add debug hypercall for testing kcore-dumps
This commit is contained in:
Sergej Schumilo
parent
1a134e93d8
commit
f35362b987
17
dump/dump.c
17
dump/dump.c
@ -31,6 +31,10 @@
|
|||||||
#include "qemu/main-loop.h"
|
#include "qemu/main-loop.h"
|
||||||
#include "hw/misc/vmcoreinfo.h"
|
#include "hw/misc/vmcoreinfo.h"
|
||||||
|
|
||||||
|
#ifdef QEMU_NYX
|
||||||
|
#include "nyx/state/state.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef TARGET_X86_64
|
#ifdef TARGET_X86_64
|
||||||
#include "win_dump.h"
|
#include "win_dump.h"
|
||||||
#endif
|
#endif
|
||||||
@ -1663,8 +1667,17 @@ static void dump_init(DumpState *s, int fd, bool has_format,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (runstate_is_running()) {
|
if (runstate_is_running()) {
|
||||||
|
#ifdef QEMU_NYX
|
||||||
|
if(GET_GLOBAL_STATE()->in_fuzzing_mode){
|
||||||
|
s->resume = false;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
#endif
|
||||||
vm_stop(RUN_STATE_SAVE_VM);
|
vm_stop(RUN_STATE_SAVE_VM);
|
||||||
s->resume = true;
|
s->resume = true;
|
||||||
|
#ifdef QEMU_NYX
|
||||||
|
}
|
||||||
|
#endif
|
||||||
} else {
|
} else {
|
||||||
s->resume = false;
|
s->resume = false;
|
||||||
}
|
}
|
||||||
@ -1997,7 +2010,11 @@ void qmp_dump_guest_memory(bool paging, const char *file,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (strstart(file, "file:", &p)) {
|
if (strstart(file, "file:", &p)) {
|
||||||
|
#ifdef QEMU_NYX
|
||||||
|
fd = qemu_open(p, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, S_IRUSR | S_IWRITE);
|
||||||
|
#else
|
||||||
fd = qemu_open(p, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, S_IRUSR);
|
fd = qemu_open(p, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, S_IRUSR);
|
||||||
|
#endif
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
error_setg_file_open(errp, errno, p);
|
error_setg_file_open(errp, errno, p);
|
||||||
return;
|
return;
|
||||||
|
|||||||
@ -2,13 +2,18 @@
|
|||||||
|
|
||||||
#include "sysemu/kvm.h"
|
#include "sysemu/kvm.h"
|
||||||
#include <sys/time.h>
|
#include <sys/time.h>
|
||||||
|
#include "qapi/error.h"
|
||||||
|
|
||||||
#include "nyx/fast_vm_reload.h"
|
#include "nyx/fast_vm_reload.h"
|
||||||
#include "nyx/hypercall/debug.h"
|
#include "nyx/hypercall/debug.h"
|
||||||
#include "nyx/state/state.h"
|
#include "nyx/state/state.h"
|
||||||
#include "nyx/synchronization.h"
|
#include "nyx/synchronization.h"
|
||||||
|
#include "qapi/qapi-commands-dump.h"
|
||||||
|
|
||||||
|
#ifdef NYX_DEBUG
|
||||||
|
#define NYX_ENABLE_DEBUG_HYPERCALLS
|
||||||
|
#endif
|
||||||
|
|
||||||
// #define NYX_ENABLE_DEBUG_HYPERCALLS
|
|
||||||
#ifdef NYX_ENABLE_DEBUG_HYPERCALLS
|
#ifdef NYX_ENABLE_DEBUG_HYPERCALLS
|
||||||
|
|
||||||
static double get_time(void)
|
static double get_time(void)
|
||||||
@ -52,6 +57,7 @@ void handle_hypercall_kafl_debug_tmp_snapshot(struct kvm_run *run,
|
|||||||
uint64_t hypercall_arg)
|
uint64_t hypercall_arg)
|
||||||
{
|
{
|
||||||
static bool first = true;
|
static bool first = true;
|
||||||
|
Error *err = NULL;
|
||||||
|
|
||||||
switch (hypercall_arg & 0xFFF) {
|
switch (hypercall_arg & 0xFFF) {
|
||||||
case 0: /* create root snapshot */
|
case 0: /* create root snapshot */
|
||||||
@ -99,6 +105,17 @@ void handle_hypercall_kafl_debug_tmp_snapshot(struct kvm_run *run,
|
|||||||
REQUEST_LOAD_SNAPSHOT_ROOT);
|
REQUEST_LOAD_SNAPSHOT_ROOT);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
case 6:
|
||||||
|
nyx_warn_once("%s: perform kcore_dump!\n", __func__);
|
||||||
|
bool in_fuzzing_mode_state = GET_GLOBAL_STATE()->in_fuzzing_mode;
|
||||||
|
GET_GLOBAL_STATE()->in_fuzzing_mode = true;
|
||||||
|
qmp_dump_guest_memory(false, "file:/tmp/vmcore_test.img", true, 0, 0, 0,
|
||||||
|
0, 0, false, DUMP_GUEST_MEMORY_FORMAT_ELF, &err);
|
||||||
|
if (err) {
|
||||||
|
nyx_abort("(qmp_dump_guest_memory): %s\n", error_get_pretty(err));
|
||||||
|
}
|
||||||
|
GET_GLOBAL_STATE()->in_fuzzing_mode = in_fuzzing_mode_state;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
abort();
|
abort();
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user