diff --git a/pkgs/tools/security/ghidra/build-extension.nix b/pkgs/tools/security/ghidra/build-extension.nix index 49d68b2f81ee..b34f67d34b56 100644 --- a/pkgs/tools/security/ghidra/build-extension.nix +++ b/pkgs/tools/security/ghidra/build-extension.nix @@ -1,72 +1,98 @@ -{ lib -, stdenv -, unzip -, jdk -, gradle -, ghidra +{ + lib, + stdenv, + unzip, + jdk, + gradle, + ghidra, }: let - metaCommon = oldMeta: - oldMeta // (with lib; { - maintainers = (oldMeta.maintainers or []) ++ (with maintainers; [ vringar ]); + metaCommon = + oldMeta: + oldMeta + // (with lib; { + maintainers = (oldMeta.maintainers or [ ]) ++ (with maintainers; [ vringar ]); platforms = oldMeta.platforms or ghidra.meta.platforms; }); - buildGhidraExtension = { - pname, nativeBuildInputs ? [], meta ? { }, ... - }@args: - stdenv.mkDerivation (args // { - nativeBuildInputs = nativeBuildInputs ++ [ - unzip - jdk - gradle - ]; + buildGhidraExtension = + { + pname, + nativeBuildInputs ? [ ], + meta ? { }, + ... + }@args: + stdenv.mkDerivation ( + args + // { + nativeBuildInputs = nativeBuildInputs ++ [ + unzip + jdk + gradle + ]; - preBuild = '' - # Set project name, otherwise defaults to directory name - echo -e '\nrootProject.name = "${pname}"' >> settings.gradle - ${args.preBuild or ""} - ''; + preBuild = '' + # Set project name, otherwise defaults to directory name + echo -e '\nrootProject.name = "${pname}"' >> settings.gradle + # A config directory needs to exist when ghidra's GHelpBuilder is run + export XDG_CONFIG_HOME="''${XDG_CONFIG_HOME:-$(mktemp -d)}" + ${args.preBuild or ""} + ''; - gradleBuildTask = args.gradleBuildTask or "buildExtension"; - gradleFlags = args.gradleFlags or [] ++ [ "-PGHIDRA_INSTALL_DIR=${ghidra}/lib/ghidra" ]; + # Needed to run gradle on darwin + __darwinAllowLocalNetworking = true; - installPhase = args.installPhase or '' - runHook preInstall + gradleBuildTask = args.gradleBuildTask or "buildExtension"; + gradleFlags = args.gradleFlags or [ ] ++ [ "-PGHIDRA_INSTALL_DIR=${ghidra}/lib/ghidra" ]; - mkdir -p $out/lib/ghidra/Ghidra/Extensions - unzip -d $out/lib/ghidra/Ghidra/Extensions dist/*.zip + installPhase = + args.installPhase or '' + runHook preInstall - runHook postInstall - ''; + mkdir -p $out/lib/ghidra/Ghidra/Extensions + unzip -d $out/lib/ghidra/Ghidra/Extensions dist/*.zip - meta = metaCommon meta; - }); + runHook postInstall + ''; - buildGhidraScripts = { pname, meta ? { }, ... }@args: - stdenv.mkDerivation (args // { - installPhase = '' - runHook preInstall + meta = metaCommon meta; + } + ); - GHIDRA_HOME=$out/lib/ghidra/Ghidra/Extensions/${pname} - mkdir -p $GHIDRA_HOME - cp -r . $GHIDRA_HOME/ghidra_scripts + buildGhidraScripts = + { + pname, + meta ? { }, + ... + }@args: + stdenv.mkDerivation ( + args + // { + installPhase = '' + runHook preInstall - touch $GHIDRA_HOME/Module.manifest - cat <<'EOF' > extension.properties - name=${pname} - description=${meta.description or ""} - author= - createdOn= - version=${lib.getVersion ghidra} + GHIDRA_HOME=$out/lib/ghidra/Ghidra/Extensions/${pname} + mkdir -p $GHIDRA_HOME + cp -r . $GHIDRA_HOME/ghidra_scripts - EOF + touch $GHIDRA_HOME/Module.manifest + cat <<'EOF' > extension.properties + name=${pname} + description=${meta.description or ""} + author= + createdOn= + version=${lib.getVersion ghidra} - runHook postInstall - ''; + EOF - meta = metaCommon meta; - }); + runHook postInstall + ''; + + meta = metaCommon meta; + } + ); in - { inherit buildGhidraExtension buildGhidraScripts; } +{ + inherit buildGhidraExtension buildGhidraScripts; +} diff --git a/pkgs/tools/security/ghidra/default.nix b/pkgs/tools/security/ghidra/default.nix index fc9b4d2853dc..fc5a7678d674 100644 --- a/pkgs/tools/security/ghidra/default.nix +++ b/pkgs/tools/security/ghidra/default.nix @@ -1,12 +1,13 @@ -{ stdenv -, fetchzip -, lib -, makeWrapper -, autoPatchelfHook -, openjdk17 -, pam -, makeDesktopItem -, icoutils +{ + stdenv, + fetchzip, + lib, + makeWrapper, + autoPatchelfHook, + openjdk17, + pam, + makeDesktopItem, + icoutils, }: let @@ -24,7 +25,8 @@ let startupWMClass = "ghidra-Ghidra"; }; -in stdenv.mkDerivation rec { +in +stdenv.mkDerivation rec { pname = "ghidra"; version = "10.4"; versiondate = "20230928"; @@ -37,8 +39,7 @@ in stdenv.mkDerivation rec { nativeBuildInputs = [ makeWrapper icoutils - ] - ++ lib.optionals stdenv.isLinux [ autoPatchelfHook ]; + ] ++ lib.optionals stdenv.isLinux [ autoPatchelfHook ]; buildInputs = [ stdenv.cc.cc.lib @@ -74,10 +75,17 @@ in stdenv.mkDerivation rec { description = "Software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"; mainProgram = "ghidra"; homepage = "https://github.com/NationalSecurityAgency/ghidra"; - platforms = [ "x86_64-linux" "x86_64-darwin" ]; + platforms = [ + "x86_64-linux" + "x86_64-darwin" + ]; sourceProvenance = with sourceTypes; [ binaryBytecode ]; license = licenses.asl20; - maintainers = with maintainers; [ ck3d govanify mic92 ]; + maintainers = with maintainers; [ + ck3d + govanify + mic92 + ]; }; } diff --git a/pkgs/tools/security/ghidra/extensions.nix b/pkgs/tools/security/ghidra/extensions.nix index 3f30dd8ab40a..9b6012573bab 100644 --- a/pkgs/tools/security/ghidra/extensions.nix +++ b/pkgs/tools/security/ghidra/extensions.nix @@ -1,14 +1,26 @@ -{ lib, newScope, callPackage, ghidra }: +{ + lib, + newScope, + callPackage, + ghidra, +}: lib.makeScope newScope (self: { - inherit (callPackage ./build-extension.nix { inherit ghidra; }) buildGhidraExtension buildGhidraScripts; + inherit (callPackage ./build-extension.nix { inherit ghidra; }) + buildGhidraExtension + buildGhidraScripts + ; ghidraninja-ghidra-scripts = self.callPackage ./extensions/ghidraninja-ghidra-scripts { }; gnudisassembler = self.callPackage ./extensions/gnudisassembler { inherit ghidra; }; + lightkeeper = self.callPackage ./extensions/lightkeeper { }; + machinelearning = self.callPackage ./extensions/machinelearning { inherit ghidra; }; + ret-sync = self.callPackage ./extensions/ret-sync { }; + sleighdevtools = self.callPackage ./extensions/sleighdevtools { inherit ghidra; }; }) diff --git a/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix b/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix index 6c5e2ec2ea2a..1e4fcefabdc3 100644 --- a/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix +++ b/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix @@ -1,9 +1,10 @@ -{ lib -, fetchFromGitHub -, buildGhidraScripts -, binwalk -, swift -, yara +{ + lib, + fetchFromGitHub, + buildGhidraScripts, + binwalk, + swift, + yara, }: buildGhidraScripts { diff --git a/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix b/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix index 14b0f1df2733..6cddb49b8dc0 100644 --- a/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix +++ b/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix @@ -1,14 +1,15 @@ -{ lib -, stdenv -, fetchurl -, buildGhidraExtension -, ghidra -, flex -, bison -, texinfo -, perl -, zlib -, xcbuild +{ + lib, + stdenv, + fetchurl, + buildGhidraExtension, + ghidra, + flex, + bison, + texinfo, + perl, + zlib, + xcbuild, }: let @@ -41,13 +42,9 @@ buildGhidraExtension { bison texinfo perl - ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ - xcbuild - ]; + ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ xcbuild ]; - buildInputs = [ - zlib - ]; + buildInputs = [ zlib ]; gradleBuildTask = "assemble"; installPhase = '' diff --git a/pkgs/tools/security/ghidra/extensions/lightkeeper/default.nix b/pkgs/tools/security/ghidra/extensions/lightkeeper/default.nix new file mode 100644 index 000000000000..74aa7ca90b11 --- /dev/null +++ b/pkgs/tools/security/ghidra/extensions/lightkeeper/default.nix @@ -0,0 +1,24 @@ +{ + lib, + fetchFromGitHub, + buildGhidraExtension, +}: +buildGhidraExtension rec { + pname = "lightkeeper"; + version = "1.1.0"; + + src = fetchFromGitHub { + owner = "WorksButNotTested"; + repo = "lightkeeper"; + rev = version; + hash = "sha256-S8yNn56A2CvrIBsq0RoBx0qOjrYDZSv1IVTxGmlL4Js="; + }; + preConfigure = '' + cd lightkeeper + ''; + meta = { + description = "A port of the Lighthouse plugin to GHIDRA."; + homepage = "https://github.com/WorksButNotTested/lightkeeper"; + license = lib.licenses.asl20; + }; +} diff --git a/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix b/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix index ba1e315c7512..a34845db0578 100644 --- a/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix +++ b/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix @@ -1,6 +1,7 @@ -{ lib -, buildGhidraExtension -, ghidra +{ + lib, + buildGhidraExtension, + ghidra, }: buildGhidraExtension { @@ -28,7 +29,7 @@ buildGhidraExtension { downloadPage = "https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Extensions/MachineLearning"; sourceProvenance = with sourceTypes; [ fromSource - binaryBytecode # deps + binaryBytecode # deps ]; }; } diff --git a/pkgs/tools/security/ghidra/extensions/ret-sync/default.nix b/pkgs/tools/security/ghidra/extensions/ret-sync/default.nix new file mode 100644 index 000000000000..e2ab50c119c1 --- /dev/null +++ b/pkgs/tools/security/ghidra/extensions/ret-sync/default.nix @@ -0,0 +1,32 @@ +{ + lib, + fetchFromGitHub, + buildGhidraExtension, + ghidra, +}: +buildGhidraExtension { + pname = "ret-sync-ghidra"; + version = "0-unstable-2024-05-29"; + + src = fetchFromGitHub { + owner = "bootleg"; + repo = "ret-sync"; + rev = "0617c75746ddde7fe2bdbbf880175af8ad27553e"; + hash = "sha256-+G5ccdHnFL0sHpueuIYwLRU9FhzN658CYqQCHCBwxV4="; + }; + + preConfigure = '' + cd ext_ghidra + ''; + preInstall = '' + correct_version=$(ls dist | grep ${ghidra.version}) + mv dist/$correct_version dist/safe.zip + rm dist/ghidra* + mv dist/safe.zip dist/$correct_version + ''; + meta = with lib; { + description = "Reverse-Engineering Tools SYNChronization. Allows syncing between a debugging session and Ghidra"; + homepage = "https://github.com/bootleg/ret-sync"; + license = licenses.gpl3Only; + }; +} diff --git a/pkgs/tools/security/ghidra/extensions/sleighdevtools/default.nix b/pkgs/tools/security/ghidra/extensions/sleighdevtools/default.nix index d8fd0182ab9d..90a495459ab1 100644 --- a/pkgs/tools/security/ghidra/extensions/sleighdevtools/default.nix +++ b/pkgs/tools/security/ghidra/extensions/sleighdevtools/default.nix @@ -1,7 +1,8 @@ -{ lib -, buildGhidraExtension -, ghidra -, python3 +{ + lib, + buildGhidraExtension, + ghidra, + python3, }: buildGhidraExtension { @@ -34,7 +35,7 @@ buildGhidraExtension { downloadPage = "https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Extensions/SleighDevTools"; sourceProvenance = with sourceTypes; [ fromSource - binaryBytecode # deps + binaryBytecode # deps ]; }; } diff --git a/pkgs/tools/security/ghidra/with-extensions.nix b/pkgs/tools/security/ghidra/with-extensions.nix index 38165ed94f71..40abbdf62f1b 100644 --- a/pkgs/tools/security/ghidra/with-extensions.nix +++ b/pkgs/tools/security/ghidra/with-extensions.nix @@ -1,36 +1,43 @@ -{ lib -, stdenv -, callPackage -, symlinkJoin -, makeBinaryWrapper -, desktopToDarwinBundle -, ghidra +{ + lib, + stdenv, + callPackage, + symlinkJoin, + makeBinaryWrapper, + desktopToDarwinBundle, + ghidra, }: let ghidra-extensions = callPackage ./extensions.nix { inherit ghidra; }; allExtensions = lib.filterAttrs (n: pkg: lib.isDerivation pkg) ghidra-extensions; - /* Make Ghidra with additional extensions - Example: - pkgs.ghidra.withExtensions (p: with p; [ - ghostrings - ]); - => /nix/store/3yn0rbnz5mbrxf0x70jbjq73wgkszr5c-ghidra-with-extensions-10.2.2 + /* + Make Ghidra with additional extensions + Example: + pkgs.ghidra.withExtensions (p: with p; [ + ghostrings + ]); + => /nix/store/3yn0rbnz5mbrxf0x70jbjq73wgkszr5c-ghidra-with-extensions-10.2.2 */ - withExtensions = f: (symlinkJoin { - name = "${ghidra.pname}-with-extensions-${lib.getVersion ghidra}"; - paths = (f allExtensions); - nativeBuildInputs = [ makeBinaryWrapper ] - ++ lib.optional stdenv.hostPlatform.isDarwin desktopToDarwinBundle; - postBuild = '' - makeWrapper '${ghidra}/bin/ghidra' "$out/bin/ghidra" \ - --set NIX_GHIDRAHOME "$out/lib/ghidra/Ghidra" - ln -s ${ghidra}/share $out/share - '' + lib.optionalString stdenv.hostPlatform.isDarwin '' - convertDesktopFiles $prefix - ''; - inherit (ghidra) meta; - }); + withExtensions = + f: + (symlinkJoin { + name = "${ghidra.pname}-with-extensions-${lib.getVersion ghidra}"; + paths = (f allExtensions); + nativeBuildInputs = [ + makeBinaryWrapper + ] ++ lib.optional stdenv.hostPlatform.isDarwin desktopToDarwinBundle; + postBuild = + '' + makeWrapper '${ghidra}/bin/ghidra' "$out/bin/ghidra" \ + --set NIX_GHIDRAHOME "$out/lib/ghidra/Ghidra" + ln -s ${ghidra}/share $out/share + '' + + lib.optionalString stdenv.hostPlatform.isDarwin '' + convertDesktopFiles $prefix + ''; + inherit (ghidra) meta; + }); in - withExtensions +withExtensions