yannick.naumann/RT-Task-Generator-QEMU
1
0
Fork 0
forked from alwin.berger/FRET-qemu
Code Pull Requests Activity

syscall hook

Browse Source
This commit is contained in:
Andrea Fioraldi 2021-07-15 10:03:49 +02:00
parent f71558480c
commit ea89e5a32c
2 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
accel/tcg/translate-all.c
View File

@ -127,8 +127,8 @@ static int exec_cmp_hook_added = 0;
void libafl_gen_cmp(target_ulong pc, TCGv op0, TCGv op1, MemOp ot) void libafl_gen_cmp(target_ulong pc, TCGv op0, TCGv op1, MemOp ot)
{ {
uint32_t size; uint32_t size = 0;
void* func; void* func = NULL;
switch (ot & MO_SIZE) { switch (ot & MO_SIZE) {
case MO_64: case MO_64:
size = 8; size = 8;

29
linux-user/syscall.c
View File

@ -13254,6 +13254,13 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
return ret; return ret;
} }
//// --- Begin LibAFL code ---
int (*libafl_syscall_hook)(uint64_t*, int, uint64_t, uint64_t, uint64_t,
uint64_t, uint64_t, uint64_t, uint64_t, uint64_t);
//// --- End LibAFL code ---
abi_long do_syscall(void *cpu_env, int num, abi_long arg1, abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
abi_long arg2, abi_long arg3, abi_long arg4, abi_long arg2, abi_long arg3, abi_long arg4,
abi_long arg5, abi_long arg6, abi_long arg7, abi_long arg5, abi_long arg6, abi_long arg7,
@ -13283,9 +13290,31 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
print_syscall(cpu_env, num, arg1, arg2, arg3, arg4, arg5, arg6); print_syscall(cpu_env, num, arg1, arg2, arg3, arg4, arg5, arg6);
} }
//// --- Begin LibAFL code ---
uint64_t ret64;
if (libafl_syscall_hook && libafl_syscall_hook(&ret64, num,
(uint64_t)arg1,
(uint64_t)arg2,
(uint64_t)arg3,
(uint64_t)arg4,
(uint64_t)arg5,
(uint64_t)arg6,
(uint64_t)arg7,
(uint64_t)arg8)) {
ret = (abi_ulong)ret64;
goto after_syscall;
}
//// --- End LibAFL code ---
ret = do_syscall1(cpu_env, num, arg1, arg2, arg3, arg4, ret = do_syscall1(cpu_env, num, arg1, arg2, arg3, arg4,
arg5, arg6, arg7, arg8); arg5, arg6, arg7, arg8);
//// --- Begin LibAFL code ---
after_syscall:
//// --- End LibAFL code ---
if (unlikely(qemu_loglevel_mask(LOG_STRACE))) { if (unlikely(qemu_loglevel_mask(LOG_STRACE))) {
print_syscall_ret(cpu_env, num, ret, arg1, arg2, print_syscall_ret(cpu_env, num, ret, arg1, arg2,
arg3, arg4, arg5, arg6); arg3, arg4, arg5, arg6);