[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v4 10/12] fuzz/x86emul: update fuzzer



>>> On 03.02.17 at 12:53, <wei.liu2@xxxxxxxxxx> wrote:
> +static int fuzz_write_cr(
> +    unsigned int reg,
> +    unsigned long val,
> +    struct x86_emulate_ctxt *ctxt)
> +{
> +    if ( reg >= ARRAY_SIZE(input.cr) )
> +        return X86EMUL_UNHANDLEABLE;
> +
> +    input.cr[reg] = val;
> +
> +    return X86EMUL_OKAY;
> +}

Just like write_segment and write_msr, this ought to be fine to fail
randomly.

> +static int fuzz_write_msr(
> +    unsigned int reg,
> +    uint64_t val,
> +    struct x86_emulate_ctxt *ctxt)
> +{
> +    unsigned int idx;
> +    int rc;
> +
> +    rc = maybe_fail("write_ms", true);

"write_msr"

> +static void sanitize_input(struct x86_emulate_ctxt *ctxt)
> +{
> +    struct cpu_user_regs *regs = &input.regs;
> +    unsigned long bitmap = input.options;
> +
> +    /* Some hooks can't be disabled. */
> +    input.options &= ~((1<<HOOK_read)|(1<<HOOK_insn_fetch));
> +
> +    /* Zero 'private' entries */
> +    regs->error_code = 0;
> +    regs->entry_vector = 0;
> +
> +    CANONICALIZE_MAYBE(rip);
> +    CANONICALIZE_MAYBE(rsp);
> +    CANONICALIZE_MAYBE(rbp);
> +
> +    /*
> +     * CR0.PG can't be set if CR0.PE isn't set.  Set is more interesting, so
> +     * set PE if PG is set.
> +     */
> +    if ( input.cr[0] & X86_CR0_PG )
> +        input.cr[0] |= X86_CR0_PE;
> +
> +    /* EFLAGS.VM not available in long mode */
> +    if ( long_mode_active(ctxt) )
> +        regs->rflags &= ~X86_EFLAGS_VM;
> +
> +    /* EFLAGS.VM implies 16-bit mode */
> +    if ( regs->rflags & X86_EFLAGS_VM ) {

Brace on its own line please.

With these taken care of
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.