Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

S2E kprobe support + alternative image generation #510

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

S2E kprobe support + alternative image generation #510

wants to merge 1 commit into from

Conversation

m4mbr3
Copy link

@m4mbr3 m4mbr3 commented Dec 5, 2024

This commit adds to s2e new_project the option --debootstrap flag.

The main job of this flag is to default to the generic debootstrap image description in images.json database independently from the name of the image passed through -i option. For debootstrap-based images, the folder name is set by the script as ${distro_name}-${kernel_version} to being able to express all possible combinations distro/kernel which was not a supported possibility by s2e new_project. Another change integrated by --debootstrap is to generate a different boostrap.sh script to insert the kprobe based kernel module to add s2e support to the untouched kernel. The s2e-kprobe kernel module sits in
/root/s2e-kprobe/s2e-uname -r/s2e-kprobe.ko. If changes to the kernel module are necessary (e.g., to add some s2e callbacks at the beginning of the analysis to share some kernel info), it is possible to override the current installed module through s2ecmd get without rebuilding the image.

@m4mbr3
Added debootstrap-based image support
908abb3 
This commit adds to s2e new_project the option --debootstrap flag.

The main job of this flag is to default to the generic debootstrap image
description in images.json database independently from the name of the
image passed through -i option. For debootstrap-based images, the folder
name is set by the script as ${distro_name}-${kernel_version} to being
able to express all possible combinations distro/kernel which was not a
supported possibility by s2e new_project. Another change integrated by
--debootstrap is to generate a different boostrap.sh script to insert
the kprobe based kernel module to add s2e support to the untouched
kernel. The s2e-kprobe kernel module sits in
/root/s2e-kprobe/s2e-`uname -r`/s2e-kprobe.ko. If changes to the kernel
module are necessary (e.g., to add some s2e callbacks at the beginning
of the analysis to share some kernel info), it is possible to override
the current installed module through s2ecmd get without rebuilding the
image.
vitalych
vitalych reviewed Dec 31, 2024
View reviewed changes
s2e_env/templates/bootstrap.linux.sh
@@ -30,7 +30,11 @@ function execute_target {
# Nothing more to initialize on Linux
function target_init {
# Start the LinuxMonitor kernel module
{% if debootstrap == true %}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think bootstrap.sh could auto-detect the type of Linux distro it's running on. If the kprobe module exists, use it instead of s2e. That would avoid having to pass the debootstrap around.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vitalych vitalych vitalych left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@m4mbr3 @vitalych