Exemplo n.º 1
0
inline uint32_t compute_eflag(void)
{

    //return env->eflags | helper_cc_compute_all(CC_OP) | (DF & DF_MASK);
    return cpu_single_env->eflags|helper_cc_compute_all(cpu_single_env->cc_op)|(cpu_single_env->df&DF_MASK);

}
Exemplo n.º 2
0
void tracing_insn_end(DECAF_Callback_Params* params) {
	CPUState * env;

	/* If not decoding, return */
	if (skip_decode_address || !params)
		return;
	env = params->ie.env;
	if (DECAF_is_in_kernel(env) && should_trace_all_kernel)
		goto TRACE_KERNEL;
	/* If tracing start condition not satisified, or not tracing return */
	if ((!tracing_start_condition) || (tracepid == 0))
		return;

	/* If not tracing kernel and kernel instruction , return */
	if (DECAF_is_in_kernel(env) && !tracing_kernel())
		return;

	/* If partially tracing kernel but did not access user memory, return */
	if (DECAF_is_in_kernel(env)) {
		if (tracing_kernel_partial() && (!access_user_mem))
			return;
#ifdef CONFIG_TCG_TAINT
		if (tracing_kernel_tainted() && (!insn_tainted))
		return;
#endif	  
	}
	if(DECAF_getPGD(/* AWH cpu_single_*/ env) != tracecr3 && (!DECAF_is_in_kernel(env)))
		return;
	TRACE_KERNEL:

	/* Update the eflags */
	// eh.eflags = *DECAF_cpu_eflags;
#if 0 // AWH
	eh.eflags = compute_eflag();
#else
#define DF_MASK	0x00000400
	eh.eflags = env->eflags | helper_cc_compute_all(env->cc_op) |
		(env->df & DF_MASK);
#endif // AWH
	//for test
//check taint value after insn is executed

	int k, j;
	for (k = 0; k < eh.num_operands; k++) {
		if (eh.operand[k].length)
			set_operand_data(&(eh.operand[k]), 0);
		for (j = 0; j < MAX_NUM_MEMREGS; j++) {
			if (eh.memregs[k][j].length)
				set_operand_data(&(eh.memregs[k][j]), 0);
		}

	}

	eh.df = (/* AWH cpu_single_*/ env->df == 1) ? 0x1 : 0xff;

	//TODO:fix this -hu
	/* Clear eh.tp if inside a function hook */
//  if (get_st(current_tid) > 0) eh.tp = TP_NONE;
//  else {
	/* Update eh.tp if rep instruction */
	if ((eh.operand[2].usage == counter) && (eh.operand[2].tainted_begin != 0))
		eh.tp = TP_REP_COUNTER;

	/* Updated eh.tp if sysenter */
	else if ((eh.rawbytes[0] == 0x0f) && (eh.rawbytes[1] == 0x34))
		eh.tp = TP_SYSENTER;
	//}

	/* Split written operands if requested */
	if (conf_write_ops_at_insn_end) {
		update_written_operands(&eh);
	}

	/* If not writing to trace, or instruction already written, return */
	if (skip_trace_write || (insn_already_written == 1))
		return;

	/* Write the disassembled instruction to the trace */
	if (tracing_tainted_only()) {
#ifdef CONFIG_TCG_TAINT
		if (insn_tainted)
		write_insn(tracelog,&eh);
#endif      
	} else {
		if (conf_trace_only_after_first_taint) {
			if ((received_tainted_data == 1) && (has_page_fault == 0)) {
				write_insn(tracelog, &eh);
			}
		} else {
			if (has_page_fault == 0)
				write_insn(tracelog, &eh);
		}
	}

	/* If first trace instruction, save state if requested */
	if ((tstats.insn_counter_traced == 1) && conf_save_state_at_trace_start) {
		char prestatename[128];
		snprintf(prestatename, 128, "%s.pre", tracename_p);
//TODO: fix this -hu
		//   int err = save_state_by_cr3(tracecr3, prestatename);
		//  if (err) {
		//    DECAF_printf( "Could not save state");
		// }
	}

	/* Record the thread ID of the first instruction in the trace, if needed */
	if (tracing_single_thread_only()) {
		if (tid_to_trace == -1 && insn_already_written == 1) {
			// If tid_to_trace is not -1, we record trace only the given thread id.
			tid_to_trace = current_tid;
		}
	}

}
Exemplo n.º 3
0
uint32_t cpu_cc_compute_all(CPUX86State *env, int op)
{
    return helper_cc_compute_all(CC_DST, CC_SRC, CC_SRC2, op);
}