Decouple address_filters() from EmulatorModuleTuple into HasAddressFilters (#2869)
* 1 * fixe
This commit is contained in:
Dongjia "toka" Zhang
GitHub
parent
8089b18d34
commit
6ee26a8afa
@ -27,7 +27,7 @@ use libafl::{
|
||||
ShadowTracingStage, StagesTuple, StdMutationalStage,
|
||||
},
|
||||
state::{HasCorpus, StdState},
|
||||
Error, HasMetadata, NopFuzzer,
|
||||
Error, HasMetadata,
|
||||
};
|
||||
#[cfg(not(feature = "simplemgr"))]
|
||||
use libafl_bolts::shmem::{StdShMem, StdShMemProvider};
|
||||
@ -41,8 +41,8 @@ use libafl_qemu::{
|
||||
modules::{
|
||||
cmplog::CmpLogObserver,
|
||||
edges::EdgeCoverageFullVariant,
|
||||
utils::filters::{NopPageFilter, StdAddressFilter},
|
||||
EdgeCoverageModule, EmulatorModule, EmulatorModuleTuple, StdEdgeCoverageModule,
|
||||
utils::filters::{HasAddressFilter, NopPageFilter, StdAddressFilter},
|
||||
EdgeCoverageModule, EmulatorModuleTuple, StdEdgeCoverageModule,
|
||||
},
|
||||
Emulator, GuestAddr, Qemu, QemuExecutor,
|
||||
};
|
||||
@ -140,10 +140,10 @@ impl<M: Monitor> Instance<'_, M> {
|
||||
let qemu = emulator.qemu();
|
||||
|
||||
// update address filter after qemu has been initialized
|
||||
<EdgeCoverageModule<StdAddressFilter, NopPageFilter, EdgeCoverageFullVariant, false, 0> as EmulatorModule<BytesInput, ClientState>>::update_address_filter(emulator.modules_mut()
|
||||
emulator.modules_mut()
|
||||
.modules_mut()
|
||||
.match_first_type_mut::<EdgeCoverageModule<StdAddressFilter, NopPageFilter, EdgeCoverageFullVariant, false, 0>>()
|
||||
.expect("Could not find back the edge module"), qemu, self.coverage_filter(qemu)?);
|
||||
.expect("Could not find back the edge module").update_address_filter(qemu, self.coverage_filter(qemu)?);
|
||||
|
||||
// Create an observation channel to keep track of the execution time
|
||||
let time_observer = TimeObserver::new("time");
|
||||
|
||||
@ -40,8 +40,8 @@ use libafl_qemu::{
|
||||
emu::Emulator,
|
||||
executor::QemuExecutor,
|
||||
modules::{
|
||||
cmplog::CmpLogObserver, edges::StdEdgeCoverageClassicModule, CmpLogModule,
|
||||
EmulatorModuleTuple,
|
||||
cmplog::CmpLogObserver, edges::StdEdgeCoverageClassicModule,
|
||||
utils::filters::HasAddressFilterTuples, CmpLogModule, EmulatorModuleTuple,
|
||||
},
|
||||
FastSnapshotManager, NopSnapshotManager, QemuInitError,
|
||||
};
|
||||
@ -78,7 +78,7 @@ fn get_emulator<C, ET, I, S>(
|
||||
QemuInitError,
|
||||
>
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: HasExecutions + Unpin,
|
||||
{
|
||||
|
||||
@ -40,8 +40,8 @@ use libafl_qemu::{
|
||||
emu::Emulator,
|
||||
executor::QemuExecutor,
|
||||
modules::{
|
||||
cmplog::CmpLogObserver, edges::StdEdgeCoverageClassicModule, CmpLogModule,
|
||||
EmulatorModuleTuple,
|
||||
cmplog::CmpLogObserver, edges::StdEdgeCoverageClassicModule,
|
||||
utils::filters::HasAddressFilterTuples, CmpLogModule, EmulatorModuleTuple,
|
||||
},
|
||||
FastSnapshotManager, NopSnapshotManager, QemuInitError, QemuSnapshotManager,
|
||||
};
|
||||
@ -78,7 +78,7 @@ fn get_emulator<C, ET, I, S>(
|
||||
QemuInitError,
|
||||
>
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: HasExecutions + Unpin,
|
||||
{
|
||||
|
||||
@ -23,7 +23,7 @@ use crate::{
|
||||
VersionCommandParser,
|
||||
},
|
||||
get_exit_arch_regs,
|
||||
modules::EmulatorModuleTuple,
|
||||
modules::{utils::filters::HasAddressFilterTuples, EmulatorModuleTuple},
|
||||
sync_exit::ExitArgs,
|
||||
Emulator, EmulatorDriverError, EmulatorDriverResult, GuestReg, InputLocation,
|
||||
IsSnapshotManager, Qemu, QemuMemoryChunk, QemuRWError, Regs, StdEmulatorDriver, CPU,
|
||||
@ -98,7 +98,7 @@ macro_rules! define_std_command_manager {
|
||||
|
||||
impl<C, ET, I, S, SM> CommandManager<C, StdEmulatorDriver, ET, I, S, SM> for $name<S>
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -127,7 +127,7 @@ macro_rules! define_std_command_manager {
|
||||
|
||||
impl<C, ET, I, S, SM> IsCommand<C, $name<S>, StdEmulatorDriver, ET, I, S, SM> for [<$name Commands>]
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -385,7 +385,7 @@ pub struct StartCommand {
|
||||
impl<C, ET, I, S, SM> IsCommand<C, StdCommandManager<S>, StdEmulatorDriver, ET, I, S, SM>
|
||||
for StartCommand
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -546,7 +546,7 @@ pub struct PageAllowCommand {
|
||||
#[cfg(feature = "systemmode")]
|
||||
impl<C, CM, ED, ET, I, S, SM> IsCommand<C, CM, ED, ET, I, S, SM> for PageAllowCommand
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: Unpin,
|
||||
S: Unpin,
|
||||
{
|
||||
@ -574,7 +574,7 @@ pub struct AddressAllowCommand {
|
||||
}
|
||||
impl<C, CM, ED, ET, I, S, SM> IsCommand<C, CM, ED, ET, I, S, SM> for AddressAllowCommand
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: Unpin,
|
||||
S: Unpin,
|
||||
{
|
||||
|
||||
@ -32,7 +32,7 @@ use crate::{
|
||||
CommandError, CommandManager, IsCommand, NativeCommandParser,
|
||||
},
|
||||
get_exit_arch_regs,
|
||||
modules::EmulatorModuleTuple,
|
||||
modules::{utils::filters::HasAddressFilterTuples, EmulatorModuleTuple},
|
||||
sync_exit::ExitArgs,
|
||||
Emulator, EmulatorDriverError, EmulatorDriverResult, GuestReg, InputLocation,
|
||||
IsSnapshotManager, NyxEmulatorDriver, Qemu, QemuMemoryChunk, Regs,
|
||||
@ -98,7 +98,7 @@ macro_rules! define_nyx_command_manager {
|
||||
|
||||
impl<C, ET, I, S, SM> CommandManager<C, NyxEmulatorDriver, ET, I, S, SM> for $name<S>
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -133,7 +133,7 @@ macro_rules! define_nyx_command_manager {
|
||||
|
||||
impl<C, ET, I, S, SM> IsCommand<C, $name<S>, NyxEmulatorDriver, ET, I, S, SM> for [<$name Commands>]
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -295,7 +295,7 @@ pub struct NextPayloadCommand;
|
||||
impl<C, ET, I, S, SM> IsCommand<C, NyxCommandManager<S>, NyxEmulatorDriver, ET, I, S, SM>
|
||||
for NextPayloadCommand
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -359,7 +359,7 @@ pub struct SubmitCR3Command;
|
||||
impl<C, ET, I, S, SM> IsCommand<C, NyxCommandManager<S>, NyxEmulatorDriver, ET, I, S, SM>
|
||||
for SubmitCR3Command
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -407,7 +407,7 @@ impl RangeSubmitCommand {
|
||||
impl<C, ET, I, S, SM> IsCommand<C, NyxCommandManager<S>, NyxEmulatorDriver, ET, I, S, SM>
|
||||
for RangeSubmitCommand
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
|
||||
@ -11,7 +11,7 @@ use crate::{
|
||||
IsCommand, LoadCommand, LqprintfCommand, NativeExitKind, SaveCommand, StartCommand,
|
||||
StdCommandManager, TestCommand, VersionCommand,
|
||||
},
|
||||
modules::EmulatorModuleTuple,
|
||||
modules::{utils::filters::HasAddressFilterTuples, EmulatorModuleTuple},
|
||||
sync_exit::ExitArgs,
|
||||
GuestReg, IsSnapshotManager, Qemu, QemuMemoryChunk, Regs, StdEmulatorDriver,
|
||||
};
|
||||
@ -92,7 +92,7 @@ pub struct StartPhysCommandParser;
|
||||
impl<C, ET, I, S, SM> NativeCommandParser<C, StdCommandManager<S>, StdEmulatorDriver, ET, I, S, SM>
|
||||
for StartPhysCommandParser
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -121,7 +121,7 @@ pub struct StartVirtCommandParser;
|
||||
impl<C, ET, I, S, SM> NativeCommandParser<C, StdCommandManager<S>, StdEmulatorDriver, ET, I, S, SM>
|
||||
for StartVirtCommandParser
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -242,7 +242,7 @@ pub struct VaddrFilterAllowRangeCommandParser;
|
||||
impl<C, CM, ED, ET, I, S, SM> NativeCommandParser<C, CM, ED, ET, I, S, SM>
|
||||
for VaddrFilterAllowRangeCommandParser
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: Unpin,
|
||||
S: Unpin,
|
||||
{
|
||||
|
||||
@ -15,7 +15,7 @@ use crate::{
|
||||
parser::NativeCommandParser,
|
||||
CommandError, NativeExitKind,
|
||||
},
|
||||
modules::EmulatorModuleTuple,
|
||||
modules::{utils::filters::HasAddressFilterTuples, EmulatorModuleTuple},
|
||||
sync_exit::ExitArgs,
|
||||
IsSnapshotManager, NyxEmulatorDriver, Qemu, QemuMemoryChunk, Regs,
|
||||
};
|
||||
@ -80,7 +80,7 @@ pub struct SubmitCR3CommandParser;
|
||||
impl<C, ET, I, S, SM> NativeCommandParser<C, NyxCommandManager<S>, NyxEmulatorDriver, ET, I, S, SM>
|
||||
for SubmitCR3CommandParser
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -100,7 +100,7 @@ pub struct RangeSubmitCommandParser;
|
||||
impl<C, ET, I, S, SM> NativeCommandParser<C, NyxCommandManager<S>, NyxEmulatorDriver, ET, I, S, SM>
|
||||
for RangeSubmitCommandParser
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
@ -188,7 +188,7 @@ pub struct NextPayloadCommandParser;
|
||||
impl<C, ET, I, S, SM> NativeCommandParser<C, NyxCommandManager<S>, NyxEmulatorDriver, ET, I, S, SM>
|
||||
for NextPayloadCommandParser
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
ET: EmulatorModuleTuple<I, S> + HasAddressFilterTuples,
|
||||
I: HasTargetBytes + Unpin,
|
||||
S: Unpin,
|
||||
SM: IsSnapshotManager,
|
||||
|
||||
@ -10,6 +10,7 @@ use libafl_bolts::tuples::{Handle, Handled, MatchFirstType, MatchNameRef};
|
||||
use libafl_qemu_sys::GuestAddr;
|
||||
use thread_local::ThreadLocal;
|
||||
|
||||
use super::utils::filters::HasAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
use crate::modules::utils::filters::{NopPageFilter, NOP_PAGE_FILTER};
|
||||
use crate::{
|
||||
@ -415,10 +416,6 @@ where
|
||||
S: Unpin,
|
||||
T: CallTraceCollectorTuple + Debug,
|
||||
{
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
fn post_qemu_init<ET>(&mut self, _qemu: Qemu, emulator_modules: &mut EmulatorModules<ET, I, S>)
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
@ -459,7 +456,15 @@ where
|
||||
.unwrap()
|
||||
.post_exec_all(qemu, input, observers, exit_kind);
|
||||
}
|
||||
}
|
||||
|
||||
impl<T> HasAddressFilter for CallTracerModule<T>
|
||||
where
|
||||
T: CallTraceCollectorTuple,
|
||||
{
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&self.filter
|
||||
}
|
||||
|
||||
@ -19,7 +19,8 @@ use crate::{capstone, qemu::ArchExtras, CallingConvention};
|
||||
use crate::{
|
||||
emu::EmulatorModules,
|
||||
modules::{
|
||||
utils::filters::StdAddressFilter, AddressFilter, EmulatorModule, EmulatorModuleTuple,
|
||||
utils::filters::{HasAddressFilter, StdAddressFilter},
|
||||
AddressFilter, EmulatorModule, EmulatorModuleTuple,
|
||||
},
|
||||
qemu::Hook,
|
||||
Qemu,
|
||||
@ -75,10 +76,6 @@ where
|
||||
I: Unpin,
|
||||
S: Unpin + HasMetadata,
|
||||
{
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
fn first_exec<ET>(
|
||||
&mut self,
|
||||
_qemu: Qemu,
|
||||
@ -95,6 +92,12 @@ where
|
||||
Hook::Raw(trace_cmp8_cmplog),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
impl HasAddressFilter for CmpLogModule {
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&self.address_filter
|
||||
@ -143,10 +146,6 @@ where
|
||||
I: Unpin,
|
||||
S: Unpin + HasMetadata,
|
||||
{
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
const HOOKS_DO_SIDE_EFFECTS: bool = false;
|
||||
|
||||
fn first_exec<ET>(
|
||||
@ -165,6 +164,12 @@ where
|
||||
Hook::Raw(trace_cmp8_cmplog),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
impl HasAddressFilter for CmpLogChildModule {
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&self.address_filter
|
||||
@ -408,10 +413,6 @@ where
|
||||
I: Unpin,
|
||||
S: Unpin,
|
||||
{
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
fn first_exec<ET>(
|
||||
&mut self,
|
||||
_qemu: Qemu,
|
||||
@ -426,6 +427,13 @@ where
|
||||
Hook::Empty,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(feature = "usermode")]
|
||||
impl HasAddressFilter for CmpLogRoutinesModule {
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&self.address_filter
|
||||
|
||||
@ -7,6 +7,7 @@ use libafl_targets::drcov::{DrCovBasicBlock, DrCovWriter};
|
||||
use rangemap::RangeMap;
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
use super::utils::filters::HasAddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
use crate::modules::utils::filters::{NopPageFilter, NOP_PAGE_FILTER};
|
||||
use crate::{
|
||||
@ -264,10 +265,6 @@ where
|
||||
I: Unpin,
|
||||
S: Unpin + HasMetadata,
|
||||
{
|
||||
type ModuleAddressFilter = F;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
fn post_qemu_init<ET>(&mut self, _qemu: Qemu, emulator_modules: &mut EmulatorModules<ET, I, S>)
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
@ -349,6 +346,15 @@ where
|
||||
unsafe fn on_timeout(&mut self) {
|
||||
self.write();
|
||||
}
|
||||
}
|
||||
|
||||
impl<F> HasAddressFilter for DrCovModule<F>
|
||||
where
|
||||
F: AddressFilter,
|
||||
{
|
||||
type ModuleAddressFilter = F;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = NopPageFilter;
|
||||
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&self.filter
|
||||
|
||||
@ -34,6 +34,8 @@ pub use child::{
|
||||
};
|
||||
use libafl::observers::ConstLenMapObserver;
|
||||
|
||||
use super::utils::filters::HasAddressFilter;
|
||||
|
||||
/// Standard edge coverage module, adapted to most use cases
|
||||
pub type StdEdgeCoverageModule = StdEdgeCoverageFullModule;
|
||||
|
||||
@ -327,10 +329,6 @@ where
|
||||
S: Unpin + HasMetadata,
|
||||
V: EdgeCoverageVariant<AF, PF, IS_CONST_MAP, MAP_SIZE> + 'static,
|
||||
{
|
||||
type ModuleAddressFilter = AF;
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = PF;
|
||||
const HOOKS_DO_SIDE_EFFECTS: bool = V::DO_SIDE_EFFECTS;
|
||||
|
||||
fn first_exec<ET>(
|
||||
@ -353,7 +351,18 @@ where
|
||||
self.variant.fn_no_hitcount(emulator_modules);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<AF, PF, V, const IS_CONST_MAP: bool, const MAP_SIZE: usize> HasAddressFilter
|
||||
for EdgeCoverageModule<AF, PF, V, IS_CONST_MAP, MAP_SIZE>
|
||||
where
|
||||
AF: AddressFilter,
|
||||
PF: PageFilter,
|
||||
{
|
||||
type ModuleAddressFilter = AF;
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter = PF;
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&self.address_filter
|
||||
}
|
||||
|
||||
@ -85,11 +85,6 @@ pub mod utils;
|
||||
/// return values, please refer to the [`EmulatorModules`].
|
||||
// TODO remove 'static when specialization will be stable
|
||||
pub trait EmulatorModule<I, S>: 'static + Debug {
|
||||
type ModuleAddressFilter: AddressFilter;
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter: PageFilter;
|
||||
|
||||
const HOOKS_DO_SIDE_EFFECTS: bool = true;
|
||||
|
||||
/// Hook run **before** QEMU is initialized.
|
||||
@ -167,25 +162,6 @@ pub trait EmulatorModule<I, S>: 'static + Debug {
|
||||
///
|
||||
/// This is getting executed in a signal handler.
|
||||
unsafe fn on_timeout(&mut self) {}
|
||||
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter;
|
||||
fn address_filter_mut(&mut self) -> &mut Self::ModuleAddressFilter;
|
||||
fn update_address_filter(&mut self, qemu: Qemu, filter: Self::ModuleAddressFilter) {
|
||||
*self.address_filter_mut() = filter;
|
||||
// Necessary because some hooks filter during TB generation.
|
||||
qemu.flush_jit();
|
||||
}
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn page_filter(&self) -> &Self::ModulePageFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn page_filter_mut(&mut self) -> &mut Self::ModulePageFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn update_page_filter(&mut self, qemu: Qemu, filter: Self::ModulePageFilter) {
|
||||
*self.page_filter_mut() = filter;
|
||||
// Necessary because some hooks filter during TB generation.
|
||||
qemu.flush_jit();
|
||||
}
|
||||
}
|
||||
|
||||
pub trait EmulatorModuleTuple<I, S>:
|
||||
@ -245,11 +221,6 @@ pub trait EmulatorModuleTuple<I, S>:
|
||||
///
|
||||
/// This is getting executed in a signal handler.
|
||||
unsafe fn on_timeout_all(&mut self);
|
||||
|
||||
fn allow_address_range_all(&mut self, address_range: Range<GuestAddr>);
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn allow_page_id_all(&mut self, page_id: GuestPhysAddr);
|
||||
}
|
||||
|
||||
impl<I, S> EmulatorModuleTuple<I, S> for ()
|
||||
@ -314,11 +285,6 @@ where
|
||||
unsafe fn on_crash_all(&mut self) {}
|
||||
|
||||
unsafe fn on_timeout_all(&mut self) {}
|
||||
|
||||
fn allow_address_range_all(&mut self, _address_range: Range<GuestAddr>) {}
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn allow_page_id_all(&mut self, _page_id: GuestPhysAddr) {}
|
||||
}
|
||||
|
||||
impl<Head, Tail, I, S> EmulatorModuleTuple<I, S> for (Head, Tail)
|
||||
@ -403,15 +369,4 @@ where
|
||||
self.0.on_timeout();
|
||||
self.1.on_timeout_all();
|
||||
}
|
||||
|
||||
fn allow_address_range_all(&mut self, address_range: Range<GuestAddr>) {
|
||||
self.0.address_filter_mut().register(address_range.clone());
|
||||
self.1.allow_address_range_all(address_range);
|
||||
}
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn allow_page_id_all(&mut self, page_id: GuestPhysAddr) {
|
||||
self.0.page_filter_mut().register(page_id);
|
||||
self.1.allow_page_id_all(page_id);
|
||||
}
|
||||
}
|
||||
|
||||
@ -13,8 +13,8 @@ use rangemap::RangeMap;
|
||||
|
||||
use crate::{
|
||||
modules::{
|
||||
calls::FullBacktraceCollector, snapshot::SnapshotModule, EmulatorModule,
|
||||
EmulatorModuleTuple,
|
||||
calls::FullBacktraceCollector, snapshot::SnapshotModule, utils::filters::HasAddressFilter,
|
||||
EmulatorModule, EmulatorModuleTuple,
|
||||
},
|
||||
qemu::MemAccessInfo,
|
||||
sys::TCGTemp,
|
||||
@ -815,7 +815,6 @@ where
|
||||
I: Unpin,
|
||||
S: Unpin,
|
||||
{
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
const HOOKS_DO_SIDE_EFFECTS: bool = false;
|
||||
|
||||
fn pre_qemu_init<ET>(
|
||||
@ -956,7 +955,10 @@ where
|
||||
*exit_kind = ExitKind::Crash;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl HasAddressFilter for AsanModule {
|
||||
type ModuleAddressFilter = StdAddressFilter;
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&self.filter
|
||||
}
|
||||
|
||||
@ -14,7 +14,8 @@ use crate::sys::libafl_tcg_gen_asan;
|
||||
use crate::{
|
||||
emu::EmulatorModules,
|
||||
modules::{
|
||||
utils::filters::StdAddressFilter, AddressFilter, EmulatorModule, EmulatorModuleTuple,
|
||||
utils::filters::{HasAddressFilter, StdAddressFilter},
|
||||
AddressFilter, EmulatorModule, EmulatorModuleTuple,
|
||||
},
|
||||
qemu::{Hook, MemAccessInfo, Qemu},
|
||||
sys::TCGTemp,
|
||||
@ -190,8 +191,6 @@ where
|
||||
I: Unpin,
|
||||
S: Unpin,
|
||||
{
|
||||
type ModuleAddressFilter = F;
|
||||
|
||||
fn pre_qemu_init<ET>(
|
||||
&mut self,
|
||||
_emulator_modules: &mut EmulatorModules<ET, I, S>,
|
||||
@ -334,6 +333,13 @@ where
|
||||
Hook::Function(guest_trace_error_n_asan::<ET, I, S>),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
impl<F> HasAddressFilter for AsanGuestModule<F>
|
||||
where
|
||||
F: AddressFilter,
|
||||
{
|
||||
type ModuleAddressFilter = F;
|
||||
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&self.filter
|
||||
|
||||
@ -24,7 +24,7 @@ use crate::{
|
||||
elf::EasyElf,
|
||||
emu::EmulatorModules,
|
||||
modules::{
|
||||
utils::filters::{NopAddressFilter, NOP_ADDRESS_FILTER},
|
||||
utils::filters::{HasAddressFilter, NopAddressFilter, NOP_ADDRESS_FILTER},
|
||||
EmulatorModule, EmulatorModuleTuple,
|
||||
},
|
||||
qemu::{ArchExtras, Hook, SyscallHookResult},
|
||||
@ -268,8 +268,6 @@ where
|
||||
I: Unpin,
|
||||
S: Unpin,
|
||||
{
|
||||
type ModuleAddressFilter = NopAddressFilter;
|
||||
|
||||
fn post_qemu_init<ET>(&mut self, _qemu: Qemu, emulator_modules: &mut EmulatorModules<ET, I, S>)
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
@ -344,6 +342,10 @@ where
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl HasAddressFilter for InjectionModule {
|
||||
type ModuleAddressFilter = NopAddressFilter;
|
||||
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&NopAddressFilter
|
||||
|
||||
@ -24,7 +24,7 @@ use crate::{
|
||||
emu::EmulatorModules,
|
||||
modules::{
|
||||
asan::AsanModule,
|
||||
utils::filters::{NopAddressFilter, NOP_ADDRESS_FILTER},
|
||||
utils::filters::{HasAddressFilter, NopAddressFilter, NOP_ADDRESS_FILTER},
|
||||
EmulatorModule, EmulatorModuleTuple, Range,
|
||||
},
|
||||
qemu::{Hook, SyscallHookResult},
|
||||
@ -698,8 +698,6 @@ where
|
||||
I: Unpin,
|
||||
S: Unpin,
|
||||
{
|
||||
type ModuleAddressFilter = NopAddressFilter;
|
||||
|
||||
fn post_qemu_init<ET>(&mut self, _qemu: Qemu, emulator_modules: &mut EmulatorModules<ET, I, S>)
|
||||
where
|
||||
ET: EmulatorModuleTuple<I, S>,
|
||||
@ -737,7 +735,10 @@ where
|
||||
self.reset(qemu);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl HasAddressFilter for SnapshotModule {
|
||||
type ModuleAddressFilter = NopAddressFilter;
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter {
|
||||
&NopAddressFilter
|
||||
}
|
||||
|
||||
@ -69,6 +69,64 @@ where
|
||||
}
|
||||
}
|
||||
|
||||
/// Offers accessors to modules' address filters.
|
||||
pub trait HasAddressFilter {
|
||||
type ModuleAddressFilter: AddressFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
type ModulePageFilter: PageFilter;
|
||||
fn address_filter(&self) -> &Self::ModuleAddressFilter;
|
||||
|
||||
fn address_filter_mut(&mut self) -> &mut Self::ModuleAddressFilter;
|
||||
|
||||
fn update_address_filter(&mut self, qemu: Qemu, filter: Self::ModuleAddressFilter) {
|
||||
*self.address_filter_mut() = filter;
|
||||
// Necessary because some hooks filter during TB generation.
|
||||
qemu.flush_jit();
|
||||
}
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn page_filter(&self) -> &Self::ModulePageFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn page_filter_mut(&mut self) -> &mut Self::ModulePageFilter;
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn update_page_filter(&mut self, qemu: Qemu, filter: Self::ModulePageFilter) {
|
||||
*self.page_filter_mut() = filter;
|
||||
// Necessary because some hooks filter during TB generation.
|
||||
qemu.flush_jit();
|
||||
}
|
||||
}
|
||||
|
||||
pub trait HasAddressFilterTuples {
|
||||
fn allow_address_range_all(&mut self, address_range: Range<GuestAddr>);
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn allow_page_id_all(&mut self, page_id: GuestPhysAddr);
|
||||
}
|
||||
|
||||
impl HasAddressFilterTuples for () {
|
||||
fn allow_address_range_all(&mut self, _address_range: Range<GuestAddr>) {}
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn allow_page_id_all(&mut self, _page_id: GuestPhysAddr) {}
|
||||
}
|
||||
|
||||
impl<Head, Tail> HasAddressFilterTuples for (Head, Tail)
|
||||
where
|
||||
Head: HasAddressFilter,
|
||||
Tail: HasAddressFilterTuples,
|
||||
{
|
||||
fn allow_address_range_all(&mut self, address_range: Range<GuestAddr>) {
|
||||
self.0.address_filter_mut().register(address_range.clone());
|
||||
self.1.allow_address_range_all(address_range);
|
||||
}
|
||||
|
||||
#[cfg(feature = "systemmode")]
|
||||
fn allow_page_id_all(&mut self, page_id: GuestPhysAddr) {
|
||||
self.0.page_filter_mut().register(page_id);
|
||||
self.1.allow_page_id_all(page_id);
|
||||
}
|
||||
}
|
||||
|
||||
/// An address filter list.
|
||||
///
|
||||
/// It will allow anything in the registered ranges, and deny anything else.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user