From 2f869ed3e1a639bc6187146c96c09fa52e7cd24d Mon Sep 17 00:00:00 2001 From: Steffen Schulz Date: Tue, 22 Nov 2022 05:05:21 -0800 Subject: [PATCH] replace printf + exit() with nyx_abort() - Replace instances of error/printf + exit(1) with nyx_abort(), except for one instance where we don't give any useful error and a plain assert() seems more appropriate - Remove [Qemu-Nyx] and Error: in arguments to nyx_error() --- nyx/fast_vm_reload_sync.c | 6 +-- nyx/helpers.c | 10 ++-- nyx/hypercall/configuration.c | 18 +++---- nyx/hypercall/debug.c | 2 +- nyx/interface.c | 33 +++++------- nyx/snapshot/memory/backend/nyx_dirty_ring.c | 56 +++++++++----------- nyx/snapshot/memory/shadow_memory.c | 16 ++---- 7 files changed, 56 insertions(+), 85 deletions(-) diff --git a/nyx/fast_vm_reload_sync.c b/nyx/fast_vm_reload_sync.c index 56c7769a2e..acbe74fc92 100644 --- a/nyx/fast_vm_reload_sync.c +++ b/nyx/fast_vm_reload_sync.c @@ -304,8 +304,7 @@ bool check_if_relood_request_exists_pre(fast_vm_reload_sync_t *self) switch (self->current_request) { case REQUEST_VOID: - nyx_error("%s: REQUEST_VOID requested!\n", __func__); - abort(); + nyx_abort("%s: REQUEST_VOID requested!\n", __func__); case REQUEST_SAVE_SNAPSHOT_PRE_FIX_RIP: case REQUEST_SAVE_SNAPSHOT_ROOT_FIX_RIP: @@ -335,8 +334,7 @@ bool check_if_relood_request_exists_pre(fast_vm_reload_sync_t *self) break; default: - nyx_error("%s: Unkown request: %d\n", __func__, self->current_request); - abort(); + nyx_abort("%s: Unkown request: %d\n", __func__, self->current_request); } return true; } diff --git a/nyx/helpers.c b/nyx/helpers.c index d7b8b82e39..be96cf63d3 100644 --- a/nyx/helpers.c +++ b/nyx/helpers.c @@ -177,9 +177,8 @@ bool apply_capabilities(CPUState *cpu) } if (GET_GLOBAL_STATE()->cap_compile_time_tracing_buffer_vaddr & 0xfff) { - nyx_error( - "Error: Guest trace bitmap v_addr (0x%lx) is not page aligned!\n", - GET_GLOBAL_STATE()->cap_compile_time_tracing_buffer_vaddr); + nyx_error("Guest trace bitmap v_addr (0x%lx) is not page aligned!\n", + GET_GLOBAL_STATE()->cap_compile_time_tracing_buffer_vaddr); return false; } @@ -203,9 +202,8 @@ bool apply_capabilities(CPUState *cpu) GET_GLOBAL_STATE()->cap_ijon_tracing_buffer_vaddr); if (GET_GLOBAL_STATE()->cap_ijon_tracing_buffer_vaddr & 0xfff) { - nyx_error( - "Error: Guest ijon buffer v_addr (0x%lx) is not page aligned!\n", - GET_GLOBAL_STATE()->cap_ijon_tracing_buffer_vaddr); + nyx_error("Guest ijon buffer v_addr (0x%lx) is not page aligned!\n", + GET_GLOBAL_STATE()->cap_ijon_tracing_buffer_vaddr); return false; } diff --git a/nyx/hypercall/configuration.c b/nyx/hypercall/configuration.c index 78b63c45ba..26e7fb68f7 100644 --- a/nyx/hypercall/configuration.c +++ b/nyx/hypercall/configuration.c @@ -56,17 +56,13 @@ void handle_hypercall_kafl_set_agent_config(struct kvm_run *run, if (read_virtual_memory(vaddr, (uint8_t *)&config, sizeof(agent_config_t), cpu)) { if (config.agent_magic != NYX_AGENT_MAGIC) { - nyx_error("Error: NYX_AGENT_MAGIC not found in agent configuration" - " - You are probably using an outdated agent...\n"); - exit(1); + nyx_abort("NYX_AGENT_MAGIC mismatch - agent outdated? (%x != %x)\n", + config.agent_magic, NYX_AGENT_MAGIC); } if (config.agent_version != NYX_AGENT_VERSION) { - nyx_error("Error: NYX_AGENT_VERSION does not match in agent " - "configuration (%d != %d) - " - "You are probably using an outdated agent...\n", + nyx_abort("NYX_AGENT_VERSION mismatch - agent outdated? (%x != %x)\n", config.agent_version, NYX_AGENT_VERSION); - exit(1); } GET_GLOBAL_STATE()->cap_timeout_detection = config.agent_timeout_detection; @@ -77,9 +73,8 @@ void handle_hypercall_kafl_set_agent_config(struct kvm_run *run, if (!GET_GLOBAL_STATE()->cap_compile_time_tracing && !GET_GLOBAL_STATE()->nyx_fdl) { - nyx_error("Error: No Intel PT support on this KVM build and no " + nyx_abort("No Intel PT support on this KVM build and no " "compile-time instrumentation enabled in the target\n"); - exit(1); } GET_GLOBAL_STATE()->cap_ijon_tracing = config.agent_ijon_tracing; @@ -104,7 +99,7 @@ void handle_hypercall_kafl_set_agent_config(struct kvm_run *run, } if (apply_capabilities(cpu) == false) { - nyx_abort((char *)"applying agent configuration failed..."); + nyx_abort("Applying agent configuration failed..."); } if (getenv("DUMP_PAYLOAD_MODE")) { @@ -114,8 +109,7 @@ void handle_hypercall_kafl_set_agent_config(struct kvm_run *run, } } else { - nyx_error("Error: %s - failed (vaddr: 0x%lx)!\n", __func__, vaddr); - exit(1); + nyx_abort("%s - failed (vaddr: 0x%lx)!\n", __func__, vaddr); } GET_GLOBAL_STATE()->set_agent_config_done = true; } diff --git a/nyx/hypercall/debug.c b/nyx/hypercall/debug.c index 0c16f949cc..d1b302ce15 100644 --- a/nyx/hypercall/debug.c +++ b/nyx/hypercall/debug.c @@ -109,6 +109,6 @@ void handle_hypercall_kafl_debug_tmp_snapshot(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg) { - nyx_abort("Error: HYPERCALL_KAFL_DEBUG_TMP not enabled!\n"); + nyx_abort("HYPERCALL_KAFL_DEBUG_TMP not enabled!\n"); } #endif diff --git a/nyx/interface.c b/nyx/interface.c index e6966145ac..6973bcab50 100644 --- a/nyx/interface.c +++ b/nyx/interface.c @@ -226,7 +226,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) char *tmp; if (!folder_exits(workdir)) { - nyx_error("Error: %s does not exist...\n", workdir); + nyx_error("Folder %s does not exist...\n", workdir); return false; } @@ -240,7 +240,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) assert(asprintf(&tmp, "%s/interface_%d", workdir, id) != -1); if (!file_exits(tmp)) { - nyx_error("Error: %s does not exist...\n", tmp); + nyx_error("File %s does not exist...\n", tmp); free(tmp); return false; } @@ -248,7 +248,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) assert(asprintf(&tmp, "%s/payload_%d", workdir, id) != -1); if (!file_exits(tmp)) { - nyx_error("Error: %s does not exist...\n", tmp); + nyx_error("File %s does not exist...\n", tmp); free(tmp); return false; } else { @@ -258,7 +258,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) assert(asprintf(&tmp, "%s/bitmap_%d", workdir, id) != -1); if (!file_exits(tmp)) { - nyx_error("Error: %s does not exist...\n", tmp); + nyx_error("File %s does not exist...\n", tmp); free(tmp); return false; } else { @@ -268,7 +268,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) assert(asprintf(&tmp, "%s/ijon_%d", workdir, id) != -1); if (!file_exits(tmp)) { - nyx_error("Error: %s does not exist...\n", tmp); + nyx_error("File %s does not exist...\n", tmp); free(tmp); return false; } else { @@ -278,7 +278,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) assert(asprintf(&tmp, "%s/page_cache.lock", workdir) != -1); if (!file_exits(tmp)) { - nyx_error("Error: %s does not exist...", tmp); + nyx_error("File %s does not exist...", tmp); free(tmp); return false; } @@ -286,7 +286,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) assert(asprintf(&tmp, "%s/page_cache.addr", workdir) != -1); if (!file_exits(tmp)) { - nyx_error("Error: %s does not exist...\n", tmp); + nyx_error("File %s does not exist...\n", tmp); free(tmp); return false; } @@ -294,7 +294,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) assert(asprintf(&tmp, "%s/page_cache.dump", workdir) != -1); if (!file_exits(tmp)) { - nyx_error("Error: %s does not exist...\n", tmp); + nyx_error("File %s does not exist...\n", tmp); free(tmp); return false; } @@ -305,7 +305,7 @@ static bool verify_workdir_state(nyx_interface_state *s, Error **errp) assert(asprintf(&tmp, "%s/redqueen_workdir_%d/", workdir, id) != -1); if (!folder_exits(tmp)) { - nyx_error("%s does not exist...\n", tmp); + nyx_error("Folder %s does not exist...\n", tmp); free(tmp); return false; } else { @@ -343,13 +343,11 @@ static void check_ipt_range(uint8_t i) ret = ioctl(kvm, KVM_VMX_PT_GET_ADDRN, NULL); if (ret == -1) { - nyx_error("Error: Multi range tracing is not supported!\n"); - exit(1); + nyx_abort("Multi range tracing is not supported!\n"); } if (ret < (i + 1)) { - nyx_error("Error: CPU supports only %d IP filters!\n", ret); - exit(1); + nyx_abort("CPU supports only %d IP filters!\n", ret); } close(kvm); } @@ -360,8 +358,7 @@ static void check_available_ipt_ranges(nyx_interface_state *s) int kvm_fd = qemu_open("/dev/kvm", O_RDWR); if (kvm_fd == -1) { - nyx_error("Error: could not access KVM kernel module: %m\n"); - exit(1); + nyx_abort("Could not access KVM kernel module: %m\n"); } if (ioctl(kvm_fd, KVM_CHECK_EXTENSION, KVM_CAP_NYX_PT) == 1 && @@ -404,8 +401,7 @@ static void nyx_realize(DeviceState *dev, Error **errp) if (s->worker_id == 0xFFFF) { - nyx_error("Error: Invalid worker id...\n"); - exit(1); + nyx_abort("Invalid worker id...\n"); } if (s->cow_primary_size) { @@ -414,8 +410,7 @@ static void nyx_realize(DeviceState *dev, Error **errp) GET_GLOBAL_STATE()->worker_id = s->worker_id; if (!s->workdir || !verify_workdir_state(s, errp)) { - nyx_error("Error: Invalid work dir...\n"); - exit(1); + nyx_abort("Invalid work dir...\n"); } if (!s->sharedir || !verify_sharedir_state(s, errp)) { diff --git a/nyx/snapshot/memory/backend/nyx_dirty_ring.c b/nyx/snapshot/memory/backend/nyx_dirty_ring.c index 8930cfc58b..4c5a787ce5 100644 --- a/nyx/snapshot/memory/backend/nyx_dirty_ring.c +++ b/nyx/snapshot/memory/backend/nyx_dirty_ring.c @@ -2,6 +2,8 @@ #include "qemu/osdep.h" #include +#include "nyx/debug.h" +#include "nyx/helpers.h" #include "nyx/snapshot/helper.h" #include "nyx/snapshot/memory/backend/nyx_dirty_ring.h" @@ -35,7 +37,7 @@ static int vm_enable_dirty_ring(int vm_fd, uint32_t ring_size) int ret = ioctl(vm_fd, KVM_ENABLE_CAP, &cap); if (ret != 0) { - printf("[QEMU-Nyx] Error: KVM_ENABLE_CAP ioctl failed\n"); + nyx_error("KVM_ENABLE_CAP ioctl failed\n"); } return ring_size; @@ -45,13 +47,11 @@ static int check_dirty_ring_size(int kvm_fd, int vm_fd) { int ret = ioctl(kvm_fd, KVM_CHECK_EXTENSION, KVM_CAP_DIRTY_LOG_RING); if (ret < 0) { - printf("[QEMU-Nyx] Error: KVM_CAP_DIRTY_LOG_RING failed (dirty ring not " - "supported?)\n"); - exit(1); + nyx_abort("KVM_CAP_DIRTY_LOG_RING failed (dirty ring not supported?)\n"); } - printf("[QEMU-Nyx] Max Dirty Ring Size -> %d (Entries: %d)\n", ret, - ret / (int)sizeof(struct kvm_dirty_gfn)); + nyx_printf("Max Dirty Ring Size -> %d (Entries: %d)\n", ret, + ret / (int)sizeof(struct kvm_dirty_gfn)); uint64_t dirty_ring_max_size = ret; // kvm_dirty_ring_size * sizeof(struct kvm_dirty_gfn); @@ -60,9 +60,7 @@ static int check_dirty_ring_size(int kvm_fd, int vm_fd) ret = vm_enable_dirty_ring(vm_fd, dirty_ring_max_size); if (ret < 0) { - printf("[QEMU-Nyx] Error: Enabling dirty ring (size: %ld) failed\n", - dirty_ring_max_size); - exit(1); + nyx_abort("Enabling dirty ring (size: %ld) failed\n", dirty_ring_max_size); } dirty_ring_max_size_global = dirty_ring_max_size; @@ -78,11 +76,10 @@ static void allocate_dirty_ring(int kvm_vcpu, int vm_fd) MAP_SHARED, kvm_vcpu, PAGE_SIZE * KVM_DIRTY_LOG_PAGE_OFFSET); if (kvm_dirty_gfns == MAP_FAILED) { - printf("[QEMU-Nyx] Error: Dirty ring mmap failed!\n"); - exit(1); + nyx_abort("Dirty ring mmap failed!\n"); } } - printf("[QEMU-Nyx] Dirty ring mmap region located at %p\n", kvm_dirty_gfns); + nyx_printf("Dirty ring mmap region located at %p\n", kvm_dirty_gfns); int ret = ioctl(vm_fd, KVM_RESET_DIRTY_RINGS, 0); assert(ret == 0); @@ -141,11 +138,8 @@ static void dirty_ring_flush_and_collect(nyx_dirty_ring_t *self, cleared++; entry->flags |= 0x2; // reset dirty entry } else { - printf("[QEMU-Nyx] [%p] kvm_dirty_gfn -> flags: %d slot: %d offset: %lx " - "{ERROR}\n", - entry, entry->flags, entry->slot, entry->offset); - fflush(stdout); - exit(1); + nyx_abort("[%p] kvm_dirty_gfn -> flags: %d slot: %d offset: %lx\n", + entry, entry->flags, entry->slot, entry->offset); } kvm_dirty_gfns_index++; @@ -171,11 +165,8 @@ static void dirty_ring_flush(int vm_fd) cleared++; entry->flags |= 0x2; // reset dirty entry } else { - printf("[QEMU-Nyx] [%p] kvm_dirty_gfn -> flags: %d slot: %d offset: %lx " - "{ERROR}\n", - entry, entry->flags, entry->slot, entry->offset); - fflush(stdout); - exit(1); + nyx_abort("[%p] kvm_dirty_gfn -> flags: %d slot: %d offset: %lx\n", + entry, entry->flags, entry->slot, entry->offset); } kvm_dirty_gfns_index++; @@ -253,18 +244,19 @@ nyx_dirty_ring_t *nyx_dirty_ring_init(shadow_memory_t *shadow_memory) #ifdef DEBUG__PRINT_DIRTY_RING for (int i = 0; i < self->kvm_region_slots_num; i++) { - printf("[%d].enabled = %d\n", i, self->kvm_region_slots[i].enabled); - printf("[%d].bitmap = %p\n", i, self->kvm_region_slots[i].bitmap); - printf("[%d].stack = %p\n", i, self->kvm_region_slots[i].stack); - printf("[%d].stack_ptr = %ld\n", i, self->kvm_region_slots[i].stack_ptr); + nyx_debug("[%d].enabled = %d\n", i, self->kvm_region_slots[i].enabled); + nyx_debug("[%d].bitmap = %p\n", i, self->kvm_region_slots[i].bitmap); + nyx_debug("[%d].stack = %p\n", i, self->kvm_region_slots[i].stack); + nyx_debug("[%d].stack_ptr = %ld\n", i, + self->kvm_region_slots[i].stack_ptr); if (self->kvm_region_slots[i].enabled) { - printf("[%d].region_id = %d\n", i, - self->kvm_region_slots[i].region_id); - printf("[%d].region_offset = 0x%lx\n", i, - self->kvm_region_slots[i].region_offset); + nyx_debug("[%d].region_id = %d\n", i, + self->kvm_region_slots[i].region_id); + nyx_debug("[%d].region_offset = 0x%lx\n", i, + self->kvm_region_slots[i].region_offset); } else { - printf("[%d].region_id = -\n", i); - printf("[%d].region_offset = -\n", i); + nyx_debug("[%d].region_id = -\n", i); + nyx_debug("[%d].region_offset = -\n", i); } } #endif diff --git a/nyx/snapshot/memory/shadow_memory.c b/nyx/snapshot/memory/shadow_memory.c index 77a2cb5b3f..7efd9ee61a 100644 --- a/nyx/snapshot/memory/shadow_memory.c +++ b/nyx/snapshot/memory/shadow_memory.c @@ -8,6 +8,7 @@ #include "qemu/rcu_queue.h" #include "nyx/debug.h" +#include "nyx/helpers.h" #include "nyx/memory_access.h" #include "nyx/snapshot/helper.h" @@ -187,13 +188,7 @@ shadow_memory_t *shadow_memory_init_from_snapshot(const char *snapshot_folder, assert(fread(&head, sizeof(fast_reload_dump_head_t), 1, file_mem_meta) == 1); fclose(file_mem_meta); - if (self->ram_regions_num != head.shadow_memory_regions) { - nyx_error( - "Error: self->ram_regions_num (%d) != head.shadow_memory_regions (%d)\n", - self->ram_regions_num, head.shadow_memory_regions); - exit(1); - } - + assert(self->ram_regions_num == head.shadow_memory_regions); // printf("LOAD -> self->ram_regions_num: %d\n", self->ram_regions_num); FILE *file_mem_dump = fopen(path_dump, "r"); @@ -208,13 +203,12 @@ shadow_memory_t *shadow_memory_init_from_snapshot(const char *snapshot_folder, if (self->memory_size != file_mem_dump_size) { if (file_mem_dump_size >= VGA_SIZE) { - nyx_error("ERROR: guest size should be %ld MB - set it to %ld MB\n", + nyx_abort("Guest size should be %ld MB - set it to %ld MB\n", (file_mem_dump_size - VGA_SIZE) >> 20, (self->memory_size - VGA_SIZE) >> 20); - exit(1); } else { - nyx_error("ERROR: guest size: %ld bytes\n", file_mem_dump_size); - exit(1); + nyx_abort("Guest mem size != file size: %ld != %ld bytes\n", + self->memory_size, file_mem_dump_size); } } assert(self->memory_size == ftell(file_mem_dump));