From 349d96795b410b66e67f91ed4260c5b0eaaf967b Mon Sep 17 00:00:00 2001 From: Alwin Berger Date: Tue, 9 Jan 2024 15:12:35 +0100 Subject: [PATCH] simple standalone injection test --- myconfigureunshared.sh | 171 ++++++++++++++++++++++++++--------------- system/main.c | 34 ++++++++ 2 files changed, 145 insertions(+), 60 deletions(-) diff --git a/myconfigureunshared.sh b/myconfigureunshared.sh index 21d504c09f..c65ce52078 100755 --- a/myconfigureunshared.sh +++ b/myconfigureunshared.sh @@ -2,63 +2,114 @@ cd "$(dirname "$0")" mkdir -p build cd build -../configure --target-list=arm-linux-user,arm-softmmu \ - --audio-drv-list= \ - --disable-blobs \ - --disable-bochs \ - --disable-brlapi \ - --disable-bsd-user \ - --disable-bzip2 \ - --disable-cap-ng \ - --disable-cloop \ - --disable-curl \ - --disable-curses \ - --disable-dmg \ - --enable-fdt \ - --disable-gcrypt \ - --disable-glusterfs \ - --disable-gnutls \ - --disable-gtk \ - --disable-guest-agent \ - --disable-iconv \ - --disable-libiscsi \ - --disable-libnfs \ - --disable-libssh \ - --disable-libusb \ - --disable-linux-aio \ - --disable-live-block-migration \ - --disable-lzo \ - --disable-nettle \ - --disable-numa \ - --disable-opengl \ - --disable-parallels \ - --disable-plugins \ - --disable-qcow1 \ - --disable-qed \ - --disable-rbd \ - --disable-rdma \ - --disable-replication \ - --disable-sdl \ - --disable-seccomp \ - --disable-smartcard \ - --disable-snappy \ - --enable-system \ - --disable-tools \ - --disable-tpm \ - --disable-usb-redir \ - --disable-vde \ - --disable-vdi \ - --disable-vhost-crypto \ - --disable-vhost-kernel \ - --disable-vhost-net \ - --disable-vhost-user \ - --disable-vhost-vdpa \ - --disable-virglrenderer \ - --disable-virtfs \ - --disable-vnc \ - --disable-vnc-jpeg \ - --disable-vnc-sasl \ - --disable-vte \ - --disable-vvfat \ - --disable-xen \ - --disable-xen-pci-passthrough +../configure --cxx=/home/ab/code/FRET/qemu-libafl-bridge/linker_interceptor.py \ + --target-list=arm-softmmu \ + --disable-slirp \ + --enable-fdt=internal \ + --audio-drv-list= \ + --disable-alsa \ + --disable-attr \ + --disable-auth-pam \ + --disable-dbus-display \ + --disable-bochs \ + --disable-bpf \ + --disable-brlapi \ + --disable-bsd-user \ + --disable-bzip2 \ + --disable-capstone \ + --disable-cap-ng \ + --disable-canokey \ + --disable-cloop \ + --disable-cocoa \ + --disable-coreaudio \ + --disable-curl \ + --disable-curses \ + --disable-dmg \ + --disable-docs \ + --disable-dsound \ + --disable-fuse \ + --disable-fuse-lseek \ + --disable-gcrypt \ + --disable-gettext \ + --disable-gio \ + --disable-glusterfs \ + --disable-gnutls \ + --disable-gtk \ + --disable-guest-agent \ + --disable-guest-agent-msi \ + --disable-hax \ + --disable-hvf \ + --disable-iconv \ + --disable-jack \ + --disable-keyring \ + --disable-kvm \ + --disable-libdaxctl \ + --disable-libiscsi \ + --disable-libnfs \ + --disable-libpmem \ + --disable-libssh \ + --disable-libudev \ + --disable-libusb \ + --disable-linux-aio \ + --disable-linux-io-uring \ + --disable-linux-user \ + --disable-live-block-migration \ + --disable-lzfse \ + --disable-lzo \ + --disable-l2tpv3 \ + --disable-malloc-trim \ + --disable-mpath \ + --disable-multiprocess \ + --disable-netmap \ + --disable-nettle \ + --disable-numa \ + --disable-nvmm \ + --disable-opengl \ + --disable-oss \ + --disable-pa \ + --disable-parallels \ + --disable-png \ + --disable-pvrdma \ + --disable-qcow1 \ + --disable-qed \ + --disable-qga-vss \ + --disable-rbd \ + --disable-rdma \ + --disable-replication \ + --disable-sdl \ + --disable-sdl-image \ + --disable-seccomp \ + --disable-selinux \ + --disable-slirp-smbd \ + --disable-smartcard \ + --disable-snappy \ + --disable-sndio \ + --disable-sparse \ + --disable-spice \ + --disable-spice-protocol \ + --disable-tools \ + --disable-tpm \ + --disable-usb-redir \ + --disable-user \ + --disable-u2f \ + --disable-vde \ + --disable-vdi \ + --disable-vduse-blk-export \ + --disable-vhost-crypto \ + --disable-vhost-kernel \ + --disable-vhost-net \ + --disable-vhost-user-blk-server \ + --disable-vhost-vdpa \ + --disable-virglrenderer \ + --disable-virtfs \ + --disable-vmnet \ + --disable-vnc \ + --disable-vnc-jpeg \ + --disable-vnc-sasl \ + --disable-vte \ + --disable-vvfat \ + --disable-whpx \ + --disable-xen \ + --disable-xen-pci-passthrough \ + --disable-xkbcommon \ + --disable-zstd \ \ No newline at end of file diff --git a/system/main.c b/system/main.c index 2b22d91952..8770b8bbe1 100644 --- a/system/main.c +++ b/system/main.c @@ -43,9 +43,43 @@ int qemu_default_main(void) int (*qemu_main)(void) = qemu_default_main; #ifndef AS_LIB +//========= Instrumentation start +#include +#include +#include "exec/cpu-common.h" +//========= Instrumentation end int main(int argc, char **argv) { +//========= Instrumentation start + // read addr and input to load + if (argc < 3) { + fprintf(stderr, "Need address and input file argument\n"); + exit(1); + } + hwaddr target_addr = (hwaddr) strtoll(argv[1], NULL, 16); + char buffer[4097]; + FILE* inputfile = fopen(argv[2], "rb"); + if (!inputfile) { + perror("fopen"); + exit(1); + } + size_t read_len = fread(buffer, sizeof(char), 4096, inputfile); + buffer[read_len]=0; + if (!read_len) { + fprintf(stderr, "No input in file\n"); + exit(1); + } + printf("Load at %lx: %s\n", target_addr, buffer); + // fix arguments for qemu + argv[2]=argv[0]; + argv=&argv[2]; + argc-=2; +//========= Instrumentation end qemu_init(argc, argv); +//========= Instrumentation start + // load input + cpu_physical_memory_rw(target_addr, buffer, read_len, true); +//========= Instrumentation end return qemu_main(); } #endif