diff options
| author | Alexander Bulekov <alxndr@bu.edu> | 2020-10-23 11:07:33 -0400 |
|---|---|---|
| committer | Thomas Huth <thuth@redhat.com> | 2020-10-26 09:53:34 +0100 |
| commit | 20f5a3029386363357e6fa0c2e82b35ac4914d6a (patch) | |
| tree | d2f468dc86ffeb72ed906a0a72bdcd05f234385e /include/exec/memory.h | |
| parent | 05efbf2497f93415a50347bbf53983689f999282 (diff) | |
| download | focaccia-qemu-20f5a3029386363357e6fa0c2e82b35ac4914d6a.tar.gz focaccia-qemu-20f5a3029386363357e6fa0c2e82b35ac4914d6a.zip | |
fuzz: Add DMA support to the generic-fuzzer
When a virtual-device tries to access some buffer in memory over DMA, we add call-backs into the fuzzer(next commit). The fuzzer checks verifies that the DMA request maps to a physical RAM address and fills the memory with fuzzer-provided data. The patterns that we use to fill this memory are specified using add_dma_pattern and clear_dma_patterns operations. Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20201023150746.107063-5-alxndr@bu.edu> [thuth: Reformatted one comment according to the QEMU coding style] Signed-off-by: Thomas Huth <thuth@redhat.com>
Diffstat (limited to 'include/exec/memory.h')
| -rw-r--r-- | include/exec/memory.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/include/exec/memory.h b/include/exec/memory.h index 042918dd16..93d27bff26 100644 --- a/include/exec/memory.h +++ b/include/exec/memory.h @@ -42,6 +42,13 @@ typedef struct IOMMUMemoryRegionClass IOMMUMemoryRegionClass; DECLARE_OBJ_CHECKERS(IOMMUMemoryRegion, IOMMUMemoryRegionClass, IOMMU_MEMORY_REGION, TYPE_IOMMU_MEMORY_REGION) +#ifdef CONFIG_FUZZ +void fuzz_dma_read_cb(size_t addr, + size_t len, + MemoryRegion *mr, + bool is_write); +#endif + extern bool global_dirty_log; typedef struct MemoryRegionOps MemoryRegionOps; |