mttn

ATTENTION: Development of mttn has moved! All active development can be found under sholva.

memory tracer, take N

---

mttn is a small, very slow program tracer with a few specific goals:

• Not modifying the program's instruction stream.
• Faithfully recording most memory accesses.
• Generating traces that are suitable for SIEVE's Tiny86.

Strong anti-goals:

• Being fast.

Weak anti-goals:

• Supporting memory accesses that are either variable-sized or larger than 64 bits.

Building and use

mttn uses Linux-specific ptrace APIs and syscalls, so you'll need to run it on a relatively recent Linux kernel. If you're on another platform, you can use the Dockerfile:

$ docker build . -t mttn
# we need seccomp=unconfined for ptrace, as well as (optionally) disabling ASLR
# similarly for CAP_SYS_PTRACE: we need it for attaching to processes
$ docker run --rm -it --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -v $(pwd):/app/mttn mttn
$ # in docker
$ cd /app/mttn

Once you have the appropriate environment, just cargo build:

$ cargo build
$ ./target/debug/mttn -h

Testing

mttn's tests require some system depedencies to build test binaries with: nasm, (GNU) ld, and (GNU) make.

Once you have those installed, running the tests should be as simple as:

$ cargo test

Distribution and Licensing

The views, opinions, and/or findings expressed are those of the author(s) and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government.

mttn is licensed under the GNU AGPLv3 License. A copy of the terms can be found in the LICENSE file.