// Apply taint to a buffer of memory
void add_taint(Shad *shad, TaintOpBuffer *tbuf, uint64_t addr, int length){
struct addr_struct a = {};
a.typ = MADDR;
a.val.ma = addr;
struct taint_op_struct op = {};
op.typ = LABELOP;
for (int i = 0; i < length; i++){
a.off = i;
op.val.label.a = a;
op.val.label.l = i + count; // byte label
//op.val.label.l = 1; // binary label
tob_op_write(tbuf, op);
}
tob_process(tbuf, shad, NULL);
count += length;
}
// Derive taint ops
int before_block_exec(CPUState *env, TranslationBlock *tb){
shadow->asid = panda_current_asid(env);
//printf("%s\n", tcg_llvm_get_func_name(tb));
if (taintEnabled){
// process taint ops in io thread taint op buffer
// NB: we don't need a dynval buffer here.
tob_process(tob_io_thread, shadow, NULL);
tob_clear(tob_io_thread);
taintfpm->run(*(tb->llvm_function));
DynValBuffer *dynval_buffer = PIFP->PIV->getDynvalBuffer();
clear_dynval_buffer(dynval_buffer);
}
return 0;
}
