|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2] x86emul/fuzz: add a state sanitization function
>>> On 01.04.19 at 12:44, <George.Dunlap@xxxxxxxxxx> wrote:
>> On Apr 1, 2019, at 8:46 AM, Jan Beulich <JBeulich@xxxxxxxx> wrote:
>> +/*
>> + * Call this function from hooks potentially altering machine state into
>> + * something that's not architecturally valid, yet which - as per above -
>> + * the emulator relies on.
>> + */
>> +static bool sanitize_state(struct x86_emulate_ctxt *ctxt)
>> +{
>> + const struct fuzz_state *s = ctxt->data;
>> + const struct fuzz_corpus *c = s->corpus;
>> + const struct cpu_user_regs *regs = &c->regs;
>> +
>> + if ( long_mode_active(ctxt) && !(c->cr[0] & X86_CR0_PG) )
>> + return false;
>> +
>> + if ( (c->cr[0] & X86_CR0_PG) && !(c->cr[0] & X86_CR0_PE) )
>> + return false;
>> +
>> + if ( (regs->rflags & X86_EFLAGS_VM) &&
>> + (c->segments[x86_seg_cs].db || c->segments[x86_seg_ss].db) )
>> + return false;
>> +
>> + return true;
>> +}
>
> Sorry, I didn’t read this function very well on Friday. It’s not actually
> doing any sanitation; rather, it’s checking whether the state is
> architecturally valid. Or more precisely: it’s checking whether the
> emulator's assumptions about the state still hold.
>
> check_state? sanity_check_state?
Hmm, yes - initially I was meaning to alter state, and then I decided
differently but didn't change the name. I'll go with check_state().
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |