/* Chrysalide - Outil d'analyse de fichiers binaires * plugin-def.h - prototypes pour les définitions de base utiles aux greffons * * Copyright (C) 2009-2017 Cyrille Bagard * * This file is part of Chrysalide. * * Chrysalide is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * Chrysalide is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #ifndef _PLUGINS_PLUGIN_DEF_H #define _PLUGINS_PLUGIN_DEF_H #include #include /* ------------------------ IDENTIFICATION DE COMPATIBILITES ------------------------ */ /* Version identifiant les définitions courantes */ typedef uint32_t plugin_abi_version_t; #define DEFINE_PLUGIN_ABI_VERSION(maj, min, rev) \ (((maj & 0xff) << 24) | ((min & 0xff) << 16) | (rev & 0xffff)) #define GET_ABI_MAJ_VERSION(vs) ((vs >> 24) & 0xff) #define GET_ABI_MIN_VERSION(vs) ((vs >> 16) & 0xff) #define GET_ABI_REV_VERSION(vs) (vs & 0xffff) #define CURRENT_ABI_VERSION DEFINE_PLUGIN_ABI_VERSION(0, 1, 0) //#define HARD_CODE_CURRENT_ABI_VERSION const plugin_abi_version_t abi_version = CURRENT_ABI_VERSION /* ------------------------- DEFINITION D'UN PROJET INTERNE ------------------------- */ /* Idenifiant d'une action menée */ typedef uint32_t plugin_action_t; #define DEFINE_PLUGIN_CATEGORY(cat) ((cat & 0xff) << 24) #define DEFINE_PLUGIN_SUB_CATEGORY(sub) ((sub & 0xff) << 16) #define DEFINE_PLUGIN_ACTION(a) (a & 0xffff) #define GET_PLUGIN_CATEGORY(val) ((val >> 24) & 0xff) #define GET_PLUGIN_SUB_CATEGORY(val) ((val >> 16) & 0xff) #define MASK_PLUGIN_CATEGORY(val) (val & (0xff << 24)) #define MASK_PLUGIN_SUB_CATEGORY(val) (val & (0xff << 16)) #define DPC_BASIC DEFINE_PLUGIN_CATEGORY(0) #define DPC_BINARY_PROCESSING DEFINE_PLUGIN_CATEGORY(1) // GUI /* DPC_BASIC */ #define DPS_NONE DEFINE_PLUGIN_SUB_CATEGORY(0) #define DPS_PG_MANAGEMENT DEFINE_PLUGIN_SUB_CATEGORY(1) /* DPC_BINARY_PROCESSING */ #define DPS_FORMAT DEFINE_PLUGIN_SUB_CATEGORY(0) #define DPS_DISASSEMBLY DEFINE_PLUGIN_SUB_CATEGORY(1) // GUI -> project // binary loaded // binary unload // GUI -> dialog box /* Action(s) menée(s) par un greffon */ typedef enum _PluginAction { /** * DPC_BASIC | DPS_NONE */ /* Aucun intérêt */ PGA_BASIC_NONE = DPC_BASIC | DPS_NONE | DEFINE_PLUGIN_ACTION(0), /** * DPC_BASIC | DPS_PG_MANAGEMENT */ /* Chargement */ PGA_PLUGIN_INIT = DPC_BASIC | DPS_PG_MANAGEMENT | DEFINE_PLUGIN_ACTION(0), /* Déchargement */ PGA_PLUGIN_EXIT = DPC_BASIC | DPS_PG_MANAGEMENT | DEFINE_PLUGIN_ACTION(1), /** * DPC_BINARY_PROCESSING | DPS_FORMAT */ /* Détection et chargement */ PGA_FORMAT_MATCHER = DPC_BINARY_PROCESSING | DPS_FORMAT | DEFINE_PLUGIN_ACTION(0), /* Accompagnement du chargement (fin) */ PGA_FORMAT_LOADER_LAST = DPC_BINARY_PROCESSING | DPS_FORMAT | DEFINE_PLUGIN_ACTION(1), /* Accompagnement du chargement (fin) */ PGA_FORMAT_PRELOAD = DPC_BINARY_PROCESSING | DPS_FORMAT | DEFINE_PLUGIN_ACTION(2), /** * DPC_BINARY_PROCESSING | DPS_DISASSEMBLY */ /* Désassemblage démarré */ PGA_DISASSEMBLY_STARTED = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(0), /* Instructions toutes jutes désassemblées */ PGA_DISASSEMBLY_RAW = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(1), /* Crochets de type 'link' exécutés */ PGA_DISASSEMBLY_HOOKED_LINK = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(2), /* Crochets de type 'post' exécutés */ PGA_DISASSEMBLY_HOOKED_POST = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(3), /* Limites de routines définies */ PGA_DISASSEMBLY_LIMITED = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(4), /* Détection d'éventuelles boucles effectuée */ PGA_DISASSEMBLY_LOOPS = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(5), /* Liaisons entre instructions mises en place */ PGA_DISASSEMBLY_LINKED = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(6), /* Instructions regroupées en blocs basiques */ PGA_DISASSEMBLY_GROUPED = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(7), /* Définitions de profondeurs d'exécution */ PGA_DISASSEMBLY_RANKED = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(8), /* Désassemblage fini */ PGA_DISASSEMBLY_ENDED = DPC_BINARY_PROCESSING | DPS_DISASSEMBLY | DEFINE_PLUGIN_ACTION(9), PGA_DISASSEMBLE = (1 << 1), /* Désassemblage (non trivial) */ PGA_BINARY_DISASSEMBLED = (1 << 2), /* Désassemblage fini */ PGA_BINARY_LINKED = (1 << 3), /* Liaison en place */ PGA_BINARY_BOUNDED = (1 << 4), /* Limites de routines définies*/ PGA_BINARY_GROUPED = (1 << 5), /* Instructions regroupées */ PGA_BINARY_PRINTED = (1 << 6), /* Instructions imprimées */ PGA_DISASS_PROCESS = (1 << 6), /* Traitement niveau assembleur*/ PGA_CODE_PROCESS = (1 << 7), /* Traitement du code existant */ PGA_DEBUGGER_ATTACH = (1 << 8), /* Activation d'un débogueur */ PGA_DEBUGGER_DETACH = (1 << 9), /* Désactivation d'un débogueur*/ /** * Organisation interne : * - rassemblement massif de tous les greffons. * - marquage des cellules vides. */ PGA_ALL = 0xfffffffe, PGA_EMPTY = 0xffffffff } PluginAction; /* MAJ !! */ #define PGA_COUNT 16 /* Types de greffon */ typedef enum _PluginType { PGT_BINARY = (1 << 0) /* Actions sur un binaire */ } PluginType; /* Action(s) menée(s) par le greffon */ #if 0 typedef enum _PluginAction { PGA_NONE = (0 << 0), /* Aucun intérêt */ PGA_FORMAT_MATCHER = (1 << 0), /* Détection et chargement */ PGA_DISASSEMBLE = (1 << 1), /* Désassemblage (non trivial) */ PGA_BINARY_DISASSEMBLED = (1 << 2), /* Désassemblage fini */ PGA_BINARY_LINKED = (1 << 3), /* Liaison en place */ PGA_BINARY_BOUNDED = (1 << 4), /* Limites de routines définies*/ PGA_BINARY_GROUPED = (1 << 5), /* Instructions regroupées */ PGA_BINARY_PRINTED = (1 << 6), /* Instructions imprimées */ PGA_DISASS_PROCESS = (1 << 6), /* Traitement niveau assembleur*/ PGA_CODE_PROCESS = (1 << 7), /* Traitement du code existant */ PGA_DEBUGGER_ATTACH = (1 << 8), /* Activation d'un débogueur */ PGA_DEBUGGER_DETACH = (1 << 9) /* Désactivation d'un débogueur*/ } PluginAction; #endif /* Actions éligibles pour run_plugins_on_binary() */ #define PGA_BINARY_ACTIONS ( 0 \ | PGA_BINARY_DISASSEMBLED | PGA_BINARY_LINKED \ | PGA_BINARY_BOUNDED | PGA_BINARY_PRINTED \ ) /* Fournit une indication sur le(s) type(s) du greffon présent. */ //typedef PluginType (* get_plugin_type_fc) (void); /* Fournit une indication sur le type d'opération(s) menée(s). */ //typedef PluginAction (* get_plugin_action_fc) (void); /* PGA_FORMAT_MATCHER */ /* Bilans d'une reconnaissance */ typedef enum _MatchingFormatAction { MFA_NONE, /* Aucune détection */ MFA_MATCHED, /* Format reconnu */ MFA_RELOAD, /* Rechargemet opéré */ MFA_COUNT } MatchingFormatAction; /* ------------------------ PREMIER INTERFACAGE PROTOCOLAIRE ------------------------ */ #define CHRYSALIDE_PLUGIN_MAGIC 0xdeadc0de1234abcdull /* Définition d'un greffon */ typedef struct _plugin_interface { uint64_t magic; /* Vérification a minima */ plugin_abi_version_t abi_version; /* Version du protocole utilisé*/ const char *name; /* Désignation humaine courte */ const char *desc; /* Description plus loquace */ const char *version; /* Version du greffon */ const char **required; /* Pré-chargements requis */ size_t required_count; /* Quantité de ces dépendances */ /* status */ plugin_action_t *actions; /* Liste des actions gérées */ size_t actions_count; /* Quantité de ces actions */ } plugin_interface; /* Facilitations de déclarations */ #define EMPTY_PG_LIST(name) \ name = NULL, \ name ## _count = 0 \ #define BUILD_PG_LIST(name, lst) \ name = lst, \ name ## _count = sizeof(lst) / sizeof(lst[0]) \ #define AL(...) BUILD_PG_LIST(.actions, ((plugin_action_t []){ __VA_ARGS__ })) #define RL(...) BUILD_PG_LIST(.required, ((char *[]){ __VA_ARGS__ })) #define DEFINE_CHRYSALIDE_PLUGIN(n, d, v, r, a) \ G_MODULE_EXPORT const plugin_interface _chrysalide_plugin = { \ \ .magic = CHRYSALIDE_PLUGIN_MAGIC, \ .abi_version = CURRENT_ABI_VERSION, \ \ .name = n, \ .desc = d, \ .version = v, \ \ r, \ \ a, \ \ } /* Interfaçage primaire avec Chrysalide */ #define DEFINE_CHRYSALIDE_ACTIVE_PLUGIN(n, d, v, ...) \ DEFINE_CHRYSALIDE_PLUGIN(n, d, v, EMPTY_PG_LIST(.required), AL( __VA_ARGS__ )) #endif /* _PLUGINS_PLUGIN_DEF_H */