Ziyang Zhang <[email protected]> writes:
> Register a syscall filter callback in tests/tcg/plugins/sycall.c,
> returns a specific value for a magic system call number, and check
> it in tests/tcg/multiarch/test-plugin-syscall-filter.c.
>
> Signed-off-by: Ziyang Zhang <[email protected]>
> Co-authored-by: Mingyuan Xia <[email protected]>
> ---
> tests/tcg/multiarch/Makefile.target | 4 +++-
> .../multiarch/test-plugin-syscall-filter.c | 20 +++++++++++++++++++
> tests/tcg/plugins/syscall.c | 15 ++++++++++++++
> 3 files changed, 38 insertions(+), 1 deletion(-)
> create mode 100644 tests/tcg/multiarch/test-plugin-syscall-filter.c
>
> diff --git a/tests/tcg/multiarch/Makefile.target
> b/tests/tcg/multiarch/Makefile.target
> index f5b4d2b813..4005e3a8a9 100644
> --- a/tests/tcg/multiarch/Makefile.target
> +++ b/tests/tcg/multiarch/Makefile.target
> @@ -202,8 +202,10 @@ run-plugin-test-plugin-mem-access-with-libmem.so: \
> CHECK_PLUGIN_OUTPUT_COMMAND= \
> $(SRC_PATH)/tests/tcg/multiarch/check-plugin-output.sh \
> $(QEMU) $<
> +run-plugin-test-plugin-syscall-filter-with-libsyscall.so:
>
> -EXTRA_RUNS_WITH_PLUGIN += run-plugin-test-plugin-mem-access-with-libmem.so
> +EXTRA_RUNS_WITH_PLUGIN += run-plugin-test-plugin-mem-access-with-libmem.so \
> +
> run-plugin-test-plugin-syscall-filter-with-libsyscall.so
> endif
>
> # Update TESTS
> diff --git a/tests/tcg/multiarch/test-plugin-syscall-filter.c
> b/tests/tcg/multiarch/test-plugin-syscall-filter.c
> new file mode 100644
> index 0000000000..cc694e0a71
> --- /dev/null
> +++ b/tests/tcg/multiarch/test-plugin-syscall-filter.c
> @@ -0,0 +1,20 @@
> +/*
> + * SPDX-License-Identifier: GPL-2.0-or-later
> + *
> + * This test attempts to execute a magic syscall. The syscall test plugin
> + * should intercept this and returns an expected value.
> + */
> +
> +#include <stdint.h>
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <unistd.h>
> +
> +int main(int argc, char *argv[]) {
> + long ret = syscall(0x66CCFF);
> + if (ret != 0xFFCC66) {
> + perror("ERROR: syscall returned unexpected value!!!");
> + return EXIT_FAILURE;
> + }
> + return EXIT_SUCCESS;
> +}
This breaks some arches:
(gdb) r
Starting program: /home/alex/lsrc/qemu.git/builds/sanitisers/qemu-arm -plugin
tests/tcg/plugins/libsyscall.so -d plugin
./tests/tcg/arm-linux-user/test-plugin-syscall-filter
[New Thread 0x7ffff37ff6c0 (LWP 63692)]
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
syscall no. calls errors
45 5 0
338 1 1
256 1 0
191 1 0
398 1 1
125 1 0
384 1 0
332 1 0
Thread 1 "qemu-arm" received signal SIGILL, Illegal instruction.
Download failed: Invalid argument. Continuing without source file
./nptl/../sysdeps/unix/sysv/linux/x86_64/syscall_cancel.S.
__syscall_cancel_arch () at
../sysdeps/unix/sysv/linux/x86_64/syscall_cancel.S:56
warning: 56 ../sysdeps/unix/sysv/linux/x86_64/syscall_cancel.S: No such
file or directory
(gdb) bt
#0 __syscall_cancel_arch () at
../sysdeps/unix/sysv/linux/x86_64/syscall_cancel.S:56
#1 0x00007ffff6a51668 in __internal_syscall_cancel (a1=<optimized out>,
a2=a2@entry=8, a3=a3@entry=0, a4=a4@entry=0, a5=a5@entry=0, a6=a6@entry=0,
nr=130)
at ./nptl/cancellation.c:49
#2 0x00007ffff6a516ad in __syscall_cancel (a1=<optimized out>,
a2=a2@entry=8, a3=a3@entry=0, a4=a4@entry=0, a5=a5@entry=0, a6=a6@entry=0,
nr=130)
at ./nptl/cancellation.c:75
#3 0x00007ffff6a0207d in __GI___sigsuspend (set=<optimized out>) at
../sysdeps/unix/sysv/linux/sigsuspend.c:26
#4 0x0000555555a49b80 in die_with_signal (host_sig=4) at
../../linux-user/signal.c:807
#5 0x0000555555a49ed0 in dump_core_and_abort (env=0x532000004300,
target_sig=4) at ../../linux-user/signal.c:847
#6 0x0000555555a4c969 in handle_pending_signal (cpu_env=0x532000004300,
sig=4, k=0x5250000029d0) at ../../linux-user/signal.c:1306
#7 0x0000555555a4d0e5 in process_pending_signals (cpu_env=0x532000004300) at
../../linux-user/signal.c:1386
#8 0x0000555555873930 in cpu_loop (env=0x532000004300) at
../../linux-user/arm/cpu_loop.c:479
#9 0x0000555555a3eca7 in main (argc=6, argv=0x7fffffffe588,
envp=0x7fffffffe5c0) at ../../linux-user/main.c:1035
(gdb)
> \ No newline at end of file
> diff --git a/tests/tcg/plugins/syscall.c b/tests/tcg/plugins/syscall.c
> index 42801f5c86..1323e18bc0 100644
> --- a/tests/tcg/plugins/syscall.c
> +++ b/tests/tcg/plugins/syscall.c
> @@ -170,6 +170,20 @@ static void vcpu_syscall_ret(qemu_plugin_id_t id,
> unsigned int vcpu_idx,
> }
> }
>
> +static bool vcpu_syscall_filter(qemu_plugin_id_t id, unsigned int vcpu_index,
> + int64_t num, uint64_t a1, uint64_t a2,
> + uint64_t a3, uint64_t a4, uint64_t a5,
> + uint64_t a6, uint64_t a7, uint64_t a8,
> + uint64_t *ret)
> +{
> + if (num == 0x66CCFF) {
> + *ret = 0xFFCC66;
> + qemu_plugin_outs("syscall 0x66CCFF filtered, ret=0xFFCC66\n");
> + return true;
> + }
> + return false;
> +}
> +
> static void print_entry(gpointer val, gpointer user_data)
> {
> SyscallStats *entry = (SyscallStats *) val;
> @@ -255,6 +269,7 @@ QEMU_PLUGIN_EXPORT int
> qemu_plugin_install(qemu_plugin_id_t id,
>
> qemu_plugin_register_vcpu_syscall_cb(id, vcpu_syscall);
> qemu_plugin_register_vcpu_syscall_ret_cb(id, vcpu_syscall_ret);
> + qemu_plugin_register_vcpu_syscall_filter_cb(id, vcpu_syscall_filter);
> qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
> return 0;
> }
--
Alex Bennée
Virtualisation Tech Lead @ Linaro
