diff options
| -rw-r--r-- | ChangeLog | 40 | ||||
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | plugins/Makefile.am | 2 | ||||
| -rw-r--r-- | plugins/mobicore/Makefile.am | 1 | ||||
| -rw-r--r-- | plugins/mobicore/annotations.c | 468 | ||||
| -rw-r--r-- | plugins/mobicore/mclf-def.h | 44 | ||||
| -rw-r--r-- | plugins/mobicore/mclf.c | 4 | ||||
| -rw-r--r-- | plugins/readdex/reader.c | 5 | ||||
| -rw-r--r-- | plugins/readdex/reader.h | 1 | ||||
| -rw-r--r-- | plugins/readelf/header.c | 2 | ||||
| -rw-r--r-- | plugins/readelf/header.h | 2 | ||||
| -rw-r--r-- | plugins/readelf/reader.c | 5 | ||||
| -rw-r--r-- | plugins/readelf/reader.h | 1 | ||||
| -rw-r--r-- | plugins/readmc/Makefile.am | 18 | ||||
| -rw-r--r-- | plugins/readmc/header.c | 119 | ||||
| -rw-r--r-- | plugins/readmc/header.h | 38 | ||||
| -rw-r--r-- | plugins/readmc/reader.c | 92 | ||||
| -rw-r--r-- | plugins/readmc/reader.h | 38 | ||||
| -rw-r--r-- | plugins/readmc/text.c | 145 | ||||
| -rw-r--r-- | plugins/readmc/text.h (renamed from plugins/mobicore/annotations.h) | 20 | ||||
| -rw-r--r-- | plugins/readmc/v21.c | 244 | ||||
| -rw-r--r-- | plugins/readmc/v21.h | 38 | ||||
| -rw-r--r-- | plugins/readmc/v23.c | 91 | ||||
| -rw-r--r-- | plugins/readmc/v23.h | 38 | ||||
| -rw-r--r-- | plugins/readmc/v24.c | 90 | ||||
| -rw-r--r-- | plugins/readmc/v24.h | 38 |
26 files changed, 1087 insertions, 498 deletions
@@ -1,3 +1,43 @@ +17-05-14 Cyrille Bagard <nocbos@gmail.com> + + * configure.ac: + Add the new Makefile from the 'plugins/readmc' directory. + + * plugins/Makefile.am: + Add 'readmc' to SUBDIRS. + + * plugins/mobicore/Makefile.am: + Remove the 'annotations.[ch]' files from libmobicore_la_SOURCES. + + * plugins/mobicore/annotations.c: + * plugins/mobicore/annotations.h: + Deleted entries. + + * plugins/mobicore/mclf-def.h: + * plugins/mobicore/mclf.c: + * plugins/readdex/reader.c: + * plugins/readdex/reader.h: + * plugins/readelf/header.c: + * plugins/readelf/header.h: + * plugins/readelf/reader.c: + * plugins/readelf/reader.h: + Update code. + + * plugins/readmc/Makefile.am: + * plugins/readmc/header.c: + * plugins/readmc/header.h: + * plugins/readmc/reader.c: + * plugins/readmc/reader.h: + * plugins/readmc/text.c: + * plugins/readmc/text.h: + * plugins/readmc/v21.c: + * plugins/readmc/v21.h: + * plugins/readmc/v23.c: + * plugins/readmc/v23.h: + * plugins/readmc/v24.c: + * plugins/readmc/v24.h: + New entries: preload Mobicore information at loading. + 17-05-12 Cyrille Bagard <nocbos@gmail.com> * plugins/pychrysa/arch/Makefile.am: diff --git a/configure.ac b/configure.ac index ccace74..6bee3f4 100644 --- a/configure.ac +++ b/configure.ac @@ -342,6 +342,7 @@ AC_CONFIG_FILES([Makefile plugins/python/samples/Makefile plugins/readdex/Makefile plugins/readelf/Makefile + plugins/readmc/Makefile plugins/ropgadgets/Makefile src/Makefile src/analysis/Makefile diff --git a/plugins/Makefile.am b/plugins/Makefile.am index 0cbe6fa..2ad0ae2 100644 --- a/plugins/Makefile.am +++ b/plugins/Makefile.am @@ -4,4 +4,4 @@ if HAVE_PYTHON3_CONFIG endif # androhelpers -SUBDIRS = devdbg fmtp libcsem mobicore $(PYTHON3_SUBDIRS) readdex readelf ropgadgets +SUBDIRS = devdbg fmtp libcsem mobicore $(PYTHON3_SUBDIRS) readdex readelf readmc ropgadgets diff --git a/plugins/mobicore/Makefile.am b/plugins/mobicore/Makefile.am index ee5cc66..10beb85 100644 --- a/plugins/mobicore/Makefile.am +++ b/plugins/mobicore/Makefile.am @@ -2,7 +2,6 @@ lib_LTLIBRARIES = libmobicore.la libmobicore_la_SOURCES = \ - annotations.h annotations.c \ mclf-def.h \ mclf-int.h mclf-int.c \ mclf.h mclf.c \ diff --git a/plugins/mobicore/annotations.c b/plugins/mobicore/annotations.c deleted file mode 100644 index 1c7b29b..0000000 --- a/plugins/mobicore/annotations.c +++ /dev/null @@ -1,468 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * annotations.c - enregistrement des annotations liées au format MCLF - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see <http://www.gnu.org/licenses/>. - */ - - -#include "annotations.h" - - -#include <malloc.h> - - -#include <i18n.h> -#include <arch/raw.h> -#include <common/extstr.h> - - -#include "mclf-int.h" - - - -/* Place des annotations sur un descripteur de segment MCLF. */ -static bool annotate_mclf_segment_descriptor(GMCLFFormat *, const char *, vmpa2t *); - -/* Place des annotations sur le début commun du binaire MCLF. */ -static bool annotate_mclf_intro(GMCLFFormat *, vmpa2t *pos); - -/* Place des annotations sur l'en-tête v1 du binaire MCLF. */ -static bool annotate_mclf_header_v1(GMCLFFormat *, vmpa2t *pos); - -/* Place des annotations sur l'en-tête du segment de code. */ -static bool annotate_mclf_text_segment_header(GMCLFFormat *format, vmpa2t *); - - - -/****************************************************************************** -* * -* Paramètres : format = description de l'exécutable à compléter. * -* prefix = désignation du segment dans son ensemble. * -* pos = tête de lecture à initialiser / faire évoluer. [OUT]* -* * -* Description : Place des annotations sur un descripteur de segment MCLF. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool annotate_mclf_segment_descriptor(GMCLFFormat *format, const char *prefix, vmpa2t *pos) -{ - GBinContent *content; /* Contenu binaire à lire */ - GArchInstruction *instr; /* Instruction décodée */ - char *text; /* Texte construit par étapes */ - GDbComment *comment; /* Définition de commentaire */ - GBinSymbol *symbol; /* Symbole à intégrer */ - - content = G_BIN_FORMAT(format)->content; - - /* start */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - text = strdup(prefix); - text = stradd(text, _(": start address")); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, text); - - free(text); - - /* len */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - text = strdup(prefix); - text = stradd(text, _(": length")); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, text); - - free(text); - - return true; - -} - - - -/****************************************************************************** -* * -* Paramètres : format = description de l'exécutable à compléter. * -* pos = tête de lecture à initialiser / faire évoluer. [OUT]* -* * -* Description : Place des annotations sur le début commun du binaire MCLF. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool annotate_mclf_intro(GMCLFFormat *format, vmpa2t *pos) -{ - GBinContent *content; /* Contenu binaire à lire */ - GArchInstruction *instr; /* Instruction décodée */ - GArchOperand *operand; /* Opérande à venir modifier */ - GDbComment *comment; /* Définition de commentaire */ - GBinSymbol *symbol; /* Symbole à intégrer */ - - content = G_BIN_FORMAT(format)->content; - - init_vmpa(pos, 0, format->header.v1.text.start); - - /* magic */ - - instr = g_raw_instruction_new_array(content, MDS_8_BITS, 4, pos, format->endian); - - SET_IMM_DISPLAY(instr, operand, 0, IOD_CHAR); - SET_IMM_DISPLAY(instr, operand, 1, IOD_CHAR); - SET_IMM_DISPLAY(instr, operand, 2, IOD_CHAR); - SET_IMM_DISPLAY(instr, operand, 3, IOD_CHAR); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("MCLF magic number")); - - /* version */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Version")); - - return true; - -} - - -/****************************************************************************** -* * -* Paramètres : format = description de l'exécutable à compléter. * -* pos = tête de lecture à faire évoluer. [OUT] * -* * -* Description : Place des annotations sur l'en-tête v1 du binaire MCLF. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool annotate_mclf_header_v1(GMCLFFormat *format, vmpa2t *pos) -{ - GBinContent *content; /* Contenu binaire à lire */ - GArchInstruction *instr; /* Instruction décodée */ - GDbComment *comment; /* Définition de commentaire */ - GBinSymbol *symbol; /* Symbole à intégrer */ - const char *text; /* Commentaire variable */ - - content = G_BIN_FORMAT(format)->content; - - /* flags */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Service flags")); - - /* mem_type */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - switch (format->header.v1.mem_type) - { - case MCLF_MEM_TYPE_INTERNAL_PREFERRED: - text = _("Memory to use: internal if available, otherwise external memory"); - break; - case MCLF_MEM_TYPE_INTERNAL: - text = _("Internal memory must be used for executing the service"); - break; - case MCLF_MEM_TYPE_EXTERNAL: - text = _("External memory must be used for executing the service"); - break; - default: - text = _("Unknown memory usage"); - break; - } - - ADD_RAW_AS_SYM(format, symbol, instr, comment, text); - - /* service_type */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - switch (format->header.v1.service_type) - { - case SERVICE_TYPE_ILLEGAL: - text = _("Service type is invalid"); - break; - - case SERVICE_TYPE_DRIVER: - text = _("Service is a driver"); - break; - - case SERVICE_TYPE_SP_TRUSTLET: - text = _("Service is a Trustlet"); - break; - - case SERVICE_TYPE_SYSTEM_TRUSTLET: - text = _("Service is a system Trustlet"); - break; - } - - ADD_RAW_AS_SYM(format, symbol, instr, comment, text); - - /* num_instances */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Number of instances which can be run simultaneously")); - - /* uuid */ - - instr = g_raw_instruction_new_array(content, MDS_8_BITS, 16, pos, format->endian); - - g_raw_instruction_mark_as_padding(G_RAW_INSTRUCTION(instr), true); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Loadable service unique identifier (UUID)")); - - /* driver_id */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - if (format->header.v1.service_type == SERVICE_TYPE_DRIVER) - text = _("Driver ID"); - else - text = _("Unused Driver ID"); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Number of threads")); - - /* num_threads */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Number of threads")); - - /* text.start */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Virtual text segment: start address")); - - /* text.len */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Virtual text segment: length")); - - /* data.start */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Virtual data segment: start address")); - - /* data.len */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Virtual data segment: length")); - - /* bss_len */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Length of the BSS segment in bytes")); - - /* entry */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Virtual start address of service code")); - - - - - - /* service_version */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Version of the interface the driver exports")); - - - - - /* sip_id */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Silicon Provider ID")); - - /* sip_data */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 3, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Platform specific device identifier")); - - /* permitted_hw_cfg */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Configuration which is allowed to execute binary")); - - - return true; - -} - - - - - - - - - -/****************************************************************************** -* * -* Paramètres : format = description de l'exécutable à compléter. * -* pos = tête de lecture à initialiser / faire évoluer. [OUT]* -* * -* Description : Place des annotations sur l'en-tête du segment de code. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool annotate_mclf_text_segment_header(GMCLFFormat *format, vmpa2t *pos) -{ - GBinContent *content; /* Contenu binaire à lire */ - vmpa2t old; /* Position précédente */ - phys_t diff; /* Décallage entre positions */ - GArchInstruction *instr; /* Instruction décodée */ - GDbComment *comment; /* Définition de commentaire */ - GBinSymbol *symbol; /* Symbole à intégrer */ - - content = G_BIN_FORMAT(format)->content; - - copy_vmpa(&old, pos); - init_vmpa(pos, 0x80, format->header.v1.text.start + 0x80); - - diff = compute_vmpa_diff(&old, pos); - - instr = g_raw_instruction_new_array(content, MDS_8_BITS, diff, &old, format->endian); - - g_raw_instruction_mark_as_padding(G_RAW_INSTRUCTION(instr), true); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Padding")); - - /* version */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Version of the TextHeader structure")); - - /* text_header_len */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Size of this structure")); - - /* required_feat */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Features that Mobicore must understand when loading")); - - /* mc_lib_entry */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Address for McLib entry")); - - /* mc_lib_data */ - - if (!annotate_mclf_segment_descriptor(format, _("Segment for McLib data"), pos)) - return false; - - //Segment for McLib data - - /* mc_lib_base */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("McLib base address")); - - /* tl_api_vers */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("TlApi version used when building trustlet")); - - /* dr_api_vers */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("DrApi version used when building trustlet")); - - /* ta_properties */ - - instr = g_raw_instruction_new_array(content, MDS_32_BITS, 1, pos, format->endian); - - ADD_RAW_AS_SYM(format, symbol, instr, comment, _("Address of _TA_Properties in the TA")); - - return true; - -} - - - - - - - - - - -/****************************************************************************** -* * -* Paramètres : format = description de l'exécutable à compléter. * -* * -* Description : Place des annotations sur le binaire MCLF. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool annotate_mclf_binary(GMCLFFormat *format) -{ - bool result; /* Bilan à retourner */ - vmpa2t pos; /* Localisation des symboles */ - - - result = annotate_mclf_intro(format, &pos); - - result &= annotate_mclf_header_v1(format, &pos); - - result &= annotate_mclf_text_segment_header(format, &pos); - - return result; - -} diff --git a/plugins/mobicore/mclf-def.h b/plugins/mobicore/mclf-def.h index 9c91ccc..e632068 100644 --- a/plugins/mobicore/mclf-def.h +++ b/plugins/mobicore/mclf-def.h @@ -29,6 +29,14 @@ +/** + * Ces définitions se basent sur : + * + * https://github.com/Trustonic/trustonic-tee-user-space/blob/master/common/MobiCore/inc/mcLoadFormat.h + */ + + + /* ------------------------------ DECLARATIONS DE BASE ------------------------------ */ @@ -70,10 +78,12 @@ typedef uint32_t mclf_addr_t; /* Types de service définissant l'exécutable */ typedef enum service_type_t { - SERVICE_TYPE_ILLEGAL = 0, /* Type invalide */ - SERVICE_TYPE_DRIVER = 1, /* Le service est un pilote */ - SERVICE_TYPE_SP_TRUSTLET = 2, /* Le service est un Trustlet */ - SERVICE_TYPE_SYSTEM_TRUSTLET = 3 /* Idem, mais Trustlet système */ + SERVICE_TYPE_ILLEGAL = 0, /* Type invalide */ + SERVICE_TYPE_DRIVER = 1, /* Le service est un pilote */ + SERVICE_TYPE_SP_TRUSTLET = 2, /* Le service est un Trustlet */ + SERVICE_TYPE_SYSTEM_TRUSTLET = 3, /* Idem, mais Trustlet système */ + SERVICE_TYPE_MIDDLEWARE = 4, /* Service middleware */ + SERVICE_TYPE_LAST_ENTRY = 5 /* Marqueur de fin */ } service_type_t; @@ -107,12 +117,36 @@ typedef struct _mc_uuid_t } mc_uuid_t; +#define MC_DRV_VENDOR_ID_SHIFT (16) +#define MC_DRV_VENDOR_ID_MASK (0xFFFF << MC_DRV_VENDOR_ID_SHIFT) +#define MC_DRV_NUMBER_MASK (0x0000FFFF) + +/* Identifiant de MobiCore */ +typedef enum { + + MC_DRV_VENDOR_ID_GD = 0 << MC_DRV_VENDOR_ID_SHIFT, + +} mc_drv_vendor_id_t; + +/* Identifiants de pilote GD pour MobiCore */ +typedef enum { + MC_DRV_NUMBER_INVALID = 0, + MC_DRV_NUMBER_CRYPTO = 1, + MC_DRV_NUMBER_LAST_PRE_INSTALLED = 100, + TB_DRV_NUMBER_TUI = 0x101, + TB_DRV_NUMBER_TPLAY = 0x600, +} mc_drv_number_t; +/* Identifiants de pilote Mobicore pour les Trustlets */ typedef enum { - TODO_ + MC_DRV_ID_INVALID = MC_DRV_VENDOR_ID_GD | MC_DRV_NUMBER_INVALID, + MC_DRV_ID_CRYPTO = MC_DRV_VENDOR_ID_GD | MC_DRV_NUMBER_CRYPTO, + MC_DRV_ID_LAST_PRE_INSTALLED = MC_DRV_VENDOR_ID_GD | MC_DRV_NUMBER_LAST_PRE_INSTALLED, + TB_DRV_ID_TUI = MC_DRV_VENDOR_ID_GD | TB_DRV_NUMBER_TUI, + TB_DRV_ID_TPLAY = MC_DRV_VENDOR_ID_GD | TB_DRV_NUMBER_TPLAY, } mc_driver_id_t; diff --git a/plugins/mobicore/mclf.c b/plugins/mobicore/mclf.c index 72edc7c..740e7b1 100644 --- a/plugins/mobicore/mclf.c +++ b/plugins/mobicore/mclf.c @@ -27,7 +27,6 @@ #include <i18n.h> -#include "annotations.h" #include "mclf-int.h" #include "symbols.h" @@ -228,9 +227,6 @@ GBinFormat *g_mclf_format_new(GBinContent *content, GExeFormat *parent, GtkStatu } - if (!annotate_mclf_binary(result)) - printf("ERRR\n"); - return G_BIN_FORMAT(result); } diff --git a/plugins/readdex/reader.c b/plugins/readdex/reader.c index 645ec5b..a10ba90 100644 --- a/plugins/readdex/reader.c +++ b/plugins/readdex/reader.c @@ -24,6 +24,7 @@ #include "reader.h" +#include <format/dex/dex.h> #include <plugins/plugin-def.h> @@ -61,7 +62,7 @@ G_MODULE_EXPORT bool preload_binary_format(const GPluginModule *plugin, PluginAc if (!G_IS_DEX_FORMAT(format)) { result = true; - goto hbf_exit; + goto pbf_exit; } dex_fmt = G_DEX_FORMAT(format); @@ -80,7 +81,7 @@ G_MODULE_EXPORT bool preload_binary_format(const GPluginModule *plugin, PluginAc result &= annotate_dex_class_defs(dex_fmt, info, status); - hbf_exit: + pbf_exit: return result; diff --git a/plugins/readdex/reader.h b/plugins/readdex/reader.h index 74a2968..1d9103f 100644 --- a/plugins/readdex/reader.h +++ b/plugins/readdex/reader.h @@ -25,7 +25,6 @@ #define _PLUGINS_READDEX_READER_H -#include <format/dex/dex.h> #include <plugins/plugin.h> #include <plugins/plugin-int.h> diff --git a/plugins/readelf/header.c b/plugins/readelf/header.c index a83f690..33cf107 100644 --- a/plugins/readelf/header.c +++ b/plugins/readelf/header.c @@ -24,7 +24,7 @@ #include "header.h" -#include <common/cpp.h> +#include <format/elf/elf.h> #include <plugins/fmtp/parser.h> diff --git a/plugins/readelf/header.h b/plugins/readelf/header.h index 060a363..acfe396 100644 --- a/plugins/readelf/header.h +++ b/plugins/readelf/header.h @@ -25,8 +25,8 @@ #define _PLUGINS_READELF_HEADER_H +#include <format/format.h> #include <format/preload.h> -#include <format/elf/elf.h> diff --git a/plugins/readelf/reader.c b/plugins/readelf/reader.c index 47b33a0..6f81b3f 100644 --- a/plugins/readelf/reader.c +++ b/plugins/readelf/reader.c @@ -24,6 +24,7 @@ #include "reader.h" +#include <format/elf/elf.h> #include <plugins/plugin-def.h> @@ -62,7 +63,7 @@ G_MODULE_EXPORT bool preload_binary_format(const GPluginModule *plugin, PluginAc if (!G_IS_ELF_FORMAT(format)) { result = true; - goto hbf_exit; + goto pbf_exit; } elf_fmt = G_ELF_FORMAT(format); @@ -75,7 +76,7 @@ G_MODULE_EXPORT bool preload_binary_format(const GPluginModule *plugin, PluginAc show_elf_section_string_table(elf_fmt, info, status); - hbf_exit: + pbf_exit: return result; diff --git a/plugins/readelf/reader.h b/plugins/readelf/reader.h index 8dfdeb8..3837de2 100644 --- a/plugins/readelf/reader.h +++ b/plugins/readelf/reader.h @@ -25,7 +25,6 @@ #define _PLUGINS_READELF_READER_H -#include <format/elf/elf.h> #include <plugins/plugin.h> #include <plugins/plugin-int.h> diff --git a/plugins/readmc/Makefile.am b/plugins/readmc/Makefile.am new file mode 100644 index 0000000..f1b0845 --- /dev/null +++ b/plugins/readmc/Makefile.am @@ -0,0 +1,18 @@ + +lib_LTLIBRARIES = libreadmc.la + +libreadmc_la_SOURCES = \ + header.h header.c \ + reader.h reader.c \ + text.h text.c \ + v21.h v21.c \ + v23.h v23.c \ + v24.h v24.c + +libreadmc_la_CFLAGS = $(AM_CFLAGS) + +libreadmc_la_LDFLAGS = -L../../plugins/fmtp/.libs -lfmtp + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) -I../../src -I../.. + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/readmc/header.c b/plugins/readmc/header.c new file mode 100644 index 0000000..98cf803 --- /dev/null +++ b/plugins/readmc/header.c @@ -0,0 +1,119 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * header.c - annotation des en-têtes de binaires ELF + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "header.h" + + +#include <plugins/fmtp/parser.h> + + + +/* Définition des champs */ + +/* Récupère la version du format. */ +static bool get_mclf_version(const fmt_field_def *, GBinContent *, vmpa2t *, SourceEndian, uint32_t *); + + +static fmt_field_def _mc_intro[] = { + + { + .name = "magic", + + .size = MDS_8_BITS, + .repeat = 4, + + DISPLAY_RULES(IOD_CHAR, IOD_CHAR, IOD_CHAR, IOD_CHAR), + + PLAIN_COMMENT(__("Header magic value")) + + }, + + { + .name = "version", + + .get_value = (get_fdef_value_cb)get_mclf_version, + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + PLAIN_COMMENT(__("Version of the MCLF header structure")) + + } + +}; + + + +/****************************************************************************** +* * +* Paramètres : def = définition à l'origine de l'appel. * +* content = contenu binaire à venir lire. * +* pos = position de la tête de lecture. * +* endian = ordre des bits dans la source. * +* version = lieu d'enregistrement de la lecture. [OUT] * +* * +* Description : Récupère la version du format. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool get_mclf_version(const fmt_field_def *def, GBinContent *content, vmpa2t *pos, SourceEndian endian, uint32_t *version) +{ + bool result; /* Bilan à retourner */ + + result = g_binary_content_read_u32(content, pos, endian, version); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* info = informations à constituer en avance de phase. * +* pos = tête de lecture courante. [OUT] * +* version = version du format récupérée. [OUT] * +* * +* Description : Charge tous les symboles de l'en-tête Mobicore. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool annotate_mobicore_header(GBinFormat *format, GPreloadInfo *info, vmpa2t *pos, uint32_t *version) +{ + bool result; /* Bilan à retourner */ + + result = parse_field_definitions(PARSING_DEFS(_mc_intro), format, info, pos, version); + + return result; + +} diff --git a/plugins/readmc/header.h b/plugins/readmc/header.h new file mode 100644 index 0000000..1b8d44e --- /dev/null +++ b/plugins/readmc/header.h @@ -0,0 +1,38 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * header.h - prototypes pour l'annotation des en-têtes de binaires Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _PLUGINS_READMC_HEADER_H +#define _PLUGINS_READMC_HEADER_H + + +#include <format/format.h> +#include <format/preload.h> + + + +/* Charge tous les symboles de l'en-tête Mobicore. */ +bool annotate_mobicore_header(GBinFormat *, GPreloadInfo *, vmpa2t *, uint32_t *); + + + +#endif /* _PLUGINS_READMC_HEADER_H */ diff --git a/plugins/readmc/reader.c b/plugins/readmc/reader.c new file mode 100644 index 0000000..3042e83 --- /dev/null +++ b/plugins/readmc/reader.c @@ -0,0 +1,92 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * reader.c - interprétation des informations secondaires contenues dans un fichier Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "reader.h" + + +#include <plugins/mobicore/mclf.h> +#include <plugins/plugin-def.h> + + +#include "header.h" +#include "text.h" +#include "v21.h" +#include "v23.h" +#include "v24.h" + + + +DEFINE_CHRYSALIDE_ACTIVE_PLUGIN("readmc", "Displays information about Mobicore files", "0.2.0", + PGA_FORMAT_PRELOAD); + + +/****************************************************************************** +* * +* Paramètres : plugin = greffon à manipuler. * +* action = type d'action attendue. * +* format = description de l'exécutable à compléter. * +* info = informations à constituer en avance de phase. * +* status = barre de statut à tenir informée. * +* * +* Description : Etablit des symboles complémentaires dans un format Mobicore.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +G_MODULE_EXPORT bool preload_binary_format(const GPluginModule *plugin, PluginAction action, GBinFormat *format, GPreloadInfo *info, GtkStatusStack *status) +{ + bool result; /* Bilan à retourner */ + vmpa2t pos; /* Tête de lecture des symboles*/ + uint32_t version; /* Version du format analysé */ + + if (!G_IS_MCLF_FORMAT(format)) + { + result = true; + goto pbf_exit; + } + + result = g_exe_format_translate_offset_into_vmpa(G_EXE_FORMAT(format), 0, &pos); + + if (result) + result = annotate_mobicore_header(format, info, &pos, &version); + + if (result) + result = annotate_mobicore_v21_header(format, info, &pos); + + if (result) + result = annotate_mobicore_v23_header(format, info, &pos); + + if (result) + result = annotate_mobicore_v24_header(format, info, &pos); + + if (result) + result = annotate_mobicore_text_header(format, info, &pos); + + pbf_exit: + + return result; + +} diff --git a/plugins/readmc/reader.h b/plugins/readmc/reader.h new file mode 100644 index 0000000..a68b288 --- /dev/null +++ b/plugins/readmc/reader.h @@ -0,0 +1,38 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * reader.h - prototypes pour l'interprétation des informations secondaires contenues dans un fichier Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _PLUGINS_READMC_READER_H +#define _PLUGINS_READMC_READER_H + + +#include <plugins/plugin.h> +#include <plugins/plugin-int.h> + + + +/* Etablit des symboles complémentaires dans un format Mobicore. */ +G_MODULE_EXPORT bool preload_binary_format(const GPluginModule *, PluginAction, GBinFormat *, GPreloadInfo *, GtkStatusStack *); + + + +#endif /* _PLUGINS_READMC_READER_H */ diff --git a/plugins/readmc/text.c b/plugins/readmc/text.c new file mode 100644 index 0000000..3e15493 --- /dev/null +++ b/plugins/readmc/text.c @@ -0,0 +1,145 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * text.c - annotation de l'en-tête du code pour Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "text.h" + + +#include <plugins/fmtp/parser.h> + + + +/* Définition des champs */ + +static fmt_field_def _mobicore_text_header[] = { + + { + .name = "version", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + PLAIN_COMMENT(__("Version of the TextHeader structure")) + + }, + + { + .name = "textHeaderLen", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + PLAIN_COMMENT(__("Size of this structure (fixed at compile time)")) + + }, + + { + .name = "requiredFeat", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Features that Mobicore must understand/interprete when loading")) + + }, + + { + .name = "mcLibEntry", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Address for McLib entry")) + + }, + + { + .name = "mcIMD", + + .size = MDS_32_BITS, + .repeat = 2, + + PLAIN_COMMENT(__("McLib Internal Management Data")) + + }, + + { + .name = "tlApiVers", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("TlApi version used when building trustlet")) + + }, + + { + .name = "drApiVers", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("DrApi version used when building trustlet")) + + }, + + { + .name = "ta_properties", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Address of _TA_Properties in the TA")) + + } + +}; + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* info = informations à constituer en avance de phase. * +* pos = tête de lecture courante. [OUT] * +* * +* Description : Charge les symboles d'un en-tête de code pour Mobicore. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool annotate_mobicore_text_header(GBinFormat *format, GPreloadInfo *info, vmpa2t *pos) +{ + bool result; /* Bilan à retourner */ + + result = parse_field_definitions(PARSING_DEFS(_mobicore_text_header), format, info, pos, NULL); + + return result; + +} diff --git a/plugins/mobicore/annotations.h b/plugins/readmc/text.h index 1ce9215..f1da5da 100644 --- a/plugins/mobicore/annotations.h +++ b/plugins/readmc/text.h @@ -1,8 +1,8 @@ /* Chrysalide - Outil d'analyse de fichiers binaires - * annotations.h - prototypes pour l'enregistrement des annotations liées au format MCLF + * text.h - prototypes pour l'annotation de l'en-tête du code pour Mobicore * - * Copyright (C) 2015-2017 Cyrille Bagard + * Copyright (C) 2017 Cyrille Bagard * * This file is part of Chrysalide. * @@ -21,20 +21,18 @@ */ -#ifndef _PLUGINS_MOBICORE_ANNOTATIONS_H -#define _PLUGINS_MOBICORE_ANNOTATIONS_H +#ifndef _PLUGINS_READMC_TEXT_H +#define _PLUGINS_READMC_TEXT_H -#include <stdbool.h> +#include <format/format.h> +#include <format/preload.h> -#include "mclf.h" +/* Charge les symboles d'un en-tête de code pour Mobicore. */ +bool annotate_mobicore_text_header(GBinFormat *, GPreloadInfo *, vmpa2t *); -/*Place des annotations sur le binaire MCLF. */ -bool annotate_mclf_binary(GMCLFFormat *); - - -#endif /* _PLUGINS_MOBICORE_ANNOTATIONS_H */ +#endif /* _PLUGINS_READMC_TEXT_H */ diff --git a/plugins/readmc/v21.c b/plugins/readmc/v21.c new file mode 100644 index 0000000..ae74809 --- /dev/null +++ b/plugins/readmc/v21.c @@ -0,0 +1,244 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * v21.c - annotation des parties spécifiques à la version 2.1/2.2 de Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "v21.h" + + +#include <plugins/fmtp/parser.h> +#include <plugins/mobicore/mclf-def.h> + + + +/* Définition des champs */ + +static field_desc_switch _v21_mc_memories[] = { + + { .fixed = MCLF_MEM_TYPE_INTERNAL_PREFERRED, .desc = __("If available use internal memory; otherwise external memory") }, + { .fixed = MCLF_MEM_TYPE_INTERNAL, .desc = __("Internal memory must be used for executing the service") }, + { .fixed = MCLF_MEM_TYPE_EXTERNAL, .desc = __("External memory must be used for executing the service") } + +}; + +static field_desc_switch _v21_mc_services[] = { + + { .fixed = SERVICE_TYPE_ILLEGAL, .desc = __("Service type is invalid") }, + { .fixed = SERVICE_TYPE_DRIVER, .desc = __("Service is a driver") }, + { .fixed = SERVICE_TYPE_SP_TRUSTLET, .desc = __("Service is a Trustlet") }, + { .fixed = SERVICE_TYPE_SYSTEM_TRUSTLET, .desc = __("Service is a system Trustlet") }, + { .fixed = SERVICE_TYPE_MIDDLEWARE, .desc = __("Service is a middleware") } + +}; + +static field_desc_switch _v21_mc_drivers[] = { + + { .fixed = MC_DRV_ID_INVALID, .desc = "MC_DRV_ID_INVALID" }, + { .fixed = MC_DRV_ID_CRYPTO, .desc = "MC_DRV_ID_CRYPTO" }, + { .fixed = MC_DRV_ID_LAST_PRE_INSTALLED, .desc = "MC_DRV_ID_LAST_PRE_INSTALLED" }, + { .fixed = TB_DRV_ID_TUI, .desc = "TB_DRV_ID_TUI" }, + { .fixed = TB_DRV_ID_TPLAY, .desc = "TB_DRV_ID_TPLAY" } + +}; + +static fmt_field_def _mobicore_v21_header[] = { + + { + .name = "flags", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Service flags")) + + }, + + { + .name = "memType", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + SWITCH_COMMENT(_v21_mc_memories, __("The service must be executed from unknown memory type")) + + }, + + { + .name = "serviceType", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + SWITCH_COMMENT(_v21_mc_services, __("Service is unknown")) + + }, + + { + .name = "numInstances", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + PLAIN_COMMENT(__("Number of instances which can be run simultaneously")) + + }, + + { + .name = "uuid", + + .size = MDS_32_BITS, + .repeat = 4, + + PLAIN_COMMENT(__("Loadable service unique identifier (UUID)")) + + }, + + { + .name = "driverId", + + .size = MDS_32_BITS, + .repeat = 1, + + SWITCH_COMMENT(_v21_mc_drivers, __("Unknown driver identifier")) + + }, + + { + .name = "numThreads", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + PLAIN_COMMENT(__("Number of threads in a service depending on service type")) + + }, + + { + .name = "text_start", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Text segment: virtual start address")) + + }, + + { + .name = "text_len", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + PLAIN_COMMENT(__("Text segment: length in bytes")) + + }, + + { + .name = "data_start", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Data segment: virtual start address")) + + }, + + { + .name = "data_len", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + PLAIN_COMMENT(__("Data segment: length in bytes")) + + }, + + { + .name = "bssLen", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + PLAIN_COMMENT(__("Length of the BSS segment in bytes")) + + }, + + { + .name = "entry", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Virtual start address of service code")) + + }, + + { + .name = "serviceVersion", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Version of the interface the driver exports")) + + } + +}; + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* info = informations à constituer en avance de phase. * +* pos = tête de lecture courante. [OUT] * +* * +* Description : Charge les symboles d'un en-tête v2.1/2.2 de Mobicore. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool annotate_mobicore_v21_header(GBinFormat *format, GPreloadInfo *info, vmpa2t *pos) +{ + bool result; /* Bilan à retourner */ + + result = parse_field_definitions(PARSING_DEFS(_mobicore_v21_header), format, info, pos, NULL); + + return result; + +} diff --git a/plugins/readmc/v21.h b/plugins/readmc/v21.h new file mode 100644 index 0000000..b90a58f --- /dev/null +++ b/plugins/readmc/v21.h @@ -0,0 +1,38 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * v21.h - prototypes pour l'annotation des parties spécifiques à la version 2.1/2.2 de Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _PLUGINS_READMC_V21_H +#define _PLUGINS_READMC_V21_H + + +#include <format/format.h> +#include <format/preload.h> + + + +/* Charge les symboles d'un en-tête v2.1/2.2 de Mobicore. */ +bool annotate_mobicore_v21_header(GBinFormat *, GPreloadInfo *, vmpa2t *); + + + +#endif /* _PLUGINS_READMC_V21_H */ diff --git a/plugins/readmc/v23.c b/plugins/readmc/v23.c new file mode 100644 index 0000000..7a3c3e4 --- /dev/null +++ b/plugins/readmc/v23.c @@ -0,0 +1,91 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * v23.c - annotation des parties spécifiques à la version 2.3 de Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "v23.h" + + +#include <plugins/fmtp/parser.h> + + + +/* Définition des champs */ + +static fmt_field_def _mobicore_v23_header[] = { + + { + .name = "permittedSuid_id", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("SUID (1/2) allowed to execute binary: Silicon Provider identifier")) + + }, + + { + .name = "permittedSuid_data", + + .size = MDS_32_BITS, + .repeat = 3, + + PLAIN_COMMENT(__("SUID (2/2) allowed to execute binary: platform specific device identifier")) + + }, + + { + .name = "permittedHwCfg", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Hardware configuration allowed to execute binary")) + + } + +}; + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* info = informations à constituer en avance de phase. * +* pos = tête de lecture courante. [OUT] * +* * +* Description : Charge les symboles d'un en-tête v2.3 de Mobicore. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool annotate_mobicore_v23_header(GBinFormat *format, GPreloadInfo *info, vmpa2t *pos) +{ + bool result; /* Bilan à retourner */ + + result = parse_field_definitions(PARSING_DEFS(_mobicore_v23_header), format, info, pos, NULL); + + return result; + +} diff --git a/plugins/readmc/v23.h b/plugins/readmc/v23.h new file mode 100644 index 0000000..beae17c --- /dev/null +++ b/plugins/readmc/v23.h @@ -0,0 +1,38 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * v23.h - prototypes pour l'annotation des parties spécifiques à la version 2.4 de Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _PLUGINS_READMC_V23_H +#define _PLUGINS_READMC_V23_H + + +#include <format/format.h> +#include <format/preload.h> + + + +/* Charge les symboles d'un en-tête v2.3 de Mobicore. */ +bool annotate_mobicore_v23_header(GBinFormat *, GPreloadInfo *, vmpa2t *); + + + +#endif /* _PLUGINS_READMC_V23_H */ diff --git a/plugins/readmc/v24.c b/plugins/readmc/v24.c new file mode 100644 index 0000000..1cbae98 --- /dev/null +++ b/plugins/readmc/v24.c @@ -0,0 +1,90 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * v24.c - annotation des parties spécifiques à la version 2.4 de Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "v24.h" + + +#include <plugins/fmtp/parser.h> + + + +/* Définition des champs */ + +static field_desc_switch _v24_mc_level[] = { + + { .fixed = 0, .desc = __("GP level: Legacy MobiCore trustlets") }, + { .fixed = 1, .desc = __("GP level: Potato TA") } + +}; + +static fmt_field_def _mobicore_v24_header[] = { + + { + .name = "gp_level", + + .size = MDS_32_BITS, + .repeat = 1, + + DISPLAY_RULES(IOD_DEC), + + SWITCH_COMMENT(_v24_mc_level, __("GP level: unknown")) + + }, + + { + .name = "attestationOffset", + + .size = MDS_32_BITS, + .repeat = 1, + + PLAIN_COMMENT(__("Offset of attestation data area")) + + } + +}; + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* info = informations à constituer en avance de phase. * +* pos = tête de lecture courante. [OUT] * +* * +* Description : Charge les symboles d'un en-tête v2.4 de Mobicore. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool annotate_mobicore_v24_header(GBinFormat *format, GPreloadInfo *info, vmpa2t *pos) +{ + bool result; /* Bilan à retourner */ + + result = parse_field_definitions(PARSING_DEFS(_mobicore_v24_header), format, info, pos, NULL); + + return result; + +} diff --git a/plugins/readmc/v24.h b/plugins/readmc/v24.h new file mode 100644 index 0000000..57d1cd4 --- /dev/null +++ b/plugins/readmc/v24.h @@ -0,0 +1,38 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * v24.h - prototypes pour l'annotation des parties spécifiques à la version 2.4 de Mobicore + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _PLUGINS_READMC_V24_H +#define _PLUGINS_READMC_V24_H + + +#include <format/format.h> +#include <format/preload.h> + + + +/* Charge les symboles d'un en-tête v2.4 de Mobicore. */ +bool annotate_mobicore_v24_header(GBinFormat *, GPreloadInfo *, vmpa2t *); + + + +#endif /* _PLUGINS_READMC_V24_H */ |