// 3 long sys_read(unsigned int fd, char __user *buf, size_t count);
// typedef void (*on_sys_read_return_t)(CPUState *cpu,target_ulong pc,uint32_t fd,target_ulong buf,uint32_t count);
void read_return(CPUState *cpu, target_ulong pc, uint32_t buf, uint32_t actual_count) {
if (saw_read && panda_current_asid(cpu) == the_asid) {
// These are the start and end of the current range of labels.
uint32_t read_start = last_pos;
uint32_t read_end = last_pos + actual_count;
if (debug) printf ("returning from read of [%s] count=%u\n", taint_filename, actual_count);
// check if we overlap the range we want to label.
if (read_start < end_label && read_end > start_label) {
uint32_t range_start = std::max(read_start, start_label);
uint32_t range_end = std::min(read_end, end_label);
printf("*** applying %s taint labels %u..%u to buffer @ %lu\n",
positional_labels ? "positional" : "uniform",
range_start, range_end - 1, rr_get_guest_instr_count());
uint32_t num_labeled = 0;
uint32_t i = 0;
for (uint32_t l = range_start; l < range_end; l++) {
if (label_byte(cpu, last_read_buf + i,
positional_labels ? l : 1))
num_labeled ++;
i ++;
}
printf("%u bytes labeled for this read\n", range_end - range_start);
}
last_pos += actual_count;
// printf (" ... done applying labels\n");
saw_read = false;
}
}
// 3 long sys_read(unsigned int fd, char __user *buf, size_t count);
// typedef void (*on_sys_read_return_t)(CPUState* env,target_ulong pc,uint32_t fd,target_ulong buf,uint32_t count);
void read_return(CPUState* env,target_ulong pc,uint32_t fd,target_ulong buf,uint32_t count) {
if (saw_read && panda_current_asid(env) == the_asid) {
count = EAX;
// These are the start and end of the current range of labels.
uint32_t read_start = file_pos;
uint32_t read_end = file_pos + count;
printf ("returning from read of [%s] count=%u\n", taint_filename, count);
// check if we overlap the range we want to label.
if (prob_label_u32 < 1e-9 && read_start < end_label &&
read_end > start_label) {
uint32_t range_start = std::max(read_start, start_label);
uint32_t range_end = std::min(read_end, end_label);
printf("*** applying %s taint labels %u..%u to buffer\n",
positional_labels ? "positional" : "uniform",
range_start, range_end - 1);
for (uint32_t i = range_start; i < range_end; i++) {
label_byte(env, last_read_buf + i,
positional_labels ? i : 0);
}
printf("%u bytes labeled for this read\n", range_end - range_start);
} else {
// iterate over uint32 blobs
for (uint32_t i=0; i<count/4; i++) {
if (pdice(prob_label_u32)) {
uint32_t label_num = read_start + i*4;
printf ("labeling uint32 %d..%d\n", i*4, i*4+3);
// we will label this uint32
for (uint32_t j=0; j<4; j++) {
uint32_t offset = i*4 + j;
label_byte(env, last_read_buf + offset, label_num);
}
}
}
}
file_pos += count;
// printf (" ... done applying labels\n");
saw_read = false;
}
}
// Apply single label taint to a buffer of memory
void taint2_add_taint_ram_single_label(CPUState *env, uint64_t addr,
uint32_t length, long label){
for (unsigned i = 0; i < length; i++){
target_phys_addr_t pa = cpu_get_phys_addr(env, addr + i);
if (pa == (target_phys_addr_t)(-1)) {
printf("can't label addr=0x%lx: mmu hasn't mapped virt->phys, "
"i.e., it isnt actually there.\n", addr +i);
continue;
}
//taint2_label_ram(pa, label);
printf("taint2: adding single taint label %lu\n", label);
label_byte(env, addr+i, label);
}
}
// Apply positional taint to a buffer of memory
void taint2_add_taint_ram_pos(CPUState *env, uint64_t addr, uint32_t length){
for (unsigned i = 0; i < length; i++){
target_phys_addr_t pa = cpu_get_phys_addr(env, addr + i);
if (pa == (target_phys_addr_t)(-1)) {
printf("can't label addr=0x%lx: mmu hasn't mapped virt->phys, "
"i.e., it isnt actually there.\n", addr +i);
continue;
}
//taint2_label_ram(pa, i + taint_pos_count);
printf("taint2: adding positional taint label %d\n", i+taint_pos_count);
label_byte(env, addr+i, i+taint_pos_count);
}
taint_pos_count += length;
}
void verbose_direct_int(t_line *tmp, t_cmd *ptr)
{
int label_value;
int nb_ind;
ft_printf("\n\t\t\t\t%s->%s %-20s -> [%s%s - %s0b10%s -",
RED, C_END, ptr->data, ITLC, token_name(ptr->token), GREEN, C_END);
if (ptr->token == DIRECT)
{
nb_ind = ft_atoi(ptr->data + 1);
verbose_binary_int(nb_ind);
}
else
{
label_value = label_byte(tmp->label, (ptr->data + 2));
nb_ind = label_value - tmp->size;
verbose_binary_int(nb_ind);
}
}
void verbose_indirect(t_line *tmp, t_cmd *ptr)
{
short label_value;
short nb_ind;
ft_printf("\n\t\t\t\t%s->%s %-20s -> [%s%s - %s0b11%s -",
RED, C_END, ptr->data, ITLC, token_name(ptr->token), GREEN, C_END);
if (ptr->token == INDIRECT)
{
nb_ind = (short)ft_atoi(ptr->data);
verbose_binary_short(nb_ind);
}
else
{
label_value = (short)label_byte(tmp->label, (ptr->data + 1));
nb_ind = label_value - (short)tmp->size;
verbose_binary_short(nb_ind);
}
}
