167 lines
5.4 KiB
C++
167 lines
5.4 KiB
C++
/*
|
|
* Copyright 2022, The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#include <regex>
|
|
#include <string>
|
|
|
|
#include "dmesg_parser.h"
|
|
|
|
namespace dmesg_parser {
|
|
|
|
const std::string kTimestampRe = "^\\[[^\\]]+\\]\\s";
|
|
|
|
DmesgParser::DmesgParser() : report_ready_(false) {
|
|
std::string bug_types;
|
|
for (auto t : {"KFENCE", "KASAN"}) {
|
|
if (bug_types.empty()) {
|
|
bug_types = t;
|
|
} else {
|
|
bug_types.append("|");
|
|
bug_types.append(t);
|
|
}
|
|
}
|
|
std::string bug_re = kTimestampRe + "\\[([0-9T\\s]+)\\]\\s(BUG: (" + bug_types + "):.*)";
|
|
this->bug_pattern_ = std::regex(bug_re);
|
|
this->ignore_pattern_ = std::regex("([ _][Rx]..|raw): [0-9a-f]{16}|"
|
|
"Hardware name:|Comm:");
|
|
this->addr64_pattern_ = std::regex("\\b(?:0x)?[0-9a-f]{16}\\b");
|
|
}
|
|
|
|
/*
|
|
* Read a single line terminated by a newline, and process it as follows:
|
|
* 1. If we haven't seen a bug header, skip the current line unless it contains
|
|
* "BUG:".
|
|
* If it does, parse the line to extract the task ID (T1234), tool name
|
|
* (KASAN or KFENCE) and the whole report title (needed for report
|
|
* deduplication).
|
|
* 2. If the current line does not contain the known task ID, skip it.
|
|
* 3. If the current line contains a delimiter ("====="), stop accepting new
|
|
* lines.
|
|
* 4. Otherwise strip potential sensitive data from the current line and append
|
|
* it to the report.
|
|
*/
|
|
void DmesgParser::ProcessLine(const std::string& line) {
|
|
if (report_ready_) return;
|
|
|
|
// We haven't encountered a BUG: line yet.
|
|
if (current_report_.empty()) {
|
|
std::smatch m;
|
|
if (std::regex_search(line, m, bug_pattern_)) {
|
|
std::string task_re = kTimestampRe + "\\[" + std::string(m[1]) + "\\]\\s";
|
|
task_line_pattern_ = std::regex(task_re);
|
|
task_delimiter_pattern_ = std::regex(task_re + "={10,}");
|
|
current_title_ = m[2];
|
|
current_tool_ = m[3];
|
|
current_report_ = this->StripSensitiveData(line);
|
|
}
|
|
return;
|
|
}
|
|
|
|
// If there is a delimiter, mark the current report as ready.
|
|
if (std::regex_search(line, task_delimiter_pattern_)) {
|
|
report_ready_ = true;
|
|
return;
|
|
}
|
|
|
|
if (std::regex_search(line, task_line_pattern_)) current_report_ += StripSensitiveData(line);
|
|
}
|
|
|
|
/*
|
|
* Return true iff the current report is ready (it was terminated by the "====="
|
|
* delimiter.
|
|
*/
|
|
bool DmesgParser::ReportReady() const {
|
|
return report_ready_;
|
|
}
|
|
|
|
/*
|
|
* Return the tool that generated the currently collected report.
|
|
*/
|
|
std::string DmesgParser::ReportType() const {
|
|
return current_tool_;
|
|
}
|
|
|
|
/*
|
|
* Return the title of the currently collected report.
|
|
*/
|
|
std::string DmesgParser::ReportTitle() const {
|
|
return current_title_;
|
|
}
|
|
|
|
/*
|
|
* Return the report collected so far and reset the parser.
|
|
*/
|
|
std::string DmesgParser::FlushReport() {
|
|
report_ready_ = false;
|
|
return std::move(current_report_);
|
|
}
|
|
|
|
/*
|
|
* Strip potentially sensitive data from the reports by performing the
|
|
* following actions:
|
|
* 1. Drop the entire line, if it contains a process name:
|
|
* [ 69.547684] [ T6006]c7 6006 CPU: 7 PID: 6006 Comm: sh Tainted:
|
|
*
|
|
* or hardware name:
|
|
* [ 69.558923] [ T6006]c7 6006 Hardware name: Phone1
|
|
*
|
|
* or a memory dump, e.g.:
|
|
*
|
|
* ... raw: 4000000000010200 0000000000000000 0000000000000000
|
|
*
|
|
* or register dump:
|
|
*
|
|
* ... RIP: 0033:0x7f96443109da
|
|
* ... RSP: 002b:00007ffcf0b51b08 EFLAGS: 00000202 ORIG_RAX: 00000000000000af
|
|
* ... RAX: ffffffffffffffda RBX: 000055dc3ee521a0 RCX: 00007f96443109da
|
|
*
|
|
* (on x86_64)
|
|
*
|
|
* ... pc : lpm_cpuidle_enter+0x258/0x384
|
|
* ... lr : lpm_cpuidle_enter+0x1d4/0x384
|
|
* ... sp : ffffff800820bea0
|
|
* ... x29: ffffff800820bea0 x28: ffffffc2305f3ce0
|
|
* ... ...
|
|
* ... x9 : 0000000000000001 x8 : 0000000000000000
|
|
*
|
|
* (on ARM64)
|
|
*
|
|
* 2. For substrings that are known to be followed by sensitive information,
|
|
* cut the line after those substrings and append "DELETED\n",
|
|
* e.g. " by task ":
|
|
* ... Read at addr f0ffff87c23fdf7f by task sh/9971
|
|
* and "Corrupted memory at":
|
|
* ... Corrupted memory at 0xf0ffff87c23fdf00 [ ! . . . . . . . . . . . . . . . ]
|
|
*
|
|
* 3. Replace all strings that look like 64-bit hexadecimal values, with
|
|
* XXXXXXXXXXXXXXXX.
|
|
*/
|
|
std::string DmesgParser::StripSensitiveData(const std::string& line) const {
|
|
if (std::regex_search(line, ignore_pattern_)) return "";
|
|
|
|
std::string ret = line;
|
|
for (std::string infix : {"Corrupted memory at ", " by task "}) {
|
|
auto pos = ret.find(infix);
|
|
if (pos != std::string::npos) {
|
|
ret = ret.substr(0, pos + infix.size()) + "DELETED\n";
|
|
}
|
|
}
|
|
ret = std::regex_replace(ret, addr64_pattern_, "XXXXXXXXXXXXXXXX");
|
|
return ret;
|
|
}
|
|
|
|
} // namespace dmesg_parser
|