.github/workflows/ci.yml

name: CI
on: [push, pull_request]
jobs:
  compile:
    permissions:
      security-events: write
      contents: read
      actions: read
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os:
          - 'ubuntu-20.04'
          - 'ubuntu-latest'
    steps:
      - uses: actions/checkout@v4

      - name: Install dependencies
        run: |
          sudo apt-get update -q
          sudo apt-get install -y build-essential autoconf automake autoconf-archive libjson-c-dev libglib2.0-dev flex bison libtool cmake clang ca-certificates libunwind-dev clang-tools
          sudo update-ca-certificates

      - name: Setup ld
        run: |
          echo "$PWD/install/lib" | sudo tee -a /etc/ld.so.conf.d/kfx.conf

      - name: Install capstone
        run: |
          export INSTALLDIR="$PWD/install"
          git submodule update --init capstone
          tar czvf capstone.tar.gz capstone
          mkdir -p capstone/build
          cd capstone/build
          cmake -DCMAKE_INSTALL_PREFIX=$INSTALLDIR ..
          make -j2
          make install
          cd ..
          rm -rf build
          mkdir build
          cd build
          cmake ..
          make -j2
          sudo make install
          sudo ldconfig
          cd ..
          rm -rf build

      - name: Get Xen hash
        id: xen-hash
        run: |
          hash=$(git submodule | grep xen | awk '{print $1}')
          echo hash=$hash >> $GITHUB_OUTPUT

      - uses: actions/cache@v3
        id: xen-cache
        with:
          path: ~/saved-xen
          key: ${{matrix.os }}-${{ steps.xen-hash.outputs.hash }}

      - name: Compile Xen
        if: steps.xen-cache.outputs.cache-hit != 'true'
        run: |
          mkdir -p ~/saved-xen
          git submodule update --init xen
          sudo apt-get install -y libfdt-dev libpixman-1-dev libssl-dev tightvncserver x11vnc uuid-runtime uuid-dev python3-dev liblzma-dev
          sudo apt-get install -y libc6-dev wget bcc bin86 gawk libpixman-1-dev libaio-dev libfdt-dev nasm
          sudo apt-get install -y libfuse-dev liblzma-dev libsystemd-dev gettext libyajl-dev iasl libbz2-dev e2fslibs-dev ocaml gcc-multilib libpci-dev
          sudo apt-get install -y texinfo texlive-latex-base texlive-latex-recommended texlive-fonts-extra texlive-fonts-recommended
          sudo apt-get install -y markdown pandoc transfig tgif fig2dev ninja-build
          sudo ln -s /usr/include/x86_64-linux-gnu/pci /usr/include/pci
          cd xen
          echo CONFIG_EXPERT=y > xen/.config
          echo CONFIG_MEM_SHARING=y >> xen/.config
          ./configure --disable-pvshim --disable-stubdom --enable-systemd --enable-githttp
          make -C xen olddefconfig
          make -j2 dist-xen
          make -j2 dist-tools
          mkdir -p dist/install/etc/ld.so.conf.d
          cp tools/misc/xen-vmtrace dist/install/usr/local/sbin
          echo "/usr/local/lib" > dist/install/etc/ld.so.conf.d/xen.conf
          make -j2 debball
          mkdir -p ~/saved-xen
          mv dist/*.deb ~/saved-xen
          cd ..

      - name: Install Xen
        run: sudo dpkg -i ~/saved-xen/*.deb

      - name: Compile and install LibVMI
        run: |
          export INSTALLDIR="$PWD/install"
          git submodule update --init libvmi
          tar czvf libvmi.tar.gz libvmi
          cd libvmi
          autoreconf -vif
          ./configure --disable-kvm --disable-file --disable-bareflank --disable-vmifs --prefix=$INSTALLDIR
          make -j2
          make install
          rm $INSTALLDIR/lib/libvmi.la || :
          sudo ldconfig
          cd ..

      - name: Checkout libxdc
        run: |
          git submodule update --init libxdc
          tar czvf libxdc.tar.gz libxdc

      - name: Initialize CodeQL
        if: ${{ matrix.os }} == 'ubuntu-latest'
        uses: github/codeql-action/init@v3
        with:
          languages: 'c-cpp'

      - name: Compile kfx
        run: |
          export INSTALLDIR="$PWD/install"
          export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$INSTALLDIR/lib/
          export PKG_CONFIG_PATH="$INSTALLDIR/lib/pkgconfig/"
          export LDFLAGS="-L$INSTALLDIR/lib"
          export CFLAGS="-I$INSTALLDIR/include"
          autoreconf -vif
          ./configure --prefix=$INSTALLDIR
          make -j2
          make install

      - name: Perform CodeQL Analysis
        if: ${{ matrix.os }} == 'ubuntu-latest'
        uses: github/codeql-action/analyze@v3
        with:
          category: "/language:c-cpp"

      - name: Scan build
        run: |
          export INSTALLDIR="$PWD/install"
          export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$INSTALLDIR/lib/
          export PKG_CONFIG_PATH="$INSTALLDIR/lib/pkgconfig/"
          export LDFLAGS="-L$INSTALLDIR/lib"
          export CFLAGS="-I$INSTALLDIR/include"
          make clean
          cd libxdc
          make
          sudo make install
          cd ..
          git submodule deinit -f libxdc
          scan-build --status-bugs -analyze-headers ./configure
          scan-build --status-bugs -analyze-headers make

      - name: Install dwarf2json
        if: github.ref == 'refs/heads/master'
        run: |
          export INSTALLDIR="$PWD/install"
          git submodule update --init dwarf2json
          tar czvf dwarf2json.tar.gz dwarf2json
          cd dwarf2json
          go build
          cp dwarf2json $INSTALLDIR/bin

      - name: Patch and install AFL
        if: github.ref == 'refs/heads/master'
        run: |
          export DESTDIR="$PWD/install/afl"
          git submodule update --init AFL
          tar czvf afl.tar.gz AFL
          cd AFL
          patch -p1 < ../patches/0001-AFL-Xen-mode.patch
          make
          make PREFIX="" install

      - name: Install AFLplusplus
        if: github.ref == 'refs/heads/master'
        run: |
          export DESTDIR="$PWD/install/aflplusplus"
          export CC=clang
          git clone https://github.com/aflplusplus/aflplusplus
          tar czvf aflplusplus.tar.gz aflplusplus
          cd aflplusplus
          make
          make PREFIX="" install

      - name: Create archives
        id: archive
        if: github.ref == 'refs/heads/master'
        run: |
          tag=$(git describe --always)
          echo tag=$tag >> $GITHUB_OUTPUT
          wget https://downloads.xenproject.org/release/xen/4.17.1/xen-4.17.1.tar.gz
          tar czvf source.${{ matrix.os }}.tar.gz $PWD/*.tar.gz
          SAVEDIR="$PWD/save"
          mkdir -p $SAVEDIR
          mv $PWD/install/* $SAVEDIR
          cp ~/saved-xen/*.deb $SAVEDIR
          cd $SAVEDIR
          tar czvf kfx.tar.gz lib bin include afl aflplusplus *.deb
          mv kfx.tar.gz ../kfx.${{ matrix.os }}.tar.gz
          cd ..
          ls -la

      - uses: actions/upload-artifact@v4
        with:
          name: kfx-${{ matrix.os }}
          path: |
            kfx.*.tar.gz
            source.*.tar.gz