From 4984a07d4b2851892cfb2dd6f6682fc7519522f8 Mon Sep 17 00:00:00 2001 From: ko1N Date: Mon, 2 Nov 2020 20:49:46 +0100 Subject: [PATCH 1/5] Added log panic handler --- memflow-daemon/Cargo.toml | 1 + memflow-daemon/src/main.rs | 2 ++ 2 files changed, 3 insertions(+) diff --git a/memflow-daemon/Cargo.toml b/memflow-daemon/Cargo.toml index a158581..965166d 100644 --- a/memflow-daemon/Cargo.toml +++ b/memflow-daemon/Cargo.toml @@ -21,6 +21,7 @@ url = "2.1" lazy_static = "1.4" uuid = { version = "0.8", features = ["v4"] } minidump-writer = { git = "https://github.com/h33p/minidump-writer" } +log-panics = "2.0.0" # tokio tokio = { version = "0.3", features = ["full"] } diff --git a/memflow-daemon/src/main.rs b/memflow-daemon/src/main.rs index 6e7b3ff..761c444 100644 --- a/memflow-daemon/src/main.rs +++ b/memflow-daemon/src/main.rs @@ -266,6 +266,8 @@ async fn main() -> Result<()> { let _ = CombinedLogger::init(loggers); + log_panics::init(); + // instantiate pid file let _pid_file = PidFile::new( &config From 159d3d9b2bbe18ecfca5cf4d3f4c987fb6060fc6 Mon Sep 17 00:00:00 2001 From: ko1N Date: Tue, 3 Nov 2020 21:36:50 +0100 Subject: [PATCH 2/5] Replaced serde_derive by derive feature --- memflow-cli/Cargo.toml | 3 +-- memflow-daemon-connector/Cargo.toml | 3 +-- memflow-daemon/Cargo.toml | 3 +-- memflow-daemon/src/dto/request.rs | 2 +- memflow-daemon/src/dto/response.rs | 2 +- memflow-daemon/src/main.rs | 2 +- 6 files changed, 6 insertions(+), 9 deletions(-) diff --git a/memflow-cli/Cargo.toml b/memflow-cli/Cargo.toml index 53b7ddd..1fc69d5 100644 --- a/memflow-cli/Cargo.toml +++ b/memflow-cli/Cargo.toml @@ -25,8 +25,7 @@ tokio-util = { version = "0.4", features = ["full"] } tokio-serde = "0.6" bytes = "0.5" futures = "0.3.0" -serde = "1.0" -serde_derive = "1.0" +serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" time = "0.1" diff --git a/memflow-daemon-connector/Cargo.toml b/memflow-daemon-connector/Cargo.toml index c3ae953..13d3684 100644 --- a/memflow-daemon-connector/Cargo.toml +++ b/memflow-daemon-connector/Cargo.toml @@ -27,8 +27,7 @@ tokio-util = { version = "0.4", features = ["full"] } tokio-serde = "0.6" bytes = "0.5" futures = "0.3.0" -serde = "1.0" -serde_derive = "1.0" +serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" time = "0.1" diff --git a/memflow-daemon/Cargo.toml b/memflow-daemon/Cargo.toml index a158581..9f315be 100644 --- a/memflow-daemon/Cargo.toml +++ b/memflow-daemon/Cargo.toml @@ -27,8 +27,7 @@ tokio = { version = "0.3", features = ["full"] } tokio-util = { version = "0.4", features = ["full"] } tokio-serde = { version = "0.6", features = ["json"] } futures = "0.3.0" -serde = "1.0" -serde_derive = "1.0" +serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" serde_bytes = "0.11" time = "0.1" diff --git a/memflow-daemon/src/dto/request.rs b/memflow-daemon/src/dto/request.rs index 6856566..714f45e 100644 --- a/memflow-daemon/src/dto/request.rs +++ b/memflow-daemon/src/dto/request.rs @@ -1,4 +1,4 @@ -use serde_derive::*; +use serde::*; use memflow::PhysicalAddress; diff --git a/memflow-daemon/src/dto/response.rs b/memflow-daemon/src/dto/response.rs index d55e20c..6d4358b 100644 --- a/memflow-daemon/src/dto/response.rs +++ b/memflow-daemon/src/dto/response.rs @@ -1,4 +1,4 @@ -use serde_derive::*; +use serde::*; #[derive(Serialize, Deserialize, Debug)] pub enum Message { diff --git a/memflow-daemon/src/main.rs b/memflow-daemon/src/main.rs index 8989cf0..40f5fef 100644 --- a/memflow-daemon/src/main.rs +++ b/memflow-daemon/src/main.rs @@ -26,7 +26,7 @@ use tokio::net::{TcpListener, UnixListener}; use tokio_serde::formats::*; use tokio_util::codec::{FramedRead, FramedWrite, LengthDelimitedCodec}; -use serde_derive::Deserialize; +use serde::Deserialize; /// Spawns a TCP server and listens for incoming connections. /// The TCP server accept framed json messages and dispatches them to the individual command handlers. From 2aaf7738d16e5aa5acd7ccf8ee247f3bfb36fced Mon Sep 17 00:00:00 2001 From: ko1N Date: Tue, 3 Nov 2020 21:48:14 +0100 Subject: [PATCH 3/5] Fixed daemon connector clone resulting in panic --- memflow-daemon-connector/src/lib.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/memflow-daemon-connector/src/lib.rs b/memflow-daemon-connector/src/lib.rs index aac605d..afa1db3 100644 --- a/memflow-daemon-connector/src/lib.rs +++ b/memflow-daemon-connector/src/lib.rs @@ -111,7 +111,7 @@ async fn connect_tcp(addr: &str) -> Result { } async fn connect_uds(addr: &str) -> Result { - println!("trying to open connection to {}", addr); + info!("trying to open connection to {}", addr); let socket = UnixStream::connect(addr) .await .map_err(|_| Error::Other("unable to connect to udp socket"))?; @@ -168,7 +168,7 @@ impl DaemonConnector { .map_err(|_| Error::Other("unable to get phys_mem metadata from daemon"))?; Ok(Self { - addr: String::new(), + addr: addr.to_owned(), conn_id: conn_id.to_string(), runtime: rt, @@ -179,6 +179,7 @@ impl DaemonConnector { } } +// TODO: bugged impl Clone for DaemonConnector { fn clone(&self) -> Self { DaemonConnector::new(&self.addr, &self.conn_id).unwrap() From d2d0aed81c3c98497d2fdc16f6e25a4f32ee5823 Mon Sep 17 00:00:00 2001 From: ko1N Date: Wed, 25 Nov 2020 00:58:30 +0100 Subject: [PATCH 4/5] Ported to memflow next branch --- memflow-daemon-connector/Cargo.toml | 7 +++---- memflow-daemon-connector/examples/read_phys.rs | 2 +- memflow-daemon-connector/src/lib.rs | 15 ++++++++++----- memflow-daemon/Cargo.toml | 4 ++-- memflow-daemon/src/commands/connection.rs | 7 ++++--- memflow-daemon/src/commands/fuse/filesystem.rs | 4 ++-- .../src/commands/fuse/filesystem/scopes.rs | 2 +- .../commands/fuse/filesystem/scopes/connection.rs | 2 +- .../src/commands/fuse/filesystem/scopes/module.rs | 4 ++-- .../commands/fuse/filesystem/scopes/process.rs | 2 +- memflow-daemon/src/commands/gdb.rs | 2 +- memflow-daemon/src/commands/gdb/stub.rs | 2 +- memflow-daemon/src/commands/phys_mem.rs | 2 +- memflow-daemon/src/dispatch.rs | 2 +- memflow-daemon/src/dto/request.rs | 2 +- memflow-daemon/src/dto/response.rs | 2 +- memflow-daemon/src/state.rs | 8 ++++---- 17 files changed, 37 insertions(+), 32 deletions(-) diff --git a/memflow-daemon-connector/Cargo.toml b/memflow-daemon-connector/Cargo.toml index 13d3684..6e108d9 100644 --- a/memflow-daemon-connector/Cargo.toml +++ b/memflow-daemon-connector/Cargo.toml @@ -15,10 +15,10 @@ categories = [ "api-bindings", "memory-management", "os" ] crate-type = ["lib", "cdylib"] [dependencies] -memflow = { version = "0.1", features = ["inventory"] } -memflow-derive = { version = "0.1" } +memflow = { git = "https://github.com/memflow/memflow", branch = "next", features = ["inventory"] } memflow-daemon = { path = "../memflow-daemon" } -log = { version = "0.4.8", default-features = false } +log = { version = "0.4", default-features = false } +simple_logger = "1.0" url = "2.1" #tokio @@ -33,7 +33,6 @@ time = "0.1" [dev-dependencies] clap = "2.33.0" -simple_logger = "1.0.1" [features] default = [] diff --git a/memflow-daemon-connector/examples/read_phys.rs b/memflow-daemon-connector/examples/read_phys.rs index cb8216a..eeffde0 100644 --- a/memflow-daemon-connector/examples/read_phys.rs +++ b/memflow-daemon-connector/examples/read_phys.rs @@ -6,7 +6,7 @@ use log::{info, Level}; extern crate clap; use clap::{App, Arg}; -use memflow::*; +use memflow::prelude::v1::*; fn main() { let matches = App::new(crate_name!()) diff --git a/memflow-daemon-connector/src/lib.rs b/memflow-daemon-connector/src/lib.rs index afa1db3..1370174 100644 --- a/memflow-daemon-connector/src/lib.rs +++ b/memflow-daemon-connector/src/lib.rs @@ -1,4 +1,4 @@ -use log::{error, info}; +use log::{error, info, Level}; use url::Url; use futures::prelude::*; @@ -8,9 +8,9 @@ use tokio_serde::formats::*; use tokio_serde::{formats::Json, SymmetricallyFramed}; use tokio_util::codec::{FramedRead, FramedWrite, LengthDelimitedCodec}; -use memflow::*; +use memflow::prelude::v1::*; use memflow_daemon::{request, response}; -use memflow_derive::connector; +use memflow::derive::connector; // framed udp read/write pairs type FramedUdsRequestWriter = SymmetricallyFramed< @@ -387,8 +387,13 @@ impl PhysicalMemory for DaemonConnector { } /// Creates a new Qemu Procfs Connector instance. -#[connector(name = "daemon")] -pub fn create_connector(args: &ConnectorArgs) -> Result { +#[connector(name = "daemon", ty = "DaemonConnector")] +pub fn create_connector(log_level: Level, args: &ConnectorArgs) -> Result { + simple_logger::SimpleLogger::new() + .with_level(log_level.to_level_filter()) + .init() + .ok(); + let addr = args .get("host") .or_else(|| args.get_default()) diff --git a/memflow-daemon/Cargo.toml b/memflow-daemon/Cargo.toml index 2524253..3d254d4 100644 --- a/memflow-daemon/Cargo.toml +++ b/memflow-daemon/Cargo.toml @@ -12,8 +12,8 @@ keywords = [ "memflow", "introspection", "memory" ] categories = [ "api-bindings", "memory-management", "os" ] [dependencies] -memflow = { version = "0.1", features = ["inventory", "serde_derive"] } -memflow-win32 = { version = "0.1", features = ["serde_derive"] } +memflow = { git = "https://github.com/memflow/memflow", branch = "next", features = ["inventory", "serde_derive"] } +memflow-win32 = { git = "https://github.com/memflow/memflow", branch = "next", features = ["serde_derive"] } clap = { version = "2.33.0" } log = "0.4.8" simplelog = "0.8.0" diff --git a/memflow-daemon/src/commands/connection.rs b/memflow-daemon/src/commands/connection.rs index 47223f1..facaf3e 100644 --- a/memflow-daemon/src/commands/connection.rs +++ b/memflow-daemon/src/commands/connection.rs @@ -7,7 +7,8 @@ use crate::state::{KernelHandle, STATE}; use futures::Sink; use std::marker::Unpin; -use memflow::*; +use memflow::prelude::v1::*; +use memflow_win32::win32::Kernel; fn create_connector(msg: &request::Connect) -> Result { let args = match &msg.args { @@ -16,7 +17,7 @@ fn create_connector(msg: &request::Connect) -> Result { None => ConnectorArgs::default(), }; - let inventory = unsafe { ConnectorInventory::try_new() }.map_err(Error::from)?; + let inventory = unsafe { ConnectorInventory::scan() }; unsafe { inventory.create_connector(&msg.name, &args) }.map_err(Error::from) } @@ -33,7 +34,7 @@ pub async fn new + Unpin>( send_log_info(frame, "connector created").await?; // initialize kernel - let kernel = memflow_win32::Kernel::builder(conn) + let kernel = Kernel::builder(conn) .build_default_caches() .build() .map_err(|_| Error::Connector("unable to find kernel"))?; diff --git a/memflow-daemon/src/commands/fuse/filesystem.rs b/memflow-daemon/src/commands/fuse/filesystem.rs index 66419f1..1a93c87 100644 --- a/memflow-daemon/src/commands/fuse/filesystem.rs +++ b/memflow-daemon/src/commands/fuse/filesystem.rs @@ -12,11 +12,11 @@ use std::time::{Duration, Instant}; use log::info; +use memflow::mem::PhysicalMemory; + use fuse_mt::*; use time::*; -use memflow::mem::phys_mem::PhysicalMemory; - pub type ChildrenList = Vec>>; /// Trait describing an entry into the virtual filesystem. diff --git a/memflow-daemon/src/commands/fuse/filesystem/scopes.rs b/memflow-daemon/src/commands/fuse/filesystem/scopes.rs index 41a1600..8918f0d 100644 --- a/memflow-daemon/src/commands/fuse/filesystem/scopes.rs +++ b/memflow-daemon/src/commands/fuse/filesystem/scopes.rs @@ -12,7 +12,7 @@ use crate::state::KernelHandle; use std::sync::{Arc, Mutex}; -use memflow_win32::{Win32ModuleInfo, Win32Process, Win32ProcessInfo}; +use memflow_win32::prelude::{Win32ModuleInfo, Win32Process, Win32ProcessInfo}; pub struct ConnectionScope { kernel: Arc>, diff --git a/memflow-daemon/src/commands/fuse/filesystem/scopes/connection.rs b/memflow-daemon/src/commands/fuse/filesystem/scopes/connection.rs index 4af5e99..14be051 100644 --- a/memflow-daemon/src/commands/fuse/filesystem/scopes/connection.rs +++ b/memflow-daemon/src/commands/fuse/filesystem/scopes/connection.rs @@ -4,7 +4,7 @@ use crate::state::KernelHandle; use std::sync::{Arc, Mutex}; -use memflow::*; +use memflow::mem::PhysicalMemory; // TODO: block storage? pub struct PhysicalDumpFile { diff --git a/memflow-daemon/src/commands/fuse/filesystem/scopes/module.rs b/memflow-daemon/src/commands/fuse/filesystem/scopes/module.rs index a3dbab0..538af21 100644 --- a/memflow-daemon/src/commands/fuse/filesystem/scopes/module.rs +++ b/memflow-daemon/src/commands/fuse/filesystem/scopes/module.rs @@ -6,8 +6,8 @@ use crate::state::{CachedWin32Process, KernelHandle}; use std::sync::{Arc, Mutex}; -use memflow::*; -use memflow_win32::*; +use memflow::prelude::v1::*; +use memflow_win32::prelude::v1::*; use pelite::pe64::imports::Import; use pelite::pe64::*; diff --git a/memflow-daemon/src/commands/fuse/filesystem/scopes/process.rs b/memflow-daemon/src/commands/fuse/filesystem/scopes/process.rs index 365c3d1..f32e60a 100644 --- a/memflow-daemon/src/commands/fuse/filesystem/scopes/process.rs +++ b/memflow-daemon/src/commands/fuse/filesystem/scopes/process.rs @@ -11,7 +11,7 @@ use minidump_writer::{ use memflow::mem::VirtualMemory; use memflow::types::size; -use memflow_win32::*; +use memflow_win32::prelude::v1::*; use std::cell::RefCell; diff --git a/memflow-daemon/src/commands/gdb.rs b/memflow-daemon/src/commands/gdb.rs index 137290a..2fa6c5f 100644 --- a/memflow-daemon/src/commands/gdb.rs +++ b/memflow-daemon/src/commands/gdb.rs @@ -9,7 +9,7 @@ use crate::state::{new_uuid, STATE}; use futures::Sink; use std::marker::Unpin; -use memflow::PID; +use memflow::process::PID; pub async fn attach + Unpin>( frame: &mut S, diff --git a/memflow-daemon/src/commands/gdb/stub.rs b/memflow-daemon/src/commands/gdb/stub.rs index 7276fdb..f4191d9 100644 --- a/memflow-daemon/src/commands/gdb/stub.rs +++ b/memflow-daemon/src/commands/gdb/stub.rs @@ -13,7 +13,7 @@ use gdbstub::{ TidSelector, SINGLE_THREAD_TID, }; -use memflow::*; +use memflow::prelude::v1::*; fn wait_for_tcp(sockaddr: &str) -> Result { info!("started tcp gdb stub on {:?}", sockaddr); diff --git a/memflow-daemon/src/commands/phys_mem.rs b/memflow-daemon/src/commands/phys_mem.rs index 86ffd8b..fe776bd 100644 --- a/memflow-daemon/src/commands/phys_mem.rs +++ b/memflow-daemon/src/commands/phys_mem.rs @@ -7,7 +7,7 @@ use crate::state::{KernelHandle, STATE}; use futures::Sink; use std::marker::Unpin; -use memflow::*; +use memflow::prelude::v1::*; pub async fn read + Unpin>( frame: &mut S, diff --git a/memflow-daemon/src/dispatch.rs b/memflow-daemon/src/dispatch.rs index f9bab81..a3c338c 100644 --- a/memflow-daemon/src/dispatch.rs +++ b/memflow-daemon/src/dispatch.rs @@ -85,7 +85,7 @@ pub async fn send_phys_mem_read + Unpin>( pub async fn send_phys_mem_metadata + Unpin>( frame: &mut S, - metadata: memflow::PhysicalMemoryMetadata, + metadata: memflow::mem::PhysicalMemoryMetadata, ) -> Result<()> { frame .send(response::Message::PhysicalMemoryMetadata( diff --git a/memflow-daemon/src/dto/request.rs b/memflow-daemon/src/dto/request.rs index 714f45e..7be305e 100644 --- a/memflow-daemon/src/dto/request.rs +++ b/memflow-daemon/src/dto/request.rs @@ -1,6 +1,6 @@ use serde::*; -use memflow::PhysicalAddress; +use memflow::types::PhysicalAddress; #[derive(Serialize, Deserialize, Debug)] pub enum Message { diff --git a/memflow-daemon/src/dto/response.rs b/memflow-daemon/src/dto/response.rs index 6d4358b..affa8f7 100644 --- a/memflow-daemon/src/dto/response.rs +++ b/memflow-daemon/src/dto/response.rs @@ -39,7 +39,7 @@ pub struct PhysicalMemoryRead { #[derive(Serialize, Deserialize, Debug)] pub struct PhysicalMemoryMetadata { - pub metadata: memflow::PhysicalMemoryMetadata, + pub metadata: memflow::mem::PhysicalMemoryMetadata, } #[derive(Serialize, Deserialize, Debug, Default)] diff --git a/memflow-daemon/src/state.rs b/memflow-daemon/src/state.rs index 348e3e2..cc795ca 100644 --- a/memflow-daemon/src/state.rs +++ b/memflow-daemon/src/state.rs @@ -6,8 +6,8 @@ use tokio::sync::{Mutex, MutexGuard}; use lazy_static::lazy_static; use uuid::Uuid; -use memflow::*; -use memflow_win32::*; +use memflow::prelude::v1::*; +use memflow_win32::prelude::v1::*; lazy_static! { pub static ref STATE: Mutex = Mutex::new(State::new()); @@ -122,9 +122,9 @@ pub type CachedConnectorInstance = pub type CachedTranslate = CachedVirtualTranslate; -pub type CachedWin32Kernel = memflow_win32::Kernel; +pub type CachedWin32Kernel = memflow_win32::win32::Kernel; -pub type CachedWin32Process = memflow_win32::Win32Process< +pub type CachedWin32Process = memflow_win32::win32::Win32Process< VirtualDMA, >; From cafa5a8cefb33f902b09e6361722dc0db90c16a8 Mon Sep 17 00:00:00 2001 From: Dank Date: Mon, 29 Mar 2021 18:20:57 -0400 Subject: [PATCH 5/5] progress on os-layers support --- install.sh | 0 memflow-cli/src/commands/connection/new.rs | 11 +++ memflow-daemon-connector/Cargo.toml | 2 +- .../examples/read_phys.rs | 4 +- memflow-daemon-connector/src/lib.rs | 16 ++-- memflow-daemon/Cargo.toml | 4 +- memflow-daemon/src/commands/connection.rs | 29 +++---- .../src/commands/fuse/filesystem.rs | 9 +- .../fuse/filesystem/scopes/connection.rs | 1 - memflow-daemon/src/commands/gdb.rs | 2 +- memflow-daemon/src/commands/gdb/stub.rs | 43 +++++----- memflow-daemon/src/commands/phys_mem.rs | 45 +++++----- memflow-daemon/src/commands/process.rs | 85 +++++++++---------- memflow-daemon/src/dto/request.rs | 1 + memflow-daemon/src/state.rs | 28 ++---- 15 files changed, 131 insertions(+), 149 deletions(-) mode change 100755 => 100644 install.sh diff --git a/install.sh b/install.sh old mode 100755 new mode 100644 diff --git a/memflow-cli/src/commands/connection/new.rs b/memflow-cli/src/commands/connection/new.rs index 7eb4273..2714cc6 100644 --- a/memflow-cli/src/commands/connection/new.rs +++ b/memflow-cli/src/commands/connection/new.rs @@ -12,6 +12,7 @@ pub const COMMAND_STR: &str = "new"; const CONNECTOR_NAME: &str = "CONNECTOR_NAME"; const CONNECTOR_ARGS: &str = "CONNECTOR_ARGS"; const CONNECTOR_ALIAS: &str = "CONNECTOR_ALIAS"; +const CONNECTOR_OS_NAME: &str = "CONNECTOR_OS_NAME"; pub fn command_definition<'a, 'b>() -> App<'a, 'b> { SubCommand::with_name(COMMAND_STR) @@ -36,6 +37,14 @@ pub fn command_definition<'a, 'b>() -> App<'a, 'b> { .takes_value(true) .required(false), ) + .arg( + Arg::with_name(CONNECTOR_OS_NAME) + .help("os name for the connection") + .long("os_name") + .short("o") + .takes_value(true) + .required(false), + ) } pub fn handle_command(conf: &Config, matches: &ArgMatches) { @@ -44,6 +53,7 @@ pub fn handle_command(conf: &Config, matches: &ArgMatches) { let name = matches.value_of(CONNECTOR_NAME).unwrap(); let args = matches.value_of(CONNECTOR_ARGS); let alias = matches.value_of(CONNECTOR_ALIAS); + let os_name = matches.value_of(CONNECTOR_OS_NAME).unwrap(); dispatch_request( conf, @@ -51,6 +61,7 @@ pub fn handle_command(conf: &Config, matches: &ArgMatches) { name: name.to_string(), args: args.map(|s| s.to_string()), alias: alias.map(|a| a.to_string()), + os_name: os_name.to_string(), }), ) .unwrap(); diff --git a/memflow-daemon-connector/Cargo.toml b/memflow-daemon-connector/Cargo.toml index 6e108d9..e27974d 100644 --- a/memflow-daemon-connector/Cargo.toml +++ b/memflow-daemon-connector/Cargo.toml @@ -15,7 +15,7 @@ categories = [ "api-bindings", "memory-management", "os" ] crate-type = ["lib", "cdylib"] [dependencies] -memflow = { git = "https://github.com/memflow/memflow", branch = "next", features = ["inventory"] } +memflow = { git = "https://github.com/memflow/memflow", branch = "os-layers", features = ["default"] } memflow-daemon = { path = "../memflow-daemon" } log = { version = "0.4", default-features = false } simple_logger = "1.0" diff --git a/memflow-daemon-connector/examples/read_phys.rs b/memflow-daemon-connector/examples/read_phys.rs index eeffde0..f4c4066 100644 --- a/memflow-daemon-connector/examples/read_phys.rs +++ b/memflow-daemon-connector/examples/read_phys.rs @@ -30,8 +30,8 @@ fn main() { .unwrap(); let host = matches.value_of("host").unwrap(); - let args = ConnectorArgs::parse(host).unwrap(); - let mut conn = match memflow_daemon_connector::create_connector(&args) { + let args = Args::parse(host).unwrap(); + let mut conn = match memflow_daemon_connector::create_connector(&args, Level::Debug) { Ok(br) => br, Err(e) => { info!("couldn't open memory read context: {:?}", e); diff --git a/memflow-daemon-connector/src/lib.rs b/memflow-daemon-connector/src/lib.rs index 1370174..b4f934e 100644 --- a/memflow-daemon-connector/src/lib.rs +++ b/memflow-daemon-connector/src/lib.rs @@ -8,9 +8,9 @@ use tokio_serde::formats::*; use tokio_serde::{formats::Json, SymmetricallyFramed}; use tokio_util::codec::{FramedRead, FramedWrite, LengthDelimitedCodec}; +use memflow::derive::connector; use memflow::prelude::v1::*; use memflow_daemon::{request, response}; -use memflow::derive::connector; // framed udp read/write pairs type FramedUdsRequestWriter = SymmetricallyFramed< @@ -65,7 +65,7 @@ impl FramedStream { error!("{}", e); Error::IO("unable to read read message") })? - .ok_or_else(|| Error::IO("no more messages")), + .ok_or(Error::IO("no more messages")), FramedStream::Tcp((_, reader)) => reader .try_next() .await @@ -73,7 +73,7 @@ impl FramedStream { error!("{}", e); Error::IO("unable to read read message") })? - .ok_or_else(|| Error::IO("no more messages")), + .ok_or(Error::IO("no more messages")), } } } @@ -386,9 +386,9 @@ impl PhysicalMemory for DaemonConnector { } } -/// Creates a new Qemu Procfs Connector instance. -#[connector(name = "daemon", ty = "DaemonConnector")] -pub fn create_connector(log_level: Level, args: &ConnectorArgs) -> Result { +/// Creates a new Daemon Connector instance. +#[connector(name = "daemon", description = "daemon connector")] +pub fn create_connector(args: &Args, log_level: Level) -> Result { simple_logger::SimpleLogger::new() .with_level(log_level.to_level_filter()) .init() @@ -397,9 +397,9 @@ pub fn create_connector(log_level: Level, args: &ConnectorArgs) -> Result Result { let args = match &msg.args { - Some(a) => ConnectorArgs::parse(a) - .map_err(|_| Error::Connector("unable to parse connector string"))?, - None => ConnectorArgs::default(), + Some(a) => { + Args::parse(a).map_err(|_| Error::Connector("unable to parse connector string"))? + } + None => Args::default(), }; - let inventory = unsafe { ConnectorInventory::scan() }; - unsafe { inventory.create_connector(&msg.name, &args) }.map_err(Error::from) + let inventory = unsafe { Inventory::scan() }; + unsafe { inventory.create_connector(&msg.name, None, &args) }.map_err(Error::from) } pub async fn new + Unpin>( @@ -30,16 +31,12 @@ pub async fn new + Unpin>( // TODO: add os argument // TODO: redirect log to client // TODO: add cache options - send_log_info(frame, "connector created").await?; - // initialize kernel - let kernel = Kernel::builder(conn) - .build_default_caches() - .build() - .map_err(|_| Error::Connector("unable to find kernel"))?; - - send_log_info(frame, "found win32 kernel").await?; + // initialize os + let os = Inventory::build_os_simple(msg.name, msg.os_name)?; + + send_log_info(frame, "initialized os").await?; let mut state = STATE.lock().await; @@ -47,7 +44,7 @@ pub async fn new + Unpin>( &msg.name, msg.args.clone(), msg.alias, - KernelHandle::Win32(kernel), + os, ) { Ok(id) => { send_log_info( diff --git a/memflow-daemon/src/commands/fuse/filesystem.rs b/memflow-daemon/src/commands/fuse/filesystem.rs index 1a93c87..6ab3c18 100644 --- a/memflow-daemon/src/commands/fuse/filesystem.rs +++ b/memflow-daemon/src/commands/fuse/filesystem.rs @@ -2,7 +2,7 @@ mod scopes; use scopes::ConnectionScope; use crate::error::{Error, Result}; -use crate::state::{state_lock_sync, FileSystemHandle, KernelHandle}; +use crate::state::{state_lock_sync, FileSystemHandle}; use std::cell::RefCell; use std::ffi::{OsStr, OsString}; @@ -12,7 +12,7 @@ use std::time::{Duration, Instant}; use log::info; -use memflow::mem::PhysicalMemory; +use memflow::{mem::PhysicalMemory, prelude::OSInstance}; use fuse_mt::*; use time::*; @@ -241,12 +241,13 @@ impl VirtualMemoryFileSystem { id: &str, conn_id: &str, mount_point: &str, - kernel: KernelHandle, + os: OSInstance, uid: u32, gid: u32, ) -> Self { - let readonly = match &kernel { + let readonly = match &os { KernelHandle::Win32(kernel) => kernel.phys_mem.metadata().readonly, + }; Self { diff --git a/memflow-daemon/src/commands/fuse/filesystem/scopes/connection.rs b/memflow-daemon/src/commands/fuse/filesystem/scopes/connection.rs index 14be051..ad1b013 100644 --- a/memflow-daemon/src/commands/fuse/filesystem/scopes/connection.rs +++ b/memflow-daemon/src/commands/fuse/filesystem/scopes/connection.rs @@ -1,6 +1,5 @@ use super::super::{FileSystemEntry, FileSystemFileHandler}; use crate::error::{Error, Result}; -use crate::state::KernelHandle; use std::sync::{Arc, Mutex}; diff --git a/memflow-daemon/src/commands/gdb.rs b/memflow-daemon/src/commands/gdb.rs index 2fa6c5f..ed79bfa 100644 --- a/memflow-daemon/src/commands/gdb.rs +++ b/memflow-daemon/src/commands/gdb.rs @@ -9,7 +9,7 @@ use crate::state::{new_uuid, STATE}; use futures::Sink; use std::marker::Unpin; -use memflow::process::PID; +use memflow::os::process::PID; pub async fn attach + Unpin>( frame: &mut S, diff --git a/memflow-daemon/src/commands/gdb/stub.rs b/memflow-daemon/src/commands/gdb/stub.rs index f4191d9..b2247a2 100644 --- a/memflow-daemon/src/commands/gdb/stub.rs +++ b/memflow-daemon/src/commands/gdb/stub.rs @@ -1,5 +1,5 @@ use crate::error::{Error, Result}; -use crate::state::{state_lock_sync, CachedWin32Process, GdbStubHandle, KernelHandle}; +use crate::state::{state_lock_sync, GdbStubHandle}; use std::net::{TcpListener, TcpStream}; #[cfg(unix)] @@ -125,10 +125,10 @@ pub fn spawn_gdb_stub( conn_id: &str, pid: PID, addr: &str, - kernel: KernelHandle, + os: OSInstance, ) -> Result<()> { // TODO: generic stubs per architecture - let stub = GdbStubx64::new(kernel, pid).unwrap(); + let stub = GdbStubx64::new(os, pid).unwrap(); // add to global state gdb_stub_init(id, conn_id, addr)?; @@ -144,31 +144,26 @@ pub fn spawn_gdb_stub( /// Implementation of the Virtual Memory GDB Stub pub struct GdbStubx64 { - process: CachedWin32Process, + process: Process>, //eip: Address, } impl GdbStubx64 { - pub fn new(kernel: KernelHandle, pid: PID) -> Result { - match kernel { - KernelHandle::Win32(kernel) => { - let process = kernel.into_process_pid(pid).map_err(Error::from)?; - - // get first module - - // get eip - /* - let image = process - .virt_mem - .virt_read_raw(mi.base, mi.size) - .data_part()?; - let pe = PeView::from_bytes(&image).map_err(Error::PE)?; - */ - - Ok(Self { process }) - } - } - } + pub fn new(os: OSInstance, pid: PID) -> Result { + let process = os.into_process_pid(pid).map_err(Error::from)?; + + // get first module + + // get eip + /* + let image = process + .virt_mem + .virt_read_raw(mi.base, mi.size) + .data_part()?; + let pe = PeView::from_bytes(&image).map_err(Error::PE)?; + */ + + Ok(Self { process }) } // TODO: add 32 and 64 bit stubs diff --git a/memflow-daemon/src/commands/phys_mem.rs b/memflow-daemon/src/commands/phys_mem.rs index fe776bd..7683ac4 100644 --- a/memflow-daemon/src/commands/phys_mem.rs +++ b/memflow-daemon/src/commands/phys_mem.rs @@ -2,9 +2,10 @@ use crate::dispatch::*; use crate::dto::request; use crate::error::Result; use crate::response; -use crate::state::{KernelHandle, STATE}; +use crate::state::STATE; use futures::Sink; +use os::OSLayerFunctionTable; use std::marker::Unpin; use memflow::prelude::v1::*; @@ -15,31 +16,27 @@ pub async fn read + Unpin>( ) -> Result<()> { let mut state = STATE.lock().await; if let Some(conn) = state.connection_mut(&msg.conn_id) { - match &mut conn.kernel { - KernelHandle::Win32(kernel) => { - // create [PhysicalReadData] - let mut reads = Vec::new(); - let mut read_data = Vec::new(); - for read in msg.reads.iter() { - reads.push(response::PhysicalMemoryReadEntry { - data: vec![0u8; read.len], - }); - } + // create [PhysicalReadData] + let mut reads = Vec::new(); + let mut read_data = Vec::new(); + for read in msg.reads.iter() { + reads.push(response::PhysicalMemoryReadEntry { + data: vec![0u8; read.len], + }); + } - for read in msg.reads.iter().zip(reads.iter_mut()) { - read_data.push(PhysicalReadData(read.0.addr, &mut read.1.data[..])); - } + for read in msg.reads.iter().zip(reads.iter_mut()) { + read_data.push(PhysicalReadData(read.0.addr, &mut read.1.data[..])); + } - if kernel - .phys_mem - .phys_read_raw_list(&mut read_data.as_mut_slice()) - .is_ok() - { - send_phys_mem_read(frame, reads).await - } else { - send_err(frame, &format!("unable to read memory: {:?}", msg.reads)).await - } - } + if conn + .connector + .phys_read_raw_list(&mut read_data.as_mut_slice()) + .is_ok() + { + send_phys_mem_read(frame, reads).await + } else { + send_err(frame, &format!("unable to read memory: {:?}", msg.reads)).await } } else { send_err( diff --git a/memflow-daemon/src/commands/process.rs b/memflow-daemon/src/commands/process.rs index 32b270d..b332353 100644 --- a/memflow-daemon/src/commands/process.rs +++ b/memflow-daemon/src/commands/process.rs @@ -2,10 +2,10 @@ use crate::dispatch::*; use crate::dto::request; use crate::error::Result; use crate::response; -use crate::state::KernelHandle; use crate::state::STATE; use futures::Sink; +use memflow::prelude::OSInner; use std::marker::Unpin; pub async fn ls + Unpin>( @@ -15,51 +15,48 @@ pub async fn ls + Unpin>( let mut state = STATE.lock().await; if let Some(conn) = state.connection_mut(&msg.conn_id) { - match &mut conn.kernel { - KernelHandle::Win32(kernel) => { - if let Ok(processes) = kernel.process_info_list() { - send_log_info( - frame, - &format!( - "listing processes for connection {}: {} processes\n", - msg.conn_id, - processes.len(), - ), - ) - .await?; - - let mut table = response::Table::default(); - table.headers = vec![ - "pid".to_string(), - "name".to_string(), - "bits".to_string(), - "dtb".to_string(), - "teb".to_string(), - "peb".to_string(), - ]; - - for process in processes.iter() { - table.entries.push(vec![ - process.pid.to_string(), - process.name.clone(), - process.proc_arch.bits().to_string(), - format!("0x{:X}", process.dtb), - format!("0x{:X}", process.teb.unwrap_or_default()), - format!("0x{:X}", process.peb()), - ]); - } - - send_table(frame, table).await?; - send_ok(frame).await - } else { - send_err( - frame, - &format!("could not get processes on connection {}", msg.conn_id), - ) - .await - } + if let Ok(processes) = conn.os.process_info_list() { + send_log_info( + frame, + &format!( + "listing processes for connection {}: {} processes\n", + msg.conn_id, + processes.len(), + ), + ) + .await?; + + let mut table = response::Table::default(); + table.headers = vec![ + "pid".to_string(), + "name".to_string(), + "bits".to_string(), + "dtb".to_string(), + "teb".to_string(), + "peb".to_string(), + ]; + + for process in processes.iter() { + table.entries.push(vec![ + process.pid.to_string(), + process.name.clone(), + process.proc_arch.bits().to_string(), + format!("0x{:X}", process.dtb), + format!("0x{:X}", process.teb.unwrap_or_default()), + format!("0x{:X}", process.peb()), + ]); } + + send_table(frame, table).await?; + send_ok(frame).await + } else { + send_err( + frame, + &format!("could not get processes on connection {}", msg.conn_id), + ) + .await } + conn.os.Ok(()) } else { send_err( frame, diff --git a/memflow-daemon/src/dto/request.rs b/memflow-daemon/src/dto/request.rs index 7be305e..28ad402 100644 --- a/memflow-daemon/src/dto/request.rs +++ b/memflow-daemon/src/dto/request.rs @@ -26,6 +26,7 @@ pub enum Message { #[derive(Serialize, Deserialize, Debug)] pub struct Connect { pub name: String, + pub os_name: String, pub args: Option, pub alias: Option, // TODO: os diff --git a/memflow-daemon/src/state.rs b/memflow-daemon/src/state.rs index cc795ca..8603fa6 100644 --- a/memflow-daemon/src/state.rs +++ b/memflow-daemon/src/state.rs @@ -7,7 +7,6 @@ use lazy_static::lazy_static; use uuid::Uuid; use memflow::prelude::v1::*; -use memflow_win32::prelude::v1::*; lazy_static! { pub static ref STATE: Mutex = Mutex::new(State::new()); @@ -52,7 +51,7 @@ impl State { name: &str, args: Option, alias: Option, - kernel: KernelHandle, + os: OSInstance, ) -> Result { if alias.is_some() && self @@ -65,7 +64,7 @@ impl State { } let id = new_uuid(); - let conn = OpenedConnection::new(&id, alias.clone(), name, args, kernel); + let conn = OpenedConnection::new(&id, alias.clone(), name, args, os); self.connections.insert(id.clone(), conn); if let Some(a) = alias { @@ -117,29 +116,14 @@ impl State { } } -pub type CachedConnectorInstance = - CachedMemoryAccess<'static, ConnectorInstance, TimedCacheValidator>; - -pub type CachedTranslate = CachedVirtualTranslate; - -pub type CachedWin32Kernel = memflow_win32::win32::Kernel; - -pub type CachedWin32Process = memflow_win32::win32::Win32Process< - VirtualDMA, ->; - -#[derive(Debug, Clone)] -pub enum KernelHandle { - Win32(CachedWin32Kernel), -} - pub struct OpenedConnection { pub id: String, pub alias: Option, pub refcount: usize, pub name: String, pub args: Option, - pub kernel: KernelHandle, + pub os: OSInstance, + pub connector: ConnectorInstance, } impl OpenedConnection { @@ -148,7 +132,7 @@ impl OpenedConnection { alias: Option, name: &str, args: Option, - kernel: KernelHandle, + os: OSInstance, ) -> Self { Self { id: id.to_string(), @@ -156,7 +140,7 @@ impl OpenedConnection { refcount: 0, name: name.to_string(), args, - kernel, + os, } } }