linux,decree: fixed thread detection

- Each command now takes a task struct to get the pid/tid of the caller
- Thread switching detection
- Thread/process termination detection

Author: vitalych

decree-cgc-cfe/arch/x86/kernel/process_32.c

@@ -56,6 +56,8 @@
 #include <asm/debugreg.h>
 #include <asm/switch_to.h>
 
+#include <s2e/decree/decree_monitor.h>
+
 asmlinkage void ret_from_fork(void) __asm__("ret_from_fork");
 asmlinkage void ret_from_kernel_thread(void) __asm__("ret_from_kernel_thread");
 
@@ -325,6 +327,8 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
 
 	this_cpu_write(current_task, next_p);
 
+	s2e_decree_task_switch(prev_p, next_p);
+
 	return prev_p;
 }
 

decree-cgc-cfe/arch/x86/kernel/process_64.c

@@ -50,6 +50,8 @@
 #include <asm/debugreg.h>
 #include <asm/switch_to.h>
 
+#include <s2e/decree/decree_monitor.h>
+
 asmlinkage extern void ret_from_fork(void);
 
 asmlinkage DEFINE_PER_CPU(unsigned long, old_rsp);
@@ -427,6 +429,8 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
 		     task_thread_info(prev_p)->flags & _TIF_WORK_CTXSW_PREV))
 		__switch_to_xtra(prev_p, next_p, tss);
 
+	s2e_decree_task_switch(prev_p, next_p);
+
 	return prev_p;
 }
 

decree-cgc-cfe/arch/x86/mm/fault.c

@@ -177,7 +177,7 @@ force_sig_info_fault(int si_signo, int si_code, unsigned long address,
 
 	if (s2e_decree_monitor_enabled) {
 		s2e_printf("SEGFAULT at 0x%lx\n", task_pt_regs(tsk)->ip);
-		s2e_decree_segfault(current->pid, current->comm, task_pt_regs(tsk)->ip, address, fault);
+		s2e_decree_segfault(current, current->comm, task_pt_regs(tsk)->ip, address, fault);
 	}
 
 	info.si_signo	= si_signo;

decree-cgc-cfe/fs/binfmt_cgc.c

@@ -241,7 +241,7 @@ static int load_cgcos_binary(struct linux_binprm *bprm)
 	struct cgc_params pars;
 
 	if (s2e_decree_monitor_enabled) {
-		s2e_decree_process_load(current->pid, bprm->interp);
+		s2e_decree_process_load(current, bprm->interp);
 	}
 
 	memset(&pars, 0, sizeof(pars));
@@ -561,9 +561,9 @@ static int load_cgcos_binary(struct linux_binprm *bprm)
 	ret = 0;
 out:
 	if (ret == 0 && s2e_decree_monitor_enabled) {
-		s2e_decree_module_load(bprm->interp, current->pid, hdr.c_entry,
+		s2e_decree_module_load(current, bprm->interp, hdr.c_entry,
 				       elf_phdr, elf_phdr_size);
-		s2e_decree_update_memory_map(current->pid, current->comm,
+		s2e_decree_update_memory_map(current, current->comm,
 					     current->mm);
 	}
 	if (phdrs)
@@ -594,7 +594,7 @@ static void s2e_decree_set_args(int *skip_rng)
 	params.cgc_seed_ptr = (uintptr_t)current->cgc_seed;
 	params.cgc_seed_len = current->cgc_seed_len;
 
-	s2e_decree_do_set_args(current->pid, current->comm, &params);
+	s2e_decree_do_set_args(current, current->comm, &params);
 
 	/* Write back new param values */
 	current->cgc_max_transmit = params.cgc_max_transmit;
@@ -1705,13 +1705,13 @@ long s2e_copy_to_user(void __user *to, const void *from, long n)
 {
 	long ret;
 	if (s2e_decree_monitor_enabled) {
-		s2e_decree_copy_to_user(current->pid, current->comm, to, from,
-					n, 0, 0);
+		s2e_decree_copy_to_user(current, current->comm, to, from, n, 0,
+					0);
 	}
 	ret = copy_to_user(to, from, n);
 	if (s2e_decree_monitor_enabled) {
-		s2e_decree_copy_to_user(current->pid, current->comm, to, from,
-					n, 1, ret);
+		s2e_decree_copy_to_user(current, current->comm, to, from, n, 1,
+					ret);
 	}
 	return ret;
 }
@@ -1746,13 +1746,13 @@ static int asmlinkage cgcos_fdwait(int nfds, fd_set __user *readfds,
 	if (s2e_decree_monitor_enabled) {
 		invoke_orig = 1;
 		if (timeout != NULL) {
-			res = s2e_decree_waitfds(current->pid, current->comm,
-						 nfds, true, to->tv_sec,
-						 to->tv_nsec, &invoke_orig);
+			res = s2e_decree_waitfds(current, current->comm, nfds,
+						 true, to->tv_sec, to->tv_nsec,
+						 &invoke_orig);
 		} else {
-			res = s2e_decree_waitfds(current->pid, current->comm,
-						 nfds, false, to->tv_sec,
-						 to->tv_nsec, &invoke_orig);
+			res = s2e_decree_waitfds(current, current->comm, nfds,
+						 false, to->tv_sec, to->tv_nsec,
+						 &invoke_orig);
 		}
 		if (invoke_orig) {
 			res = core_sys_select(nfds, readfds, writefds, NULL,
@@ -1786,8 +1786,8 @@ static int asmlinkage cgcos_allocate(unsigned long len, unsigned long exec,
 		return (-EFAULT);
 
 	if (s2e_decree_monitor_enabled) {
-		s2e_decree_handle_symbolic_allocate_size(current->pid,
-							 current->comm, &len);
+		s2e_decree_handle_symbolic_allocate_size(current, current->comm,
+							 &len);
 	}
 
 	res = vm_mmap(NULL, 0, len, prot, MAP_ANON | MAP_PRIVATE, 0);
@@ -1798,7 +1798,7 @@ static int asmlinkage cgcos_allocate(unsigned long len, unsigned long exec,
 		return (-EFAULT);
 	}
 	if (s2e_decree_monitor_enabled) {
-		s2e_decree_update_memory_map(current->pid, current->comm,
+		s2e_decree_update_memory_map(current, current->comm,
 					     current->mm);
 	}
 	return (0);
@@ -1817,8 +1817,8 @@ int asmlinkage cgcos_random(char __user *buf, size_t count,
 		return (-EFAULT);
 
 	if (s2e_decree_monitor_enabled) {
-		s2e_decree_handle_symbolic_random_buffer(
-			current->pid, current->comm, (void **)&buf, &count);
+		s2e_decree_handle_symbolic_random_buffer(current, current->comm,
+							 (void **)&buf, &count);
 	}
 
 	for (i = 0; i < count; i += sizeof(randval)) {
@@ -1839,7 +1839,7 @@ int asmlinkage cgcos_random(char __user *buf, size_t count,
 	if (s2e_decree_monitor_enabled) {
 		// either replace everything with symbolic data, or make values
 		// concolic
-		s2e_decree_random(current->pid, current->comm, buf, count);
+		s2e_decree_random(current, current->comm, buf, count);
 	}
 
 	if (rnd_out != NULL &&
@@ -1855,8 +1855,8 @@ static int asmlinkage cgcos_deallocate(unsigned long ptr, size_t len)
 	    ptr >= (CGC_MAGIC_PAGE + PAGE_SIZE)) {
 		int res = vm_munmap(ptr, len);
 		if (res == 0 && s2e_decree_monitor_enabled) {
-			s2e_decree_update_memory_map(
-				current->pid, current->comm, current->mm);
+			s2e_decree_update_memory_map(current, current->comm,
+						     current->mm);
 		}
 		return res;
 	}
@@ -1880,7 +1880,7 @@ int asmlinkage cgcos_transmit(int fd, char __user *buf, size_t count,
 
 	if (s2e_decree_monitor_enabled) {
 		s2e_decree_handle_symbolic_transmit_buffer(
-			current->pid, current->comm, (void **)&buf, &count);
+			current, current->comm, (void **)&buf, &count);
 	}
 
 	if (count != 0) {
@@ -1891,8 +1891,8 @@ int asmlinkage cgcos_transmit(int fd, char __user *buf, size_t count,
 
 		if (s2e_decree_monitor_enabled) {
 			// res becomes symbolic if count_orig was symbolic
-			s2e_decree_write_data(current->pid, current->comm, fd,
-					      buf, &res, &count_orig);
+			s2e_decree_write_data(current, current->comm, fd, buf,
+					      &res, &count_orig);
 		}
 	}
 
@@ -1917,7 +1917,7 @@ int asmlinkage cgcos_receive(int fd, char __user *buf, size_t count,
 		count = current->cgc_max_receive;
 
 	if (s2e_decree_monitor_enabled) {
-		invoke_orig = s2e_get_cfg_bool(current->pid, current->comm,
+		invoke_orig = s2e_get_cfg_bool(current, current->comm,
 					       "invokeOriginalSyscalls");
 	}
 
@@ -1929,16 +1929,15 @@ int asmlinkage cgcos_receive(int fd, char __user *buf, size_t count,
 			}
 
 			if (s2e_decree_monitor_enabled) {
-				s2e_decree_read_data_post(current->pid,
-							  current->comm, fd,
-							  buf, res);
+				s2e_decree_read_data_post(
+					current, current->comm, fd, buf, res);
 			}
 		}
 	} else {
 		size_t count_orig = count; // remember original symbolic size
 
 		s2e_decree_handle_symbolic_receive_buffer(
-			current->pid, current->comm, (void **)&buf, &count);
+			current, current->comm, (void **)&buf, &count);
 
 		if (count != 0) {
 			void *kbuf;
@@ -1951,8 +1950,8 @@ int asmlinkage cgcos_receive(int fd, char __user *buf, size_t count,
 			}
 
 			// res becomes symbolic if count_orig was symbolic
-			s2e_decree_read_data(current->pid, current->comm, fd,
-					     kbuf, count, &count_orig, &res);
+			s2e_decree_read_data(current, current->comm, fd, kbuf,
+					     count, &count_orig, &res);
 
 			if (s2e_copy_to_user(buf, kbuf, count)) {
 				kfree(kbuf);

decree-cgc-cfe/kernel/panic.c

@@ -105,7 +105,7 @@ void panic(const char *fmt, ...)
 	va_end(args);
 
 	if (s2e_decree_monitor_enabled) {
-		s2e_decree_kernel_panic(buf, sizeof(buf));
+		s2e_decree_kernel_panic(current, buf, sizeof(buf));
 	}
 
 

decree-cgc-cfe/kernel/s2e/s2e.c

@@ -30,16 +30,14 @@
 
 static int __init s2e_init(void)
 {
-	size_t task_struct_pid_offset = offsetof(struct task_struct, pid);
-
 	/* Check if the DecreeMonitor plugin is enabled */
 	if (boot_cpu_has(X86_FEATURE_S2E) && s2e_plugin_loaded("DecreeMonitor")) {
 		s2e_decree_monitor_enabled = 1;
 	}
 
 	/* Send addresses and offsets to the DecreeMonitor plugin */
 	if (s2e_decree_monitor_enabled) {
-		s2e_decree_init(PAGE_OFFSET, __START_KERNEL, task_struct_pid_offset);
+		s2e_decree_init(current, PAGE_OFFSET, __START_KERNEL);
 	}
 
 	return 0;

decree-cgc-cfe/kernel/sched/core.c

@@ -2158,6 +2158,7 @@ context_switch(struct rq *rq, struct task_struct *prev,
 	switch_to(prev, next, prev);
 
 	barrier();
+
 	/*
 	 * this_rq must be evaluated again because prev may have moved
 	 * CPUs since it called schedule(), thus the 'rq' on its stack

decree-cgc-cfe/mm/memory.c

@@ -3823,7 +3823,7 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma,
 	}
 
 	if (s2e_decree_monitor_enabled && current->personality == PER_CGCOS) {
-		s2e_decree_update_memory_map(current->pid, current->comm, current->mm);
+		s2e_decree_update_memory_map(current, current->comm, current->mm);
 	}
 
 	return ret;

include/s2e/decree/commands.h

@@ -5,25 +5,21 @@
 ///
 /// Permission is hereby granted, free of charge, to any person obtaining a copy
 /// of this software and associated documentation files (the "Software"), to
-/// deal
-/// in the Software without restriction, including without limitation the rights
+/// deal in the Software without restriction, including without limitation the rights
 /// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 /// copies of the Software, and to permit persons to whom the Software is
 /// furnished to do so, subject to the following conditions:
 ///
 /// The above copyright notice and this permission notice shall be included in
-/// all
-/// copies or substantial portions of the Software.
+/// all copies or substantial portions of the Software.
 ///
 /// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 /// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 /// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 /// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 /// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-/// FROM,
-/// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-/// THE
-/// SOFTWARE.
+/// FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+/// THE SOFTWARE.
 
 #ifndef S2E_DECREE_COMMANDS_H
 #define S2E_DECREE_COMMANDS_H
@@ -40,7 +36,7 @@
 extern "C" {
 #endif
 
-#define S2E_DECREEMON_COMMAND_VERSION 0x201903202239ULL // date +%Y%m%d%H%M
+#define S2E_DECREEMON_COMMAND_VERSION 0x202301082207ULL // date +%Y%m%d%H%M
 
 enum S2E_DECREEMON_COMMANDS {
 	DECREE_SEGFAULT,
@@ -62,7 +58,8 @@ enum S2E_DECREEMON_COMMANDS {
 	DECREE_SET_CB_PARAMS,
 	DECREE_INIT,
 	DECREE_KERNEL_PANIC,
-	DECREE_MODULE_LOAD
+	DECREE_MODULE_LOAD,
+	DECREE_TASK_SWITCH
 };
 
 struct S2E_DECREEMON_COMMAND_READ_DATA {
@@ -179,7 +176,6 @@ struct S2E_DECREEMON_VMA {
 struct S2E_DECREEMON_COMMAND_INIT {
 	uint64_t page_offset;
 	uint64_t start_kernel;
-	uint64_t task_struct_pid_offset;
 } __attribute__((packed));
 
 struct S2E_DECREEMON_COMMAND_KERNEL_PANIC {
@@ -190,7 +186,7 @@ struct S2E_DECREEMON_COMMAND_KERNEL_PANIC {
 struct S2E_DECREEMON_COMMAND {
 	uint64_t version;
 	enum S2E_DECREEMON_COMMANDS Command;
-	uint64_t currentPid;
+	struct S2E_LINUXMON_TASK CurrentTask;
 	union {
 		struct S2E_LINUXMON_COMMAND_PROCESS_LOAD ProcessLoad;
 		struct S2E_LINUXMON_COMMAND_MODULE_LOAD ModuleLoad;
@@ -208,6 +204,7 @@ struct S2E_DECREEMON_COMMAND {
 		struct S2E_DECREEMON_COMMAND_SET_CB_PARAMS CbParams;
 		struct S2E_DECREEMON_COMMAND_INIT Init;
 		struct S2E_DECREEMON_COMMAND_KERNEL_PANIC Panic;
+		struct S2E_LINUXMON_COMMAND_TASK_SWITCH TaskSwitch;
 	};
 	char currentName[32]; // not NULL terminated
 } __attribute__((packed));