XSA-304
More...
#include <xtf.h>
Go to the source code of this file.
|
| | asm (".align 4096;" ".skip 4096 - (stub_page_boundary - stub_fn);" "stub_fn:" " movq $" STR((16<< 20)|PF_SYM(PSE, AD, RW, P)) ", 8*8(%rdi);" " invlpg stub_page_boundary + (16 << 20);" " cmpb $0, (%rsi);" " .byte 0x74, 1f - (. + 1);" " movb $0, -1;" "stub_page_boundary:" "1: ret;") |
| |
| void | test_main (void) |
| | To be implemented by each test, as its entry point. More...
|
| |
XSA-304
Definition in file main.c.
◆ stub_t
◆ asm()
| asm |
( |
".align 4096;" ".skip 4096 - (stub_page_boundary - stub_fn);" "stub_fn:" " movq $" STR((16<< 20)|PF_SYM(PSE, AD, RW, P)) " |
, |
|
|
8 *8(%rdi);" " invlpg stub_page_boundary+(16<< 20);" " cmpb |
$0, |
|
|
(%rsi);" " .byte |
0x74, |
|
|
1f -(.+1);" " movb |
$0, |
|
|
-1;" "stub_page_boundary:" "1:ret;" |
|
|
) |
| |
◆ test_main()
To be implemented by each test, as its entry point.
- Todo:
- Implement better command line infrastructure, but this will do for now.
At the time of writing, Xen doesn't correctly handle invlpg while running in shadow mode on AMD Gen1 hardware lacking decode assistance. For this test, we simply care that Xen doesn't crash.
Definition at line 85 of file main.c.
◆ test_title
| const char test_title[] = "XSA-304 PoC" |
The title of the test.
Definition at line 23 of file main.c.
◆ stub_fn
◆ nl3t
◆ nl2t
◆ nl1t
Include dependency graph for main.c: