Added support for IR database driven P1 transform

46825e1a · an7s · 34f81e67 · 46825e1a · 46825e1a · 46825e1a
Commit 46825e1a authored 13 years ago by an7s
--- a/.gitattributes
+++ b/.gitattributes
@@ -122,6 +122,7 @@ examples/memcpy.c -text
 examples/myhanoi.c -text
 examples/print_ptr.c -text
 examples/recover_example.c -text
+tools/cover.sh -text
 tools/db/drop_my_tables.sh -text
 tools/db/pdb.create.tbl -text
 tools/db/pdb.createprogram.tbl -text

--- a/tools/cover.sh
+++ b/tools/cover.sh
+#!/bin/sh
+
+P1_DIR=p1.xform
+CONCOLIC=concolic.files_a.stratafied_0001
+
+COVERAGE_FNS=$P1_DIR/p1.coverage
+CANDIDATE_FNS_PRE_LIBC=$P1_DIR/p1.candidates.prelibc
+FILTERED_OUT=$P1_DIR/p1.fn_coverage.filtered_out
+FINAL_CANDIDATES=$P1_DIR/p1.candidates
+FINAL_XFORM_FNS=$P1_DIR/p1.final
+EXECUTED_ADDRESS_FILE=$CONCOLIC/executed_address_list.txt
+LIBC_FILTER=$PEASOUP_HOME/tools/p1xform.filter.libc.txt
+
+#
+# Prune out functions that do not have sufficient coverage
+# Any function whose coverage metric starts with 0.0, e.g. 0.09, 0.0123, is pruned out
+# We effectively prune out any functions whose coverage is not at least 10% 
+#
+$SECURITY_TRANSFORMS_HOME/tools/cover/cover a.ncexe a.ncexe.annot $EXECUTED_ADDRESS_FILE $COVERAGE_FNS
+grep -v "0\.0" $COVERAGE_FNS | cut -f1 -d" " > $CANDIDATE_FNS_PRE_LIBC
+grep  "0\.0" $COVERAGE_FNS | cut -f1 -d" " > $FILTERED_OUT
+
+# Prune out libc functions
+$PEASOUP_HOME/tools/p1xform.filter.sh $CANDIDATE_FNS_PRE_LIBC $LIBC_FILTER > $FINAL_CANDIDATES
+
--- a/tools/db/drop_my_tables.sh
+++ b/tools/db/drop_my_tables.sh
@@ -16,7 +16,9 @@ othertables="variant_dependency variant_info file_info doip"

 for  i in $insntables $addrtables $functables $othertables
 do
+	echo --------------------------------------------------------------------------
 	echo -n Dropping table $i..." "
 	psql -t -q -c "drop table $i cascade;"
 	echo Done.
+	echo --------------------------------------------------------------------------
 done
--- a/tools/db/pdb.createprogram.tbl
+++ b/tools/db/pdb.createprogram.tbl
@@ -18,6 +18,8 @@ CREATE TABLE #PROGNAME#_function
  file_id            	integer REFERENCES file_info,
  name               	text,
  stack_frame_size   	integer,
+  out_args_region_size	integer,
+  use_frame_pointer	boolean,
  doip_id	   	integer DEFAULT -1
 );


--- a/tools/p1xform_v2.sh
+++ b/tools/p1xform_v2.sh
@@ -14,23 +14,11 @@ P1_DIR=p1.xform/$fname

 mkdir -p $P1_DIR

-echo "The directory containing spri files: $P1_DIR"
-
-echo ""
-echo "=========================================="
-echo "p1xform.sh script started in $CURRENT_DIR"
-echo "P1 transform directory: $P1_DIR"
-echo "=========================================="
-
-#generate the aspri code
-#$SECURITY_TRANSFORMS_HOME/libIRDB/test/generate_spri.exe $pidp $P1_DIR/a.irdb.aspri > $P1_DIR/spri.out 2>&1
-
-#cat $P1_DIR/spri.out
-
 #generate the bspri code
-$SECURITY_TRANSFORMS_HOME/tools/spasm/spasm $P1_DIR/a.irdb.aspri $P1_DIR/a.irdb.bspri stratafier.o.exe > $P1_DIR/spasm.out 2>&1
+$SECURITY_TRANSFORMS_HOME/tools/spasm/spasm $P1_DIR/a.irdb.aspri $P1_DIR/a.irdb.bspri $P1_DIR/stratafier.o.exe > $P1_DIR/spasm.out 2>&1

 cat $P1_DIR/spasm.out
+
 #
 # remove any candidate functions not covered
 # this will go away once GrACE gives us the instruction coverage information

--- a/tools/ps_analyze.sh
+++ b/tools/ps_analyze.sh
@@ -125,29 +125,34 @@ if [ ! "X" = "X"$PGUSER ]; then
 		    $SECURITY_TRANSFORMS_HOME/libIRDB/test/clone.exe $varid				> clone.out 		2>&1 	# create a clone
 		    cloneid=$?
 		    log clone.out
-	
+	echo "clone id is: $cloneid"
 		    if [ $cloneid > 0 ]; then
 															# paths for direct control transfers insns.
-			    $SECURITY_TRANSFORMS_HOME/libIRDB/test/fix_calls.exe $cloneid	> fix_calls.out 2>&1 		# fix call insns so they are OK for spri emitting
-			    log fix_calls.out
-
-
-			    $SECURITY_TRANSFORMS_HOME/tools/transforms/integerbugtransform.exe $cloneid > integerbugtransform.out 2>&1
-			    log integerbugtransform.out
-
-			    $SECURITY_TRANSFORMS_HOME/libIRDB/test/ilr.exe $cloneid > ilr.out 2>&1 				# perform ILR 
-			    log ilr.out
-			    $SECURITY_TRANSFORMS_HOME/libIRDB/test/generate_spri.exe $cloneid a.irdb.aspri	> spri.out 2>&1 # generate the aspri code
-			    log spri.out
-			    $SECURITY_TRANSFORMS_HOME/tools/spasm/spasm a.irdb.aspri a.irdb.bspri stratafier.o.exe > spasm.out 2>&1 	# generate the bspri code
-			    log spasm.out
-		    fi
-	    fi
-	    echo	-------------------------------------------------------------------------------
-	    echo    ---------            Orig Variant ID is $varid         ------------------------
-	    echo	-------------------------------------------------------------------------------
-	    echo    ---------            Cloned Variant ID is $cloneid     ------------------------
-	    echo	-------------------------------------------------------------------------------
+			$SECURITY_TRANSFORMS_HOME/libIRDB/test/fix_calls.exe $cloneid	> fix_calls.out 2>&1 		# fix call insns so they are OK for spri emitting
+			log fix_calls.out
+			
+			mkdir p1.xform
+			$PEASOUP_HOME/tools/cover.sh > cover.out 2>&1 #determine suitable coverage for functions to be p1-transformed
+			
+#			$SECURITY_TRANSFORMS_HOME/xform/kmd9q_p1xform/p1_transform_v2.exe $cloneid p1.xform/p1.candidates > p1_transform.out 2>&1 
+#			log p1_transform.out
+#			$SECURITY_TRANSFORMS_HOME/tools/transforms/integerbugtransform.exe $cloneid > integerbugtransform.out 2>&1
+#			log integerbugtransform.out
+
+			$SECURITY_TRANSFORMS_HOME/libIRDB/test/ilr.exe $cloneid > ilr.out 2>&1 				# perform ILR 
+#			log ilr.out
+
+			$SECURITY_TRANSFORMS_HOME/libIRDB/test/generate_spri.exe $cloneid a.irdb.aspri	> spri.out 2>&1 # generate the aspri code
+			log spri.out
+			$SECURITY_TRANSFORMS_HOME/tools/spasm/spasm a.irdb.aspri a.irdb.bspri stratafier.o.exe > spasm.out 2>&1 	# generate the bspri code
+			log spasm.out
+		fi
+	fi
+	echo	-------------------------------------------------------------------------------
+	echo    ---------            Orig Variant ID is $varid         ------------------------
+	echo	-------------------------------------------------------------------------------
+	echo    ---------            Cloned Variant ID is $cloneid     ------------------------
+	echo	-------------------------------------------------------------------------------

    else
        # annotations file didn't exist