Skip to content

Commit

Permalink
separate categories
Browse files Browse the repository at this point in the history
  • Loading branch information
@sectordistrict
sectordistrict committed Dec 17, 2024
1 parent 0a543b4 commit 7887348
Show file tree
Hide file tree
Showing 10 changed files with 387 additions and 640 deletions.
2 changes: 1 addition & 1 deletion Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "intentrace"
version = "0.4.0"
version = "0.4.1"
description = "intentrace is strace with intent, it goes all the way for you instead of half the way."
edition = "2021"
license = "MIT"
Expand Down
1 change: 1 addition & 0 deletions src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ use utilities::{

mod syscall_object;
mod syscall_object_annotations;
mod syscall_categories;
mod syscall_annotations_map;
mod types;
mod syscall_skeleton_map;
Expand Down
462 changes: 98 additions & 364 deletions src/syscall_annotations_map.rs
View file

Large diffs are not rendered by default.

177 changes: 177 additions & 0 deletions src/syscall_categories.rs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,177 @@
use crate::types::Category;
use std::collections::HashMap;
use syscalls::Sysno;

pub fn initialize_syscall_category_map() -> HashMap<Sysno, Category> {
use Category::*;
let array: Vec<(Sysno, Category)> = vec![
(Sysno::read, DiskIO),
(Sysno::write, DiskIO),
(Sysno::pread64, DiskIO),
(Sysno::pwrite64, DiskIO),
(Sysno::readv, DiskIO),
(Sysno::writev, DiskIO),
(Sysno::preadv, DiskIO),
(Sysno::pwritev, DiskIO),
(Sysno::preadv2, DiskIO),
(Sysno::pwritev2, DiskIO),
(Sysno::pipe, Process),
(Sysno::pipe2, Process),
(Sysno::dup, FileOp),
(Sysno::dup2, FileOp),
(Sysno::dup3, FileOp),
(Sysno::access, FileOp),
(Sysno::faccessat, FileOp),
(Sysno::faccessat2, FileOp),
(Sysno::open, FileOp),
(Sysno::openat, FileOp),
(Sysno::openat2, FileOp),
(Sysno::creat, FileOp),
(Sysno::getcwd, FileOp),
(Sysno::chdir, FileOp),
(Sysno::fchdir, FileOp),
(Sysno::rename, FileOp),
(Sysno::renameat, FileOp),
(Sysno::renameat2, FileOp),
(Sysno::mkdir, FileOp),
(Sysno::mkdirat, FileOp),
(Sysno::link, FileOp),
(Sysno::linkat, FileOp),
(Sysno::unlink, FileOp),
(Sysno::unlinkat, FileOp),
(Sysno::rmdir, FileOp),
(Sysno::symlink, FileOp),
(Sysno::symlinkat, FileOp),
(Sysno::readlink, FileOp),
(Sysno::readlinkat, FileOp),
(Sysno::chmod, FileOp),
(Sysno::fchmod, FileOp),
(Sysno::fchmodat, FileOp),
(Sysno::chown, FileOp),
(Sysno::fchown, FileOp),
(Sysno::lchown, FileOp),
(Sysno::fchownat, FileOp),
(Sysno::sync, DiskIO),
(Sysno::syncfs, DiskIO),
(Sysno::fsync, DiskIO),
(Sysno::fdatasync, DiskIO),
(Sysno::truncate, DiskIO),
(Sysno::ftruncate, DiskIO),
(Sysno::close, FileOp),
(Sysno::stat, FileOp),
(Sysno::fstat, FileOp),
(Sysno::lstat, FileOp),
(Sysno::newfstatat, FileOp),
(Sysno::statx, FileOp),
(Sysno::statfs, FileOp),
(Sysno::fstatfs, FileOp),
(Sysno::ustat, Device),
(Sysno::cachestat, Memory),
(Sysno::lseek, DiskIO),
(Sysno::mmap, Memory),
(Sysno::mprotect, Memory),
(Sysno::munmap, Memory),
(Sysno::brk, Memory),
(Sysno::mlock, Memory),
(Sysno::mlock2, Memory),
(Sysno::munlock, Memory),
(Sysno::mlockall, Memory),
(Sysno::munlockall, Memory),
(Sysno::mremap, Memory),
(Sysno::msync, Memory),
(Sysno::mincore, Memory),
(Sysno::madvise, Memory),
(Sysno::select, AsyncIO),
(Sysno::pselect6, AsyncIO),
(Sysno::poll, AsyncIO),
(Sysno::ppoll, AsyncIO),
(Sysno::epoll_create, AsyncIO),
(Sysno::epoll_create1, AsyncIO),
(Sysno::epoll_wait, AsyncIO),
(Sysno::epoll_pwait, AsyncIO),
(Sysno::epoll_pwait2, AsyncIO),
(Sysno::epoll_ctl, AsyncIO),
(Sysno::socket, Network),
(Sysno::bind, Network),
(Sysno::getsockname, Network),
(Sysno::getpeername, Network),
(Sysno::socketpair, Network),
(Sysno::setsockopt, Network),
(Sysno::getsockopt, Network),
(Sysno::listen, Network),
(Sysno::accept, Network),
(Sysno::accept4, Network),
(Sysno::connect, Network),
(Sysno::sendto, Network),
(Sysno::sendmsg, Network),
(Sysno::recvfrom, Network),
(Sysno::recvmsg, Network),
(Sysno::shutdown, Process),
(Sysno::fcntl, FileOp),
(Sysno::ioctl, Device),
(Sysno::arch_prctl, Process),
(Sysno::sched_yield, Process),
(Sysno::rt_sigaction, Signals),
(Sysno::rt_sigprocmask, Signals),
(Sysno::rt_sigsuspend, Signals),
(Sysno::sigaltstack, Signals),
(Sysno::rt_sigreturn, Signals),
(Sysno::rt_sigpending, Signals),
(Sysno::rt_sigtimedwait, Signals),
(Sysno::rt_sigqueueinfo, Signals),
(Sysno::rt_tgsigqueueinfo, Signals),
(Sysno::signalfd, Signals),
(Sysno::signalfd4, Signals),
(Sysno::pidfd_send_signal, Signals),
(Sysno::gettid, Thread),
(Sysno::getpid, Thread),
(Sysno::getppid, Thread),
(Sysno::getrandom, Device),
(Sysno::setrlimit, Process),
(Sysno::getrlimit, Process),
(Sysno::prlimit64, Process),
(Sysno::getrusage, Process),
(Sysno::sysinfo, Process),
(Sysno::times, Process),
(Sysno::sched_setaffinity, CPU),
(Sysno::sched_getaffinity, CPU),
(Sysno::exit, Process),
(Sysno::exit_group, Process),
(Sysno::tgkill, Thread),
(Sysno::tkill, Thread),
(Sysno::rseq, Thread),
(Sysno::uname, System),
(Sysno::getuid, Process),
(Sysno::geteuid, Process),
(Sysno::getgid, Process),
(Sysno::getegid, Process),
(Sysno::setuid, Process),
(Sysno::setgid, Process),
(Sysno::futex, AsyncIO),
(Sysno::set_tid_address, Thread),
(Sysno::eventfd, FileOp),
(Sysno::eventfd2, FileOp),
(Sysno::wait4, Process),
(Sysno::waitid, Process),
(Sysno::set_robust_list, Process),
(Sysno::get_robust_list, Process),
(Sysno::setpgid, Process),
(Sysno::getpgid, Process),
(Sysno::getpgrp, Process),
(Sysno::fork, Process),
(Sysno::vfork, Process),
(Sysno::clone3, Process),
(Sysno::clone, Process),
(Sysno::nanosleep, Process),
(Sysno::execve, Process),
(Sysno::landlock_create_ruleset, Security),
(Sysno::landlock_add_rule, Security),
(Sysno::landlock_restrict_self, Security),
(Sysno::fallocate, DiskIO),
(Sysno::getpriority, Process),
(Sysno::setpriority, Process),
(Sysno::getdents, DiskIO),
(Sysno::getdents64, DiskIO),
];
array.into_iter().collect()
}
179 changes: 92 additions & 87 deletions src/syscall_object.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,10 @@ use crate::{
mlock2, Annotation, Bytes, BytesPagesRelevant, Category, Flag, LandlockCreateFlags,
LandlockRuleTypeFlags, SysArg, SysReturn, Syscall_Shape,
},
utilities::{lose_relativity_on_path, FOLLOW_FORKS, SYSANNOT_MAP, SYSKELETON_MAP, UNSUPPORTED},
utilities::{
lose_relativity_on_path, FOLLOW_FORKS, SYSANNOT_MAP, SYSCALL_CATEGORIES, SYSKELETON_MAP,
UNSUPPORTED,
},
};

use colored::{ColoredString, Colorize};
Expand Down Expand Up @@ -116,94 +119,96 @@ impl SyscallObject {
let sysno = Sysno::from(registers.orig_rax as i32);
let syscall = match SYSKELETON_MAP.get(&sysno) {
Some(&Syscall_Shape {
category,
types,
syscall_return,
}) => match types.len() {
0 => SyscallObject {
sysno,
category: category,
args: vec![],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
1 => SyscallObject {
sysno,
category: category,
args: vec![registers.rdi],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
2 => SyscallObject {
sysno,
category: category,
args: vec![registers.rdi, registers.rsi],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
3 => SyscallObject {
sysno,
category: category,
args: vec![registers.rdi, registers.rsi, registers.rdx],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
4 => SyscallObject {
sysno,
category: category,
args: vec![registers.rdi, registers.rsi, registers.rdx, registers.r10],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
5 => SyscallObject {
sysno,
category: category,
args: vec![
registers.rdi,
registers.rsi,
registers.rdx,
registers.r10,
registers.r8,
],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
_ => SyscallObject {
sysno,
category: category,
args: vec![
registers.rdi,
registers.rsi,
registers.rdx,
registers.r10,
registers.r8,
registers.r9,
],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
},
}) => {
let category = *SYSCALL_CATEGORIES.get(&sysno).unwrap();
return match types.len() {
0 => SyscallObject {
sysno,
category: category,
args: vec![],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
1 => SyscallObject {
sysno,
category: category,
args: vec![registers.rdi],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
2 => SyscallObject {
sysno,
category: category,
args: vec![registers.rdi, registers.rsi],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
3 => SyscallObject {
sysno,
category: category,
args: vec![registers.rdi, registers.rsi, registers.rdx],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
4 => SyscallObject {
sysno,
category: category,
args: vec![registers.rdi, registers.rsi, registers.rdx, registers.r10],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
5 => SyscallObject {
sysno,
category: category,
args: vec![
registers.rdi,
registers.rsi,
registers.rdx,
registers.r10,
registers.r8,
],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
_ => SyscallObject {
sysno,
category: category,
args: vec![
registers.rdi,
registers.rsi,
registers.rdx,
registers.r10,
registers.r8,
registers.r9,
],
skeleton: types.into_iter().cloned().collect(),
result: (None, syscall_return),
process_pid: child,
errno: None,
..Default::default()
},
};
}
None => {
// unsafe {
// if !UNSUPPORTED.contains(&sysno.name()) {
Expand Down
Loading

0 comments on commit 7887348

Please sign in to comment.