Added Eigen proxy + Taskfile variable tracking 🎉

Author: Wakeful-Cloud

.vscode/launch.json

@@ -8,15 +8,15 @@
       "name": "Run without proxy (Eigen)",
       "presentation": {
         "group": "Eigen",
-        "order": 2
+        "order": 1
       },
-      "preLaunchTask": "Build (Eigen)",
+      "preLaunchTask": "Build program (Eigen)",
       "type": "cppdbg",
       "request": "launch",
       "program": "${workspaceFolder}/prototypes/eigen/bin/main",
       "args": [],
       "stopAtEntry": false,
-      "cwd": "${fileDirname}",
+      "cwd": "${workspaceFolder}/prototypes/eigen",
       "environment": [],
       "externalConsole": false,
       "MIMode": "gdb",

.vscode/tasks.json

@@ -2,13 +2,13 @@
 	"version": "2.0.0",
 	"tasks": [
 		{
-			"label": "Build (Eigen)",
+			"label": "Build program (Eigen)",
 			"type": "shell",
-			"command": "task build:program && task build:proxy",
+			"command": "task build:program",
 			"options": {
 				"cwd": "${workspaceFolder}/prototypes/eigen",
 				"env": {
-					"VERBOSE": "true"
+					"DEBUG": "true"
 				}
 			},
 			"problemMatcher": []

prototypes/dynamorio/Taskfile.yml

@@ -10,9 +10,10 @@ tasks:
       # Make the destination directory
       - mkdir -p bin
 
-      # Compile the program ("-O1 -mpush-args" ensure the arguments are passed via the stack instead of registers)
-      - g++ {{if eq .VERBOSE "true"}} -g{{end}} -O1 -mpush-args src/main.cpp src/simple_math.cpp src/simple_math.hpp -o bin/main
+      # Compile the program
+      - g++ {{if eq .DEBUG "true"}} -g{{end}} src/main.cpp src/simple_math.cpp src/simple_math.hpp -o bin/main
     desc: Build the program
+    label: 'build:program (Debug: {{eq .DEBUG "true"}})'
     silent: true
     sources:
       - src/main.cpp
@@ -23,15 +24,13 @@ tasks:
 
   build:proxy:
     cmds:
-      # Make the destination directory
-      - mkdir -p lib
-
       # Generate Makefiles
       - cmake -D DynamoRIO_DIR={{.DYNAMORIO}}/cmake -B lib .
 
       # Build
       - cmake --build lib
     desc: Build the proxy
+    label: 'build:proxy (DynamoRIO: {{.DYNAMORIO}})'
     silent: true
     sources:
       - CMakeLists.txt
@@ -78,4 +77,5 @@ tasks:
       - build:program
       - build:proxy
     desc: Run the program with the proxy
+    label: 'run:proxy (DynamoRIO: {{.DYNAMORIO}})'
     silent: true

prototypes/eigen/CMakeLists.txt

@@ -0,0 +1,35 @@
+# Configure CMake
+cmake_minimum_required(VERSION 3.10)
+
+# Project name
+project(proxy)
+
+# Options
+option(VERBOSE "Whether or not verbose logging is enabled" OFF)
+
+# Find QBDI (See https://qbdi.readthedocs.io/en/stable/installation_and_integration.html?highlight=cmake#single-architecture)
+find_package(QBDI REQUIRED)
+find_package(QBDIPreload REQUIRED)
+
+# Find Eigen (See https://eigen.tuxfamily.org/dox/TopicCMakeGuide.html)
+find_package (Eigen3 3.3 REQUIRED NO_MODULE)
+
+# Add the library
+include_directories(../../src)
+file(GLOB LIB "../../src/*")
+
+if(DEBUG)
+  add_definitions(-D VERBOSE)
+endif(DEBUG)
+
+# Add the executable
+add_library(proxy SHARED src/proxy.cpp ${LIB})
+
+# Add elfutils
+target_link_libraries(proxy elf)
+
+# Add QBDI
+target_link_libraries(proxy QBDIPreload::QBDIPreload QBDI::QBDI_static)
+
+# Add Eigen
+target_link_libraries (proxy Eigen3::Eigen)

prototypes/eigen/README.md

@@ -1,6 +1,6 @@
 # Eigen
 A proxy for intercepting [Eigen](https://eigen.tuxfamily.org/) static library calls based on
-`ptrace`
+[QuarkslaB Dynamic binary Instrumentation (QBDI)](https://qbdi.quarkslab.com/) (X86-only)
 
 ## Documentation
 
@@ -12,14 +12,4 @@ task run:no-proxy
 2. Run with the proxy:
 ```bash
 task run:proxy
-```
-
-### Static Library Interception
-Using [`/proc/[PID]/maps`](https://man7.org/linux/man-pages/man5/proc.5.html) and
-[`libelf`](https://sourceware.org/elfutils/), it's possible to calculate a symbol's address in
-memory (Note: this should even work with ASLR). Once a symbol's address is known,
-[`ptrace`](https://man7.org/linux/man-pages/man2/ptrace.2.html) can be used to insert debugging
-trap/breakpoint instruction inside of the target function. Then, whenever the target function is
-called, the process emits a `SIGTRAP` which is easily detected by the parent. See
-[Eli Bendersky's website](https://eli.thegreenplace.net/2011/01/27/how-debuggers-work-part-2-breakpoints)
-for more information.
+```

prototypes/eigen/Taskfile.yml

@@ -8,11 +8,12 @@ tasks:
       - mkdir -p bin
 
       # Compile the program
-      - g++ {{if eq .VERBOSE "true"}} -g{{end}} -I {{.INCLUDE}} src/main.cpp -o bin/main
+      - g++ {{if eq .DEBUG "true"}} -g{{end}} -I {{.INCLUDE}} src/main.cpp -o bin/main
     vars:
       # Headers
       INCLUDE: /usr/include/eigen3
     desc: Build the program
+    label: 'build:program (Debug: {{eq .DEBUG "true"}}, include: {{.INCLUDE}})'
     silent: true
     sources:
       - src/main.cpp
@@ -21,38 +22,40 @@ tasks:
 
   build:proxy:
     cmds:
-      # Make the destination directory
-      - mkdir -p bin
+      # Generate Makefiles
+      - cmake -B lib {{if eq .DEBUG "true"}} -DDEBUG=ON{{end}} .
 
-      # Compile the proxy
-      - g++ {{if eq .VERBOSE "true"}}-D VERBOSE -g{{end}} src/proxy.cpp -o bin/proxy
+      # Build
+      - cmake --build lib
     desc: Build the proxy
+    label: 'build:proxy (Debug: {{eq .DEBUG "true"}})'
     silent: true
     sources:
+      - CMakeLists.txt
       - src/proxy.cpp
     generates:
-      - bin/proxy
+      - lib/*
 
   symbols:program:
     cmds:
-      - nm -C bin/main | grep Eigen::internal::general_matrix_matrix_product
+      - nm -C bin/main | grep "Eigen::internal::general_matrix_matrix_product<.*>::run\(.*\)$"
     deps:
       - build:program
     desc: Lists the relevant (filtered) symbols from the program
     silent: true
 
   symbols:proxy:
     cmds:
-      - nm -C bin/proxy | grep run
+      - nm -C lib/libproxy.so | grep qbdipreload_on_run
     deps:
       - build:proxy
     desc: Lists the relevant (filtered) symbols from the proxy
     silent: true
 
   clean:
     cmds:
-      # Delete the directory
-      - cmd: rm bin -r
+      # Delete the directories
+      - cmd: rm bin lib -r
         ignore_error: true
     desc: Clean everything
     silent: true
@@ -67,9 +70,12 @@ tasks:
 
   run:proxy:
     cmds:
-      - bin/proxy bin/main
+      - bin/main
     deps:
       - build:program
       - build:proxy
     desc: Run the program with the proxy
-    silent: true
+    env:
+      LD_BIND_NOW: 1
+      LD_PRELOAD: ./lib/libproxy.so
+    silent: true