int vmi_pgd_changed(CPUState *cpu, target_ulong oldval, target_ulong newval) { uint32_t i; OsiProcs *ps, *in, *out; ps = in = out = NULL; /* some callback has to be registered for retrieving processes */ assert(PPP_CHECK_CB(on_get_processes) != 0); /* update process state */ ps = get_processes(cpu); procstate_update(ps, &in, &out); /* invoke callbacks for finished processes */ if (out != NULL) { for (i=0; i<out->num; i++) { PPP_RUN_CB(on_finished_process, cpu, &out->proc[i]); } free_osiprocs(out); } /* invoke callbacks for new processes */ if (in != NULL) { for (i=0; i<in->num; i++) { PPP_RUN_CB(on_new_process, cpu, &in->proc[i]); } free_osiprocs(in); } return 0; }
int vmi_pgd_changed(CPUState *env, target_ulong oldval, target_ulong newval) { uint32_t i; OsiProcs *ps, *in, *out; ps = in = out = NULL; /* update process state */ ps = get_processes(env); procstate_update(ps, &in, &out); /* invoke callbacks for finished processes */ if (out != NULL) { for (i=0; i<out->num; i++) { PPP_RUN_CB(on_finished_process, env, &out->proc[i]); } free_osiprocs(out); } /* invoke callbacks for new processes */ if (in != NULL) { for (i=0; i<in->num; i++) { PPP_RUN_CB(on_new_process, env, &in->proc[i]); } free_osiprocs(in); } return 0; }
// Called whenever the taint state changes. void taint_state_changed(FastShad *fast_shad, uint64_t shad_addr) { Addr addr; if (fast_shad == shadow->llv) { addr = make_laddr(shad_addr / MAXREGSIZE, shad_addr % MAXREGSIZE); } else if (fast_shad == shadow->ram) { addr = make_maddr(shad_addr); } else if (fast_shad == shadow->grv) { addr = make_greg(shad_addr / sizeof(target_ulong), shad_addr % sizeof(target_ulong)); } else if (fast_shad == shadow->gsv) { addr.typ = GSPEC; addr.val.gs = shad_addr; addr.off = 0; addr.flag = (AddrFlag)0; } else if (fast_shad == shadow->ret) { addr.typ = RET; addr.val.ret = 0; addr.off = shad_addr; addr.flag = (AddrFlag)0; } else return; PPP_RUN_CB(on_taint_change, addr); }
int before_block_exec(CPUState *cpu, TranslationBlock *tb) { CPUArchState* env = (CPUArchState*)cpu->env_ptr; std::vector<stack_entry> &v = callstacks[get_stackid(env)]; std::vector<target_ulong> &w = function_stacks[get_stackid(env)]; if (v.empty()) return 1; // Search up to 10 down for (int i = v.size()-1; i > ((int)(v.size()-10)) && i >= 0; i--) { if (tb->pc == v[i].pc) { //printf("Matched at depth %d\n", v.size()-i); //v.erase(v.begin()+i, v.end()); PPP_RUN_CB(on_ret, cpu, w[i]); v.erase(v.begin()+i, v.end()); w.erase(w.begin()+i, w.end()); break; } } return 0; }
int after_block_exec(CPUState* cpu, TranslationBlock *tb) { CPUArchState* env = (CPUArchState*)cpu->env_ptr; instr_type tb_type = call_cache[tb->pc]; if (tb_type == INSTR_CALL) { stack_entry se = {tb->pc+tb->size,tb_type}; callstacks[get_stackid(env)].push_back(se); // Also track the function that gets called target_ulong pc, cs_base; uint32_t flags; // This retrieves the pc in an architecture-neutral way cpu_get_tb_cpu_state(env, &pc, &cs_base, &flags); function_stacks[get_stackid(env)].push_back(pc); PPP_RUN_CB(on_call, cpu, pc); } else if (tb_type == INSTR_RET) { //printf("Just executed a RET in TB " TARGET_FMT_lx "\n", tb->pc); //if (next) printf("Next TB: " TARGET_FMT_lx "\n", next->pc); } return 1; }
// callback provided to symbol table provider int pri_get_pc_source_info (CPUState *env, target_ulong pc, SrcInfo *info) { int rc; PPP_RUN_CB(on_get_pc_source_info, env, pc, info, &rc); return rc; }
void free_osiprocs(OsiProcs *ps) { PPP_RUN_CB(on_free_osiprocs, ps); }
void free_osiproc(OsiProc *p) { PPP_RUN_CB(on_free_osiproc, p); }
OsiModules *get_libraries(CPUState *cpu, OsiProc *p) { OsiModules *m = NULL; PPP_RUN_CB(on_get_libraries, cpu, p, &m); return m; }
OsiProcs *get_processes(CPUState *env) { OsiProcs *p = NULL; PPP_RUN_CB(on_get_processes, env, &p); return p; }
void pri_runcb_on_after_line_change(CPUState *env, target_ulong pc, const char *file_name, const char *funct_name, unsigned long long lno){ PPP_RUN_CB(on_after_line_change, env, pc, file_name, funct_name, lno); }
OsiProcs *get_processes(CPUState *cpu) { OsiProcs *p = NULL; PPP_RUN_CB(on_get_processes, cpu, &p); return p; }
void free_osimodules(OsiModules *ms) { PPP_RUN_CB(on_free_osimodules, ms); }
void pri_global_livevar_iter (CPUState *env, target_ulong pc, liveVarCB f, void *args) { PPP_RUN_CB(on_global_livevar_iter, env, pc, f, args); }
OsiModules *get_modules(CPUState *env) { OsiModules *m = NULL; PPP_RUN_CB(on_get_modules, env, &m); return m; }
// callback provided to symbol table provider char* pri_get_vma_symbol (CPUState *env, target_ulong pc, target_ulong vma) { char *symbol_name = NULL; PPP_RUN_CB(on_get_vma_symbol, env, pc, vma, &symbol_name); return symbol_name; }
void pri_funct_livevar_iter (CPUState *env, target_ulong pc, liveVarCB f) { PPP_RUN_CB(on_funct_livevar_iter, env, pc, f); }
OsiProc *get_current_process(CPUState *cpu) { OsiProc *p = NULL; PPP_RUN_CB(on_get_current_process, cpu, &p); return p; }
void pri_runcb_on_fn_start(CPUState *env, target_ulong pc, const char *file_name, const char *funct_name, unsigned long long lno){ PPP_RUN_CB(on_fn_start, env, pc, file_name, funct_name, lno); }
OsiModules *get_modules(CPUState *cpu) { OsiModules *m = NULL; PPP_RUN_CB(on_get_modules, cpu, &m); return m; }