From: Ruslan Ruslichenko <[email protected]> Add plugin callback to dispatch memory_region_dispath_read/write, allowing plugins to intercept MMIO operations before they reach device models, which enable to spoof read values and drop write accesses.
Signed-off-by: Ruslan Ruslichenko <[email protected]> --- system/memory.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/system/memory.c b/system/memory.c index c51d0798a8..67a59f6e0a 100644 --- a/system/memory.c +++ b/system/memory.c @@ -35,6 +35,7 @@ #include "hw/core/boards.h" #include "migration/vmstate.h" #include "system/address-spaces.h" +#include "qemu/plugin.h" #include "memory-internal.h" @@ -1448,6 +1449,10 @@ static MemTxResult memory_region_dispatch_read1(MemoryRegion *mr, { *pval = 0; + + if (plugin_mmio_override_cb_invoke(mr->addr + addr, size, false, pval)) + return MEMTX_OK; + if (mr->ops->read) { return access_with_adjusted_size(addr, pval, size, mr->ops->impl.min_access_size, @@ -1533,6 +1538,9 @@ MemTxResult memory_region_dispatch_write(MemoryRegion *mr, adjust_endianness(mr, &data, op); + if (plugin_mmio_override_cb_invoke(mr->addr + addr, size, true, &data)) + return MEMTX_OK; + /* * FIXME: it's not clear why under KVM the write would be processed * directly, instead of going through eventfd. This probably should -- 2.43.0
