rixxc/x25519_agent
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

use later jasmin version that can issue proper syscalls and can generate asm code without ret

Browse Source
This commit is contained in:
Aaron Kaiser
2024-08-23 10:58:24 +02:00
parent 36ae72a8d9
commit b7af39ff80
7 changed files with 28 additions and 205 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,3 +1,4 @@
build build
result result
*.o *.o
.direnv

13
Makefile
View File

@@ -2,13 +2,15 @@ JC ?= jasminc
CC ?= gcc CC ?= gcc
MAKE ?= make MAKE ?= make
JASMIN_ARGS = -protect-calls -return-address-kind mmx
.PHONY: clean run .PHONY: clean run
all: build all: build
@true @true
build: build/agent.o syscall/jasmin_syscall.o build: build/agent.o
ar -crs build/libagent.a build/agent.o syscall/jasmin_syscall.o ar -crs build/libagent.a build/agent.o
build/%.o: build/%.S build/%.o: build/%.S
$(CC) $< -c -o $@ $(CC) $< -c -o $@
@@ -18,7 +20,6 @@ clean:
$(MAKE) -C syscall clean $(MAKE) -C syscall clean
build/%.S: src/%.jazz build/%.S: src/%.jazz
$(JC) $< -o $@ $(JC) $(JASMIN_ARGS) $< -o $@
# remove the remaining ret calls to make sure that we don't execute any return. Those returns should not be called anyways due to the infinit loop
syscall/jasmin_syscall.o: syscall/jasmin_syscall.c syscall/jasmin_syscall.h sed -i 's/ret/hlt/g' $@
$(MAKE) -C syscall

6
default.nix
View File

@@ -2,10 +2,10 @@
with pkgs; with pkgs;
let let
jasmin-src = fetchFromGitHub { jasmin-src = fetchFromGitHub {
owner = "Rixxc"; owner = "jasmin-lang";
repo = "jasmin"; repo = "jasmin";
rev = "783aea97836f5ddf7b62de24ab94768cb606adf8"; rev = "4d42c212b924ad7553c2eab49d337fd128ad629b";
hash = "sha256-5XXZ2IYXCixJHaswdYkG8ivh3fIftaibOgkpz2TKGMI="; hash = "sha256-Ve9Eezpvi1wynlqQxO4KDSqw13MDXQmR8NjOS3PHWzg=";
}; };
jasmin-drv = callPackage "${jasmin-src}/default.nix" { inherit pkgs; }; jasmin-drv = callPackage "${jasmin-src}/default.nix" { inherit pkgs; };

23
src/agent.jazz
View File

@@ -20,9 +20,10 @@ inline fn extract_ipc_id(reg u64 sync_mem) -> reg u64 {
inline fn generate_keypair(reg u64 shared_mem sync_mem private_mem, stack u64 key_id) -> stack u64 { inline fn generate_keypair(reg u64 shared_mem sync_mem private_mem, stack u64 key_id) -> stack u64 {
inline int i; inline int i;
stack u8[32] key; stack u8[32] key;
reg u64 addr idptr pkptr; reg u64 addr idptr pkptr flag num_bytes;
key = #randombytes(key); flag = 0;
key, num_bytes = #randombytes(key, flag);
key[0] &= 248; key[0] &= 248;
key[31] &= 127; key[31] &= 127;
key[31] |= 64; key[31] |= 64;
@@ -78,17 +79,22 @@ inline fn x25519(reg u64 shared_mem sync_mem private_mem) {
} }
export fn agent_start(reg u64 shared_mem sync_mem private_mem) { export fn agent_start(reg u64 shared_mem sync_mem private_mem) {
stack u8[8] unused;
stack u64 key_id; stack u64 key_id;
reg u64 futex_op, val, timeout, uaddr2, val3, woken_up;
key_id = 0; key_id = 0;
() = #spill(shared_mem, sync_mem, private_mem); () = #spill(shared_mem, sync_mem, private_mem);
while (true) { while (true) {
unused = unused;
() = #unspill(sync_mem); () = #unspill(sync_mem);
unused = #read(unused, sync_mem);
futex_op = 0;
val = 0;
timeout = 0;
uaddr2 = 0;
val3 = 0;
woken_up = #futex(sync_mem, futex_op, val, timeout, uaddr2, val3);
() = #unspill(shared_mem, sync_mem, private_mem); () = #unspill(shared_mem, sync_mem, private_mem);
@@ -109,6 +115,11 @@ export fn agent_start(reg u64 shared_mem sync_mem private_mem) {
() = #unspill(sync_mem); () = #unspill(sync_mem);
unused = #write(unused, sync_mem); futex_op = 1;
val = 1;
timeout = 0;
uaddr2 = 0;
val3 = 0;
woken_up = #futex(sync_mem, futex_op, val, timeout, uaddr2, val3);
} }
} }

8
syscall/Makefile
View File

@@ -1,8 +0,0 @@
.PHONY: clean
all: jasmin_syscall.o
jasmin_syscall.o: jasmin_syscall.c jasmin_syscall.h
clean:
rm jasmin_syscall.o || true

162
syscall/jasmin_syscall.c
View File

@@ -1,162 +0,0 @@
#include "jasmin_syscall.h"
#if defined(__linux__)
#include <errno.h>
#include <fcntl.h>
#include <linux/futex.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/mman.h>
#include <sys/random.h>
#include <sys/syscall.h>
#include <unistd.h>
// uint8_t *__jasmin_syscall_randombytes__(uint8_t *_x, uint64_t xlen) {
// int i;
// uint8_t *x = _x;
//
// printf("%lx:\n", x);
//
// for (i = 0; i < xlen; i++) {
// printf("%02X", _x[i]);
// }
// printf("\n");
//
// return _x;
// }
//
uint8_t* __jasmin_syscall_randombytes__(uint8_t* _x, uint64_t xlen)
{
int i;
uint8_t* x = _x;
while (xlen > 0) {
if (xlen < 1048576) i = xlen; else i = 1048576;
i = getrandom(x,i,0);
if (i < 1) {
sleep(1);
continue;
}
x += i;
xlen -= i;
}
return _x;
}
// uint64_t __jasmin_syscall_open__(uint8_t* x, uint64_t xlen)
// {
// uint8_t filename[xlen + 1];
// memcpy(filename, x, xlen);
// filename[xlen] = 0;
//
// return (uint64_t)open(filename, O_RDWR|O_CREAT, S_IRUSR|S_IWUSR);
// }
//
// uint8_t __jasmin_syscall_close__(uint64_t fd)
// {
// int success = close(fd);
//
// if (success == 0) {
// return 1;
// } else {
// return 0;
// }
// }
uint64_t __jasmin_syscall_open__(uint8_t *x, uint64_t xlen) {
uint8_t *mem =
(uint8_t *)mmap(NULL, 1024, PROT_READ | PROT_WRITE, MAP_SHARED, 3, 0);
if (mem == NULL) {
puts("mem error");
exit(1);
}
uintptr_t addr = (uintptr_t)(mem - 4096);
void *futex_mem =
mmap((void *)addr, 1024, PROT_READ | PROT_WRITE, MAP_SHARED, 4, 0);
if ((uintptr_t)futex_mem != addr) {
puts("mem error 2");
exit(1);
}
return (uint64_t)mem;
}
// uint8_t* __jasmin_syscall_write__(uint8_t* _x, uint64_t xlen, uint64_t fd)
// {
// size_t i;
// uint8_t* x = _x;
//
// while (xlen > 0) {
// i = write(fd, x, xlen);
// if (i < 1) {
// continue;
// }
// x += i;
// xlen -= i;
// }
//
// return _x;
// }
uint8_t *__jasmin_syscall_read__(uint8_t *_x, uint64_t xlen, uint64_t fd) {
uint32_t *addr = (uint32_t *)(uintptr_t)fd;
long ret = syscall(SYS_futex, addr, FUTEX_WAIT, 0, NULL, NULL, 0);
if (ret == -1) {
printf("Agent futex error: %d\n", errno);
perror("futex");
}
return _x;
}
uint8_t *__jasmin_syscall_write__(uint8_t *_x, uint64_t xlen, uint64_t fd) {
uint32_t *addr = (uint32_t *)(uintptr_t)fd;
int woken_up = 0;
while (woken_up == 0) {
woken_up = syscall(SYS_futex, addr, FUTEX_WAKE, 1, NULL, NULL, 0);
}
return _x;
}
// uint8_t* __jasmin_syscall_read__(uint8_t* _x, uint64_t xlen, uint64_t fd)
// {
// size_t i;
// uint8_t* x = _x;
//
// i = read(fd, x, xlen);
// if (i < 1) {
// // Do something
// perror("Something went wrong while reading the file");
// }
// x += i;
// xlen -= i;
//
// memset(x, 0, xlen);
//
// return _x;
// }
#endif
#if defined(__APPLE__)
#include <stdlib.h>
#if !(defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && \
__MAC_OS_X_VERSION_MIN_REQUIRED >= 101200)
#error "macOS version not supported (>= 10.12)"
#endif
uint8_t *__jasmin_syscall_randombytes__(uint8_t *x, uint64_t xlen) {
arc4random_buf(x, xlen);
return x;
}
#endif

20
syscall/jasmin_syscall.h
View File

@@ -1,20 +0,0 @@
#include <stdint.h>
#ifndef JASMIN_SYSCALL
#define JASMIN_SYSCALL
/* FIXME this need xlen to be Uptr */
uint8_t* __jasmin_syscall_randombytes__(uint8_t* x, uint64_t xlen)
asm("__jasmin_syscall_randombytes__");
uint64_t __jasmin_syscall_open__(uint8_t* x, uint64_t xlen)
asm("__jasmin_syscall_open__");
uint8_t __jasmin_syscall_close__(uint64_t fd)
asm("__jasmin_syscall_close__");
uint8_t* __jasmin_syscall_write__(uint8_t* x, uint64_t xlen, uint64_t fd)
asm("__jasmin_syscall_write__");
uint8_t* __jasmin_syscall_read__(uint8_t* x, uint64_t xlen, uint64_t fd)
asm("__jasmin_syscall_read__");
#endif