david.venhoff/QEMU-Nyx-fork
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more missing newlines, fix use of warn/error

Browse Source 
- replace several hardcoded fprintf()
- use of warn vs error or nyx_abort()
- several more missing newlines
- fixed up messages
This commit is contained in:
Steffen Schulz 2022-11-04 16:46:40 -07:00 committed by Sergej Schumilo
parent 0675844956
commit b40f7c60e9
18 changed files with 124 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nyx/auxiliary_buffer.c
View File

@ -135,7 +135,7 @@ void check_auxiliary_config_buffer(auxilary_buffer_t *auxilary_buffer,
uint64_t data;
VOLATILE_READ_64(data, auxilary_buffer->configuration.page_addr);
GET_GLOBAL_STATE()->dump_page_addr = data;
// fprintf(stderr, "%s dump_page_addr => 0x%lx\n", __func__, GET_GLOBAL_STATE()->dump_page_addr);
// nyx_debug("%s dump_page_addr => 0x%lx\n", __func__, GET_GLOBAL_STATE()->dump_page_addr);
VOLATILE_WRITE_8(auxilary_buffer->configuration.page_dump_mode, 0);
VOLATILE_WRITE_64(auxilary_buffer->configuration.page_addr, 0);
}

4
nyx/fast_vm_reload.c
View File

@ -316,7 +316,7 @@ void fast_reload_serialize_to_file(fast_reload_t *self,
/* sanity check */
if (!folder_exits(folder)) {
nyx_debug_p(RELOAD_PREFIX, "Folder %s does not exist...failed!", folder);
nyx_error("Folder %s does not exist. Abort.\n", folder);
assert(0);
}
@ -348,7 +348,7 @@ static void fast_reload_create_from_snapshot(fast_reload_t *self,
wait_for_snapshot(folder);
nyx_debug_p(RELOAD_PREFIX,
"=> CREATING FAST RELOAD SNAPSHOT FROM DUMP (located in: %s)", folder);
"=> CREATING FAST RELOAD SNAPSHOT FROM DUMP (location: %s)\n", folder);
rcu_read_lock();

5
nyx/fast_vm_reload_sync.c
View File

@ -304,7 +304,7 @@ bool check_if_relood_request_exists_pre(fast_vm_reload_sync_t *self)
switch (self->current_request) {
case REQUEST_VOID:
fprintf(stderr, "%s: REQUEST_VOID requested!\n", __func__);
nyx_error("%s: REQUEST_VOID requested!\n", __func__);
abort();
case REQUEST_SAVE_SNAPSHOT_PRE_FIX_RIP:
@ -335,8 +335,7 @@ bool check_if_relood_request_exists_pre(fast_vm_reload_sync_t *self)
break;
default:
fprintf(stderr, "%s: Unkown request: %d\n", __func__,
self->current_request);
nyx_error("%s: Unkown request: %d\n", __func__, self->current_request);
abort();
}
return true;

7
nyx/helpers.c
View File

@ -177,7 +177,8 @@ bool apply_capabilities(CPUState *cpu)
}
if (GET_GLOBAL_STATE()->cap_compile_time_tracing_buffer_vaddr & 0xfff) {
fprintf(stderr, "[QEMU-Nyx] Error: guest's trace bitmap v_addr (0x%lx) is not page aligned!\n",
nyx_error(
"Error: Guest trace bitmap v_addr (0x%lx) is not page aligned!\n",
GET_GLOBAL_STATE()->cap_compile_time_tracing_buffer_vaddr);
return false;
}
@ -202,8 +203,8 @@ bool apply_capabilities(CPUState *cpu)
GET_GLOBAL_STATE()->cap_ijon_tracing_buffer_vaddr);
if (GET_GLOBAL_STATE()->cap_ijon_tracing_buffer_vaddr & 0xfff) {
error_printf("[QEMU-Nyx] Error: guest's ijon buffer v_addr (0x%lx) is "
"not page aligned!\n",
nyx_error(
"Error: Guest ijon buffer v_addr (0x%lx) is not page aligned!\n",
GET_GLOBAL_STATE()->cap_ijon_tracing_buffer_vaddr);
return false;
}

18
nyx/hypercall/configuration.c
View File

@ -1,5 +1,6 @@
#include "qemu/osdep.h"
#include "nyx/debug.h"
#include "nyx/helpers.h"
#include "nyx/hypercall/configuration.h"
#include "nyx/memory_access.h"
@ -55,15 +56,13 @@ void handle_hypercall_kafl_set_agent_config(struct kvm_run *run,
if (read_virtual_memory(vaddr, (uint8_t *)&config, sizeof(agent_config_t), cpu)) {
if (config.agent_magic != NYX_AGENT_MAGIC) {
fprintf(stderr,
"[QEMU-Nyx] Error: NYX_AGENT_MAGIC not found in agent "
"configuration - You are probably using an outdated agent...\n");
nyx_error("Error: NYX_AGENT_MAGIC not found in agent configuration"
" - You are probably using an outdated agent...\n");
exit(1);
}
if (config.agent_version != NYX_AGENT_VERSION) {
fprintf(stderr,
"[QEMU-Nyx] Error: NYX_AGENT_VERSION does not match in agent "
nyx_error("Error: NYX_AGENT_VERSION does not match in agent "
"configuration (%d != %d) - "
"You are probably using an outdated agent...\n",
config.agent_version, NYX_AGENT_VERSION);
@ -78,10 +77,8 @@ void handle_hypercall_kafl_set_agent_config(struct kvm_run *run,
if (!GET_GLOBAL_STATE()->cap_compile_time_tracing &&
!GET_GLOBAL_STATE()->nyx_fdl)
{
fprintf(
stderr,
"[QEMU-Nyx] Error: Attempt to fuzz target without compile-time "
"instrumentation - Intel PT is not supported on this KVM build!\n");
nyx_error("Error: No Intel PT support on this KVM build and no "
"compile-time instrumentation enabled in the target\n");
exit(1);
}
@ -117,8 +114,7 @@ void handle_hypercall_kafl_set_agent_config(struct kvm_run *run,
}
} else {
fprintf(stderr, "[QEMU-Nyx] Error: %s - failed (vaddr: 0x%lx)!\n", __func__,
vaddr);
nyx_error("Error: %s - failed (vaddr: 0x%lx)!\n", __func__, vaddr);
exit(1);
}
GET_GLOBAL_STATE()->set_agent_config_done = true;

92
nyx/hypercall/hypercall.c
View File

@ -52,7 +52,6 @@ along with QEMU-PT. If not, see <http://www.gnu.org/licenses/>.
#include "nyx/state/state.h"
#include "nyx/synchronization.h"
// #define DEBUG_HPRINTF
#define HPRINTF_SIZE 0x1000 /* FIXME: take from nyx.h */
bool hypercall_enabled = false;
@ -147,7 +146,7 @@ static void acquire_print_once(CPUState *cpu)
if (acquire_print_once_bool) {
acquire_print_once_bool = false;
kvm_arch_get_registers(cpu);
nyx_debug("handle_hypercall_kafl_acquire at:%lx\n", get_rip(cpu));
nyx_debug("handle_hypercall_kafl_acquire at IP: %lx\n", get_rip(cpu));
}
}
@ -179,11 +178,11 @@ static void handle_hypercall_get_payload(struct kvm_run *run,
}
if (hypercall_enabled && !setup_snapshot_once) {
nyx_debug_p(CORE_PREFIX, "Payload Address:\t%lx", hypercall_arg);
nyx_debug_p(CORE_PREFIX, "Payload Address: 0x%lx\n", hypercall_arg);
kvm_arch_get_registers(cpu);
CPUX86State *env = &(X86_CPU(cpu))->env;
GET_GLOBAL_STATE()->parent_cr3 = env->cr[3] & 0xFFFFFFFFFFFFF000ULL;
nyx_debug_p(CORE_PREFIX, "Payload CR3:\t%lx",
nyx_debug_p(CORE_PREFIX, "Payload CR3: 0x%lx\n",
(uint64_t)GET_GLOBAL_STATE()->parent_cr3);
// print_48_pagetables(GET_GLOBAL_STATE()->parent_cr3);
@ -216,7 +215,7 @@ static void handle_hypercall_kafl_req_stream_data(struct kvm_run *run,
kvm_arch_get_registers(cpu);
/* address has to be page aligned */
if ((hypercall_arg & 0xFFF) != 0) {
nyx_debug("%s: ERROR -> address is not page aligned!\n", __func__);
nyx_error("REQ_STREAM_DATA: Provided address is not page aligned!\n");
set_return_value(cpu, 0xFFFFFFFFFFFFFFFFULL);
} else {
read_virtual_memory(hypercall_arg, (uint8_t *)req_stream_buffer, 0x100, cpu);
@ -245,7 +244,7 @@ static void handle_hypercall_kafl_req_stream_data_bulk(struct kvm_run *run,
kvm_arch_get_registers(cpu);
/* address has to be page aligned */
if ((hypercall_arg & 0xFFF) != 0) {
nyx_debug("%s: ERROR -> address is not page aligned!\n", __func__);
nyx_error("REQ_STREAM_DATA_BULK: Provided address is not page aligned!\n");
set_return_value(cpu, 0xFFFFFFFFFFFFFFFFUL);
return;
}
@ -286,14 +285,12 @@ static void handle_hypercall_kafl_range_submit(struct kvm_run *run,
read_virtual_memory(hypercall_arg, (uint8_t *)&buffer, sizeof(buffer), cpu);
if (buffer[2] >= 2) {
nyx_debug_p(CORE_PREFIX, "%s: illegal range=%ld\n", __func__, buffer[2]);
nyx_warn("ignoring invalid range register %ld\n", buffer[2]);
return;
}
if (GET_GLOBAL_STATE()->pt_ip_filter_configured[buffer[2]]) {
nyx_debug_p(CORE_PREFIX,
"Ignoring agent-provided address ranges (abort reason: 1) - %ld",
buffer[2]);
nyx_warn("ignoring already configured range reg %ld\n", buffer[2]);
return;
}
@ -301,13 +298,10 @@ static void handle_hypercall_kafl_range_submit(struct kvm_run *run,
GET_GLOBAL_STATE()->pt_ip_filter_a[buffer[2]] = buffer[0];
GET_GLOBAL_STATE()->pt_ip_filter_b[buffer[2]] = buffer[1];
GET_GLOBAL_STATE()->pt_ip_filter_configured[buffer[2]] = true;
nyx_debug_p(CORE_PREFIX, "Configuring agent-provided address ranges:");
nyx_debug_p(CORE_PREFIX, "\tIP%ld: %lx-%lx [ENABLED]", buffer[2],
GET_GLOBAL_STATE()->pt_ip_filter_a[buffer[2]],
GET_GLOBAL_STATE()->pt_ip_filter_b[buffer[2]]);
nyx_debug_p(CORE_PREFIX, "Configured range register IP%ld: 0x%08lx-0x%08lx\n",
buffer[2], buffer[0], buffer[1]);
} else {
nyx_debug_p(CORE_PREFIX,
"Ignoring agent-provided address ranges (abort reason: 2)");
nyx_warn("ignoring invalid range register %ld (NULL page)\n", buffer[2]);
}
}
@ -316,7 +310,7 @@ static void release_print_once(CPUState *cpu)
if (release_print_once_bool) {
release_print_once_bool = false;
kvm_arch_get_registers(cpu);
nyx_debug("handle_hypercall_kafl_release at:%lx\n", get_rip(cpu));
nyx_debug("handle_hypercall_kafl_release at IP: %lx\n", get_rip(cpu));
}
}
@ -326,6 +320,7 @@ void handle_hypercall_kafl_release(struct kvm_run *run,
{
if (hypercall_enabled) {
if (init_state) {
nyx_debug_p(CORE_PREFIX, "[RELEASE] init_state=false\n");
init_state = false;
} else {
if (hypercall_arg > 0) {
@ -350,7 +345,7 @@ void handle_hypercall_kafl_mtf(struct kvm_run *run, CPUState *cpu, uint64_t hype
// assert(false);
kvm_arch_get_registers_fast(cpu);
fprintf(stderr, "%s --> %lx\n", __func__, get_rip(cpu));
nyx_printf("%s --> %lx\n", __func__, get_rip(cpu));
kvm_vcpu_ioctl(cpu, KVM_VMX_PT_DISABLE_MTF);
@ -374,7 +369,7 @@ void handle_hypercall_kafl_page_dump_bp(struct kvm_run *run,
kvm_vcpu_ioctl(cpu, KVM_VMX_PT_DISABLE_MTF);
bool success = false;
// fprintf(stderr, "page_cache_fetch = %lx\n",
// nyx_printf("page_cache_fetch = %lx\n",
// page_cache_fetch(GET_GLOBAL_STATE()->page_cache, page, &success, false));
page_cache_fetch(GET_GLOBAL_STATE()->page_cache, page, &success, false);
if (success) {
@ -407,7 +402,7 @@ static void handle_hypercall_kafl_cr3(struct kvm_run *run,
uint64_t hypercall_arg)
{
if (hypercall_enabled) {
// nyx_debug_p(CORE_PREFIX, "CR3 address:\t\t%lx", hypercall_arg);
nyx_debug_p(CORE_PREFIX, "Setting CR3 filter: %lx\n", hypercall_arg);
pt_set_cr3(cpu, hypercall_arg & 0xFFFFFFFFFFFFF000ULL, false);
if (GET_GLOBAL_STATE()->dump_page) {
set_page_dump_bp(cpu, hypercall_arg & 0xFFFFFFFFFFFFF000ULL,
@ -425,7 +420,7 @@ static void handle_hypercall_kafl_submit_panic(struct kvm_run *run,
}
if (hypercall_enabled) {
nyx_debug_p(CORE_PREFIX, "Panic address:\t%lx", hypercall_arg);
nyx_debug_p(CORE_PREFIX, "Panic address: %lx\n", hypercall_arg);
switch (get_current_mem_mode(cpu)) {
case mm_32_protected:
@ -451,7 +446,7 @@ static void handle_hypercall_kafl_submit_kasan(struct kvm_run *run,
uint64_t hypercall_arg)
{
if (hypercall_enabled) {
nyx_debug_p(CORE_PREFIX, "kASAN address:\t%lx", hypercall_arg);
nyx_debug_p(CORE_PREFIX, "kASAN address:\t%lx\n", hypercall_arg);
switch (get_current_mem_mode(cpu)) {
case mm_32_protected:
@ -563,9 +558,7 @@ static void handle_hypercall_kafl_kasan(struct kvm_run *run,
if (fast_reload_snapshot_exists(get_fast_reload_snapshot())) {
synchronization_lock_asan_found();
} else {
nyx_debug_p(
CORE_PREFIX,
"KASAN detected during initialization of stage 1 or stage 2 loader");
nyx_warn("KASAN detected during initialization stage!\n");
}
}
}
@ -579,15 +572,13 @@ static void handle_hypercall_kafl_lock(struct kvm_run *run,
}
if (!GET_GLOBAL_STATE()->fast_reload_pre_image) {
nyx_debug_p(CORE_PREFIX,
"Skipping pre image creation (hint: set pre=on) ...");
nyx_error("Skipping pre image creation (hint: set pre=on)\n");
return;
}
nyx_debug_p(CORE_PREFIX, "Creating pre image snapshot <%s> ...",
nyx_debug_p(CORE_PREFIX, "Creating pre image snapshot <%s>\n",
GET_GLOBAL_STATE()->fast_reload_pre_path);
nyx_debug("Creating pre image snapshot");
request_fast_vm_reload(GET_GLOBAL_STATE()->reload_state,
REQUEST_SAVE_SNAPSHOT_PRE);
}
@ -597,9 +588,9 @@ static void handle_hypercall_kafl_printf(struct kvm_run *run,
uint64_t hypercall_arg)
{
read_virtual_memory(hypercall_arg, (uint8_t *)hprintf_buffer, HPRINTF_SIZE, cpu);
#ifdef DEBUG_HPRINTF
fprintf(stderr, "%s %s\n", __func__, hprintf_buffer);
#endif
// hprintf_buffer[HPRINTF_SIZE] = 0;
// nyx_debug("%s: %s\n", __func__, hprintf_buffer);
set_hprintf_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer, hprintf_buffer,
strnlen(hprintf_buffer, HPRINTF_SIZE));
synchronization_lock();
@ -638,22 +629,17 @@ static void handle_hypercall_kafl_user_submit_mode(struct kvm_run *run,
switch (hypercall_arg) {
case KAFL_MODE_64:
nyx_debug_p(CORE_PREFIX, "target runs in KAFL_MODE_64 ...");
nyx_debug_p(CORE_PREFIX, "SUBMIT_MODE set to KAFL_MODE_64\n");
GET_GLOBAL_STATE()->disassembler_word_width = 64;
break;
case KAFL_MODE_32:
nyx_debug_p(CORE_PREFIX, "target runs in KAFL_MODE_32 ...");
nyx_debug_p(CORE_PREFIX, "SUBMIT_MODE set to KAFL_MODE_32\n");
GET_GLOBAL_STATE()->disassembler_word_width = 32;
break;
case KAFL_MODE_16:
nyx_debug_p(CORE_PREFIX, "target runs in KAFL_MODE_16 ...");
GET_GLOBAL_STATE()->disassembler_word_width = 16;
abort(); /* not implemented in this version (due to hypertrash hacks) */
break;
/* not implemented in this version (due to hypertrash hacks) */
default:
nyx_debug_p(CORE_PREFIX, "target runs in unkown mode...");
GET_GLOBAL_STATE()->disassembler_word_width = 0;
abort(); /* not implemented in this version (due to hypertrash hacks) */
nyx_abort("SUBMIT_MODE set to invalid value\n");
break;
}
}
@ -688,7 +674,8 @@ static void handle_hypercall_kafl_user_abort(struct kvm_run *run,
{
read_virtual_memory(hypercall_arg, (uint8_t *)hprintf_buffer, HPRINTF_SIZE, cpu);
set_abort_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer,
hprintf_buffer, strlen(hprintf_buffer));
hprintf_buffer,
strnlen(hprintf_buffer, HPRINTF_SIZE));
synchronization_lock();
}
@ -739,7 +726,7 @@ static void handle_hypercall_kafl_dump_file(struct kvm_run *run,
if (!read_virtual_memory(vaddr, (uint8_t *)&file_obj, sizeof(kafl_dump_file_t),
cpu))
{
fprintf(stderr, "Failed to read file_obj in %s. Skipping..\n", __func__);
nyx_error("Failed to read file_obj in %s. Skipping..\n", __func__);
goto err_out1;
}
@ -747,14 +734,14 @@ static void handle_hypercall_kafl_dump_file(struct kvm_run *run,
if (!read_virtual_memory(file_obj.file_name_str_ptr, (uint8_t *)filename,
sizeof(filename) - 1, cpu))
{
fprintf(stderr, "Failed to read file_name_str_ptr in %s. Skipping..\n",
nyx_error("Failed to read file_name_str_ptr in %s. Skipping..\n",
__func__);
goto err_out1;
}
filename[sizeof(filename) - 1] = 0;
}
// fprintf(stderr, "%s: dump %lu fbytes from %s (append=%u)\n",
// nyx_error("%s: dump %lu fbytes from %s (append=%u)\n",
// __func__, file_obj.bytes, filename, file_obj.append);
// use a tempfile if file_name_ptr == NULL or points to empty string
@ -772,9 +759,7 @@ static void handle_hypercall_kafl_dump_file(struct kvm_run *run,
unsigned suffix = strlen(pattern) - strlen("XXXXXX");
f = fdopen(mkstemps(host_path, suffix), "w+");
if (file_obj.append) {
fprintf(stderr,
"Warning in %s: Writing unique generated file in append mode?\n",
__func__);
nyx_warn("Writing unique generated file in append mode?\n");
}
} else {
if (file_obj.append) {
@ -785,7 +770,7 @@ static void handle_hypercall_kafl_dump_file(struct kvm_run *run,
}
if (!f) {
fprintf(stderr, "Error in %s(%s): %s\n", host_path, __func__, strerror(errno));
nyx_error("%s: %s - %s\n", __func__, host_path, strerror(errno));
goto err_out1;
}
@ -794,8 +779,8 @@ static void handle_hypercall_kafl_dump_file(struct kvm_run *run,
void *page = malloc(PAGE_SIZE);
uint32_t written = 0;
nyx_debug_p(CORE_PREFIX, "%s: dump %d bytes to %s (append=%u)", __func__, bytes,
host_path, file_obj.append);
nyx_debug_p(CORE_PREFIX, "Dump %d bytes to %s (append=%u)\n", bytes, host_path,
file_obj.append);
while (bytes > 0) {
if (bytes >= PAGE_SIZE) {
@ -809,8 +794,7 @@ static void handle_hypercall_kafl_dump_file(struct kvm_run *run,
}
if (!written) {
fprintf(stderr, "Error in %s(%s): %s\n", host_path, __func__,
strerror(errno));
nyx_error("%s: %s - %s\n", __func__, host_path, strerror(errno));
goto err_out2;
}
@ -848,7 +832,7 @@ int handle_kafl_hypercall(struct kvm_run *run,
uint64_t arg)
{
int ret = -1;
// fprintf(stderr, "%s -> %ld\n", __func__, hypercall);
// nyx_debug("%s -> %ld\n", __func__, hypercall);
// FIXME: ret is always 0. no default case.
switch (hypercall) {

4
nyx/interface.c
View File

@ -162,7 +162,7 @@ static int nyx_create_payload_buffer(nyx_interface_state *s,
fd = open(file, O_CREAT | O_RDWR, S_IRWXU | S_IRWXG | S_IRWXO);
assert(ftruncate(fd, buffer_size) == 0);
stat(file, &st);
nyx_debug_p(INTERFACE_PREFIX, "new shm file: (max size: %lx) %lx", buffer_size,
nyx_debug_p(INTERFACE_PREFIX, "new shm file: (max size: %lx) %lx\n", buffer_size,
st.st_size);
assert(buffer_size == st.st_size);
@ -419,7 +419,7 @@ static void nyx_realize(DeviceState *dev, Error **errp)
}
if (!s->sharedir || !verify_sharedir_state(s, errp)) {
nyx_error("Warning: Invalid sharedir...\n");
nyx_warn("Invalid sharedir...\n");
} else {
sharedir_set_dir(GET_GLOBAL_STATE()->sharedir, s->sharedir);
}

12
nyx/kvm_nested.c
View File

@ -202,13 +202,13 @@ static void write_address(uint64_t address, uint64_t size, uint64_t prot)
/* do not print guard pages or empty pages without any permissions */
if (last_address && (CHECK_BIT(last_prot, 1) || !CHECK_BIT(last_prot, 63))) {
if (CHECK_BIT(last_prot, 1) && !CHECK_BIT(last_prot, 63)) {
nyx_debug_p(NESTED_VM_PREFIX, "%016lx - %016lx %c%c%c [WARNING]",
nyx_debug_p(NESTED_VM_PREFIX, "%016lx - %016lx %c%c%c [WARNING]\n",
last_address, next_address,
CHECK_BIT(last_prot, 1) ? 'W' : '-',
CHECK_BIT(last_prot, 2) ? 'U' : 'K',
!CHECK_BIT(last_prot, 63) ? 'X' : '-');
} else {
nyx_debug_p(NESTED_VM_PREFIX, "%016lx - %016lx %c%c%c", last_address,
nyx_debug_p(NESTED_VM_PREFIX, "%016lx - %016lx %c%c%c\n", last_address,
next_address, CHECK_BIT(last_prot, 1) ? 'W' : '-',
CHECK_BIT(last_prot, 2) ? 'U' : 'K',
!CHECK_BIT(last_prot, 63) ? 'X' : '-');
@ -376,11 +376,11 @@ void kvm_nested_get_info(CPUState *cpu)
__attribute__((unused)) struct vmcs12 *saved_vmcs =
(struct vmcs12 *)&(env->nested_state->data);
nyx_debug_p(NESTED_VM_PREFIX, "VMCS host_cr3:\t%lx", saved_vmcs->host_cr3);
nyx_debug_p(NESTED_VM_PREFIX, "VMCS host_cr4:\t%lx", saved_vmcs->host_cr4);
nyx_debug_p(NESTED_VM_PREFIX, "VMCS host_ia32_efer:\t%lx",
nyx_debug_p(NESTED_VM_PREFIX, "VMCS host_cr3:\t%lx\n", saved_vmcs->host_cr3);
nyx_debug_p(NESTED_VM_PREFIX, "VMCS host_cr4:\t%lx\n", saved_vmcs->host_cr4);
nyx_debug_p(NESTED_VM_PREFIX, "VMCS host_ia32_efer:\t%lx\n",
saved_vmcs->host_ia32_efer);
nyx_debug_p(NESTED_VM_PREFIX, "VMCS host_cr0:\t%lx", saved_vmcs->host_cr0);
nyx_debug_p(NESTED_VM_PREFIX, "VMCS host_cr0:\t%lx\n", saved_vmcs->host_cr0);
return;
}

22
nyx/memory_access.c
View File

@ -373,7 +373,7 @@ bool write_virtual_memory(uint64_t address, uint8_t *data, uint32_t size, CPUSta
cpu_get_phys_page_attrs_debug(cpu, (address & x86_64_PAGE_MASK), &attrs);
if (phys_addr == INVALID_ADDRESS) {
nyx_debug_p(MEM_PREFIX, "phys_addr == -1:\t%lx", address);
nyx_debug_p(MEM_PREFIX, "phys_addr == -1:\t%lx\n", address);
return false;
}
@ -381,7 +381,7 @@ bool write_virtual_memory(uint64_t address, uint8_t *data, uint32_t size, CPUSta
res = address_space_rw(cpu_get_address_space(cpu, asidx), phys_addr,
MEMTXATTRS_UNSPECIFIED, data, l, true);
if (res != MEMTX_OK) {
nyx_debug_p(MEM_PREFIX, "!MEMTX_OK:\t%lx", address);
nyx_debug_p(MEM_PREFIX, "!MEMTX_OK:\t%lx\n", address);
return false;
}
@ -908,10 +908,7 @@ bool read_virtual_memory(uint64_t address, uint8_t *data, uint32_t size, CPUStat
len_skipped = size - amount_copied;
}
nyx_error("Warning, read from unmapped memory:\t%lx, skipping to %lx",
address, next_page);
nyx_debug_p(MEM_PREFIX,
"Warning, read from unmapped memory:\t%lx, skipping to %lx",
nyx_warn("Read from unmapped memory addr %lx, skipping to %lx\n",
address, next_page);
memset(data + amount_copied, ' ', len_skipped);
address += len_skipped;
@ -929,8 +926,9 @@ bool read_virtual_memory(uint64_t address, uint8_t *data, uint32_t size, CPUStat
phys_addr, MEMTXATTRS_UNSPECIFIED,
tmp_buf, len_to_copy, 0);
if (txt) {
nyx_debug_p(MEM_PREFIX, "Warning, read failed:\t%lx (%lx)", address,
phys_addr);
nyx_debug_p(MEM_PREFIX,
"Warning, read failed for virt addr %lx (phys: %lx)\n",
address, phys_addr);
}
memcpy(data + amount_copied, tmp_buf, len_to_copy);
@ -980,8 +978,8 @@ bool dump_page_cr3_ht(uint64_t address, uint8_t *data, CPUState *cpu, uint64_t c
MEMTXATTRS_UNSPECIFIED, data, 0x1000, 0))
{
if (phys_addr != INVALID_ADDRESS) {
nyx_error("%s: Warning, read failed:\t%lx (%lx)\n", __func__, address,
phys_addr);
nyx_warn("%s: Read failed for virt addr %lx (phys: %lx)\n", __func__,
address, phys_addr);
}
return false;
}
@ -999,8 +997,8 @@ bool dump_page_ht(uint64_t address, uint8_t *data, CPUState *cpu)
MEMTXATTRS_UNSPECIFIED, data, 0x1000, 0))
{
if (phys_addr != 0xffffffffffffffffULL) {
nyx_error("%s: Warning, read failed:\t%lx (%lx)\n", __func__, address,
phys_addr);
nyx_warn("%s: Read failed for virt addr %lx (phys: %lx)\n", __func__,
address, phys_addr);
}
}
return true;

4
nyx/nested_hypercalls.c
View File

@ -72,7 +72,7 @@ void handle_hypercall_kafl_nested_prepare(struct kvm_run *run,
if ((uint64_t)run->hypercall.args[0]) {
nyx_debug_p(CORE_PREFIX,
"handle_hypercall_kafl_nested_prepare:\t NUM:\t%lx\t "
"ADDRESS:\t%lx\t CR3:\t%lx",
"ADDRESS:\t%lx\t CR3:\t%lx\n",
(uint64_t)run->hypercall.args[0], (uint64_t)run->hypercall.args[1],
(uint64_t)run->hypercall.args[2]);
} else {
@ -91,7 +91,7 @@ void handle_hypercall_kafl_nested_prepare(struct kvm_run *run,
if (i == 0) {
htos_config = buffer[i];
}
nyx_debug_p(CORE_PREFIX, "ADDRESS: %lx", buffer[i]);
nyx_debug_p(CORE_PREFIX, "ADDRESS: %lx\n", buffer[i]);
remap_payload_slot(buffer[i], i, cpu);
}

2
nyx/page_cache.c
View File

@ -247,7 +247,7 @@ page_cache_t *page_cache_new(CPUState *cpu, const char *cache_file)
self->last_page = 0xFFFFFFFFFFFFFFFF;
self->last_addr = 0xFFFFFFFFFFFFFFFF;
nyx_debug_p(PAGE_CACHE_PREFIX, "%s (%s - %s)", __func__, tmp1, tmp2);
nyx_debug_p(PAGE_CACHE_PREFIX, "%s (%s - %s)\n", __func__, tmp1, tmp2);
free(tmp3);
free(tmp2);

26
nyx/pt.c
View File

@ -62,8 +62,8 @@ static inline int pt_cmd_hmp_context(CPUState *cpu, uint64_t cmd)
{
cpu->pt_ret = -1;
if (pt_hypercalls_enabled()) {
nyx_debug_p(PT_PREFIX, "Error: HMP commands are ignored if kafl tracing "
"mode is enabled (-kafl)!");
nyx_error("HMP commands are ignored if kafl tracing "
"mode is enabled (-kafl)!\n");
} else {
cpu->pt_cmd = cmd;
run_on_cpu(cpu, pt_set, RUN_ON_CPU_NULL);
@ -110,16 +110,16 @@ void pt_dump(CPUState *cpu, int bytes)
cpu->intel_pt_run_trashed = true;
break;
case decoder_page_fault:
// fprintf(stderr, "Page not found => 0x%lx\n", libxdc_get_page_fault_addr(GET_GLOBAL_STATE()->decoder));
// nyx_warn("Page not found => 0x%lx\n", libxdc_get_page_fault_addr(GET_GLOBAL_STATE()->decoder));
GET_GLOBAL_STATE()->decoder_page_fault = true;
GET_GLOBAL_STATE()->decoder_page_fault_addr =
libxdc_get_page_fault_addr(GET_GLOBAL_STATE()->decoder);
break;
case decoder_unkown_packet:
fprintf(stderr, "WARNING: libxdc_decode returned unknown_packet\n");
nyx_warn("WARNING: libxdc_decode returned unknown_packet\n");
break;
case decoder_error:
fprintf(stderr, "WARNING: libxdc_decode returned decoder_error\n");
nyx_warn("WARNING: libxdc_decode returned decoder_error\n");
break;
}
}
@ -158,7 +158,7 @@ int pt_set_cr3(CPUState *cpu, uint64_t val, bool hmp_mode)
return -EINVAL;
}
if (GET_GLOBAL_STATE()->pt_c3_filter && GET_GLOBAL_STATE()->pt_c3_filter != val) {
// nyx_debug_p(PT_PREFIX, "Reconfigure CR3-Filtering!");
// nyx_debug_p(PT_PREFIX, "Reconfigure CR3-Filtering!\n");
GET_GLOBAL_STATE()->pt_c3_filter = val;
r += pt_cmd(cpu, KVM_VMX_PT_CONFIGURE_CR3, hmp_mode);
r += pt_cmd(cpu, KVM_VMX_PT_ENABLE_CR3, hmp_mode);
@ -185,7 +185,7 @@ int pt_enable_ip_filtering(CPUState *cpu, uint8_t addrn, bool redqueen, bool hmp
if (GET_GLOBAL_STATE()->pt_ip_filter_a[addrn] >
GET_GLOBAL_STATE()->pt_ip_filter_b[addrn])
{
nyx_debug_p(PT_PREFIX, "Error (ip_a > ip_b) 0x%lx-0x%lx",
nyx_debug_p(PT_PREFIX, "Error (ip_a > ip_b) 0x%lx-0x%lx\n",
GET_GLOBAL_STATE()->pt_ip_filter_a[addrn],
GET_GLOBAL_STATE()->pt_ip_filter_b[addrn]);
return -EINVAL;
@ -195,7 +195,7 @@ int pt_enable_ip_filtering(CPUState *cpu, uint8_t addrn, bool redqueen, bool hmp
pt_disable_ip_filtering(cpu, addrn, hmp_mode);
}
nyx_debug_p(PT_PREFIX, "Configuring new trace region (addr%d, 0x%lx-0x%lx)",
nyx_debug_p(PT_PREFIX, "Configuring new trace region (addr%d, 0x%lx-0x%lx)\n",
addrn, GET_GLOBAL_STATE()->pt_ip_filter_a[addrn],
GET_GLOBAL_STATE()->pt_ip_filter_b[addrn]);
@ -287,20 +287,20 @@ void pt_pre_kvm_run(CPUState *cpu)
struct vmx_pt_filter_iprs filter_iprs;
if (GET_GLOBAL_STATE()->patches_disable_pending) {
// nyx_debug_p(REDQUEEN_PREFIX, "patches disable");
// nyx_debug_p(REDQUEEN_PREFIX, "patches disable\n");
assert(false); /* remove this branch */
GET_GLOBAL_STATE()->patches_disable_pending = false;
}
if (GET_GLOBAL_STATE()->patches_enable_pending) {
// nyx_debug_p(REDQUEEN_PREFIX, "patches enable");
// nyx_debug_p(REDQUEEN_PREFIX, "patches enable\n");
assert(false); /* remove this branch */
GET_GLOBAL_STATE()->patches_enable_pending = false;
}
if (GET_GLOBAL_STATE()->redqueen_enable_pending) {
// nyx_debug_p(REDQUEEN_PREFIX, "rq enable");
// nyx_debug_p(REDQUEEN_PREFIX, "rq enable\n");
if (GET_GLOBAL_STATE()->redqueen_state) {
enable_rq_intercept_mode(GET_GLOBAL_STATE()->redqueen_state);
}
@ -308,7 +308,7 @@ void pt_pre_kvm_run(CPUState *cpu)
}
if (GET_GLOBAL_STATE()->redqueen_disable_pending) {
// nyx_debug_p(REDQUEEN_PREFIX, "rq disable");
// nyx_debug_p(REDQUEEN_PREFIX, "rq disable\n");
if (GET_GLOBAL_STATE()->redqueen_state) {
disable_rq_intercept_mode(GET_GLOBAL_STATE()->redqueen_state);
}
@ -352,7 +352,7 @@ void pt_pre_kvm_run(CPUState *cpu)
if (cpu->pt_fd) {
ret = ioctl(cpu->pt_fd, cpu->pt_cmd, 0);
if (ret > 0) {
// nyx_debug_p(PT_PREFIX, "KVM_VMX_PT_DISABLE %d", ret);
// nyx_debug_p(PT_PREFIX, "KVM_VMX_PT_DISABLE %d\n", ret);
pt_dump(cpu, ret);
cpu->pt_enabled = false;
}

32
nyx/redqueen.c
View File

@ -99,7 +99,7 @@ static bool is_interessting_lea_at(redqueen_t *self, cs_insn *ins)
if (reg == X86_REG_EIP || reg == X86_REG_RIP || reg == X86_REG_EBP ||
reg == X86_REG_RBP)
{
// nyx_debug_p(REDQUEEN_PREFIX, "got boring index");
// nyx_debug_p(REDQUEEN_PREFIX, "got boring index\n");
res = false;
} // don't instrument local stack offset computations
}
@ -198,26 +198,26 @@ static void opcode_analyzer(redqueen_t *self, cs_insn *ins)
// printf("INS %lx\n", ins->address);
if (ins->id == X86_INS_CMP) {
set_rq_instruction(self, ins->address);
// nyx_debug_p(REDQUEEN_PREFIX, "hooking cmp %lx %s %s", ins->address, ins->mnemonic, ins->op_str);
// nyx_debug_p(REDQUEEN_PREFIX, "hooking cmp %lx %s %s\n", ins->address, ins->mnemonic, ins->op_str);
}
if (ins->id == X86_INS_LEA && is_interessting_lea_at(self, ins)) {
// nyx_debug_p(REDQUEEN_PREFIX, "hooking lea %lx", ins->address);
// nyx_debug_p(REDQUEEN_PREFIX, "hooking lea %lx\n", ins->address);
set_rq_instruction(self, ins->address);
}
if (ins->id == X86_INS_SUB && is_interessting_sub_at(self, ins)) {
// nyx_debug_p(REDQUEEN_PREFIX, "hooking sub %lx", ins->address);
// nyx_debug_p(REDQUEEN_PREFIX, "hooking sub %lx\n", ins->address);
set_rq_instruction(self, ins->address);
}
if (ins->id == X86_INS_ADD && is_interessting_add_at(self, ins)) {
// nyx_debug_p(REDQUEEN_PREFIX, "hooking add %lx", ins->address);
// nyx_debug_p(REDQUEEN_PREFIX, "hooking add %lx\n", ins->address);
set_rq_instruction(self, ins->address);
}
if (ins->id == X86_INS_XOR && is_interessting_xor_at(self, ins)) {
// nyx_debug_p(REDQUEEN_PREFIX, "hooking xor %lx %s %s", ins->address, ins->mnemonic, ins->op_str);
// nyx_debug_p(REDQUEEN_PREFIX, "hooking xor %lx %s %s\n", ins->address, ins->mnemonic, ins->op_str);
set_rq_instruction(self, ins->address);
}
if (ins->id == X86_INS_CALL || ins->id == X86_INS_LCALL) {
// nyx_debug_p(REDQUEEN_PREFIX, "hooking call %lx %s %s", ins->address, ins->mnemonic, ins->op_str);
// nyx_debug_p(REDQUEEN_PREFIX, "hooking call %lx %s %s\n", ins->address, ins->mnemonic, ins->op_str);
set_rq_instruction(self, ins->address);
}
}
@ -346,7 +346,7 @@ static void insert_hooks_bitmap(redqueen_t *self)
void redqueen_insert_hooks(redqueen_t *self)
{
nyx_debug_p(REDQUEEN_PREFIX, "insert hooks");
nyx_debug_p(REDQUEEN_PREFIX, "insert hooks\n");
assert(!self->hooks_applied);
switch (GET_GLOBAL_STATE()->redqueen_instrumentation_mode) {
case (REDQUEEN_LIGHT_INSTRUMENTATION):
@ -365,7 +365,7 @@ void redqueen_insert_hooks(redqueen_t *self)
void redqueen_remove_hooks(redqueen_t *self)
{
nyx_debug_p(REDQUEEN_PREFIX, "remove hooks");
nyx_debug_p(REDQUEEN_PREFIX, "remove hooks\n");
assert(self->hooks_applied);
remove_all_breakpoints(self->cpu);
@ -738,7 +738,7 @@ static uint64_t eval_mem(cs_x86_op *op)
{
uint64_t val = 0;
assert(op->size == 1 || op->size == 2 || op->size == 4 || op->size == 8);
// nyx_debug_p(REDQUEEN_PREFIX, "EVAL MEM FOR OP:");
// nyx_debug_p(REDQUEEN_PREFIX, "EVAL MEM FOR OP:\n");
/* TODO @ sergej: replace me later */
read_virtual_memory(eval_addr(op), (uint8_t *)&val, op->size, qemu_get_cpu(0));
@ -787,7 +787,7 @@ static void print_comp_result(uint64_t addr,
uint8_t pos = 0;
pos += snprintf(result_buf + pos, 256 - pos, "%lx\t\t %s", addr, type);
// nyx_debug_p(REDQUEEN_PREFIX, "got size: %ld", size);
// nyx_debug_p(REDQUEEN_PREFIX, "got size: %ld\n", size);
uint64_t mask = 0;
switch (size) {
case 64:
@ -993,7 +993,7 @@ static bool test_strcmp(uint64_t arg1, uint64_t arg2)
if (!is_addr_mapped(arg1, cpu) || !is_addr_mapped(arg2, cpu)) {
return false;
}
// nyx_debug_p(REDQUEEN_PREFIX,"valid ptrs");
// nyx_debug_p(REDQUEEN_PREFIX,"valid ptrs\n");
uint8_t buf1[REDQUEEN_MAX_STRCMP_LEN];
uint8_t buf2[REDQUEEN_MAX_STRCMP_LEN];
/* TODO @ sergej */
@ -1007,7 +1007,7 @@ static bool test_strcmp_cdecl(void)
{
uint64_t arg1 = read_stack(0);
uint64_t arg2 = read_stack(1);
// nyx_debug_p(REDQUEEN_PREFIX, "extract call params cdecl %lx %lx", arg1, arg2);
// nyx_debug_p(REDQUEEN_PREFIX, "extract call params cdecl %lx %lx\n", arg1, arg2);
test_strchr(arg1, arg2);
return test_strcmp(arg1, arg2);
}
@ -1017,7 +1017,7 @@ static bool test_strcmp_fastcall(void)
CPUX86State *env = &(X86_CPU(qemu_get_cpu(0)))->env;
uint64_t arg1 = env->regs[RCX]; // rcx
uint64_t arg2 = env->regs[RDX]; // rdx
// nyx_debug_p(REDQUEEN_PREFIX, "extract call params fastcall %lx %lx", arg1, arg2);
// nyx_debug_p(REDQUEEN_PREFIX, "extract call params fastcall %lx %lx\n", arg1, arg2);
test_strchr(arg1, arg2);
return test_strcmp(arg1, arg2);
}
@ -1030,14 +1030,14 @@ static bool test_strcmp_sys_v(void)
CPUX86State *env = &(X86_CPU(qemu_get_cpu(0)))->env;
uint64_t arg1 = env->regs[RDI]; // rdx
uint64_t arg2 = env->regs[RSI]; // rsi
// nyx_debug_p(REDQUEEN_PREFIX, "extract call params sysv %lx %lx", arg1, arg2);
// nyx_debug_p(REDQUEEN_PREFIX, "extract call params sysv %lx %lx\n", arg1, arg2);
test_strchr(arg1, arg2);
return test_strcmp(arg1, arg2);
}
static void extract_call_params(void)
{
// nyx_debug_p(REDQUEEN_PREFIX, "extract call at %lx", ip);
// nyx_debug_p(REDQUEEN_PREFIX, "extract call at %lx\n", ip);
test_strcmp_cdecl();
test_strcmp_fastcall();
test_strcmp_sys_v();

13
nyx/sharedir.c
View File

@ -142,8 +142,7 @@ static FILE *get_file_ptr(sharedir_t *self, sharedir_file_t *obj)
uint64_t sharedir_request_file(sharedir_t *self, const char *file, uint8_t *page_buffer)
{
if (!self->dir) {
fprintf(stderr, "WARNING: New file request received, but no share dir configured! [FILE: %s]\n",
file);
nyx_error("Guest requests file <%s> but no sharedir configured!\n", file);
return 0xFFFFFFFFFFFFFFFFUL;
}
@ -152,10 +151,10 @@ uint64_t sharedir_request_file(sharedir_t *self, const char *file, uint8_t *page
sharedir_file_t *obj = sharedir_get_object(self, file);
if (obj != NULL) {
#ifdef SHAREDIR_DEBUG
printf("sharedir_get_object->file: %s\n", obj->file);
printf("sharedir_get_object->path: %s\n", obj->path);
printf("sharedir_get_object->size: %ld\n", obj->size);
printf("sharedir_get_object->bytes_left: %ld\n", obj->bytes_left);
nyx_debug("sharedir_get_object->file: %s\n", obj->file);
nyx_debug("sharedir_get_object->path: %s\n", obj->path);
nyx_debug("sharedir_get_object->size: %ld\n", obj->size);
nyx_debug("sharedir_get_object->bytes_left: %ld\n", obj->bytes_left);
#endif
if (obj->bytes_left >= 0x1000) {
f = get_file_ptr(self, obj);
@ -179,7 +178,7 @@ uint64_t sharedir_request_file(sharedir_t *self, const char *file, uint8_t *page
}
}
} else {
nyx_error("Warning: No such file in sharedir: %s\n", file);
nyx_error("No such file in sharedir: %s\n", file);
return 0xFFFFFFFFFFFFFFFFUL;
}
}

2
nyx/snapshot/devices/state_reallocation.c
View File

@ -685,7 +685,7 @@ static int fdl_vmstate_load_state(state_reallocation_t *self,
}
}
} else if (field->flags & VMS_MUST_EXIST) {
nyx_debug("Input validation failed: %s/%s", vmsd->name, field->name);
nyx_debug("Input validation failed: %s/%s\n", vmsd->name, field->name);
return -1;
} else {
// printf("Field does not exist...\n");

6
nyx/snapshot/memory/shadow_memory.c
View File

@ -73,7 +73,7 @@ shadow_memory_t *shadow_memory_init(void)
MAP_SHARED, self->snapshot_ptr_fd, 0);
madvise(self->snapshot_ptr, self->memory_size, MADV_RANDOM | MADV_MERGEABLE);
nyx_debug_p(RELOAD_PREFIX, "Allocating Memory (%p) Size: %lx",
nyx_debug_p(RELOAD_PREFIX, "Allocating Memory (%p) Size: %lx\n",
self->snapshot_ptr, self->memory_size);
@ -81,7 +81,7 @@ shadow_memory_t *shadow_memory_init(void)
uint8_t i = 0;
uint8_t regions_num = 0;
QLIST_FOREACH_RCU (block, &ram_list.blocks, next) {
nyx_debug_p(RELOAD_PREFIX, "%lx %lx %lx\t%s\t%p", block->offset,
nyx_debug_p(RELOAD_PREFIX, "%lx %lx %lx\t%s\t%p\n", block->offset,
block->used_length, block->max_length, block->idstr, block->host);
block_array[i] = block;
@ -233,7 +233,7 @@ shadow_memory_t *shadow_memory_init_from_snapshot(const char *snapshot_folder,
uint8_t i = 0;
uint8_t regions_num = 0;
QLIST_FOREACH_RCU (block, &ram_list.blocks, next) {
nyx_debug_p(RELOAD_PREFIX, "%lx %lx %lx\t%s\t%p", block->offset,
nyx_debug_p(RELOAD_PREFIX, "%lx %lx %lx\t%s\t%p\n", block->offset,
block->used_length, block->max_length, block->idstr, block->host);
block_array[i] = block;

4
nyx/state/state.c
View File

@ -220,13 +220,13 @@ static void *alloc_auxiliary_buffer(const char *file)
assert(ftruncate(fd, AUX_BUFFER_SIZE) == 0);
stat(file, &st);
nyx_debug_p(INTERFACE_PREFIX, "new aux buffer file: (max size: %x) %lx",
nyx_debug_p(INTERFACE_PREFIX, "new aux buffer file: (max size: %x) %lx\n",
AUX_BUFFER_SIZE, st.st_size);
assert(AUX_BUFFER_SIZE == st.st_size);
ptr = mmap(0, AUX_BUFFER_SIZE, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
if (ptr == MAP_FAILED) {
fprintf(stderr, "aux buffer allocation failed!\n");
nyx_error("aux buffer allocation failed!\n");
return (void *)-1;
}
return ptr;

2
nyx/trace_dump.c
View File

@ -25,7 +25,7 @@ void pt_trace_dump_init(char *filename)
{
int test_fd;
nyx_debug("Enable pt trace dump at %s", filename);
nyx_debug("Enable pt trace dump at %s\n", filename);
pt_dump_initialized = true;
test_fd = open(filename, O_CREAT | O_TRUNC | O_WRONLY, 0644);