liblisa::oracle

Trait Oracle

pub trait Oracle<A: Arch> {
    type MappableArea: MappableArea;

    const UNRELIABLE_INSTRUCTION_FETCH_ERRORS: bool;

    // Required methods
    fn mappable_area(&self) -> Self::MappableArea;
    fn page_size(&mut self) -> u64;
    fn observe(
        &mut self,
        before: &SystemState<A>,
    ) -> Result<SystemState<A>, OracleError>;
    fn batch_observe_iter<'a, S: AsSystemState<A> + 'a, I: IntoIterator<Item = S> + 'a>(
        &'a mut self,
        states: I,
    ) -> impl Iterator<Item = Observation<S, A>>;
    fn batch_observe_gpreg_only_iter<'a, S: AsSystemState<A> + 'a, I: IntoIterator<Item = S> + 'a>(
        &'a mut self,
        states: I,
    ) -> impl Iterator<Item = Observation<S, A>>;
    fn scan_memory_accesses(
        &mut self,
        before: &SystemState<A>,
    ) -> Result<Vec<Addr>, OracleError>;
    fn debug_dump(&mut self);
    fn restart(&mut self);
    fn kill(self);

    // Provided methods
    fn random_mappable_page(&self, rng: &mut impl Rng) -> Page<A> { ... }
    fn observe_carefully(
        &mut self,
        before: &SystemState<A>,
    ) -> Result<SystemState<A>, OracleError> { ... }
    fn batch_observe<'a, const N: usize, S: AsSystemState<A> + 'a>(
        &mut self,
        states: [S; N],
    ) -> [Observation<S, A>; N] { ... }
}
Expand description

An oracle that can observe instruction execution.

Required Associated Constants§

const UNRELIABLE_INSTRUCTION_FETCH_ERRORS: bool

Set to true if the instruction fetch errors are unreliable.

Required Associated Types§

type MappableArea: MappableArea

The memory addresses that can be mapped by this oracle.

Required Methods§

fn mappable_area(&self) -> Self::MappableArea

Returns the memory addresses that can be mapped by this oracle.

fn page_size(&mut self) -> u64

Returns the page size of the oracle.

fn observe( &mut self, before: &SystemState<A>, ) -> Result<SystemState<A>, OracleError>

Observes the output state after executing a single instruction in the before state.

fn batch_observe_iter<'a, S: AsSystemState<A> + 'a, I: IntoIterator<Item = S> + 'a>( &'a mut self, states: I, ) -> impl Iterator<Item = Observation<S, A>>

Performs many observations in one go. Behaves idential to Self::observe, but is much more efficient.

fn batch_observe_gpreg_only_iter<'a, S: AsSystemState<A> + 'a, I: IntoIterator<Item = S> + 'a>( &'a mut self, states: I, ) -> impl Iterator<Item = Observation<S, A>>

Performs many observations in one go. Only reads and writes the general-purpose registers. Other registers may have arbitrary values.

fn scan_memory_accesses( &mut self, before: &SystemState<A>, ) -> Result<Vec<Addr>, OracleError>

Uses debugging registers to determine all memory addresses accessed by the instruction. If this is not supported, returns an empty Vec.

fn debug_dump(&mut self)

Prints debugging information about the oracle.

fn restart(&mut self)

Restart the oracle, if possible.

fn kill(self)

Kills the oracle, if possible.

Provided Methods§

fn random_mappable_page(&self, rng: &mut impl Rng) -> Page<A>

Returns a random mappable page.

fn observe_carefully( &mut self, before: &SystemState<A>, ) -> Result<SystemState<A>, OracleError>

Observes the output state after executing a single instruction in the before state. If possible, uses debugging registers to exhaustively check the exact memory locations that are accessed. Returns a memory access error if a memory is accessed that is not set in before.

Self::observe may not return the proper memory access error if a memory access occurs outside the areas mapped in before, but on the same page as a mapped area.

fn batch_observe<'a, const N: usize, S: AsSystemState<A> + 'a>( &mut self, states: [S; N], ) -> [Observation<S, A>; N]

Performs many observations in one go. Behaves idential to Self::observe, but is much more efficient.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors§

§

impl<'o, A: Arch, O: Oracle<A>> Oracle<A> for CarefulOracle<'o, A, O>

§

const UNRELIABLE_INSTRUCTION_FETCH_ERRORS: bool = O::UNRELIABLE_INSTRUCTION_FETCH_ERRORS

§

type MappableArea = <O as Oracle<A>>::MappableArea

§

impl<A: Arch, O1: Oracle<A>, O2: Oracle<A>> Oracle<A> for VerifyOracle<A, O1, O2>

§

const UNRELIABLE_INSTRUCTION_FETCH_ERRORS: bool = _

§

type MappableArea = DoubleCheckedMappableArea<<O1 as Oracle<A>>::MappableArea, <O2 as Oracle<A>>::MappableArea>

§

impl<A: Arch, O: Oracle<A>> Oracle<A> for InvocationCountingOracle<A, O>

§

const UNRELIABLE_INSTRUCTION_FETCH_ERRORS: bool = O::UNRELIABLE_INSTRUCTION_FETCH_ERRORS

§

type MappableArea = <O as Oracle<A>>::MappableArea

§

impl<F, M> Oracle<FakeArch> for FakeOracle<F, M>
where F: Fn(&SystemState<FakeArch>) -> Result<SystemState<FakeArch>, OracleError>, M: Fn(&SystemState<FakeArch>) -> Result<Vec<Addr>, OracleError>,

§

const UNRELIABLE_INSTRUCTION_FETCH_ERRORS: bool = false

§

type MappableArea = AnyArea