|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v4 10/12] fuzz/x86emul: update fuzzer
>>> On 03.02.17 at 12:53, <wei.liu2@xxxxxxxxxx> wrote:
> +static int fuzz_write_cr(
> + unsigned int reg,
> + unsigned long val,
> + struct x86_emulate_ctxt *ctxt)
> +{
> + if ( reg >= ARRAY_SIZE(input.cr) )
> + return X86EMUL_UNHANDLEABLE;
> +
> + input.cr[reg] = val;
> +
> + return X86EMUL_OKAY;
> +}
Just like write_segment and write_msr, this ought to be fine to fail
randomly.
> +static int fuzz_write_msr(
> + unsigned int reg,
> + uint64_t val,
> + struct x86_emulate_ctxt *ctxt)
> +{
> + unsigned int idx;
> + int rc;
> +
> + rc = maybe_fail("write_ms", true);
"write_msr"
> +static void sanitize_input(struct x86_emulate_ctxt *ctxt)
> +{
> + struct cpu_user_regs *regs = &input.regs;
> + unsigned long bitmap = input.options;
> +
> + /* Some hooks can't be disabled. */
> + input.options &= ~((1<<HOOK_read)|(1<<HOOK_insn_fetch));
> +
> + /* Zero 'private' entries */
> + regs->error_code = 0;
> + regs->entry_vector = 0;
> +
> + CANONICALIZE_MAYBE(rip);
> + CANONICALIZE_MAYBE(rsp);
> + CANONICALIZE_MAYBE(rbp);
> +
> + /*
> + * CR0.PG can't be set if CR0.PE isn't set. Set is more interesting, so
> + * set PE if PG is set.
> + */
> + if ( input.cr[0] & X86_CR0_PG )
> + input.cr[0] |= X86_CR0_PE;
> +
> + /* EFLAGS.VM not available in long mode */
> + if ( long_mode_active(ctxt) )
> + regs->rflags &= ~X86_EFLAGS_VM;
> +
> + /* EFLAGS.VM implies 16-bit mode */
> + if ( regs->rflags & X86_EFLAGS_VM ) {
Brace on its own line please.
With these taken care of
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |