-
Notifications
You must be signed in to change notification settings - Fork 5
/
videzzo_types_lib.py
722 lines (653 loc) · 32.4 KB
/
videzzo_types_lib.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
import random
FIELD_RANDOM = 1
FIELD_POINTER = 2
FIELD_FLAG = 4 # TODO: pointer | flag
FIELD_CONSTANT= 8
def dict_append(a, b):
for k, v in b.items():
if k in a:
print('Error: {} is in {}'.format(k, a))
exit(0)
else:
a[k] = v
class Model(object):
def __init__(self, name, index):
self.name = name
self.index = index
self.structs = {}
# instrumentation information
self.head_struct_types = None
self.instrumentation_points = []
self.n_instrumentation_points = 0
# some internal controls
self.last_uuid = None
self.code = []
self.indent = 0
def initialize(self, index, replacement):
self.index = index
structs = {}
for struct_type, struct_metadata in self.structs.items():
for field_name, metadata in struct_metadata.items():
field_type = metadata['field_type']
if field_type & FIELD_POINTER:
for k, v in metadata['point_to']['types'].items():
metadata['point_to']['types'][k] = v.replace('###', replacement)
structs[struct_type.replace('###', replacement)] = struct_metadata
self.structs = structs
def get_uuid(self):
self.last_uuid = '{:010x}'.format(random.randint(0, 0xFFFFFFFFFFFFFFFF))[:10]
return 'v' + self.last_uuid
def get_last_uuid(self):
return 'v' + self.last_uuid
def get_stats(self):
for struct_type, struct_metadata in self.structs.items():
n_fields, n_flag_fields, n_pointer_fields = 0, 0, 0
for field_name, metadata in struct_metadata.items():
n_fields += 1
field_type = metadata['field_type']
if field_type & FIELD_FLAG:
n_flag_fields += 1
if field_type & FIELD_POINTER:
n_pointer_fields += 1
yield self.name, struct_type, n_flag_fields, n_pointer_fields, n_fields
###########################################################################################
### Construct
###########################################################################################
def add_struct(self, struct_type, metadata):
"""
struct_type: struct_type
metadata: {'field_name#size': field_type}
ViDeZZo struct format:
self.structs[struct_type] = {
field_name: {'field_size': field_size, 'field_type': field_type}
}
"""
if struct_type not in self.structs:
self.structs[struct_type] = {}
for k, field_type in metadata.items():
field_name, field_size = k.split('#')
field_size = int(field_size, 16)
self.structs[struct_type][field_name] = {
'field_size': field_size, 'field_type': field_type}
def get_struct(self, struct_type):
return self.structs[struct_type]
def recover_struct_type_from_name(self, struct_name):
return '_'.join(struct_name.split('_')[:-1])
def construct_struct_name_from_type(self, struct_type):
return '{}_{}'.format(struct_type, self.get_uuid())
def check_field(self, struct_type, field_name):
if struct_type not in self.structs:
raise KeyError('{} is not a valid struct'.format(struct_type))
if field_name not in self.structs[struct_type]:
raise KeyError('{} is not a valid field'.format(field_name))
def get_field_size(self, struct_type, field_name):
return self.structs[struct_type][field_name]['field_size']
def add_head(self, head_struct_types):
"""
head_struct_types: [struct_type0, struct_type1, ..., struct_typen]
"""
self.head_struct_types = head_struct_types
def get_head(self):
return self.head_struct_types
def add_instrumentation_point(self, filename, callstack):
"""
filename: basename.c
callstack: [function1, function2, function_index, argument_index]
"""
self.instrumentation_points.append({
'filename': filename, 'callstack': callstack, 'id': self.index})
self.n_instrumentation_points = len(self.instrumentation_points)
def get_instrumentation_points(self):
return self.instrumentation_points
"""
ViDeZZo constant format:
self.structs[struct_type][field_name] = {
'field_name': {'field_size': field_size, 'field_type': field_type, 'field_value': field_value}
}
"""
def add_constant(self, key, value):
"""
key: struct_type.field_name
value: field_value (list)
"""
struct_type, field_name = key.split('.')
self.check_field(struct_type, field_name)
field_value = value
self.structs[struct_type][field_name]['field_value'] = field_value
"""
ViDeZZo flag format:
self.structs[struct_type][field_name]['flags'] = {
'start': {'length': length, 'value': initvalue}
}
"""
def add_flag(self, key, value):
"""
key: struct_type.field_name
value: {'length[@initvalue]'}
"""
struct_type, field_name = key.split('.')
self.check_field(struct_type, field_name)
flags = {}
for k, v in value.items():
start = str(k)
if isinstance(v, str):
length, initvalue = v.split('@')
initvalue = int(initvalue, 16)
length = int(length)
else:
initvalue = None
length = v
flags[start] = {'length': length, 'initvalue': initvalue}
self.structs[struct_type][field_name]['flags'] = flags
def get_flag_length(self, struct_type, field_name, bit):
return self.structs[struct_type][field_name]['flags'][bit]['length']
"""
ViDeZZo point_to format:
self.structs[struct][field_name]['point_to'] = {
'types': {'0': point_to_struct_type},
'flags': [{'struct_type': struct_type, 'field_name': field_name,
'bit': bit, 'length': length}] or None,
'alignment': 0,
'array': False or True,
'linked_list': 'single' or 'double' or None,
'tail': {'struct_type': struct_type, 'field_name': field_name},
if linked_list is not None
'links': {'0': field_name},
}
"""
def add_point_to(self, pointer, types, flags=None, alignment=0, array=False, immediate=False):
"""
pointer: struct_type.field_name
types: [struct_type0, struct_type1, ..., struct_typen]
flags: [struct_type.field_name.bitwise] (if len(types)==1 then flags is None)
"""
struct_type, field_name = pointer.split('.')
self.check_field(struct_type, field_name)
if len(types) == 1:
self.structs[struct_type][field_name]['point_to'] = {
'flags': None, 'types': {'0': types[0]},
'alignment': alignment, 'array': array, 'immediate': immediate}
return struct_type, field_name
else:
assert flags is not None
metadata = {
'flags': [], 'types': {},
'alignment': alignment, 'array': array, 'immediate': immediate}
for flag in flags:
flag_struct_type, flag_field_name, flag_bit = flag.split('.')
self.check_field(flag_struct_type, flag_field_name)
metadata['flags'].append({
'struct_type': flag_struct_type,
'field_name': flag_field_name,
'bit': flag_bit,
'length': self.get_flag_length(flag_struct_type, flag_field_name, flag_bit)})
for idx, point_to_struct_type in enumerate(types):
metadata['types'][str(idx)] = point_to_struct_type
self.structs[struct_type][field_name]['point_to'] = metadata
return struct_type, field_name
def add_point_to_single_linked_list(
self, head, tail, types, links, flags=None, alignment=0, array=False):
"""
head: struct_type.field_name
tail: struct_type.field_name
types: [struct_type0, struct_type1, ..., struct_typen]
links: [link0, link1, ..., linkn]
flags: [struct_type.field_name.bitwise] (if len(types)==1 then flags is None)
"""
# let's handle the head pointer first
struct_type, field_name = self.add_point_to(
head, types, flags=flags, alignment=alignment, array=array)
# let's handle the tail pointer then
self.structs[struct_type][field_name]['point_to']['linked_list'] = 'single'
if tail is not None:
tail_struct_type, tail_field_name = tail.split('.')
self.check_field(tail_struct_type, tail_field_name)
self.structs[struct_type][field_name]['point_to']['tail'] = {
'struct_type': tail_struct_type, 'field_name': tail_field_name}
self.structs[tail_struct_type][tail_field_name]['point_to'] = {'tail': True, 'typeref': field_name}
metadata = self.structs[struct_type][field_name]['point_to']
metadata['links'] = {}
for idx, _ in metadata['types'].items():
self.structs[struct_type][field_name]['point_to']['links'][idx] = links[int(idx)]
###########################################################################################
### Generate
###########################################################################################
def __gen_event_memwrite(self, struct_name, field_name, value, value_size):
struct_type = self.recover_struct_type_from_name(struct_name)
field_size = self.get_field_size(struct_type, field_name)
if value_size < field_size and field_size == 8:
value_size = field_size
self.append_code('EVENT_MEMWRITE({} + offsetof({}, {}), {}, {}, {}, {});'.format(
struct_name, struct_type, field_name, hex(field_size), value, hex(value_size), self.get_uuid()))
def __gen_flag_value(self, metadata):
flags = []
length_in_total = 0
for start, length_and_initvalue in metadata.items():
if int(start) != length_in_total:
length_in_total = int(start)
length = length_and_initvalue['length']
initvalue = length_and_initvalue['initvalue']
if initvalue is None:
initvalue = 'urand32()'
# flags.append(('(({0} & ((1 << 0x{1:02x}) - 1)) << 0x{2:02x})'.format(initvalue, length, length_in_total)))
flags.append(('(({0} % (1u << 0x{1:02x})) << 0x{2:02x})'.format(initvalue, length, length_in_total)))
length_in_total += int(length)
sep = '\n {} | '.format(' ' * self.indent * 4)
return sep.join(flags)
def gen_flag(self, struct_name, field_name, metadata):
# MAGIC
# self.append_code('{}->{} = {};'.format(struct_name, field_name, sep.join(flags)))
self.__gen_event_memwrite(struct_name, field_name, self.__gen_flag_value(metadata), 4)
def gen_random(self, struct_name, field_name, metadata):
# MAGIC
# self.append_code('{}->{} = {};'.format(struct_name, field_name, 'urand32()'))
self.__gen_event_memwrite(struct_name, field_name, 'urand32()', 4)
def gen_immediate_point_to(self, struct_name, field_name, metadata):
struct_type = self.recover_struct_type_from_name(struct_name)
flags = metadata['flags']
if flags:
flag_value = self.__gen_flag_value(flags)
else:
flag_value = '0x0'
self.__gen_point_to(struct_name, field_name, metadata['point_to'], flag_value)
def gen_constant_declaration(self):
"""
Declare these constants.
"""
for struct_type, fields in self.structs.items():
for field_name, metadata in fields.items():
field_size = metadata['field_size']
field_type = metadata['field_type']
if (field_type & FIELD_CONSTANT) == 0:
continue
assert field_size in [1, 2, 4, 8]
field_value = metadata['field_value']
assert isinstance(field_value, list)
self.append_code('uint{}_t {}_{}_constant[{}] = {{'.format(
int(field_size) * 8, struct_type, field_name, len(field_value)))
self.indent += 1
for constant in field_value:
self.append_code('{},'.format(hex(constant)))
self.indent -= 1
self.append_code('}};\n'.format(struct_type))
def gen_constant(self, struct_name, field_name, metadata):
field_value = metadata['field_value']
struct_type = self.recover_struct_type_from_name(struct_name)
flag_value = '0x0'
if 'flags' in metadata:
flags = metadata['flags']
if flags:
flag_value = self.__gen_flag_value(flags)
# MAGIC
# self.append_code('{}->{} = {};'.format(struct_name, field_name, 'urand32()'))
self.__gen_event_memwrite(
struct_name, field_name, '{}_{}_constant[urand32() % {}] | ({})'.format(
struct_type, field_name, len(field_value), flag_value), 4)
def __gen_point_to(self, struct_name, field_name, metadata, flag_value):
"""
Handle each pointer.
"""
if 'tail' in metadata and metadata['tail'] is True:
return
self.append_code('// gen point_to for {}->{}'.format(struct_name, field_name))
flags = metadata['flags']
types = metadata['types']
links = metadata['links'] if 'links' in metadata else None
def __gen_single_linked_list(__struct_type, __field_name):
self.append_code('// gen linked list for {}->{}'.format(__struct_type, __field_name))
head_struct_name = self.construct_struct_name_from_type(__struct_type)
last_struct_name = 'last_struct_name_{}'.format(self.get_uuid())
tail_struct_name = 'tail_struct_name_{}'.format(self.get_uuid())
self.append_code('GEN_LINKED_LIST({}, {}, {}, {}, {}, {}, {});'.format(
__struct_type, __field_name, head_struct_name, last_struct_name, tail_struct_name, self.get_uuid(), flag_value))
return head_struct_name, tail_struct_name
def gen_single_linked_list(__struct_type, __field_name):
head_struct_name, tail_struct_name = __gen_single_linked_list(__struct_type, __field_name)
# MAGIC
# self.append_code('{}->{} = {};'.format(struct_name, field_name, head_struct_name))
self.append_code('{} |= {};'.format(head_struct_name, flag_value))
self.__gen_event_memwrite(struct_name, field_name, head_struct_name, 4);
if 'tail' in metadata and isinstance(metadata['tail'], dict):
# MAGIC
# self.append_code('{}->{} = {};'.format(struct_name, metadata['tail']['field_name'], tail_struct_name))
self.append_code('{} |= {};'.format(tail_struct_name, flag_value))
self.__gen_event_memwrite(struct_name, metadata['tail']['field_name'], tail_struct_name, 4);
def gen_single_object(__struct_type):
sub_struct_name = self.gen_struct_point_to(__struct_type)
# MAGIC
# self.append_code('{}->{} = {};'.format(struct_name, field_name, sub_struct_name))
self.append_code('{} |= {};'.format(sub_struct_name, flag_value))
self.__gen_event_memwrite(struct_name, field_name, sub_struct_name, 4);
def is_single_linked_list(__metadata):
return 'linked_list' in __metadata and __metadata['linked_list'] == 'single'
# we support pointing to a single object, or a single linked list
if flags is None:
if is_single_linked_list(metadata):
assert links is not None
gen_single_linked_list(types['0'], links['0'])
else:
gen_single_object(types['0'])
else:
# gen_conditional_point_to(gen_single_linked_list, links)
# gen_conditional_point_to(gen_single_object, None)
# MAGIC
# cond = ' | '.join(['get_bit({}->{}, {}, {})'.format(
# struct_name, flag['field_name'], flag['bit'], flag['length']) for flag in flags])
struct_type = self.recover_struct_type_from_name(struct_name)
field_size = self.get_field_size(struct_type, field_name)
conds = []
for flag in flags:
tmp_buf_name = 'tmp_buf_{}'.format(self.get_uuid())
self.append_code('uint64_t {} = 0;'.format(tmp_buf_name))
self.append_code('EVENT_MEMREAD({} + offsetof({}, {}), {}, &{}, {}, {});'.format(
struct_name, struct_type, flag['field_name'], hex(field_size), tmp_buf_name, hex(4), self.get_uuid()))
conds.append('get_bit({}, {}, {})'.format(tmp_buf_name, flag['bit'], flag['length']))
cond = ' | '.join(conds)
self.append_code('switch ({}) {{'.format(cond))
self.indent += 1
for case, struct_type in types.items():
self.append_code('case {}: {{'.format(case))
self.indent += 1
if struct_type is None:
self.append_code('break; }')
continue
if is_single_linked_list(metadata):
assert links is not None
gen_single_linked_list(struct_type, links[case])
else:
gen_single_object(struct_type)
self.append_code('break; }')
self.indent -= 1
self.indent -= 1
self.append_code('}')
def gen_struct_point_to(self, struct_type, head=False):
"""
Initilize a struct's pointers and return the struct name.
"""
struct_name = self.construct_struct_name_from_type(struct_type)
if head:
self.append_code('uint32_t {} = get_{}(physaddr);'.format(struct_name, struct_type))
else:
self.append_code('uint32_t {} = get_{}(INVALID_ADDRESS);'.format(struct_name, struct_type))
self.append_code('append_address({});'.format(struct_name))
for field_name, metadata in self.get_struct(struct_type).items():
field_type = metadata['field_type']
if field_type & FIELD_POINTER:
if field_type & FIELD_FLAG:
flag_value = self.__gen_flag_value(metadata['flags'])
else:
flag_value = '0x0'
self.__gen_point_to(struct_name, field_name, metadata['point_to'], flag_value=flag_value)
return struct_name
def gen_struct_declaration(self):
"""
Declare these structs.
"""
for struct_type, fields in self.structs.items():
self.append_code('typedef struct {')
for field_name, metadata in fields.items():
field_size = metadata['field_size']
if field_size == 1:
self.append_code(' uint8_t {};'.format(field_name))
elif field_size == 2:
self.append_code(' uint16_t {};'.format(field_name))
elif field_size == 4:
self.append_code(' uint32_t {};'.format(field_name))
elif field_size == 8:
self.append_code(' uint64_t {};'.format(field_name))
else:
self.append_code(' uint8_t {}[{}];'.format(field_name, field_size))
self.append_code('}} {};\n'.format(struct_type))
def __gen_struct_without_pointers(self, struct_type):
"""
Handle each non-pointer field.
"""
self.append_code('// generating {}'.format(struct_type))
struct_name = self.construct_struct_name_from_type(struct_type)
# MAGIC
# self.append_code('{1} *{0} = ({1}*)videzzo_calloc(sizeof({1}), 1);'.format(struct_name, struct_type))
self.append_code('uint64_t {0};'.format(struct_name))
self.append_code('if (physaddr == INVALID_ADDRESS) {{ {0} = (uint64_t)EVENT_MEMALLOC(sizeof({1})); }} else {{ {0} = physaddr; }}'.format(struct_name, struct_type))
for field_name, metadata in self.get_struct(struct_type).items():
field_type = metadata['field_type']
if (field_type & FIELD_FLAG) and \
(not field_type & FIELD_POINTER) and (not field_type & FIELD_CONSTANT):
assert 'flags' in metadata, 'flag {}.{} is not set up'.format(struct_type, field_name)
self.gen_flag(struct_name, field_name, metadata['flags'])
elif field_type & FIELD_RANDOM:
self.gen_random(struct_name, field_name, metadata)
elif field_type & FIELD_CONSTANT:
self.gen_constant(struct_name, field_name, metadata)
elif (field_type & FIELD_POINTER):
if 'immediate' in metadata['point_to'] and metadata['point_to']['immediate']:
# we want both point_to and flags so we pass metadata
self.gen_immediate_point_to(struct_name, field_name, metadata)
else:
raise ValueError('unsupported FIELD_TYPE: {}'.format(field_type))
return struct_name
def gen_struct_initialization_without_pointers(self):
"""
Create a function to define a struct and its non-pointer fields.
"""
for struct_type, fields in self.structs.items():
self.append_code('static uint64_t get_{}(uint64_t physaddr) {{'.format(struct_type))
self.indent += 1
struct_name = self.__gen_struct_without_pointers(struct_type)
self.append_code('return {};'.format(struct_name))
self.indent -= 1
self.append_code('}\n')
def gen_free_structs(self):
"""
Create a function to free allocated memory.
"""
self.append_code('// free_memory_blocks();')
def gen_license(self):
"""
Generate license.
"""
license = """/*
* Dependency-Aware Virtual-Device Fuzzing
*
* Copyright Qiang Liu <[email protected]>
*
* This work is licensed under the terms of the GNU GPL, version 2 or later.
*/
"""
self.append_code(license)
def gen_headers(self):
"""
Generate headers required.
"""
self.append_code('#include <stdint.h>')
self.append_code('#include <stddef.h>\n')
def gen_helpers(self):
"""
Generate common functions as helpers.
"""
helpers = """#define INVALID_ADDRESS 0xFFFFFFFFFFFFFFFF
#define EVENT_MEMREAD(physaddr, size, data, data_size, uuid) \\
uint8_t *tmp_buf_##uuid = (uint8_t *)calloc(size, 1); \\
__EVENT_MEMREAD(physaddr, size, tmp_buf_##uuid); \\
refill(data, data_size, tmp_buf_##uuid, size); \\
// free(tmp_buf_##uuid);
#define EVENT_MEMWRITE(physaddr, size, data, data_size, uuid) \\
uint8_t *tmp_buf_##uuid = (uint8_t *)calloc(size, 1); \\
fill(tmp_buf_##uuid, size, data, data_size); \\
__EVENT_MEMWRITE(physaddr, size, tmp_buf_##uuid); \\
// free(tmp_buf_##uuid);
#define GEN_LINKED_LIST(type, field_name, head_name, last_name, tail_name, uuid, flag_value) \\
uint64_t head_name = get_##type(INVALID_ADDRESS); \\
append_address(head_name); \\
uint64_t last_name = head_name, tail_name = head_name; \\
for (int i = 0; i < (urand32() % 5 -1); i++) { \\
uint64_t next_##type = get_##type(INVALID_ADDRESS); \\
append_address(next_##type); \\
next_##type |= flag_value; \\
EVENT_MEMWRITE(last_name + offsetof(type, field_name), 4, next_##type, 4, uuid) \\
last_name = next_##type; \\
tail_name = next_##type; \\
}
"""
self.append_code(helpers)
def append_code(self, code):
self.code.append(' ' * self.indent * 4 + code)
def get_code(self):
self.gen_license()
self.gen_headers();
self.gen_helpers();
self.gen_struct_declaration()
self.gen_constant_declaration()
self.gen_struct_initialization_without_pointers()
self.append_code('void videzzo_group_mutator_miss_handler_{}(uint64_t physaddr) {{'.format(self.index))
self.indent += 1
self.append_code('switch (urand32() % {}) {{'.format(len(self.head_struct_types)))
self.indent += 1
for idx, head_struct_type in enumerate(self.head_struct_types):
self.append_code('case {} : {{'.format(idx))
self.indent += 1
struct_name = self.gen_struct_point_to(head_struct_type, head=True)
self.append_code('break; }')
self.indent -= 1
self.indent -= 1
self.append_code('}')
self.gen_free_structs()
self.indent -= 1
self.append_code('}')
return '\n'.join(self.code)
###########################################################################################
### Generate XML
###########################################################################################
def gen_flag_xml(self, struct_type, field_name, metadata):
size = 0
for _, v in metadata.items():
size += v['length']
self.append_code('<Flags name="{}" size="{}">'.format(field_name, size))
self.indent += 1
for start, v in metadata.items():
if v['initvalue'] is None:
self.append_code('<Flag name="{}.{}" size="{}" position="{}" value="None" mutable="true" />'.format(
field_name, start, v['length'], start))
elif v['initvalue'] is not None and not isinstance(v['initvalue'], list):
self.append_code('<Flag name="{}.{}" size="{}" position="{}" value="{}" mutable="false" />'.format(
field_name, start, v['length'], start, v['initvalue']))
else:
self.append_code('<Choice name="{}.{}">'.format(field_name, start))
self.indent += 1
for i, value in enumerate(v['initvalue']):
self.append_code('<Flag name="{}.{}.{}" size="{}" position="{}" value="{}" mutable="false" />'.format(
field_name, start, i, v['length'], start, value))
self.indent -= 1
self.append_code('</Choice>')
self.indent -= 1
self.append_code('</Flags>')
def gen_random_xml(self, struct_type, field_name, metadata):
field_size = metadata['field_size']
self.append_code('<Blob name="{}" size="{}" unit="byte" mutable="true"/>'.format(field_name, field_size))
def gen_point_to_xml(self, struct_type, field_name, metadata):
size = metadata['field_size'] * 8
assert('point_to' in metadata)
point_to_metadata = metadata['point_to']
if 'linked_list' in point_to_metadata:
self.append_code('<XmlElement name="{}" elementName="{}">'.format(
point_to_metadata['linked_list'], struct_type))
self.indent += 1
self.append_code(
'<XmlAtrribute attributeName="head"> <String value="{}" /> </XmlElement>'.format(field_name))
assert(len(set(point_to_metadata['links'].values())) == 1)
self.append_code(
'<XmlAtrribute attributeName="link"> <String value="{}" /> </XmlElement>'.format(
list(point_to_metadata['links'].values())[0]))
assert(point_to_metadata['tail']['struct_type'] == struct_type)
self.append_code(
'<XmlAtrribute attributeName="tail"> <String value="{}" /> </XmlElement>'.format(
point_to_metadata['tail']['field_name']))
self.indent -= 1
self.append_code('</XmlElement>')
if 'tail' in point_to_metadata and point_to_metadata['tail'] == True:
self.append_code('<Pointer name="{}" size="{}" reference="{}" />'.format(
field_name, size, point_to_metadata['typeref']))
return
if point_to_metadata['array']:
self.append_code('<Pointer name="{}" size="{}" minOccurs="3" maxOccurs="6">'.format(field_name, size))
else:
self.append_code('<Pointer name="{}" size="{}">'.format(field_name, size))
self.indent += 1
point_to_types = point_to_metadata['types']
point_to_alignment = point_to_metadata['alignment']
point_to_flags = point_to_metadata['flags']
if point_to_flags is None:
assert(len(point_to_types) == 1)
self.append_code('<Addr name="{}.addr" size="{}" type="{}" alignment="{}" mutable="false" />'.format(
field_name, size, point_to_types['0'], point_to_alignment))
else:
conds = []
for point_to_flag in point_to_flags:
# [{'struct_type': 'EEPRO100_TX', 'field_name': 'command', 'bit': '0', 'length': 3}]
assert(point_to_flag['struct_type'] == struct_type)
conds.append('{}.{}'.format(point_to_flag['field_name'], point_to_flag['bit']))
self.append_code('<Choice name="{}.addr" constraints="{}">'.format(field_name, '|'.join(conds)))
self.indent += 1
for i, point_to_type in point_to_types.items():
self.append_code('<Addr name="{}.addr.{}" size="{}" value="{}" alignment="{}" mutable="true" />'.format(
field_name, i, size, point_to_type, point_to_alignment))
self.indent -= 1
self.append_code('</Choice>')
if 'flags' in metadata:
flags = metadata['flags']
if flags:
self.gen_flag_xml(struct_type, field_name + '.flags', flags)
self.indent -= 1
self.append_code('</Pointer>')
def gen_constant_xml(self, struct_type, field_name, metadata):
field_value = metadata['field_value']
field_size = metadata['field_size']
self.append_code('<Choice name="{}">'.format(field_name))
self.indent += 1
for i, value in enumerate(field_value):
self.append_code('<Number name="{}.{}" size="{}" value="{}" valueType="hex" mutable="true" />'.format(
field_name, i, field_size * 8, hex(value)[2:]
))
self.indent -= 1
self.append_code('</Choice>')
def gen_constant_as_flag_xml(self, struct_type, field_name, metadata):
# Really really bad. This is a flag not a constant.
flags = metadata['flags']
if struct_type == 'XHCITRB0':
flags['10']['initvalue'] = [i >> 10 for i in metadata['field_value']]
elif struct_type == 'XHCITRB1':
flags['10']['initvalue'] = [i >> 10 for i in metadata['field_value']]
elif struct_type == 'XHCI_SLOT_CTX':
flags['16']['initvalue'] = [i >> 16 for i in metadata['field_value']]
elif struct_type == 'VIRTIO_BLK_OUTHDR':
flags['1']['initvalue'] = [i >> 1 for i in metadata['field_value']]
else:
print('handle me')
self.gen_flag_xml(struct_type, field_name, flags)
def gen_data_model_xml(self):
for struct_type, fields in self.structs.items():
self.indent += 1
self.append_code('<DataModel name="{}">'.format(struct_type))
for field_name, metadata in fields.items():
field_type = metadata['field_type']
self.indent += 1
if (field_type & FIELD_FLAG) and \
(not field_type & FIELD_POINTER) and (not field_type & FIELD_CONSTANT):
assert 'flags' in metadata, 'flag {}.{} is not set up'.format(struct_type, field_name)
self.gen_flag_xml(struct_type, field_name, metadata['flags'])
elif (field_type & FIELD_POINTER):
self.gen_point_to_xml(struct_type, field_name, metadata)
elif field_type & FIELD_RANDOM:
self.gen_random_xml(struct_type, field_name, metadata)
elif field_type & FIELD_CONSTANT and (not field_type & FIELD_FLAG):
self.gen_constant_xml(struct_type, field_name, metadata)
elif field_type & FIELD_CONSTANT and (field_type & FIELD_FLAG):
self.gen_constant_as_flag_xml(struct_type, field_name, metadata)
else:
print('handle unknow types')
self.indent -= 1
self.append_code('</DataModel>')
self.indent -= 1
self.append_code('\n')
def get_xml(self):
self.gen_data_model_xml()
return '\n'.join(self.code)