
+    S2E_INSTRUCTIONTRACKER_COMMAND command;
+
+    if (guestDataSize != sizeof(command)) {
+        getWarningsStream(state) << "mismatched S2E_INSTRUCTIONTRACKER_COMMAND size\n";
+        return;
+    }
+
+    if (!state->mem()->read(guestDataPtr, &command, guestDataSize)) {
+        getWarningsStream(state) << "could not read transmitted data\n";
+        return;
+    }
+
+    switch (command.Command) {
+        // TODO: add custom commands here
+        case COMMAND_1:
+            break;
+        default:
+            getWarningsStream(state) << "Unknown command " << command.Command << "\n";
+            break;
+    }
+}
+
+} // namespace plugins
+} // namespace s2e