[panda-users] Question about file_taint

Brendan Dolan-Gavitt brendandg at nyu.edu
Tue Dec 18 22:10:57 EST 2018 

You should be able to compile *and* run syscalls2 on a 64 bit host as long
as the guest virtual machine is 32-bit. In particular, we have tested
Ubuntu 16.04 64-bit hosts pretty extensively with file_taint: they work
fine. What's the actual error you're getting?

On Tue, Dec 18, 2018 at 9:59 PM Vikas Puri <vpurinet at gmail.com> wrote:

> Hi Brendan,
>
> Thanks for your reply. As you indicate, I can compile syscalls2 on a
> 64-bit host. However, I cannot execute it and the plugins that it's a
> dependency for (like file_taint) on a 64 bit host. On a 32-bit host, I have
> issues with taint2 since it requires LLVM support.
>
> My question is simply on what host platforms can I execute file_taint and
> related taint plugins?
>
> Thanks for your help.
>
> Regards,
>
> -Vikas
>
> On Tue, Dec 18, 2018 at 5:00 PM Brendan Dolan-Gavitt <brendandg at nyu.edu>
> wrote:
>
>> For (2), syscalls2 only supports analyzing 32 bit guests, but it should
>> compile on a 64-bit host operating system just fine (this is the
>> configuration we use normally). Could you post the error you’re getting
>> when trying to compile it?
>>
>> On Tue, Dec 18, 2018 at 3:58 PM Vikas Puri <vpurinet at gmail.com> wrote:
>>
>>> Hello,
>>>
>>> I am attempting to use the file_taint plugin. However, I am running into
>>> a few problems (listed below). I am attempting to run this on a ubuntu
>>> 16.04 host and guest:
>>>
>>>    1. "file_taint" depends on the taint2 plugin. Taint2 requires LLVM.
>>>    LLVM support requires a 64-bit host OS.
>>>    2. file_taint also requires the syscalls2 plugin. Syscalls2 seems to
>>>    be supported for the ARM and i386 CPU families. It does not appear to be
>>>    supported on x86_64 platforms. I get an error when executing this on a
>>>    x86_64 Ubuntu 16.04 host.
>>>    3. Given the constraints of items 1 and 2, I cannot identify a host
>>>    OS that I can use to build and execute file_taint.
>>>
>>> Any suggestions that you can provide would be greatly appreciated.
>>>
>>> Sincerely,
>>>
>>> -Vikas
>>> _______________________________________________
>>> panda-users mailing list
>>> panda-users at mit.edu
>>>
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.mit.edu_mailman_listinfo_panda-2Dusers&d=DwICAg&c=slrrB7dE8n7gBJbeO0g-IQ&r=A4wu5Zmpus3hDmokNWeJTO0SLjrxguzCAxn30Hc-o48&m=wlCAgCNUC_P-8nSM_ArRoZfarTg_fpwoE8E2IZBYXRo&s=eFlh9e8xVYsffx6nie7-Pk--u9ykujp3zQd5zejToFw&e=
>>>
>> --
>> Brendan Dolan-Gavitt
>> Assistant Professor, Department of Computer Science and Engineering
>> NYU Tandon School of Engineering
>>
>

-- 
Brendan Dolan-Gavitt
Assistant Professor, Department of Computer Science and Engineering
NYU Tandon School of Engineering
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/panda-users/attachments/20181218/ead9b24d/attachment.html

More information about the panda-users mailing list