S2E kprobe support + alternative image generation #50
Conversation
…nel so far. make-s2e-images.sh uses these as default based on the requested kernel.
This kernel module replaces the inlined changes done in s2e-linux-kernel It supports any version of the kernel without requiring changes. It is ideal in case the same analysis needs to be run on several kernels.
This script allows for a bit more flexibility than regular image generation. It allows to specify which distro version and which kernel and combines them in a new image. It is based on a s2e kprobe kernel module so any vanilla kernel can be easily run in the image. Once the image is generated, it is possible to re-use cached files and only update some elements (e.g., the kernel) in case the image is under active development. This offer quite a decent speedup. The script is written to respect most of the operations and directories used by the default image build, however the naming convention has been changed to support all combinations between distro/kernel pair without name clashing
| const char *fmt = (const char *)regs->di; | ||
| static char buf[1024]; | ||
| va_list args; | ||
| //va_start(args, fmt); |
There was a problem hiding this comment.
Can you please clean up the code, e.g., remove commented-out code, run clang-format, etc.
|
|
||
| #define S2E_DECREEMON_COMMAND_VERSION 0x202301082207ULL // date +%Y%m%d%H%M | ||
|
|
||
| enum S2E_DECREEMON_COMMANDS { |
There was a problem hiding this comment.
It would make sense to move s2e-kprobe to https://github.com/S2E/s2e/tree/master/guest.
This way, you should be able to re-use existing header files from here: https://github.com/S2E/s2e/tree/master/guest/common/include/s2e/monitors/commands
There was a problem hiding this comment.
By the way, I removed DecreeMonitor support rom the kernel. You don't need to use any of its types / functions.
|
|
||
|
|
||
| /* panic */ | ||
| //TODO panic needs some fixing |
There was a problem hiding this comment.
It would help explain what needs fixing.
| } | ||
|
|
||
| log Preparing kernel version; { | ||
| # Initialize vaiours directories |
| # DEBUG mode | ||
| #set -x | ||
|
|
||
| [ "$(id -u)" = 0 ] || die $0 needs to be run as root |
There was a problem hiding this comment.
Does this run inside a VM? Or at least inside an unprivileged docker container? I wouldn't want to run any scripts as root on the host for security reasons. Also not all S2E users may have root access.
Could we use virsh?
| } | ||
| } | ||
|
|
||
| main() { |
There was a problem hiding this comment.
What parameters does this script take? Some comment explaining how it's invoked would help.
There was a problem hiding this comment.
Ah I see them above. It would be good to add some default invocation example to build a complete image.
There was a problem hiding this comment.
It would be good to integrate it into s2e image_build, perhaps separately from the existing Makefile-based system. The feature should be well visible to users.
| ARCH="amd64" | ||
| REPO="http://de.archive.ubuntu.com/ubuntu" | ||
| CORES=`nproc --all` | ||
| SWAPFS_SIZE="4G" |
There was a problem hiding this comment.
Guest images must not use any swap because that would cause unwanted concretizations.
| REPO="http://de.archive.ubuntu.com/ubuntu" | ||
| CORES=`nproc --all` | ||
| SWAPFS_SIZE="4G" | ||
| QCOW_SIZE="30" |
There was a problem hiding this comment.
S2E does not support QCOW images, not sure how this works.
|
S2E has a testsuite here: https://github.com/S2E/s2e/tree/master/testsuite |
| @@ -0,0 +1,586 @@ | |||
| #!/bin/bash | |||
There was a problem hiding this comment.
How is s2e-build-image.sh called?
| @@ -85,6 +85,27 @@ | |||
| } | |||
| }, | |||
|
|
|||
| "debootstrap" : { | |||
| "name" : "Debootstrap entry (to be used scripts/make-s2e-image.sh only)", | |||
There was a problem hiding this comment.
I wonder what would happen if you run s2e image_build debootstrap.
Given that it's very different from the existing build infrastructure, I'd probably add separate support for it instead of adding an artificial entry in image.json.
|
Please add a tutorial here: https://github.com/S2E/s2e/blob/master/docs/src/ImageInstallation.rst |
|
Are there any dependencies needed? You may also want to check that building works in fresh environments. There are vagrant files for that: |
These changes include the s2e kernel code wrapped in a kprobe-based kernel module and a new way of generating images based on debootstrap.
The kernel module is compiled against any vanilla kernel, either cloned by github or provided by the user, and it is placed under /root folder in the image. When a new project is generated against one of the debootstrap images, s2e new_project needs to be called with the --debootstrap option (proposed in PR in s2e-env project) to generate the correct bootstrap.sh that contains the correct loading of the module. The script can be simply called as
sudo --preserve-env=S2EDIR bash s2e-build-image.shThe default values match the one available in the default image build for ubuntu.
The only difference compared to the traditional method is the naming convention used for the images which now express the OSname-kernelversion.