Small refactoring of libafl_qemu structure (#2098)

* Architecture-specific stuff is now in the `arch` directory * Helpers are now in the `helpers` directory * `emu.rs` has been moved as `emu/mod.rs` for consistency with the rest of the repository
2024-04-24 21:47:29 +02:00 · 2024-04-24 21:47:29 +02:00 · dd0fbff819
commit dd0fbff819
parent c622a28eba
28 changed files with 105 additions and 98 deletions
--- a/fuzzers/qemu_launcher/src/instance.rs
+++ b/fuzzers/qemu_launcher/src/instance.rs
@ -40,7 +40,7 @@ use libafl_bolts::{
 use libafl_qemu::{
    cmplog::CmpLogObserver,
    edges::{edges_map_mut_slice, MAX_EDGES_NUM},
-    helper::QemuHelperTuple,
+    helpers::QemuHelperTuple,
    Qemu, QemuExecutor, QemuHooks,
 };
 use typed_builder::TypedBuilder;
--- a/libafl/src/executors/inprocess/mod.rs
+++ b/libafl/src/executors/inprocess/mod.rs
@ -134,7 +134,7 @@ where
        }
        self.inner.hooks.pre_exec_all(state, input);

-        let ret = (self.harness_fn.borrow_mut())(input);
+        let ret = self.harness_fn.borrow_mut()(input);

        self.inner.hooks.post_exec_all(state, input);
        self.inner.leave_target(fuzzer, state, mgr, input);
--- a/libafl_qemu/libafl_qemu_sys/src/lib.rs
+++ b/libafl_qemu/libafl_qemu_sys/src/lib.rs
@ -17,6 +17,8 @@ __Warning__: The documentation is built by default for `x86_64` in `usermode`. T
 mod bindings {
    include!(concat!(env!("OUT_DIR"), "/bindings.rs"));
 }
+#[cfg(all(not(feature = "clippy"), target_os = "linux"))]
+pub use bindings::*;

 #[cfg(any(feature = "clippy", not(target_os = "linux")))]
 mod x86_64_stub_bindings;
@ -100,8 +102,6 @@ macro_rules! extern_c_checked {
 use core::ops::BitAnd;
 use std::ffi::c_void;

-#[cfg(all(not(feature = "clippy"), target_os = "linux"))]
-pub use bindings::*;
 #[cfg(feature = "python")]
 use pyo3::{pyclass, pymethods, IntoPy, PyObject, Python};
 #[cfg(any(feature = "clippy", not(target_os = "linux")))]
--- a/libafl_qemu/src/arch/aarch64.rs
+++ b/libafl_qemu/src/arch/aarch64.rs
@ -8,7 +8,7 @@ use pyo3::prelude::*;
 pub use strum_macros::EnumIter;
 pub use syscall_numbers::aarch64::*;

-use crate::{sync_backdoor::BackdoorArgs, CallingConvention};
+use crate::{sync_exit::BackdoorArgs, CallingConvention};

 #[derive(IntoPrimitive, TryFromPrimitive, Debug, Clone, Copy, EnumIter)]
 #[repr(i32)]
--- a/libafl_qemu/src/arch/arm.rs
+++ b/libafl_qemu/src/arch/arm.rs
@ -8,7 +8,7 @@ use pyo3::prelude::*;
 pub use strum_macros::EnumIter;
 pub use syscall_numbers::arm::*;

-use crate::{sync_backdoor::BackdoorArgs, CallingConvention};
+use crate::{sync_exit::BackdoorArgs, CallingConvention};

 /// Registers for the ARM instruction set.
 #[derive(IntoPrimitive, TryFromPrimitive, Debug, Clone, Copy, EnumIter)]
--- a/libafl_qemu/src/arch/hexagon.rs
+++ b/libafl_qemu/src/arch/hexagon.rs
@ -6,7 +6,7 @@ use num_enum::{IntoPrimitive, TryFromPrimitive};
 use pyo3::prelude::*;
 pub use strum_macros::EnumIter;

-use crate::{sync_backdoor::BackdoorArgs, CallingConvention};
+use crate::{sync_exit::BackdoorArgs, CallingConvention};

 #[derive(IntoPrimitive, TryFromPrimitive, Debug, Clone, Copy, EnumIter)]
 #[repr(i32)]
--- a/libafl_qemu/src/arch/i386.rs
+++ b/libafl_qemu/src/arch/i386.rs
@ -8,7 +8,7 @@ use pyo3::prelude::*;
 pub use strum_macros::EnumIter;
 pub use syscall_numbers::x86::*;

-use crate::{sync_backdoor::BackdoorArgs, CallingConvention, GuestAddr};
+use crate::{sync_exit::BackdoorArgs, CallingConvention, GuestAddr};

 #[derive(IntoPrimitive, TryFromPrimitive, Debug, Clone, Copy, EnumIter)]
 #[repr(i32)]
--- a/libafl_qemu/src/arch/mips.rs
+++ b/libafl_qemu/src/arch/mips.rs
@ -7,7 +7,7 @@ use pyo3::prelude::*;
 pub use strum_macros::EnumIter;
 pub use syscall_numbers::mips::*;

-use crate::{sync_backdoor::BackdoorArgs, CallingConvention};
+use crate::{sync_exit::BackdoorArgs, CallingConvention};

 /// Registers for the MIPS instruction set.
 #[derive(IntoPrimitive, TryFromPrimitive, Debug, Clone, Copy, EnumIter)]
--- a/libafl_qemu/src/arch/mod.rs
+++ b/libafl_qemu/src/arch/mod.rs
@ -0,0 +1,34 @@
+#[cfg(cpu_target = "aarch64")]
+pub mod aarch64;
+#[cfg(all(cpu_target = "aarch64", not(feature = "clippy")))]
+pub use aarch64::*;
+
+#[cfg(cpu_target = "arm")]
+pub mod arm;
+#[cfg(all(cpu_target = "arm", not(feature = "clippy")))]
+pub use arm::*;
+
+#[cfg(cpu_target = "i386")]
+pub mod i386;
+#[cfg(all(cpu_target = "i386", not(feature = "clippy")))]
+pub use i386::*;
+
+#[cfg(cpu_target = "x86_64")]
+pub mod x86_64;
+#[cfg(cpu_target = "x86_64")]
+pub use x86_64::*;
+
+#[cfg(cpu_target = "mips")]
+pub mod mips;
+#[cfg(cpu_target = "mips")]
+pub use mips::*;
+
+#[cfg(cpu_target = "ppc")]
+pub mod ppc;
+#[cfg(cpu_target = "ppc")]
+pub use ppc::*;
+
+#[cfg(cpu_target = "hexagon")]
+pub mod hexagon;
+#[cfg(cpu_target = "hexagon")]
+pub use hexagon::*;
--- a/libafl_qemu/src/arch/ppc.rs
+++ b/libafl_qemu/src/arch/ppc.rs
@ -7,7 +7,7 @@ use pyo3::prelude::*;
 pub use strum_macros::EnumIter;
 pub use syscall_numbers::powerpc::*;

-use crate::{sync_backdoor::BackdoorArgs, CallingConvention};
+use crate::{sync_exit::BackdoorArgs, CallingConvention};

 /// Registers for the MIPS instruction set.
 #[derive(IntoPrimitive, TryFromPrimitive, Debug, Clone, Copy, EnumIter)]
--- a/libafl_qemu/src/arch/x86_64.rs
+++ b/libafl_qemu/src/arch/x86_64.rs
@ -8,7 +8,7 @@ use pyo3::prelude::*;
 pub use strum_macros::EnumIter;
 pub use syscall_numbers::x86_64::*;

-use crate::{sync_backdoor::BackdoorArgs, CallingConvention};
+use crate::{sync_exit::BackdoorArgs, CallingConvention};

 #[derive(IntoPrimitive, TryFromPrimitive, Debug, Clone, Copy, EnumIter)]
 #[repr(i32)]
--- a/libafl_qemu/src/command.rs
+++ b/libafl_qemu/src/command.rs
@ -15,7 +15,7 @@ use num_enum::TryFromPrimitive;
 #[cfg(emulation_mode = "systemmode")]
 use crate::QemuInstrumentationPagingFilter;
 use crate::{
-    executor::QemuExecutorState, sync_backdoor::SyncBackdoorError, EmuExitHandler, Emulator,
+    executor::QemuExecutorState, sync_exit::SyncBackdoorError, EmuExitHandler, Emulator,
    GuestAddrKind, GuestReg, HandlerError, HasInstrumentationFilter, InnerHandlerResult, IsFilter,
    IsSnapshotManager, Qemu, QemuHelperTuple, QemuInstrumentationAddressRangeFilter, Regs,
    StdEmuExitHandler, StdInstrumentationFilter, CPU,
--- a/libafl_qemu/src/emu/mod.rs
+++ b/libafl_qemu/src/emu/mod.rs
@ -360,7 +360,7 @@ pub const SKIP_EXEC_HOOK: u64 = u64::MAX;

 pub use libafl_qemu_sys::{CPUArchState, CPUState};

-use crate::sync_backdoor::{SyncBackdoor, SyncBackdoorError};
+use crate::sync_exit::{SyncBackdoor, SyncBackdoorError};

 // syshook_ret
 #[repr(C)]
--- a/libafl_qemu/src/emu/usermode.rs
+++ b/libafl_qemu/src/emu/usermode.rs
@ -13,7 +13,7 @@ use pyo3::prelude::*;

 use crate::{
    emu::{HasExecutions, State},
-    sync_backdoor::SyncBackdoorError,
+    sync_exit::SyncBackdoorError,
    EmuExitHandler, Emulator, HookData, NewThreadHookId, PostSyscallHookId, PreSyscallHookId, Qemu,
    QemuExitReason, QemuExitReasonError, QemuHelperTuple, SyscallHookResult, CPU,
 };
--- a/libafl_qemu/src/executor/mod.rs
+++ b/libafl_qemu/src/executor/mod.rs
@ -26,7 +26,7 @@ use libafl_bolts::os::unix_signals::{siginfo_t, ucontext_t, Signal};
 #[cfg(feature = "fork")]
 use libafl_bolts::shmem::ShMemProvider;

-use crate::{helper::QemuHelperTuple, hooks::QemuHooks, Qemu};
+use crate::{helpers::QemuHelperTuple, hooks::QemuHooks, Qemu};

 /// A version of `QemuExecutor` with a state accessible from the harness.
 pub mod stateful;
--- a/libafl_qemu/src/executor/stateful.rs
+++ b/libafl_qemu/src/executor/stateful.rs
@ -22,7 +22,7 @@ use libafl::{
 use crate::executor::inproc_qemu_crash_handler;
 #[cfg(emulation_mode = "systemmode")]
 use crate::executor::{inproc_qemu_timeout_handler, BREAK_ON_TMOUT};
-use crate::{executor::QemuExecutorState, helper::QemuHelperTuple, hooks::QemuHooks, Qemu};
+use crate::{executor::QemuExecutorState, helpers::QemuHelperTuple, hooks::QemuHooks, Qemu};

 pub struct StatefulQemuExecutor<'a, H, OT, QT, S>
 where
--- a/libafl_qemu/src/helpers/asan.rs
+++ b/libafl_qemu/src/helpers/asan.rs
@ -17,11 +17,10 @@ use num_enum::{IntoPrimitive, TryFromPrimitive};
 use rangemap::RangeMap;

 use crate::{
-    calls::FullBacktraceCollector,
    emu::{EmuError, MemAccessInfo, SyscallHookResult},
-    helper::{
-        HasInstrumentationFilter, IsFilter, QemuHelper, QemuHelperTuple,
-        QemuInstrumentationAddressRangeFilter,
+    helpers::{
+        calls::FullBacktraceCollector, HasInstrumentationFilter, IsFilter, QemuHelper,
+        QemuHelperTuple, QemuInstrumentationAddressRangeFilter,
    },
    hooks::{Hook, QemuHooks},
    snapshot::QemuSnapshotHelper,
--- a/libafl_qemu/src/helpers/asan_guest.rs
+++ b/libafl_qemu/src/helpers/asan_guest.rs
@ -13,7 +13,7 @@ use libafl::{inputs::UsesInput, HasMetadata};
 use crate::sys::libafl_tcg_gen_asan;
 use crate::{
    emu::{EmuError, MemAccessInfo, Qemu},
-    helper::{
+    helpers::{
        HasInstrumentationFilter, IsFilter, QemuHelper, QemuHelperTuple,
        QemuInstrumentationAddressRangeFilter,
    },
--- a/libafl_qemu/src/helpers/calls.rs
+++ b/libafl_qemu/src/helpers/calls.rs
@ -13,7 +13,7 @@ use thread_local::ThreadLocal;
 use crate::{
    capstone,
    emu::ArchExtras,
-    helper::{
+    helpers::{
        HasInstrumentationFilter, IsFilter, QemuHelper, QemuHelperTuple,
        QemuInstrumentationAddressRangeFilter,
    },
--- a/libafl_qemu/src/helpers/cmplog.rs
+++ b/libafl_qemu/src/helpers/cmplog.rs
@ -14,7 +14,7 @@ use serde::{Deserialize, Serialize};
 #[cfg(emulation_mode = "usermode")]
 use crate::{capstone, emu::ArchExtras, CallingConvention, Qemu};
 use crate::{
-    helper::{
+    helpers::{
        hash_me, HasInstrumentationFilter, IsFilter, QemuHelper, QemuHelperTuple,
        QemuInstrumentationAddressRangeFilter,
    },
--- a/libafl_qemu/src/helpers/drcov.rs
+++ b/libafl_qemu/src/helpers/drcov.rs
@ -8,7 +8,7 @@ use rangemap::RangeMap;
 use serde::{Deserialize, Serialize};

 use crate::{
-    helper::{
+    helpers::{
        HasInstrumentationFilter, IsFilter, QemuHelper, QemuHelperTuple,
        QemuInstrumentationAddressRangeFilter,
    },
--- a/libafl_qemu/src/helpers/edges.rs
+++ b/libafl_qemu/src/helpers/edges.rs
@ -12,9 +12,9 @@ pub use libafl_targets::{
 use serde::{Deserialize, Serialize};

 #[cfg(emulation_mode = "systemmode")]
-use crate::helper::QemuInstrumentationPagingFilter;
+use crate::helpers::QemuInstrumentationPagingFilter;
 use crate::{
-    helper::{
+    helpers::{
        hash_me, HasInstrumentationFilter, QemuHelper, QemuHelperTuple,
        QemuInstrumentationAddressRangeFilter,
    },
--- a/libafl_qemu/src/helpers/injections.rs
+++ b/libafl_qemu/src/helpers/injections.rs
--- a/libafl_qemu/src/helpers/mod.rs
+++ b/libafl_qemu/src/helpers/mod.rs
@ -7,6 +7,44 @@ use libafl_qemu_sys::{GuestAddr, GuestPhysAddr};

 use crate::{hooks::QemuHooks, Qemu};

+pub mod edges;
+pub use edges::QemuEdgeCoverageHelper;
+
+#[cfg(not(cpu_target = "hexagon"))]
+pub mod calls;
+#[cfg(not(cpu_target = "hexagon"))]
+pub use calls::QemuCallTracerHelper;
+
+#[cfg(not(cpu_target = "hexagon"))]
+pub mod drcov;
+#[cfg(not(cpu_target = "hexagon"))]
+pub use drcov::QemuDrCovHelper;
+
+#[cfg(not(any(cpu_target = "mips", cpu_target = "hexagon")))]
+pub mod cmplog;
+#[cfg(not(any(cpu_target = "mips", cpu_target = "hexagon")))]
+pub use cmplog::QemuCmpLogHelper;
+
+#[cfg(all(emulation_mode = "usermode", feature = "injections"))]
+pub mod injections;
+#[cfg(all(emulation_mode = "usermode", feature = "injections"))]
+pub use injections::QemuInjectionHelper;
+
+#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
+pub mod snapshot;
+#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
+pub use snapshot::QemuSnapshotHelper;
+
+#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
+pub mod asan;
+#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
+pub use asan::{init_qemu_with_asan, QemuAsanHelper};
+
+#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
+pub mod asan_guest;
+#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
+pub use asan_guest::{init_qemu_with_asan_guest, QemuAsanGuestHelper};
+
 /// A helper for `libafl_qemu`.
 // TODO remove 'static when specialization will be stable
 pub trait QemuHelper<S>: 'static + Debug
--- a/libafl_qemu/src/helpers/snapshot.rs
+++ b/libafl_qemu/src/helpers/snapshot.rs
@ -25,7 +25,7 @@ use crate::SYS_newfstatat;
 use crate::{
    asan::QemuAsanHelper,
    emu::SyscallHookResult,
-    helper::{QemuHelper, QemuHelperTuple},
+    helpers::{QemuHelper, QemuHelperTuple},
    hooks::{Hook, QemuHooks},
    Qemu, SYS_fstat, SYS_fstatfs, SYS_futex, SYS_getrandom, SYS_mprotect, SYS_mremap, SYS_munmap,
    SYS_pread64, SYS_read, SYS_readlinkat, SYS_statfs,
--- a/libafl_qemu/src/hooks.rs
+++ b/libafl_qemu/src/hooks.rs
@ -22,7 +22,7 @@ use libafl_qemu_sys::{CPUArchStatePtr, FatPtr, GuestAddr, GuestUsize};
 pub use crate::emu::SyscallHookResult;
 use crate::{
    emu::{MemAccessInfo, Qemu, SKIP_EXEC_HOOK},
-    helper::QemuHelperTuple,
+    helpers::QemuHelperTuple,
    sys::TCGTemp,
    BackdoorHookId, BlockHookId, CmpHookId, EdgeHookId, HookId, InstructionHookId, ReadHookId,
    WriteHookId,
--- a/libafl_qemu/src/lib.rs
+++ b/libafl_qemu/src/lib.rs
@ -33,81 +33,17 @@ use std::env;
 pub use libafl_qemu_sys as sys;
 pub use strum::IntoEnumIterator;

-#[cfg(cpu_target = "aarch64")]
-pub mod aarch64;
-#[cfg(all(cpu_target = "aarch64", not(feature = "clippy")))]
-pub use aarch64::*;
-
-#[cfg(cpu_target = "arm")]
-pub mod arm;
-#[cfg(all(cpu_target = "arm", not(feature = "clippy")))]
-pub use arm::*;
-
-#[cfg(cpu_target = "i386")]
-pub mod i386;
-#[cfg(all(cpu_target = "i386", not(feature = "clippy")))]
-pub use i386::*;
-
-#[cfg(cpu_target = "x86_64")]
-pub mod x86_64;
-#[cfg(cpu_target = "x86_64")]
-pub use x86_64::*;
-
-#[cfg(cpu_target = "mips")]
-pub mod mips;
-#[cfg(cpu_target = "mips")]
-pub use mips::*;
-
-#[cfg(cpu_target = "ppc")]
-pub mod ppc;
-#[cfg(cpu_target = "ppc")]
-pub use ppc::*;
-
-#[cfg(cpu_target = "hexagon")]
-pub mod hexagon;
-#[cfg(cpu_target = "hexagon")]
-pub use hexagon::*;
+pub mod arch;
+pub use arch::*;

 pub mod elf;

-pub mod helper;
-pub use helper::*;
+pub mod helpers;
+pub use helpers::*;
+
 pub mod hooks;
 pub use hooks::*;

-pub mod edges;
-pub use edges::QemuEdgeCoverageHelper;
-
-#[cfg(not(any(cpu_target = "mips", cpu_target = "hexagon")))]
-pub mod cmplog;
-#[cfg(not(any(cpu_target = "mips", cpu_target = "hexagon")))]
-pub use cmplog::QemuCmpLogHelper;
-
-#[cfg(all(emulation_mode = "usermode", feature = "injections"))]
-pub mod injections;
-#[cfg(all(emulation_mode = "usermode", feature = "injections"))]
-pub use injections::QemuInjectionHelper;
-
-#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
-pub mod snapshot;
-#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
-pub use snapshot::QemuSnapshotHelper;
-
-#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
-pub mod asan;
-#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
-pub use asan::{init_qemu_with_asan, QemuAsanHelper};
-
-#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
-pub mod asan_guest;
-#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]
-pub use asan_guest::{init_qemu_with_asan_guest, QemuAsanGuestHelper};
-
-#[cfg(not(cpu_target = "hexagon"))]
-pub mod calls;
-#[cfg(not(cpu_target = "hexagon"))]
-pub mod drcov;
-
 pub mod executor;
 pub use executor::QemuExecutor;
 #[cfg(feature = "fork")]
@ -118,7 +54,7 @@ pub use emu::*;

 pub mod breakpoint;
 pub mod command;
-pub mod sync_backdoor;
+pub mod sync_exit;

 #[must_use]
 pub fn filter_qemu_args() -> Vec<String> {
--- a/libafl_qemu/src/sync_backdoor.rs
+++ b/libafl_qemu/src/sync_backdoor.rs