aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Konovalov <andreyknvl@google.com>2017-07-26 19:03:02 +0200
committerAndrey Konovalov <andreyknvl@google.com>2017-08-01 19:19:05 +0200
commit29ceeb1dafec94cb23b14f20f3802ba7cd8be7d2 (patch)
tree233087ca94807155ef13dbf5388b4b13293629d7
parent1517bd95488be386712ddab269ffd1dc1cf37f86 (diff)
sys: fix KVM_RUN ioctl
KVM_RUN ioctl must have arg set to 0, otherwise it returns EINVAL. This can lead to syzkaller not able to generate a C repro. Since arg value is undefined, it might have different values when executing a program with syz-exeprog vs executing a compiled C repro.
Diffstat
-rw-r--r--sys/kvm.txt2
-rw-r--r--sys/sys_amd64.go2
-rw-r--r--sys/sys_arm64.go2
-rw-r--r--sys/sys_ppc64le.go2
4 files changed, 4 insertions, 4 deletions
diff --git a/sys/kvm.txt b/sys/kvm.txt
index abc2baf8b..f9a01b6e1 100644
--- a/sys/kvm.txt
+++ b/sys/kvm.txt
@@ -66,7 +66,7 @@ ioctl$KVM_SET_NR_MMU_PAGES(fd fd_kvmvm, cmd const[KVM_SET_NR_MMU_PAGES], arg int
ioctl$KVM_GET_NR_MMU_PAGES(fd fd_kvmvm, cmd const[KVM_GET_NR_MMU_PAGES], arg intptr)
ioctl$KVM_REINJECT_CONTROL(fd fd_kvmvm, cmd const[KVM_REINJECT_CONTROL], arg ptr[in, kvm_reinject_control])
-ioctl$KVM_RUN(fd fd_kvmcpu, cmd const[KVM_RUN])
+ioctl$KVM_RUN(fd fd_kvmcpu, cmd const[KVM_RUN], arg const[0])
ioctl$KVM_GET_REGS(fd fd_kvmcpu, cmd const[KVM_GET_REGS], arg ptr[out, kvm_regs])
ioctl$KVM_SET_REGS(fd fd_kvmcpu, cmd const[KVM_SET_REGS], arg ptr[in, kvm_regs])
ioctl$KVM_GET_SREGS(fd fd_kvmcpu, cmd const[KVM_GET_SREGS], arg ptr[out, kvm_sregs])
diff --git a/sys/sys_amd64.go b/sys/sys_amd64.go
index 7c45588f9..3b29e4221 100644
--- a/sys/sys_amd64.go
+++ b/sys/sys_amd64.go
@@ -21995,7 +21995,7 @@ var Calls = []*Call{
&Call{Name: "ioctl$KVM_PPC_GET_SMMU_INFO", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(2186325670)}, &PtrType{TypeCommon: TypeCommon{TypeName: "buffer", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: &BufferType{TypeCommon: TypeCommon{TypeName: "buffer", FldName: "arg", ArgDir: DirOut, IsOptional: false}, Kind: BufferBlobRand}}}, NR: 16},
&Call{Name: "ioctl$KVM_REGISTER_COALESCED_MMIO", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1074835047)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_coalesced_mmio_zone", "", DirIn})}}, NR: 16},
&Call{Name: "ioctl$KVM_REINJECT_CONTROL", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(44657)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_reinject_control", "", DirIn})}}, NR: 16},
- &Call{Name: "ioctl$KVM_RUN", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(44672)}}, NR: 16},
+ &Call{Name: "ioctl$KVM_RUN", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(44672)}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "arg", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(0)}}, NR: 16},
&Call{Name: "ioctl$KVM_S390_INTERRUPT", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1074835092)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_interrupt", "", DirIn})}}, NR: 16},
&Call{Name: "ioctl$KVM_S390_INTERRUPT_CPU", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1074835092)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_interrupt", "", DirIn})}}, NR: 16},
&Call{Name: "ioctl$KVM_S390_UCAS_MAP", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1075359312)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_ucas_mapping", "", DirIn})}}, NR: 16},
diff --git a/sys/sys_arm64.go b/sys/sys_arm64.go
index a293fcfed..c492f6b17 100644
--- a/sys/sys_arm64.go
+++ b/sys/sys_arm64.go
@@ -21995,7 +21995,7 @@ var Calls = []*Call{
&Call{Name: "ioctl$KVM_PPC_GET_SMMU_INFO", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(2186325670)}, &PtrType{TypeCommon: TypeCommon{TypeName: "buffer", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: &BufferType{TypeCommon: TypeCommon{TypeName: "buffer", FldName: "arg", ArgDir: DirOut, IsOptional: false}, Kind: BufferBlobRand}}}, NR: 29},
&Call{Name: "ioctl$KVM_REGISTER_COALESCED_MMIO", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1074835047)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_coalesced_mmio_zone", "", DirIn})}}, NR: 29},
&Call{Name: "ioctl$KVM_REINJECT_CONTROL", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(44657)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_reinject_control", "", DirIn})}}, NR: 29},
- &Call{Name: "ioctl$KVM_RUN", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(44672)}}, NR: 29},
+ &Call{Name: "ioctl$KVM_RUN", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(44672)}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "arg", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(0)}}, NR: 29},
&Call{Name: "ioctl$KVM_S390_INTERRUPT", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1074835092)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_interrupt", "", DirIn})}}, NR: 29},
&Call{Name: "ioctl$KVM_S390_INTERRUPT_CPU", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1074835092)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_interrupt", "", DirIn})}}, NR: 29},
&Call{Name: "ioctl$KVM_S390_UCAS_MAP", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1075359312)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_ucas_mapping", "", DirIn})}}, NR: 29},
diff --git a/sys/sys_ppc64le.go b/sys/sys_ppc64le.go
index f1664a27f..5bc400034 100644
--- a/sys/sys_ppc64le.go
+++ b/sys/sys_ppc64le.go
@@ -21995,7 +21995,7 @@ var Calls = []*Call{
&Call{Name: "ioctl$KVM_PPC_GET_SMMU_INFO", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(1112583846)}, &PtrType{TypeCommon: TypeCommon{TypeName: "buffer", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: &BufferType{TypeCommon: TypeCommon{TypeName: "buffer", FldName: "arg", ArgDir: DirOut, IsOptional: false}, Kind: BufferBlobRand}}}, NR: 54},
&Call{Name: "ioctl$KVM_REGISTER_COALESCED_MMIO", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(2148576871)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_coalesced_mmio_zone", "", DirIn})}}, NR: 54},
&Call{Name: "ioctl$KVM_REINJECT_CONTROL", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(536915569)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_reinject_control", "", DirIn})}}, NR: 54},
- &Call{Name: "ioctl$KVM_RUN", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(536915584)}}, NR: 54},
+ &Call{Name: "ioctl$KVM_RUN", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(536915584)}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "arg", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(0)}}, NR: 54},
&Call{Name: "ioctl$KVM_S390_INTERRUPT", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmvm", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmvm")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(2148576916)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_interrupt", "", DirIn})}}, NR: 54},
&Call{Name: "ioctl$KVM_S390_INTERRUPT_CPU", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(2148576916)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_interrupt", "", DirIn})}}, NR: 54},
&Call{Name: "ioctl$KVM_S390_UCAS_MAP", CallName: "ioctl", Native: true, Args: []Type{&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_kvmcpu", FldName: "fd", ArgDir: DirIn, IsOptional: false}, Desc: resource("fd_kvmcpu")}, &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", ArgDir: DirIn, IsOptional: false}, TypeSize: 8, BigEndian: false, BitfieldLen: 0}, Val: uintptr(2149101136)}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", ArgDir: DirIn, IsOptional: false}, Type: getStruct(structKey{"kvm_s390_ucas_mapping", "", DirIn})}}, NR: 54},
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-19 09:23:39 +0000