├── .gitignore ├── Fuzzer ├── KVM-PT │ ├── README.md │ ├── arch │ │ └── x86 │ │ │ ├── include │ │ │ ├── asm │ │ │ │ └── kvm_host.h.patch │ │ │ └── uapi │ │ │ │ └── asm │ │ │ │ └── kvm.h.patch │ │ │ └── kvm │ │ │ ├── Kconfig.patch │ │ │ ├── Makefile.patch │ │ │ ├── svm.c.patch │ │ │ ├── vmx.c.patch │ │ │ ├── vmx.h │ │ │ ├── vmx_pt.c │ │ │ ├── vmx_pt.h │ │ │ └── x86.c.patch │ └── include │ │ └── uapi │ │ └── linux │ │ └── kvm.h.patch └── QEMU-PT │ ├── Makefile.target.patch │ ├── compile.sh │ ├── configure.patch │ ├── hmp-commands-pt.hx │ ├── hmp-commands.hx.patch │ ├── hmp.c.patch │ ├── hmp.h.patch │ ├── include │ └── qom │ │ └── cpu.h.patch │ ├── kvm-all.c.patch │ ├── linux-headers │ └── linux │ │ └── kvm.h.patch │ ├── monitor.c.patch │ ├── pt.c │ ├── pt.h │ ├── pt │ ├── decoder.c │ ├── decoder.h │ ├── disassembler.c │ ├── disassembler.h │ ├── filter.c │ ├── filter.h │ ├── hypercall.c │ ├── hypercall.h │ ├── interface.c │ ├── interface.h │ ├── khash.h │ ├── logger.c │ ├── logger.h │ ├── memory_access.c │ ├── memory_access.h │ ├── tmp.objs │ ├── tnt_cache.c │ └── tnt_cache.h │ └── vl.c.patch ├── README.md ├── analyzer ├── .gitignore ├── Makefile └── src │ ├── CMakeLists.txt │ └── lib │ ├── Analyzer.cc │ ├── Analyzer.h │ ├── CMakeLists.txt │ ├── CallGraph.cc │ ├── CallGraph.h │ ├── Common.cc │ ├── Common.h │ ├── Config.h │ ├── DataFlowAnalysis.cc │ ├── DataFlowAnalysis.h │ ├── DriverAnalysis.h │ ├── PointerAnalysis.cc │ ├── PointerAnalysis.h │ ├── SecurityChecks.cc │ ├── SecurityChecks.h │ └── configs │ ├── err-funcs │ ├── err-rets │ ├── skip-funcs │ └── test-funcs └── python-linux-bc.py /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/.gitignore -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/README.md -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/include/asm/kvm_host.h.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/include/asm/kvm_host.h.patch -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/include/uapi/asm/kvm.h.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/include/uapi/asm/kvm.h.patch -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/kvm/Kconfig.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/kvm/Kconfig.patch -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/kvm/Makefile.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/kvm/Makefile.patch -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/kvm/svm.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/kvm/svm.c.patch -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/kvm/vmx.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/kvm/vmx.c.patch -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/kvm/vmx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/kvm/vmx.h -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/kvm/vmx_pt.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/kvm/vmx_pt.c -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/kvm/vmx_pt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/kvm/vmx_pt.h -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/arch/x86/kvm/x86.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/arch/x86/kvm/x86.c.patch -------------------------------------------------------------------------------- /Fuzzer/KVM-PT/include/uapi/linux/kvm.h.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/KVM-PT/include/uapi/linux/kvm.h.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/Makefile.target.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/Makefile.target.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/compile.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/compile.sh -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/configure.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/configure.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/hmp-commands-pt.hx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/hmp-commands-pt.hx -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/hmp-commands.hx.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/hmp-commands.hx.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/hmp.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/hmp.c.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/hmp.h.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/hmp.h.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/include/qom/cpu.h.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/include/qom/cpu.h.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/kvm-all.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/kvm-all.c.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/linux-headers/linux/kvm.h.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/linux-headers/linux/kvm.h.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/monitor.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/monitor.c.patch -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/decoder.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/decoder.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/decoder.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/decoder.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/disassembler.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/disassembler.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/disassembler.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/disassembler.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/filter.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/filter.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/filter.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/filter.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/hypercall.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/hypercall.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/hypercall.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/hypercall.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/interface.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/interface.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/interface.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/interface.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/khash.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/khash.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/logger.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/logger.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/logger.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/logger.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/memory_access.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/memory_access.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/memory_access.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/memory_access.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/tmp.objs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/tmp.objs -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/tnt_cache.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/tnt_cache.c -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/pt/tnt_cache.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/pt/tnt_cache.h -------------------------------------------------------------------------------- /Fuzzer/QEMU-PT/vl.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/Fuzzer/QEMU-PT/vl.c.patch -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/README.md -------------------------------------------------------------------------------- /analyzer/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/.gitignore -------------------------------------------------------------------------------- /analyzer/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/Makefile -------------------------------------------------------------------------------- /analyzer/src/CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/CMakeLists.txt -------------------------------------------------------------------------------- /analyzer/src/lib/Analyzer.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/Analyzer.cc -------------------------------------------------------------------------------- /analyzer/src/lib/Analyzer.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/Analyzer.h -------------------------------------------------------------------------------- /analyzer/src/lib/CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/CMakeLists.txt -------------------------------------------------------------------------------- /analyzer/src/lib/CallGraph.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/CallGraph.cc -------------------------------------------------------------------------------- /analyzer/src/lib/CallGraph.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/CallGraph.h -------------------------------------------------------------------------------- /analyzer/src/lib/Common.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/Common.cc -------------------------------------------------------------------------------- /analyzer/src/lib/Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/Common.h -------------------------------------------------------------------------------- /analyzer/src/lib/Config.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/Config.h -------------------------------------------------------------------------------- /analyzer/src/lib/DataFlowAnalysis.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/DataFlowAnalysis.cc -------------------------------------------------------------------------------- /analyzer/src/lib/DataFlowAnalysis.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/DataFlowAnalysis.h -------------------------------------------------------------------------------- /analyzer/src/lib/DriverAnalysis.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/DriverAnalysis.h -------------------------------------------------------------------------------- /analyzer/src/lib/PointerAnalysis.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/PointerAnalysis.cc -------------------------------------------------------------------------------- /analyzer/src/lib/PointerAnalysis.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/PointerAnalysis.h -------------------------------------------------------------------------------- /analyzer/src/lib/SecurityChecks.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/SecurityChecks.cc -------------------------------------------------------------------------------- /analyzer/src/lib/SecurityChecks.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/SecurityChecks.h -------------------------------------------------------------------------------- /analyzer/src/lib/configs/err-funcs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/configs/err-funcs -------------------------------------------------------------------------------- /analyzer/src/lib/configs/err-rets: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/configs/err-rets -------------------------------------------------------------------------------- /analyzer/src/lib/configs/skip-funcs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/configs/skip-funcs -------------------------------------------------------------------------------- /analyzer/src/lib/configs/test-funcs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/analyzer/src/lib/configs/test-funcs -------------------------------------------------------------------------------- /python-linux-bc.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/secsysresearch/DRFuzz/HEAD/python-linux-bc.py --------------------------------------------------------------------------------