add debug hypercall (ram offset)

- to test translation from virtual to ram offset addresses

nyx/hypercall/debug.c

@@ -6,9 +6,11 @@
 
 #include "nyx/fast_vm_reload.h"
 #include "nyx/hypercall/debug.h"
+#include "nyx/memory_access.h"
 #include "nyx/state/state.h"
 #include "nyx/synchronization.h"
 #include "qapi/qapi-commands-dump.h"
+#include "exec/ram_addr.h"
 
 #ifdef NYX_DEBUG
 #define NYX_ENABLE_DEBUG_HYPERCALLS
@@ -52,6 +54,61 @@ static void meassure_performance(void)
     perf_counter++;
 }
 
+static void handle_hypercall_kafl_debug_virt_to_ram_offset(struct kvm_run *run,
+                                                        CPUState       *cpu,
+                                                        uint64_t        hypercall_arg)
+{
+    static bool once = true;
+    CPUX86State *env;
+    static uint64_t ram_block = 0;
+    RAMBlock *block;
+
+    if(once){
+        if (!fast_snapshot_exists(GET_GLOBAL_STATE()->reload_state,
+                                  REQUEST_ROOT_EXISTS))
+        {
+            request_fast_vm_reload(GET_GLOBAL_STATE()->reload_state,
+                                REQUEST_SAVE_SNAPSHOT_ROOT);
+        }
+
+        QLIST_FOREACH_RCU (block, &ram_list.blocks, next) {
+            if (!memcmp(block->idstr, "pc.ram", 6)) {
+
+                ram_block = (uint64_t)block->host;
+                break;
+            }
+        }
+
+        assert(ram_block != 0);
+
+        once = false;
+    }
+
+    kvm_arch_get_registers_fast(cpu);
+    env = &(X86_CPU(cpu))->env;
+
+    uint64_t virt_addr = hypercall_arg & ~0xFFF; 
+
+    uint64_t phys_addr = (hwaddr)get_paging_phys_addr(cpu, env->cr[3], virt_addr) & 0xFFFFFFFFFFFFF000ULL;
+    uint64_t phys_addr_ram_offset = address_to_ram_offset(phys_addr);
+
+    if(!(phys_addr_ram_offset < snapshot_page_blocklist_get_phys_area_size(get_fast_reload_snapshot()->blocklist))){
+
+        printf("virt: %lx\n", virt_addr);
+        printf("phys: %lx\n", phys_addr);
+        printf("ram_offset: %lx\n", phys_addr_ram_offset);
+        abort();
+    }
+
+    *((uint64_t*)(ram_block+phys_addr_ram_offset)) = virt_addr;
+
+    if(ram_offset_to_address(phys_addr_ram_offset) != phys_addr){
+        printf("phys: %lx\n", phys_addr);
+        printf("ram_offset_to_address(phys_addr_ram_offset): %lx\n", ram_offset_to_address(phys_addr_ram_offset));
+        abort();
+    }
+}
+
 void handle_hypercall_kafl_debug_tmp_snapshot(struct kvm_run *run,
                                               CPUState       *cpu,
                                               uint64_t        hypercall_arg)
@@ -105,7 +162,7 @@ void handle_hypercall_kafl_debug_tmp_snapshot(struct kvm_run *run,
                                    REQUEST_LOAD_SNAPSHOT_ROOT);
             break;
         }
-    case 6:
+    case 6: // kcore debug hypercall
         nyx_warn_once("%s: perform kcore_dump!\n", __func__);
         bool in_fuzzing_mode_state = GET_GLOBAL_STATE()->in_fuzzing_mode;
         GET_GLOBAL_STATE()->in_fuzzing_mode = true;        
@@ -116,6 +173,9 @@ void handle_hypercall_kafl_debug_tmp_snapshot(struct kvm_run *run,
         }
         GET_GLOBAL_STATE()->in_fuzzing_mode = in_fuzzing_mode_state;
         break;
+    case 7: // virtual address to ramblock offset debug hypercall
+        handle_hypercall_kafl_debug_virt_to_ram_offset(run, cpu, hypercall_arg);
+        break;
     default:
         abort();
     }

nyx/snapshot/memory/block_list.c

@@ -16,6 +16,9 @@
 
 // #define DEBUG_NYX_SNAPSHOT_PAGE_BLOCKLIST
 
+uint64_t snapshot_page_blocklist_get_phys_area_size(snapshot_page_blocklist_t *self){
+    return self->phys_area_size;
+}
 
 snapshot_page_blocklist_t *snapshot_page_blocklist_init(void)
 {

nyx/snapshot/memory/block_list.h

@@ -32,3 +32,7 @@ static inline bool snapshot_page_blocklist_check_phys_addr(
 }
 
 snapshot_page_blocklist_t *snapshot_page_blocklist_init(void);
+
+#ifdef NYX_DEBUG
+uint64_t snapshot_page_blocklist_get_phys_area_size(snapshot_page_blocklist_t *self);
+#endif