From e50281ca1fb8eb360007136535d0ca27479de50f Mon Sep 17 00:00:00 2001 From: Dmitry Isaenko Date: Sun, 22 Sep 2019 19:55:08 +0300 Subject: [PATCH] KAC done; ACID done --- .../NPDM/KernelAccessControlController.java | 175 +++++++++++++ .../Controllers/NPDM/NPDMController.java | 7 +- .../NPDM/ServiceAccessControlController.java | 9 +- .../ACID/KernelAccessControlProvider.java | 167 +++++++++---- .../FXML/NPDM/KernelAccessControlTable.fxml | 232 ++++++++++++++++++ src/main/resources/FXML/NPDM/NPDMTab.fxml | 1 + 6 files changed, 528 insertions(+), 63 deletions(-) create mode 100644 src/main/java/konogonka/Controllers/NPDM/KernelAccessControlController.java create mode 100644 src/main/resources/FXML/NPDM/KernelAccessControlTable.fxml diff --git a/src/main/java/konogonka/Controllers/NPDM/KernelAccessControlController.java b/src/main/java/konogonka/Controllers/NPDM/KernelAccessControlController.java new file mode 100644 index 0000000..58df0a5 --- /dev/null +++ b/src/main/java/konogonka/Controllers/NPDM/KernelAccessControlController.java @@ -0,0 +1,175 @@ +package konogonka.Controllers.NPDM; + +import javafx.fxml.FXML; +import javafx.geometry.Insets; +import javafx.scene.control.Label; +import javafx.scene.control.Separator; +import javafx.scene.layout.HBox; +import javafx.scene.layout.VBox; +import konogonka.Tools.NPDM.ACID.KernelAccessControlProvider; + +import java.util.Map; + +public class KernelAccessControlController { + @FXML + private VBox KACRawPane; + + @FXML Label kFlagsAval, + hiAllCpuId, + loAllCpuId, + hiAllThreadPrio, + loAllThreadPrio; + @FXML + private VBox syscallMaskPane; + + @FXML + private VBox mapIoPane; + + @FXML + private Label mapNormalPageRwLbl; + + @FXML + private Label interruptPairAvalLbl, + irq0Lbl, + irq1Lbl; + + @FXML + private Label appTypeLbl, + kerRelVerLbl, + handleTableSizeLbl; + + @FXML + private Label dbgAvalLbl, + canBeDbgLbl, + canDbgLbl; + + public void resetTab(){ + KACRawPane.getChildren().clear(); + kFlagsAval.setText("?"); + hiAllCpuId.setText("-"); + loAllCpuId.setText("-"); + hiAllThreadPrio.setText("-"); + loAllThreadPrio.setText("-"); + syscallMaskPane.getChildren().clear(); + mapIoPane.getChildren().clear(); + mapIoPane.getChildren().add(new Separator()); + mapNormalPageRwLbl.setText("-"); + interruptPairAvalLbl.setText("?"); + irq0Lbl.setText("-"); + irq1Lbl.setText("-"); + appTypeLbl.setText("-"); + kerRelVerLbl.setText("-"); + handleTableSizeLbl.setText("-"); + dbgAvalLbl.setText("?"); + canBeDbgLbl.setText("-"); + canDbgLbl.setText("-"); + } + + public void populateFields(KernelAccessControlProvider kacProvider){ + resetTab(); + StringBuilder stringBuilder; + for (Integer i: kacProvider.getRawData()){ + Label entry = new Label(String.format("%32s", Integer.toBinaryString(i)).replace(' ', '0')); + entry.setPadding(new Insets(5.0, 5.0, 5.0, 5.0)); + KACRawPane.getChildren().add(entry); + } + if (kacProvider.isKernelFlagsAvailable()){ + kFlagsAval.setText("(available)"); + hiAllCpuId.setText(Integer.toString(kacProvider.getKernelFlagCpuIdHi())); + loAllCpuId.setText(Integer.toString(kacProvider.getKernelFlagCpuIdLo())); + hiAllThreadPrio.setText(Integer.toString(kacProvider.getKernelFlagThreadPrioHi())); + loAllThreadPrio.setText(Integer.toString(kacProvider.getKernelFlagThreadPrioLo())); + } + else + kFlagsAval.setText("(not available)"); + for (Map.Entry entry : kacProvider.getSyscallMasks().entrySet()) { + byte[] maskBarr = (byte[]) entry.getValue(); + stringBuilder = new StringBuilder(); + for (byte b: maskBarr) + stringBuilder.append(b); + stringBuilder.reverse(); // Flip to show as is + Label mask = new Label(stringBuilder.toString()); + Label maskTableIndex = new Label(((Byte) entry.getKey()).toString()); + + mask.setPadding(new Insets(5.0, 5.0, 5.0, 5.0)); + maskTableIndex.setPadding(new Insets(5.0, 15.0, 5.0, 5.0)); + + syscallMaskPane.getChildren().add(new HBox(maskTableIndex, mask)); + } + + for (Map.Entry entry : kacProvider.getMapIoOrNormalRange().entrySet()){ + byte[] altStPgNnumOfPg = (byte[]) entry.getKey(); + stringBuilder = new StringBuilder(); + for (byte b : altStPgNnumOfPg) + stringBuilder.append(b); + stringBuilder.reverse(); + + Label altStPgNnumOfPgLbl = new Label("Alternating start page and number of pages:"); + Label altStPgNnumOfPgVal = new Label(stringBuilder.toString()); + + Label roFlagLbl = new Label("Alternating read-only flag:"); + Label roFlagVal = new Label(((Boolean) entry.getValue()).toString()); + + altStPgNnumOfPgLbl.setPadding(new Insets(5.0, 5.0, 5.0, 5.0)); + altStPgNnumOfPgVal.setPadding(new Insets(5.0, 5.0, 5.0, 5.0)); + roFlagLbl.setPadding(new Insets(5.0, 5.0, 5.0, 5.0)); + roFlagVal.setPadding(new Insets(5.0, 5.0, 5.0, 5.0)); + + mapIoPane.getChildren().add(new HBox(altStPgNnumOfPgLbl, altStPgNnumOfPgVal)); + mapIoPane.getChildren().add(new HBox(roFlagLbl, roFlagVal)); + mapIoPane.getChildren().add(new Separator()); + } + byte[] mapNormalPageRwBarr = kacProvider.getMapNormalPage(); + if (mapNormalPageRwBarr != null){ + stringBuilder = new StringBuilder(); + for (byte b : mapNormalPageRwBarr) + stringBuilder.append(b); + stringBuilder.reverse(); + + mapNormalPageRwLbl.setText(stringBuilder.toString()); + } + if (kacProvider.isInterruptPairAvailable()){ + interruptPairAvalLbl.setText("(available)"); + stringBuilder = new StringBuilder(); + for (byte b : kacProvider.getIrq0()) + stringBuilder.append(b); + stringBuilder.reverse(); + irq0Lbl.setText(stringBuilder.toString()); + + stringBuilder = new StringBuilder(); + for (byte b : kacProvider.getIrq1()) + stringBuilder.append(b); + stringBuilder.reverse(); + irq1Lbl.setText(stringBuilder.toString()); + } + else { + interruptPairAvalLbl.setText("(not available)"); + } + switch (kacProvider.getApplicationType()){ + case 0: + appTypeLbl.setText(kacProvider.getApplicationType()+" (sysmodule)"); + break; + case 1: + appTypeLbl.setText(kacProvider.getApplicationType()+" (application)"); + break; + case 2: + appTypeLbl.setText(kacProvider.getApplicationType()+" (applet)"); + break; + default: + appTypeLbl.setText(kacProvider.getApplicationType()+" (???)"); + } + + if (kacProvider.isKernelRelVersionAvailable()) + kerRelVerLbl.setText(kacProvider.getKernelRelVersionMajor()+"."+kacProvider.getKernelRelVersionMinor()+".0"); + + handleTableSizeLbl.setText(Integer.toString(kacProvider.getHandleTableSize())); // todo: validate if not null + + if (kacProvider.isDebugFlagsAvailable()){ + dbgAvalLbl.setText("(available)"); + canBeDbgLbl.setText(Boolean.toString(kacProvider.isCanBeDebugged())); + canDbgLbl.setText(Boolean.toString(kacProvider.isCanDebugOthers())); + } + else + dbgAvalLbl.setText("(not available)"); + } +} diff --git a/src/main/java/konogonka/Controllers/NPDM/NPDMController.java b/src/main/java/konogonka/Controllers/NPDM/NPDMController.java index bed2646..268914a 100644 --- a/src/main/java/konogonka/Controllers/NPDM/NPDMController.java +++ b/src/main/java/konogonka/Controllers/NPDM/NPDMController.java @@ -81,6 +81,9 @@ public class NPDMController implements ITabController { @FXML private ServiceAccessControlController ServiceAccessControlTableController; + @FXML + private KernelAccessControlController KernelAccessControlTableController; + @Override public void initialize(URL url, ResourceBundle resourceBundle) { } @@ -168,6 +171,8 @@ public class NPDMController implements ITabController { FSAccessControlTableController.resetTab(); ServiceAccessControlTableController.resetTab(); + + KernelAccessControlTableController.resetTab(); } private void setData(NPDMProvider npdmProvider, File file) { if (npdmProvider == null) @@ -230,6 +235,6 @@ public class NPDMController implements ITabController { FSAccessControlTableController.populateFields(acid.getFsAccessControlProvider()); ServiceAccessControlTableController.populateFields(acid.getServiceAccessControlProvider().getCollection()); - + KernelAccessControlTableController.populateFields(acid.getKernelAccessControlProvider()); } } \ No newline at end of file diff --git a/src/main/java/konogonka/Controllers/NPDM/ServiceAccessControlController.java b/src/main/java/konogonka/Controllers/NPDM/ServiceAccessControlController.java index 5a1a77a..108e460 100644 --- a/src/main/java/konogonka/Controllers/NPDM/ServiceAccessControlController.java +++ b/src/main/java/konogonka/Controllers/NPDM/ServiceAccessControlController.java @@ -1,26 +1,19 @@ package konogonka.Controllers.NPDM; import javafx.fxml.FXML; -import javafx.fxml.Initializable; import javafx.geometry.Insets; import javafx.scene.control.Label; import javafx.scene.layout.HBox; import javafx.scene.layout.VBox; -import java.net.URL; import java.util.LinkedHashMap; import java.util.Map; -import java.util.ResourceBundle; -public class ServiceAccessControlController implements Initializable { +public class ServiceAccessControlController { @FXML private VBox SACPane; - @Override - public void initialize(URL url, ResourceBundle resourceBundle) { - - } public void resetTab(){ SACPane.getChildren().clear(); } diff --git a/src/main/java/konogonka/Tools/NPDM/ACID/KernelAccessControlProvider.java b/src/main/java/konogonka/Tools/NPDM/ACID/KernelAccessControlProvider.java index d916208..33e7661 100644 --- a/src/main/java/konogonka/Tools/NPDM/ACID/KernelAccessControlProvider.java +++ b/src/main/java/konogonka/Tools/NPDM/ACID/KernelAccessControlProvider.java @@ -1,14 +1,13 @@ package konogonka.Tools.NPDM.ACID; import konogonka.LoperConverter; -import konogonka.RainbowHexDump; -import java.lang.reflect.Array; -import java.nio.ByteBuffer; -import java.util.Arrays; +import java.util.LinkedHashMap; import java.util.LinkedList; /* +NOTE: This implementation is extremely bad for using application as library. Use raw for own purposes. + NOTE: KAC is set of 4-byes blocks Consider them as uInt32 (Read as Little endian) @@ -57,45 +56,66 @@ for (byte i = 0; i < 16; i++){ public class KernelAccessControlProvider { - private static final int KERNELFLAGS = 3; - private static final int SYSCALLMASK = 4; - private static final int MAPIOORNORMALRANGE = 6; - private static final int MAPNORMALPAGE_RW = 7; - private static final int INTERRUPTPAIR = 11; - private static final int APPLICATIONTYPE = 13; - private static final int KERNELRELEASEVERSION = 14; - private static final int HANDLETABLESIZE = 15; - private static final int DEBUGFLAGS = 16; + private static final int KERNELFLAGS = 3, + SYSCALLMASK = 4, + MAPIOORNORMALRANGE = 6, + MAPNORMALPAGE_RW = 7, + INTERRUPTPAIR = 11, + APPLICATIONTYPE = 13, + KERNELRELEASEVERSION = 14, + HANDLETABLESIZE = 15, + DEBUGFLAGS = 16; + + // RAW data + private LinkedList rawData; // Kernel flags private boolean kernelFlagsAvailable; - private int kernelFlagCpuIdHi; - private int kernelFlagCpuIdLo; - private int kernelFlagThreadPrioHi; - private int kernelFlagThreadPrioLo; - // System Call Mask - private int maskTableIndex; - private int mask; - - // Handle Table Size - private int handleTableSize; + private int kernelFlagCpuIdHi, + kernelFlagCpuIdLo, + kernelFlagThreadPrioHi, + kernelFlagThreadPrioLo; + // Syscall Masks as index | mask - order AS IS. [0] = bit5; [1] = bit6 + private LinkedHashMap syscallMasks; // Index, Mask + // MapIoOrNormalRange + private LinkedHashMap mapIoOrNormalRange; // alt page+num, RO flag + // MapNormalPage (RW) + private byte[] mapNormalPage; // TODO: clarify is possible to have multiple + // InterruptPair + private boolean interruptPairAvailable; + private byte[] irq0, + irq1; // Application type private int applicationType; + // KernelReleaseVersion + private boolean isKernelRelVersionAvailable; + private int kernelRelVersionMajor, + kernelRelVersionMinor; + // Handle Table Size + private int handleTableSize; // Debug flags - private boolean debugFlagsAvailable; - private byte canBeDebugged; - private byte canDebugOthers; + private boolean debugFlagsAvailable, + canBeDebugged, + canDebugOthers; KernelAccessControlProvider(byte[] bytes) throws Exception{ if (bytes.length < 4) throw new Exception("ACID-> KernelAccessControlProvider: too small size of the Kernel Access Control"); + rawData = new LinkedList(); + + syscallMasks = new LinkedHashMap(); + mapIoOrNormalRange = new LinkedHashMap(); + int position = 0; // Collect all blocks for (int i = 0; i < bytes.length / 4; i++) { int block = LoperConverter.getLEint(bytes, position); - byte[] blockBytes = Arrays.copyOfRange(bytes, position, position+4); position += 4; + rawData.add(block); + + //RainbowHexDump.octDumpInt(block); + int type = getMinBitCnt(block); switch (type){ @@ -105,56 +125,75 @@ public class KernelAccessControlProvider { kernelFlagCpuIdLo = block >> 16 & 0b11111111; kernelFlagThreadPrioHi = block >> 10 & 0b111111; kernelFlagThreadPrioLo = block >> 4 & 0b111111; - System.out.println("KERNELFLAGS "+ - kernelFlagCpuIdHi+" "+ - kernelFlagCpuIdLo+" "+ - kernelFlagThreadPrioHi+" "+ - kernelFlagThreadPrioLo+"\n" - ); + //System.out.println("KERNELFLAGS "+kernelFlagCpuIdHi+" "+kernelFlagCpuIdLo+" "+kernelFlagThreadPrioHi+" "+kernelFlagThreadPrioLo); break; case SYSCALLMASK: - /* - System.out.println("SYSCALLMASK\t\t"+block+" "+type); - maskTableIndex = block >> 29; - mask = block >> 5 & 0b11111111111111111111111; - */ + byte maskTableIndex = (byte) (block >> 29 & 0b111); // declared as byte; max value could be 7; min - 0; + byte[] mask = new byte[24]; // Consider as bit. + //System.out.println("SYSCALLMASK ind: "+maskTableIndex); + + for (int k = 28; k >= 5; k--) { + mask[k-5] = (byte) (block >> k & 1); // Only 1 or 0 possible + //System.out.print(mask[k-5]); + } + //System.out.println(); + syscallMasks.put(maskTableIndex, mask); break; case MAPIOORNORMALRANGE: - //System.out.println("MAPIOORNORMALRANGE\t\t"+block+" "+type); - + byte[] altStPgNPgNum = new byte[24]; + //System.out.println("MAPIOORNORMALRANGE Flag: "+((block >> 31 & 1) != 0)); + + for (int k = 30; k >= 7; k--){ + altStPgNPgNum[k-7] = (byte) (block >> k & 1); // Only 1 or 0 possible + //System.out.print(altStPgNPgNum[k-7]); + } + mapIoOrNormalRange.put(altStPgNPgNum, (block >> 31 & 1) != 0); + //System.out.println(); break; case MAPNORMALPAGE_RW: - //System.out.println("MAPNORMALPAGE_RW\t\t"+block+" "+type); - + //System.out.println("MAPNORMALPAGE_RW\t"); + mapNormalPage = new byte[24]; + for (int k = 31; k >= 8; k--){ + mapNormalPage[k-8] = (byte) (block >> k & 1); + //System.out.print(mapNormalPage[k-8]); + } + //System.out.println(); break; case INTERRUPTPAIR: - //System.out.println("INTERRUPTPAIR\t\t"+block+" "+type); - + System.out.println("INTERRUPTPAIR found (must (?) appear once, please report if it's not)"); + interruptPairAvailable = true; + irq0 = new byte[10]; + irq1 = new byte[10]; + for (int k = 21; k >= 12; k--) + irq0[k-12] = (byte) (block >> k & 1); + for (int k = 31; k >= 22; k--) + irq1[k-22] = (byte) (block >> k & 1); break; case APPLICATIONTYPE: applicationType = block >> 14 & 0b111; - System.out.println("APPLICATIONTYPE "+applicationType); + //System.out.println("APPLICATIONTYPE "+applicationType); break; case KERNELRELEASEVERSION: - //System.out.println("KERNELRELEASEVERSION\t"+block+" "+type); - + //System.out.println("KERNELRELEASEVERSION\t"+(block >> 19 & 0b111111111111)+"."+(block >> 15 & 0b1111)+".X"); + isKernelRelVersionAvailable = true; + kernelRelVersionMajor = (block >> 19 & 0b111111111111); + kernelRelVersionMinor = (block >> 15 & 0b1111); break; case HANDLETABLESIZE: handleTableSize = block >> 16 & 0b1111111111; - System.out.println("HANDLETABLESIZE "+handleTableSize); + //System.out.println("HANDLETABLESIZE "+handleTableSize); break; case DEBUGFLAGS: debugFlagsAvailable = true; - canBeDebugged = blockBytes[17]; - canDebugOthers = blockBytes[18]; - System.out.println("DEBUGFLAGS "+canBeDebugged+" "+canDebugOthers); + canBeDebugged = (block >> 17 & 1) != 0; + canDebugOthers = (block >> 18 & 1) != 0; + //System.out.println("DEBUGFLAGS "+canBeDebugged+" "+canDebugOthers); break; default: - //System.out.println("UNKNOWN\t\t"+block+" "+type); + System.out.println("UNKNOWN\t\t"+block+" "+type); } } - System.out.println(); - + //System.out.println(); } private int getMinBitCnt(int value){ @@ -165,4 +204,24 @@ public class KernelAccessControlProvider { } return minBitCnt; } + public LinkedList getRawData() { return rawData; } + public boolean isKernelFlagsAvailable() { return kernelFlagsAvailable; } + public int getKernelFlagCpuIdHi() { return kernelFlagCpuIdHi; } + public int getKernelFlagCpuIdLo() { return kernelFlagCpuIdLo; } + public int getKernelFlagThreadPrioHi() { return kernelFlagThreadPrioHi; } + public int getKernelFlagThreadPrioLo() { return kernelFlagThreadPrioLo; } + public LinkedHashMap getMapIoOrNormalRange() { return mapIoOrNormalRange; } + public byte[] getMapNormalPage() { return mapNormalPage; } + public boolean isInterruptPairAvailable() { return interruptPairAvailable; } + public byte[] getIrq0() { return irq0; } + public byte[] getIrq1() { return irq1; } + public int getApplicationType() { return applicationType; } + public boolean isKernelRelVersionAvailable() { return isKernelRelVersionAvailable; } + public int getKernelRelVersionMajor() { return kernelRelVersionMajor; } + public int getKernelRelVersionMinor() { return kernelRelVersionMinor;} + public int getHandleTableSize() { return handleTableSize; } + public boolean isDebugFlagsAvailable() { return debugFlagsAvailable; } + public boolean isCanBeDebugged() { return canBeDebugged; } + public boolean isCanDebugOthers() { return canDebugOthers; } + public LinkedHashMap getSyscallMasks() { return syscallMasks; } } diff --git a/src/main/resources/FXML/NPDM/KernelAccessControlTable.fxml b/src/main/resources/FXML/NPDM/KernelAccessControlTable.fxml new file mode 100644 index 0000000..5240e4a --- /dev/null +++ b/src/main/resources/FXML/NPDM/KernelAccessControlTable.fxml @@ -0,0 +1,232 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/main/resources/FXML/NPDM/NPDMTab.fxml b/src/main/resources/FXML/NPDM/NPDMTab.fxml index 228bc95..b81656c 100644 --- a/src/main/resources/FXML/NPDM/NPDMTab.fxml +++ b/src/main/resources/FXML/NPDM/NPDMTab.fxml @@ -1175,6 +1175,7 @@