Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DO NOT MERGE YET] LAVA 3.0 #70

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
target_injections
target_bins
target_configs
tests
docs
6 changes: 6 additions & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# Always checkout with LF
*.sh text eol=lf
*.txt text eol=lf

# Always checkout with CRLF
*.bat text eol=crlf
54 changes: 54 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
name: Test Lava

on:
workflow_dispatch:
pull_request:
branches:
- master
- next
- feature*
- fix*

jobs:

build:
runs-on: ubuntu-22.04
env:
LLVM_DIR: /usr/lib/llvm-11
DEBIAN_FRONTEND: noninteractive

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Install all requirements
run: bash install.sh

# For now I am pushing LAVA, but eventually this should be just a testing repostiory
build_container:
runs-on: panda-arc
steps:
- name: 'Login to Docker Registry'
uses: docker/login-action@v3
with:
username: pandare
password: ${{secrets.ALL_PANDARE_DOCKERHUB}}

- name: Checkout LAVA at current commit
uses: actions/checkout@v4

- name: Build Lava Docker image
uses: docker/build-push-action@v5
with:
push: true
context: ${{ github.workspace }}
tags: |
pandare/lava:latest

# - name: Update Docker Hub Description
# uses: peter-evans/dockerhub-description@v4
# with:
# username: pandare
# password: ${{secrets.ALL_PANDARE_DOCKERHUB}}
# repository: pandare/lava
# short-description: ${{ github.event.repository.description }}
48 changes: 48 additions & 0 deletions .github/workflows/publish_docker.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
name: Publish Lava Docker Container # Only for main lava repo, not forks

on:
workflow_dispatch:
push:
branches:
- master

jobs:
create_release:
if: github.repository == 'panda-re/lava' && github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
outputs:
v-version: ${{ steps.version.outputs.v-version }}
steps:
- name: Get next version
uses: reecetech/[email protected]
id: version
with:
release_branch: master
use_api: true
increment: patch

build_stable:
needs: [create_release]
if: github.repository == 'panda-re/lava' && github.ref == 'refs/heads/master'
runs-on: panda-arc
steps:
- name: 'Login to Docker Registry'
uses: docker/login-action@v3
with:
username: pandare
password: ${{secrets.ALL_PANDARE_DOCKERHUB}}

- name: Checkout LAVA at current commit
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Build lava:latest
uses: docker/build-push-action@v5
with:
context: ${{ github.workspace }}
push: true
tags: |
pandare/lava:latest
pandare/lava:${{ github.sha }}
pandare/lava:${{ needs.create_release.outputs.v-version }}
7 changes: 5 additions & 2 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
# ignore IDE and existing lava build directory
# ignore IDE and any panda wheel/debian packages
.vscode
.idea
lava
*.deb
*.whl
.env

# this existed before
.gdb_history
Expand Down
3 changes: 0 additions & 3 deletions .gitmodules

This file was deleted.

64 changes: 64 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
ARG BASE_IMAGE="ubuntu:22.04"
ARG PANDA_VERSION="v1.8.23"

### BASE IMAGE
FROM $BASE_IMAGE AS base
ARG BASE_IMAGE
ARG PANDA_VERSION

ENV DEBIAN_FRONTEND=noninteractive
ENV LLVM_DIR=/usr/lib/llvm-11
ENV PATH="/scripts:${PATH}"
ENV PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python

# Copy dependencies lists into container. We copy them all and then do a mv because
# we need to transform base_image into a windows compatible filename which we can't
# do in a COPY command.
COPY ./dependencies/* /tmp
COPY ./requirements.txt /tmp
COPY ./tools/ /tools
COPY ./scripts/ /scripts

RUN mv /tmp/$(echo "$BASE_IMAGE" | sed 's/:/_/g')_build.txt /tmp/build_dep.txt && \
mv /tmp/$(echo "$BASE_IMAGE" | sed 's/:/_/g')_base.txt /tmp/base_dep.txt

# Base image just needs runtime dependencies
RUN [ -e /tmp/base_dep.txt ] && \
apt-get -qq update && \
apt-get -qq install -y --no-install-recommends curl $(cat /tmp/base_dep.txt | grep -o '^[^#]*') && \
apt-get clean

# Finally: Install panda debian package, you need a version that has the Dwarf2 Plugin
RUN cd /tmp && \
UBUNTU_VERSION=$(echo "$BASE_IMAGE" | awk -F':' '{print $2}') && \
curl -LJO https://github.com/panda-re/panda/releases/download/${PANDA_VERSION}/pandare_${UBUNTU_VERSION}.deb && \
apt-get install -qq -y /tmp/pandare_${UBUNTU_VERSION}.deb
RUN pip install -r /tmp/requirements.txt

### BUILD IMAGE - STAGE 2
RUN [ -e /tmp/build_dep.txt ] && \
apt-get -qq update && \
apt-get install -y --no-install-recommends $(cat /tmp/build_dep.txt | grep -o '^[^#]*') && \
apt-get clean

RUN cd /tmp && \
git clone https://github.com/capstone-engine/capstone/ -b v5 && \
cd capstone/ && ./make.sh && make install && cd /tmp && \
rm -rf /tmp/capstone && ldconfig

#### Develop setup: panda built + pypanda installed (in develop mode) - Stage 3
#### Essentially same as setup_container.sh
RUN cd /tools/btrace && ./compile.sh

RUN rm -rf /tools/build
RUN mkdir -p /tools/build
RUN mkdir -p /tools/install

RUN cmake -B"/tools/build" -H"/tools" -DCMAKE_INSTALL_PREFIX="/tools/install"
RUN make --no-print-directory -j4 install -C "/tools/build/lavaTool"
RUN make --no-print-directory -j4 install -C "/tools/build/fbi"

# RUN useradd volcana
# RUN chown -R volcana:volcana /tools/
# RUN chown -R volcana:volcana /scripts/
# USER volcana
46 changes: 36 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,26 +17,51 @@ NYU, and Northeastern University.

# Quick Start

On a system running Ubuntu 16.04, with the appropriate dependencies installed
(see [docs/setup.md](docs/setup.md) for details), you should be able to just
run `python2 setup.py`. Note that this install script will install packages
and make changes to your system. Once it finishes, you should have
[PANDA](https://github.com/panda-re/panda) installed into `panda/build/`
(PANDA is used to perform dynamic taint analysis).
## Docker
The latest version of LAVA's `master` branch is automatically built as a docker images based on Ubuntu 22.04 and published to [Docker Hub](https://hub.docker.com/r/pandare/lava). Most users will want to use the `lava` container which has PANDA and LAVA installed along with their runtime dependencies, but no build artifacts or source code to reduce the size of the container.

To use the `lava` container you can pull it from Docker Hub:
```
$ docker pull pandare/lava
```
Or build from this repository:
```
$ DOCKER_BUILDKIT=1 docker build lava .
```

## Ubuntu, Debian
On a system running Ubuntu 22.04, you should be able to just run `bash install.sh`. Note that this [install script](./install.sh) will install packages and make changes to your system.

## Final steps

### Utilizing host.json
Next, run `init-host.py` to generate a `host.json`.
This file is used by LAVA to store settings specific
to your machine. You can edit these settings as necessary, but the default
values should work.
values should work, see [vars.sh](scripts/vars.sh).

A few values to keep in mind are the following:
* **buildhost** This is the location of where LAVA is being executed from. Currently, it defaults to `localhost`
* **docker** is the name of the docker image to use that has the LAVA binaries. Currently it defaults to `lava32`, but you can switch this to `pandare/lava`
* **pguser** This is the name of database user, currently defaults to `postgres`
* **pgpass** This is the password of the database user, currently defaults to `postgrespostgres`
* **host** is the name of the Postgres SQL database with all the LAVA bugs. Currently it defaults to `database`, although if you installed LAVA locally, you likely should change this to `localhost`

### Project configurations
Project configurations are located in the `target_configs` directory, where
every configuration is located at `target_configs/projectname/projectname.json`.
Paths specified within these configuration files are relative to values set
in your `host.json` file.

Finally, you can run `./scripts/lava.sh` to actually inject bugs
into a program. Just provide the name of a project that is in the
`target_configs` directory, for example:
### Setting up postgres SQL database
As alluded to, you should create a Postgres SQL user. You can use a script to [use default credentials](scripts/setup_postgres.sh) for the following:
* Create the user with default password
* Update Postgres SQL database on host to accept traffic from external sources (e. g. LAVA Docker container)
* Switch password encryption to md5 (Do we need this?)

# Usage

Finally, you can run `./scripts/lava.sh` to actually inject bugs into a program. Just provide the name of a project that is in the `target_configs` directory, for example:

```
./scripts/lava.sh toy
Expand Down Expand Up @@ -85,6 +110,7 @@ partial (alphabetical) list of contributors is below:
* Engin Kirda
* Tim Leek
* Andrea Mambretti
* Andrew Quijano
* Wil Robertson
* Aaron Sedlacek
* Rahul Sridhar
Expand Down
49 changes: 0 additions & 49 deletions SETUP.md

This file was deleted.

7 changes: 7 additions & 0 deletions dependencies/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
This directory contains plaintext lists of build and runtime dependencies for LAVA on various architectures.
The files here are sourced by our Dockerfile as well as our installation scripts.
By consolidating dependencies into a single location, we're able to avoid things getting out of sync.

Files must be named `[base_image]_[base|build].txt` where `base_image` refers to the docker tag used (e.g., `ubuntu:20.04`). Build should describe build dependencies and base should describe runtime dependencies.

Files can contain comments with `#`
1 change: 1 addition & 0 deletions dependencies/ubuntu_20.04_base.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
# lava dependencies, needed to run LAVA
24 changes: 24 additions & 0 deletions dependencies/ubuntu_20.04_build.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# lava dependencies, to compile LAVA

# Based on original setup.py after panda is installed step
# https://installati.one/install-odb-ubuntu-20-04/?expand_article=1
odb

# https://installati.one/install-libodbc2-ubuntu-22-04/?expand_article=1
libodbc2

# https://installati.one/install-libodb-pgsql-2.4-ubuntu-20-04/
libodb-pgsql-dev

# Brendan noticed these libraries were needed to compile FBI
libodb-pgsql-2.4


# https://pypi.org/project/pyzmq/
libzmq3-dev

# libc6 needed for compiling btrace?

# libjsoncpp needed for fbi json parsing?

# I may need g++-10?
3 changes: 3 additions & 0 deletions dependencies/ubuntu_22.04_base.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# lava dependencies, needed to run LAVA
python3-pip
libprotobuf-dev
Loading