SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

qemu snapshot little update proposal. (#1431)

Browse Source 
* qemu snapshot little update proposal.

* reeatablishing the TODO since the change does not do it at all
 but getting unrelated constant mask unrelated to mappings protection.

---------

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
This commit is contained in:
David CARLIER 2023-08-23 09:13:08 +01:00 committed by GitHub
parent 942c6a42ac
commit 1922cb0a65
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
libafl_qemu/src/snapshot.rs
View File

@ -671,7 +671,7 @@ where
h.access(a0 as GuestAddr, a1 as usize); h.access(a0 as GuestAddr, a1 as usize);
} }
// mmap syscalls // mmap syscalls
_ => { sys_const => {
if result as GuestAddr == GuestAddr::MAX if result as GuestAddr == GuestAddr::MAX
/* -1 */ /* -1 */
{ {
@ -681,7 +681,7 @@ where
// TODO handle huge pages // TODO handle huge pages
#[cfg(any(cpu_target = "arm", cpu_target = "mips"))] #[cfg(any(cpu_target = "arm", cpu_target = "mips"))]
if i64::from(sys_num) == SYS_mmap2 { if sys_const == SYS_mmap2 {
if let Ok(prot) = MmapPerms::try_from(a2 as i32) { if let Ok(prot) = MmapPerms::try_from(a2 as i32) {
let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap(); let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap();
h.add_mapped(result as GuestAddr, a1 as usize, Some(prot)); h.add_mapped(result as GuestAddr, a1 as usize, Some(prot));
@ -689,24 +689,24 @@ where
} }
#[cfg(not(cpu_target = "arm"))] #[cfg(not(cpu_target = "arm"))]
if i64::from(sys_num) == SYS_mmap { if sys_const == SYS_mmap {
if let Ok(prot) = MmapPerms::try_from(a2 as i32) { if let Ok(prot) = MmapPerms::try_from(a2 as i32) {
let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap(); let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap();
h.add_mapped(result as GuestAddr, a1 as usize, Some(prot)); h.add_mapped(result as GuestAddr, a1 as usize, Some(prot));
} }
} }
if i64::from(sys_num) == SYS_mremap { if sys_const == SYS_mremap {
let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap(); let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap();
// TODO get the old permissions from the removed mapping
h.remove_mapped(a0 as GuestAddr, a1 as usize); h.remove_mapped(a0 as GuestAddr, a1 as usize);
h.add_mapped(result as GuestAddr, a2 as usize, None); h.add_mapped(result as GuestAddr, a2 as usize, None);
// TODO get the old permissions from the removed mappin } else if sys_const == SYS_mprotect {
} else if i64::from(sys_num) == SYS_mprotect {
if let Ok(prot) = MmapPerms::try_from(a2 as i32) { if let Ok(prot) = MmapPerms::try_from(a2 as i32) {
let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap(); let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap();
h.add_mapped(a0 as GuestAddr, a1 as usize, Some(prot)); h.add_mapped(a0 as GuestAddr, a1 as usize, Some(prot));
} }
} else if i64::from(sys_num) == SYS_munmap { } else if sys_const == SYS_munmap {
let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap(); let h = hooks.match_helper_mut::<QemuSnapshotHelper>().unwrap();
if !h.accurate_unmap && !h.is_unmap_allowed(a0 as GuestAddr, a1 as usize) { if !h.accurate_unmap && !h.is_unmap_allowed(a0 as GuestAddr, a1 as usize) {
h.remove_mapped(a0 as GuestAddr, a1 as usize); h.remove_mapped(a0 as GuestAddr, a1 as usize);