diff options
| author | Alexander Potapenko <glider@google.com> | 2024-09-26 15:32:16 +0200 |
|---|---|---|
| committer | Alexander Potapenko <glider@google.com> | 2024-09-27 10:23:24 +0000 |
| commit | 0c245ee318d7cb7257960c447754cfcbb3eec4f6 (patch) | |
| tree | 3af2c32020ca17c8edc1446760e24e0ec68231e8 /sys/linux/dev_kvm.txt | |
| parent | 9314348adf7605682d49192fa6487aac93f5782b (diff) | |
sys/linux: use GICD/GICR register offsets in SYZOS_API_MEMWRITE
In addition to random offsets passed to SYZOS_API_MEMWRITE, use VGICv3
distributor/redistributor base and offsets of the corresponding registers.
Diffstat (limited to 'sys/linux/dev_kvm.txt')
| -rw-r--r-- | sys/linux/dev_kvm.txt | 93 |
1 files changed, 92 insertions, 1 deletions
diff --git a/sys/linux/dev_kvm.txt b/sys/linux/dev_kvm.txt index bbf7a673b..ea294686d 100644 --- a/sys/linux/dev_kvm.txt +++ b/sys/linux/dev_kvm.txt @@ -356,13 +356,104 @@ syzos_api_irq_setup { syzos_memwrite_len = 1, 2, 4, 8 -syzos_api_memwrite { +syzos_api_memwrite [ + generic syzos_api_memwrite_generic + vgic_gicd syzos_api_memwrite_vgic_gicd + vgic_gicr syzos_api_memwrite_vgic_gicr +] + +syzos_api_memwrite_generic { base flags[kvm_guest_addrs, int64] offset int64[0:4096] value int64 len flags[syzos_memwrite_len, int64] } +# Definitions from include/linux/irqchip/arm-gic-v3.h +define GICD_CTLR 0x0000 +define GICD_TYPER 0x0004 +define GICD_IIDR 0x0008 +define GICD_TYPER2 0x000C +define GICD_STATUSR 0x0010 +define GICD_SETSPI_NSR 0x0040 +define GICD_CLRSPI_NSR 0x0048 +define GICD_SETSPI_SR 0x0050 +define GICD_CLRSPI_SR 0x0058 +define GICD_IGROUPR 0x0080 +define GICD_ISENABLER 0x0100 +define GICD_ICENABLER 0x0180 +define GICD_ISPENDR 0x0200 +define GICD_ICPENDR 0x0280 +define GICD_ISACTIVER 0x0300 +define GICD_ICACTIVER 0x0380 +define GICD_IPRIORITYR 0x0400 +define GICD_ICFGR 0x0C00 +define GICD_IGRPMODR 0x0D00 +define GICD_NSACR 0x0E00 +define GICD_IGROUPRnE 0x1000 +define GICD_ISENABLERnE 0x1200 +define GICD_ICENABLERnE 0x1400 +define GICD_ISPENDRnE 0x1600 +define GICD_ICPENDRnE 0x1800 +define GICD_ISACTIVERnE 0x1A00 +define GICD_ICACTIVERnE 0x1C00 +define GICD_IPRIORITYRnE 0x2000 +define GICD_ICFGRnE 0x3000 +define GICD_IROUTER 0x6000 +define GICD_IROUTERnE 0x8000 +define GICD_IDREGS 0xFFD0 +define GICD_PIDR2 0xFFE8 +define GICD_ITARGETSR 0x0800 +define GICD_SGIR 0x0F00 +define GICD_CPENDSGIR 0x0F10 +define GICD_SPENDSGIR 0x0F20 + +kvm_vgic_gicd_regs = GICD_CTLR, GICD_TYPER, GICD_IIDR, GICD_TYPER2, GICD_STATUSR, GICD_SETSPI_NSR, GICD_CLRSPI_NSR, GICD_SETSPI_SR, GICD_CLRSPI_SR, GICD_IGROUPR, GICD_ISENABLER, GICD_ICENABLER, GICD_ISPENDR, GICD_ICPENDR, GICD_ISACTIVER, GICD_ICACTIVER, GICD_IPRIORITYR, GICD_ICFGR, GICD_IGRPMODR, GICD_NSACR, GICD_IGROUPRnE, GICD_ISENABLERnE, GICD_ICENABLERnE, GICD_ISPENDRnE, GICD_ICPENDRnE, GICD_ISACTIVERnE, GICD_ICACTIVERnE, GICD_IPRIORITYRnE, GICD_ICFGRnE, GICD_IROUTER, GICD_IROUTERnE, GICD_IDREGS, GICD_PIDR2, GICD_ITARGETSR, GICD_SGIR, GICD_CPENDSGIR, GICD_SPENDSGIR + +# 0x08000000 is ARM64_ADDR_GICD_BASE from executor/kvm.h +syzos_api_memwrite_vgic_gicd { + base const[0x8000000, int64] + offset flags[kvm_vgic_gicd_regs, int64] + value int64 + len flags[syzos_memwrite_len, int64] +} + +define GICR_CTLR GICD_CTLR +define GICR_IIDR 0x0004 +define GICR_TYPER 0x0008 +define GICR_STATUSR GICD_STATUSR +define GICR_WAKER 0x0014 +define GICR_SETLPIR 0x0040 +define GICR_CLRLPIR 0x0048 +define GICR_PROPBASER 0x0070 +define GICR_PENDBASER 0x0078 +define GICR_INVLPIR 0x00A0 +define GICR_INVALLR 0x00B0 +define GICR_SYNCR 0x00C0 +define GICR_IDREGS GICD_IDREGS +define GICR_PIDR2 GICD_PIDR2 +define GICR_IGROUPR0 GICD_IGROUPR +define GICR_ISENABLER0 GICD_ISENABLER +define GICR_ICENABLER0 GICD_ICENABLER +define GICR_ISPENDR0 GICD_ISPENDR +define GICR_ICPENDR0 GICD_ICPENDR +define GICR_ISACTIVER0 GICD_ISACTIVER +define GICR_ICACTIVER0 GICD_ICACTIVER +define GICR_IPRIORITYR0 GICD_IPRIORITYR +define GICR_ICFGR0 GICD_ICFGR +define GICR_IGRPMODR0 GICD_IGRPMODR +define GICR_NSACR GICD_NSACR + +kvm_vgic_gicr_regs = GICR_CTLR, GICR_IIDR, GICR_TYPER, GICR_STATUSR, GICR_WAKER, GICR_SETLPIR, GICR_CLRLPIR, GICR_PROPBASER, GICR_PENDBASER, GICR_INVLPIR, GICR_INVALLR, GICR_SYNCR, GICR_IDREGS, GICR_PIDR2, GICR_IGROUPR0, GICR_ISENABLER0, GICR_ICENABLER0, GICR_ISPENDR0, GICR_ICPENDR0, GICR_ISACTIVER0, GICR_ICACTIVER0, GICR_IPRIORITYR0, GICR_ICFGR0, GICR_IGRPMODR0, GICR_NSACR + +# 0x080a0000 is ARM64_ADDR_GICR_BASE from executor/kvm.h, 0x20000 is redistributor size. We assume the maximum number of VCPUs is 4. +syzos_api_memwrite_vgic_gicr { + base int64[0x80a0000:0x8100000, 0x20000] + offset flags[kvm_vgic_gicr_regs, int64] + value int64 + len flags[syzos_memwrite_len, int64] +} + type syzos_api[NUM, PAYLOAD] { call const[NUM, int64] size bytesize[parent, int64] |