More refined impl of utime(s), utimensat

Author: libumem

examples/src/linux/x8664_linux_utime.c

@@ -1,25 +1,59 @@
-#include <utime.h>
+#include <time.h>
 #include <stdlib.h>
 #include <stdio.h>
+#include <sys/time.h>
+#include <fcntl.h>            /* Definition of AT_* constants */
+#include <sys/stat.h>
+#include <utime.h>
+#include <sys/syscall.h>      /* Definition of SYS_* constants */
+#include <unistd.h>
+
 int main(int argc, char **argv){
 	/*
 	   struct utimbuf {
-	   time_t actime;       	
+	   time_t atime;       	
 	   time_t modtime;   
 	 */
-
-	
-	struct utimbuf * mytimebuf = (struct utimbuf*)malloc(sizeof(struct utimbuf));
-	mytimebuf->actime = rand();
-	mytimebuf->modtime = rand();
-	if(argc < 2){
-		exit(1);	
+	srand(0x1337);
+	struct timespec utimensat_times[2];
+	struct timespec atime; 
+	struct timespec mtime;
+	atime.tv_sec = rand();
+	atime.tv_nsec = rand();
+	mtime.tv_sec = rand();
+	mtime.tv_nsec = rand() & 0xffff; // avoid illegal arg error
+	utimensat_times[0] = atime;
+	utimensat_times[1] = mtime;
+	int res = utimensat(AT_FDCWD, "./utimensat-test", utimensat_times,0);
+	if (!res){
+		puts("utimensat timestamp should have changed");
 	}
-	int res = utime(argv[1], mytimebuf);
+
+
+	struct utimbuf utime_time[1];
+	struct utimbuf actime; 
+	actime.actime = rand();
+	actime.modtime = rand();
+	utime_time[0] = actime;
+
+	res = syscall(SYS_utime,"./utime-test", utime_time);
 	if (!res){
-		puts("Timestamp should have changed");
+		puts("utime timestamp should have changed");
 	}
-	if(mytimebuf){
-		free(mytimebuf);
+
+	struct timeval utimes_times[2];
+	struct timeval utimes_actime; 
+	struct timeval utimes_modtime;
+	utimes_actime.tv_sec = rand() & 0xff;
+	utimes_actime.tv_usec = rand() & 0xff;
+	utimes_modtime.tv_sec = rand() & 0xff;
+	utimes_modtime.tv_usec = rand() & 0xffff; // avoid illegal arg error
+	utimes_times[0] = utimes_actime;
+	utimes_times[1] = utimes_modtime;
+	res = syscall(SYS_utimes,"./utimes-test", utimes_times);
+	if (!res){
+		puts("utimes timestamp should have changed");
 	}
+
+
 }

qiling/os/linux/syscall.py

@@ -12,21 +12,20 @@
 from math import floor
 import ctypes
 import os
+from qiling.os.posix.const import *
 
 def __get_timespec_struct(archbits: int):
-    long  = getattr(ctypes, f'c_int{archbits}')
-    ulong = getattr(ctypes, f'c_uint{archbits}')
+    long = getattr(ctypes, f"c_int{archbits}")
+    ulong = getattr(ctypes, f"c_uint{archbits}")
 
     class timespec(ctypes.Structure):
         _pack_ = archbits // 8
 
-        _fields_ = (
-            ('tv_sec', ulong),
-            ('tv_nsec', long)
-        )
+        _fields_ = (("tv_sec", ulong), ("tv_nsec", long))
 
     return timespec
 
+
 def __get_timespec_obj(archbits: int):
     now = datetime.now().timestamp()
 
@@ -40,17 +39,24 @@ def __get_timespec_obj(archbits: int):
 def ql_syscall_set_thread_area(ql: Qiling, u_info_addr: int):
     if ql.arch.type == QL_ARCH.X86:
         u_info = ql.mem.read(u_info_addr, 4 * 4)
-        index = ql.unpack32s(u_info[0 : 4])
-        base = ql.unpack32(u_info[4 : 8])
-        limit = ql.unpack32(u_info[8 : 12])
+        index = ql.unpack32s(u_info[0:4])
+        base = ql.unpack32(u_info[4:8])
+        limit = ql.unpack32(u_info[8:12])
 
         ql.log.debug("set_thread_area base : 0x%x limit is : 0x%x" % (base, limit))
 
         if index == -1:
             index = ql.os.gdtm.get_free_idx(12)
 
         if index in (12, 13, 14):
-            access = QL_X86_A_PRESENT | QL_X86_A_PRIV_3 | QL_X86_A_DESC_DATA | QL_X86_A_DATA | QL_X86_A_DATA_E | QL_X86_A_DATA_W
+            access = (
+                QL_X86_A_PRESENT
+                | QL_X86_A_PRIV_3
+                | QL_X86_A_DESC_DATA
+                | QL_X86_A_DATA
+                | QL_X86_A_DATA_E
+                | QL_X86_A_DATA_W
+            )
 
             ql.os.gdtm.register_gdt_segment(index, base, limit, access)
             ql.mem.write_ptr(u_info_addr, index, 4)
@@ -59,12 +65,12 @@ def ql_syscall_set_thread_area(ql: Qiling, u_info_addr: int):
             return -1
 
     elif ql.arch.type == QL_ARCH.MIPS:
-        CONFIG3_ULR = (1 << 13)
+        CONFIG3_ULR = 1 << 13
         ql.arch.regs.cp0_config3 = CONFIG3_ULR
         ql.arch.regs.cp0_userlocal = u_info_addr
         ql.arch.regs.v0 = 0
         ql.arch.regs.a3 = 0
-        ql.log.debug ("set_thread_area(0x%x)" % u_info_addr)
+        ql.log.debug("set_thread_area(0x%x)" % u_info_addr)
 
     return 0
 
@@ -77,83 +83,167 @@ def ql_syscall_set_tls(ql: Qiling, address: int):
 
         ql.log.debug("settls(%#x)", address)
 
+
 def ql_syscall_clock_gettime(ql: Qiling, clock_id: int, tp: int):
     ts_obj = __get_timespec_obj(ql.arch.bits)
     ql.mem.write(tp, bytes(ts_obj))
 
     return 0
 
+
 def ql_syscall_gettimeofday(ql: Qiling, tv: int, tz: int):
     if tv:
         ts_obj = __get_timespec_obj(ql.arch.bits)
         ql.mem.write(tv, bytes(ts_obj))
 
     if tz:
-        ql.mem.write(tz, b'\x00' * 8)
+        ql.mem.write(tz, b"\x00" * 8)
 
     return 0
 
-'''
-        TODO
-       int futimens(int fd, const struct timespec times[_Nullable 2]);
 
-'''
+"""
+TODO: This is considered deprecated,
+https://www.man7.org/linux/man-pages/man2/futimesat.2.html
+but should there be a wrapper added for legacy code?
+int futimesat(int dirfd, const char *pathname,
+                                    const struct timeval times[2]);
+
+"""
+
+
+# Handle seconds conversions 'in house'
+def microseconds_to_nanoseconds(s):
+    return s * 1000
+
+
+def seconds_to_nanoseconds(s):
+    return s * 1000000000
 
-'''
-TODO
+
+"""
+Actual implmentation of utime(s)
+Rather than repeat work based on different
+precision  requirements, just convert seconds/microseconds
+to ns and pass to os.utime()
+"""
+
+
+def do_utime(ql: Qiling, filename: ctypes.POINTER, times: ctypes.POINTER, s):
+    real_file = ""
+    try:
+        # get path inside of qiling rootfs
+        real_file = ql.os.path.transform_to_real_path(ql.mem.string(filename))
+    except Exception as ex:  # return errors appropriately, don't try to handle
+        # everything ourselves
+        return -ex.errno
+    actime = modtime = 0
+    """
+    times[0] specifies the new access time, and times[1] specifies the new modification time.  
+    If times is NULL, then analogously to utime(), the access and modification times of the file are set to the
+    current time.
+    """
+    if s:  # utimes, times[0] == new access time, times[1] == modification
+        data = make_timeval_buf(ql.arch.bits, ql.arch.endian)
+        with data.ref(ql.mem, times) as ref_atime:  # times[0]
+            actime = seconds_to_nanoseconds(ref_atime.tv_sec)
+            actime += microseconds_to_nanoseconds(ref_atime.tv_usec)
+        with data.ref(ql.mem, times + ctypes.sizeof(data)) as ref_mtime:  # increment by ctypes.sizeof() to get times[1]
+            modtime = seconds_to_nanoseconds(ref_mtime.tv_sec)
+            modtime += microseconds_to_nanoseconds(ref_mtime.tv_usec)
+
+    else:
+        # utime uses utimbuf, so different data handling needs to be done
+        data = make_utimbuf(ql.arch.bits, ql.arch.endian)
+        with data.ref(ql.mem, times) as ref:
+            actime = seconds_to_nanoseconds(ref.actime)
+            modtime = seconds_to_nanoseconds(ref.modtime)
+    try:
+        os.utime(real_file, ns=(actime, modtime))
+    except Exception as ex:
+        return -ex.errno
+    return 0
+
+
+"""
+https://www.man7.org/linux/man-pages/man2/utimes.2.html
        int utime(const char *filename,
                  const struct utimbuf *_Nullable times);
+"""
 
-'''
 
-'''
-TODO: This is considered deprecated,
-but should there be a wrapper added for legacy code?
-int futimesat(int dirfd, const char *pathname,
-                                    const struct timeval times[2]);
+def ql_syscall_utime(ql: Qiling, filename: ctypes.POINTER, times: ctypes.POINTER):
+    return do_utime(ql, filename, times, False)  # False for 's' means
+    # do plain utime
 
-'''
 
-'''
-TODO:        int utimes(const char *filename,
+"""
+https://www.man7.org/linux/man-pages/man2/utimes.2.html
+        int utimes(const char *filename,
                  const struct timeval times[_Nullable 2]);
+"""
 
-'''
 
-'''
-	sys_utimensat	int dfd	const char *filename	struct timespec *utimes	int flags
-'''
-def ql_syscall_utimensat(ql:qiling.Qiling, dfd: int, filename:POINTER, utimes: POINTER, flags: int):
-    path = ''
-    if dfd == AT_FDCWD:
-        ql.emu_stop()
-    ql.log.debug("inside hook")
-    if filename == 0:
-        return EACCES
-    if utimes == 0:
-        return EACCES
-    ql.log.debug(hex(filename))
-    unpacked_filename = ql.mem.string(filename)
-    if unpacked_filename.find("/") == 0: # starts with /, assumed to be absolute path
-        dfd = None
+def ql_syscall_utimes(ql: Qiling, filename: ctypes.POINTER, times: ctypes.POINTER):
+    return do_utime(ql, filename, times, True)  # True for 's' means the
+    # we want 'utimes', which has a different prototype, and consequently,
+    # struct unpacking requirements, then utime
+
+
+"""
+Not re-using the do_utime implementation so we can handle
+the dfd and timespec unpacking here
+"""
+
+
+def do_utime_fd_ns(
+    ql: Qiling, dfd: int, filename: ctypes.POINTER, utimes: ctypes.POINTER, flags: int, symlinks
+):
+    # transform to real path, which ensures that we are
+    # operating inside of the qiling root
+    unpacked_filename = ql.os.path.transform_to_real_path(ql.mem.string(filename))
     timespec_struct = make_timespec_buf(ql.arch.bits, ql.arch.endian)
-    atime_nsec = mtime_nsec = atime_sec = mtime_sec = 0
+    atime_nsec = mtime_nsec = 0
+    if dfd is not None:
+        dfd = ql.os.fd[dfd].fileno
     with timespec_struct.ref(ql.mem, utimes) as atime_ref:
         atime_nsec = atime_ref.tv_nsec
-        atime_sec = atime_ref.tv_sec
-    with timespec_struct.ref(ql.mem, utimes+ctypes.sizeof(timespec_struct)) as mtime_ref:
+        atime_nsec += seconds_to_nanoseconds(atime_ref.tv_sec)
+    with timespec_struct.ref(
+        ql.mem, utimes + ctypes.sizeof(timespec_struct)
+    ) as mtime_ref:
         mtime_nsec = mtime_ref.tv_nsec
-        mtime_sec = mtime_ref.tv_sec
-    ql.log.debug(f"Got filename {unpacked_filename} for utime syscall ")
+        mtime_nsec += seconds_to_nanoseconds(mtime_ref.tv_sec)
+    ql.log.debug(f"Got filename {unpacked_filename} for utimensat syscall ")
     try:
-        follow_symlink = True
-        if flags == AT_SYMLINK_NOFOLLOW:
-            follow_symlink = False
-        os.utime(unpacked_filename, ns=(atime_nsec, mtime_nsec), dir_fd=dfd, follow_symlinks=follow_symlink)
-        os.utime(unpacked_filename, (atime_sec, mtime_sec), dir_fd=dfd, follow_symlinks=follow_symlink)
+        os.utime(
+            unpacked_filename,
+            ns=(atime_nsec, mtime_nsec),
+            dir_fd=dfd,
+            follow_symlinks=symlinks,
+        )
     except Exception as ex:
         return -ex.errno
     return 0
-    
 
 
+"""
+https://www.man7.org/linux/man-pages/man2/utimensat.2.html
+	sys_utimensat	int dfd	const char *filename	struct timespec *utimes	int flags
+"""
+
+
+def ql_syscall_utimensat(
+    ql: Qiling, dfd: int, filename: ctypes.POINTER, utimes: ctypes.POINTER, flags: int
+):
+    if filename == 0:
+        return EACCES
+    if utimes == 0:
+        return EACCES
+    if dfd == AT_FDCWD:
+        dfd = None
+    if flags == AT_SYMLINK_NOFOLLOW:
+        follow_symlink = False
+    else:
+        follow_symlink = True
+    return do_utime_fd_ns(ql, dfd, filename, utimes, flags, follow_symlink)

qiling/os/posix/const.py

@@ -1087,3 +1087,6 @@ class qnx_mmap_prot_flags(QlPrettyFlag):
 
 # fcntl
 AT_SYMLINK_NOFOLLOW = 0x100
+# https://docs.huihoo.com/doxygen/linux/kernel/3.7/include_2uapi_2linux_2fcntl_8h.html
+AT_SYMLINK_NOFOLLOW = 0x100
+AT_FDCWD = 0xffffff9c # -0n100 in 2's complement

qiling/os/posix/structs.py

@@ -162,8 +162,29 @@ class utimbuf(Struct):
 def make_timespec_buf(archbits: int, endian: QL_ENDIAN):
     Struct = struct.get_aligned_struct(archbits, endian)
     class timespec(Struct):
-        _fields_ = (
-            ('tv_sec', ctypes.c_long),
-            ('tv_nsec', ctypes.c_long)
-        )
-    return timespec
+        if archbits == 32:
+            _fields_ = (
+                ('tv_sec', ctypes.c_uint32),
+                ('tv_nsec', ctypes.c_uint32)
+            )
+        else:
+            _fields_ = (
+                ('tv_sec', ctypes.c_long),
+                ('tv_nsec', ctypes.c_long)
+            )
+    return timespec
+
+def make_timeval_buf(archbits: int, endian: QL_ENDIAN):
+    Struct = struct.get_aligned_struct(archbits, endian)
+    class timeval(Struct):
+        if archbits == 64:
+            _fields_ = (
+                ('tv_sec', ctypes.c_long),
+                ('tv_usec', ctypes.c_long)
+            )
+        else:
+            _fields_ = (
+                ('tv_sec', ctypes.c_uint32),
+                ('tv_usec', ctypes.c_uint32)
+            )
+    return timeval