Skip to content

Commit

Permalink
Add stubbed GPT support for #14.
Browse files Browse the repository at this point in the history 
cc @theonewolf

+ Integrated into build.
+ Loads the start of the GPT and checks the signature when probing.
  • Loading branch information
@bamos
bamos committed Oct 12, 2014
1 parent d5f576a commit 634cc0e
Show file tree
Hide file tree
Showing 5 changed files with 235 additions and 19 deletions.
5 changes: 5 additions & 0 deletions src/gray-crawler/build.mk
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
bin_PROGRAMS += bin/gray-crawler
noinst_LTLIBRARIES += lib/libext4.la \
lib/libgpt.la \
lib/libmbr.la \
lib/libntfs.la

Expand All @@ -11,6 +12,9 @@ lib_libext4_la_LIBADD = $(libdir)/libbitarray.la \
lib_libntfs_la_SOURCES = src/gray-crawler/ntfs/ntfs.c
lib_libntfs_la_LIBADD = $(libdir)/libbson.la

lib_libgpt_la_SOURCES = src/gray-crawler/gpt/gpt.c
lib_libgpt_la_LIBADD = $(libdir)/libbson.la

lib_libmbr_la_SOURCES = src/gray-crawler/mbr/mbr.c
lib_libmbr_la_LIBADD = $(libdir)/libbson.la

Expand All @@ -19,6 +23,7 @@ bin_gray_crawler_LDADD = $(libdir)/libbitarray.la \
$(libdir)/libbson.la \
$(libdir)/libcolor.la \
$(libdir)/libext4.la \
$(libdir)/libgpt.la \
$(libdir)/libmbr.la \
$(libdir)/libntfs.la \
$(libdir)/libutil.la
158 changes: 158 additions & 0 deletions src/gray-crawler/gpt/gpt.c
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,158 @@
/*****************************************************************************
* gpt.c *
* *
* This file contains function implementations that can read and interpret a *
* Global Partition Table (gpt). *
* *
* *
* *
* Authors: Brandon Amos <[email protected]> *
* Wolfgang Richter <[email protected]> *
* *
* *
* Copyright 2013-2014 Carnegie Mellon University *
* *
* Licensed under the Apache License, Version 2.0 (the "License"); *
* you may not use this file except in compliance with the License. *
* You may obtain a copy of the License at *
* *
* http://www.apache.org/licenses/LICENSE-2.0 *
* *
* Unless required by applicable law or agreed to in writing, software *
* distributed under the License is distributed on an "AS IS" BASIS, *
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.*
* See the License for the specific language governing permissions and *
* limitations under the License. *
*****************************************************************************/
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>

#include "bson.h"
#include "color.h"
#include "mbr.h"
#include "gpt.h"
#include "util.h"

#define SECTOR_SIZE 512

/* static int print_partition_type(uint8_t type) */
/* { */
/* fprintf_light_magenta(stdout, "TODO\n"); */
/* /1* fprintf_light_magenta(stdout, "Partition Type: %s\n", gpt_PT_LUT[type]); *1/ */
/* return -1; */
/* } */

/* static uint8_t get_sector(uint8_t byte) */
/* { */
/* fprintf_light_magenta(stdout, "TODO\n"); */
/* return 0x3f & byte; /1* bits 5-0 in second byte of chs *1/ */
/* } */

/* static uint16_t get_cylinder(uint8_t bytes[2]) */
/* { */
/* fprintf_light_magenta(stdout, "TODO\n"); */
/* return -1; */
/* } */

int64_t gpt_partition_offset(struct disk_gpt gpt, int pte)
{
fprintf_light_magenta(stdout, "gpt_partition_offset\n");
fprintf_light_magenta(stdout, "TODO\n");
return 0;
}

/* prints partition entry according to Wikipedia:
* TODO: http://en.wikipedia.org/wiki/Master_boot_record */
/* int gpt_print_partition(struct partition_table_entry pte) */
/* { */
/* fprintf_light_magenta(stdout, "TODO\n"); */
/* return 0; */
/* } */

void gpt_print(struct pt pt)
{
fprintf_light_magenta(stdout, "gpt_print\n");
fprintf_light_magenta(stdout, "TODO\n");
}

int gpt_probe(FILE* disk, struct pt* pt)
{
fprintf_light_magenta(stdout, "gpt_probe\n");
fprintf_light_magenta(stdout, "TODO\n");

pt->pt_info = malloc(sizeof(struct disk_mbr));
struct disk_mbr* mbr = (struct disk_mbr*) pt->pt_info;

if (fread(mbr, 1, sizeof(struct disk_mbr), disk) < sizeof(struct disk_mbr))
{
fprintf_light_red(stderr, "Error reading MBR from raw disk file.\n");
return -1;
}

printf("mbr->sig: %x\n", mbr->signature[0]);
if (mbr->signature[0] != 0x55 || mbr->signature[1] != 0xaa)
{
fprintf_light_red(stderr, "Bad MBR signature: "
"%.2"PRIx8" %.2"PRIx8".\n",
mbr->signature[0],
mbr->signature[1]);
return -1;
}

struct disk_gpt* gpt = (struct disk_gpt*) pt->pt_info;
if (fread(gpt, 1, sizeof(struct disk_gpt), disk) < sizeof(struct disk_gpt))
{
fprintf_light_red(stderr, "Error reading GPT from raw disk file.\n");
return -1;
}

if (memcmp(gpt->signature, "UFI PART", 8)) {
fprintf_light_red(stderr, "Bad GPT signature: "
"%.2"PRIx8" %.2"PRIx8" %.2"PRIx8" %.2"PRIx8
" %.2"PRIx8" %.2"PRIx8" %.2"PRIx8" %.2"PRIx8".\n",
gpt->signature[0],gpt->signature[1],gpt->signature[2],
gpt->signature[3],gpt->signature[4],gpt->signature[5],
gpt->signature[6],gpt->signature[7]);
return -1;
}

return -1;
}

int gpt_cleanup_pt(struct pt pt)
{
fprintf_light_magenta(stdout, "gpt_cleanup_pt\n");
fprintf_light_magenta(stdout, "TODO\n");
return 0;
}

int gpt_cleanup_pte(struct pte pte)
{
fprintf_light_magenta(stdout, "gpt_cleanup_pte\n");
fprintf_light_magenta(stdout, "TODO\n");
return 0;
}

int gpt_serialize_pt(struct pt pt, struct bitarray* bits,
FILE* serializef)
{
fprintf_light_magenta(stdout, "gpt_serialize_pt\n");
fprintf_light_magenta(stdout, "TODO\n");
return -1;
}

bool gpt_get_next_partition(struct pt pt, struct pte* pte)
{
fprintf_light_magenta(stdout, "gpt_get_next_partition\n");
fprintf_light_magenta(stdout, "TODO\n");
return false;
}

int gpt_serialize_pte(struct pte pt_pte,
FILE* serializef)
{
fprintf_light_magenta(stdout, "gpt_serialize_pte\n");
fprintf_light_magenta(stdout, "TODO\n");
return -1;
}
17 changes: 9 additions & 8 deletions src/gray-crawler/gray-crawler.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,13 @@
#include "color.h"
#include "ext4.h"
#include "gray-crawler.h"
#include "gpt.h"
#include "mbr.h"
#include "ntfs.h"

/* support multiple partition table types */
struct gray_fs_pt_crawler pt_crawlers[] = {
//GRAY_FS_GPT(gpt), TODO
GRAY_PT(gpt),
GRAY_PT(mbr),
{NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL} /* guard value */
};
Expand All @@ -58,7 +59,7 @@ void cleanup(FILE* disk, FILE* serializef, struct bitarray* bits)
fclose(disk);

if (serializef)
fclose(serializef);
fclose(serializef);

if (bits)
bitarray_destroy(bits);
Expand All @@ -84,7 +85,7 @@ int main(int argc, char* args[])
if (argc < 3)
{
fprintf_light_red(stderr, "Usage: %s <raw disk file> "
"<BSON output file>\n",
"<BSON output file>\n",
args[0]);
return EXIT_FAILURE;
}
Expand Down Expand Up @@ -137,7 +138,7 @@ int main(int argc, char* args[])

pt_crawler++;
}

if (!present)
{
cleanup(disk, serializef, bits);
Expand Down Expand Up @@ -185,7 +186,7 @@ int main(int argc, char* args[])

fprintf_white(stdout, "\nProbing for %s... ",
crawler->fs_name);

if (crawler->probe(disk, &fsdata))
{
fprintf_white(stdout, "not found.\n");
Expand All @@ -206,7 +207,7 @@ int main(int argc, char* args[])
"partition entry.\n");
return EXIT_FAILURE;
}

if (crawler->serialize(disk, &fsdata, serializef))
{
pt_crawler->cleanup_pte(ptedata);
Expand All @@ -218,9 +219,9 @@ int main(int argc, char* args[])
}
}

pt_crawler->cleanup_pte(ptedata);
/* pt_crawler->cleanup_pte(ptedata); */
crawler->cleanup(&fsdata);

crawler++;
}
}
Expand Down
22 changes: 11 additions & 11 deletions src/gray-crawler/mbr/mbr.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@

#define SECTOR_SIZE 512

char* MBR_PT_LUT[] = { "Empty","","","","","Extended","","HPFS/NTFS","","","","W95 FAT32","","","","", /* 0x00 - 0x0f */
static char* MBR_PT_LUT[] = { "Empty","","","","","Extended","","HPFS/NTFS","","","","W95 FAT32","","","","", /* 0x00 - 0x0f */
"","","","","","","","","","","","","","","","", /* 0x10 - 0x1f */
"","","","","","","","","","","","","","","","", /* 0x20 - 0x2f */
"","","","","","","","","","","","","","","","", /* 0x30 - 0x3f */
Expand All @@ -52,18 +52,18 @@ char* MBR_PT_LUT[] = { "Empty","","","","","Extended","","HPFS/NTFS","","","","W
"","","","","","","","","","","","","","","","" /* 0xf0 - 0xff */
};

int print_partition_type(uint8_t type)
static int print_partition_type(uint8_t type)
{
fprintf_light_magenta(stdout, "Partition Type: %s\n", MBR_PT_LUT[type]);
return -1;
}

uint8_t get_sector(uint8_t byte)
static uint8_t get_sector(uint8_t byte)
{
return 0x3f & byte; /* bits 5-0 in second byte of chs */
}

uint16_t get_cylinder(uint8_t bytes[2])
static uint16_t get_cylinder(uint8_t bytes[2])
{
uint8_t b1 = bytes[0];
uint8_t b2 = bytes[1];
Expand Down Expand Up @@ -120,12 +120,12 @@ int mbr_print_partition(struct partition_table_entry pte)
fprintf_blue(stdout, "Partition Type: 0x%.2"
PRIx8"\n",
pte.partition_type);

print_partition_type(pte.partition_type);

/* check it partition entry is being used */
if (pte.partition_type == 0x00) return -1;

fprintf_blue(stdout, "Start Head: 0x%.2"
PRIx8"\n",
pte.start_chs[0]);
Expand Down Expand Up @@ -161,14 +161,14 @@ void mbr_print(struct pt pt)
struct disk_mbr* mbr = (struct disk_mbr*) pt.pt_info;
fprintf_light_cyan(stdout, "\n\nAnalyzing Boot Sector\n");

/* Taking apart according to Wikipedia:
/* Taking apart according to Wikipedia:
* http://en.wikipedia.org/wiki/Master_boot_record */
fprintf_yellow(stdout, "Disk Signature [optional]: 0x%.8"PRIx32"\n",
mbr->disk_signature);

fprintf_yellow(stdout, "Position 444 [0x0000]: 0x%.4"PRIx16"\n",
mbr->reserved);

if (mbr->signature[0] == 0x55 && mbr->signature[1] == 0xaa)
{
fprintf_light_green(stdout, "Verifying MBR Signature [0x55 0xaa]: "
Expand Down Expand Up @@ -278,7 +278,7 @@ int mbr_serialize_pt(struct pt pt, struct bitarray* bits,
bson_finalize(serialized);
ret = bson_writef(serialized, serializef);
bson_cleanup(serialized);

return ret;
}

Expand Down Expand Up @@ -312,7 +312,7 @@ int mbr_serialize_pte(struct pte pt_pte,
{
struct bson_info* serialized;
struct bson_kv value;
struct partition_table_entry* pte =
struct partition_table_entry* pte =
(struct partition_table_entry *) pt_pte.pte_info;
int32_t partition_type;
int32_t final_sector;
Expand Down Expand Up @@ -357,6 +357,6 @@ int mbr_serialize_pte(struct pte pt_pte,
bson_finalize(serialized);
ret = bson_writef(serialized, serializef);
bson_cleanup(serialized);

return ret;
}
52 changes: 52 additions & 0 deletions src/include/gpt.h
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
/*****************************************************************************
* gpt.h *
* *
* This file contains function prototypes that can read and interpret a *
* Global Partition Table (gpt). *
* *
* *
* *
* Authors: Brandon Amos <[email protected]> *
* Wolfgang Richter <[email protected]> *
* *
* *
* Copyright 2013-2014 Carnegie Mellon University *
* *
* Licensed under the Apache License, Version 2.0 (the "License"); *
* you may not use this file except in compliance with the License. *
* You may obtain a copy of the License at *
* *
* http://www.apache.org/licenses/LICENSE-2.0 *
* *
* Unless required by applicable law or agreed to in writing, software *
* distributed under the License is distributed on an "AS IS" BASIS, *
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.*
* See the License for the specific language governing permissions and *
* limitations under the License. *
*****************************************************************************/
#ifndef __GAMMARAY_DISK_CRAWLER_gpt_H
#define __GAMMARAY_DISK_CRAWLER_gpt_H

#include <inttypes.h>
#include <stdint.h>
#include <stdio.h>

#include "bitarray.h"
#include "gray-crawler.h"

struct disk_gpt
{
// TODO
uint8_t signature[8];
}__attribute__((packed));

int gpt_probe(FILE* disk, struct pt* pt);
void gpt_print(struct pt pt);
int gpt_serialize_pt(struct pt pt, struct bitarray* bits,
FILE* serializef);
int gpt_serialize_pte(struct pte pte, FILE* serializef);
bool gpt_get_next_partition(struct pt pt, struct pte* pte);
int gpt_cleanup_pt(struct pt pt);
int gpt_cleanup_pte(struct pte pte);
#endif

0 comments on commit 634cc0e

Please sign in to comment.