diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2020-04-18 12:36:52 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2020-04-18 14:35:45 +0200 |
| commit | 67234372ef1e27c87a6be2e0141d70ae797231a1 (patch) | |
| tree | e6304ac41f5af586d81d84e31f9c8547754a32d9 | |
| parent | ea36da8271c508fe4c8bcc80af20ec81c812b95a (diff) | |
prog: refactor target.MakeMmap
Make MakeMmap return more than 1 call.
This is a preparation for future changes.
Also remove addr/size as they are effectively
always the same and can be inferred from the target
(will also conflict with the future changes).
Also rename to MakeDataMmap to better represent
the new purpose: it's just some arbitrary mmap,
but rather mapping of the data segment.
| -rw-r--r-- | pkg/csource/csource.go | 2 | ||||
| -rw-r--r-- | pkg/ipc/ipc_test.go | 4 | ||||
| -rw-r--r-- | prog/rand.go | 15 | ||||
| -rw-r--r-- | prog/target.go | 4 | ||||
| -rw-r--r-- | sys/akaros/init.go | 2 | ||||
| -rw-r--r-- | sys/freebsd/init.go | 2 | ||||
| -rw-r--r-- | sys/fuchsia/init.go | 2 | ||||
| -rw-r--r-- | sys/linux/init.go | 2 | ||||
| -rw-r--r-- | sys/netbsd/init.go | 2 | ||||
| -rw-r--r-- | sys/openbsd/init.go | 2 | ||||
| -rw-r--r-- | sys/targets/common.go | 31 | ||||
| -rw-r--r-- | sys/test/init.go | 2 | ||||
| -rw-r--r-- | sys/trusty/init.go | 2 | ||||
| -rw-r--r-- | sys/windows/init.go | 25 | ||||
| -rw-r--r-- | syz-fuzzer/testing.go | 2 |
15 files changed, 51 insertions, 48 deletions
diff --git a/pkg/csource/csource.go b/pkg/csource/csource.go index 2754686ae..b198b826e 100644 --- a/pkg/csource/csource.go +++ b/pkg/csource/csource.go @@ -32,7 +32,7 @@ func Write(p *prog.Prog, opts Options) ([]byte, error) { return nil, err } - mmapProg := p.Target.GenerateUberMmapProg() + mmapProg := p.Target.DataMmapProg() mmapCalls, _, err := ctx.generateProgCalls(mmapProg, false) if err != nil { return nil, err diff --git a/pkg/ipc/ipc_test.go b/pkg/ipc/ipc_test.go index d762af468..64632a98c 100644 --- a/pkg/ipc/ipc_test.go +++ b/pkg/ipc/ipc_test.go @@ -92,7 +92,7 @@ func TestExecute(t *testing.T) { defer env.Close() for i := 0; i < 10; i++ { - p := target.GenerateSimpleProg() + p := target.DataMmapProg() opts := &ExecOpts{ Flags: flag, } @@ -139,7 +139,7 @@ func TestParallel(t *testing.T) { env.Close() errs <- err }() - p := target.GenerateSimpleProg() + p := target.DataMmapProg() opts := &ExecOpts{} output, info, hanged, err := env.Exec(opts, p) if err != nil { diff --git a/prog/rand.go b/prog/rand.go index 8583fbdcb..c761d0b40 100644 --- a/prog/rand.go +++ b/prog/rand.go @@ -589,19 +589,12 @@ func (target *Target) GenerateAllSyzProg(rs rand.Source) *Prog { return p } -// GenerateSimpleProg generates the simplest non-empty program for testing -// (e.g. containing a single mmap). -func (target *Target) GenerateSimpleProg() *Prog { +// DataMmapProg creates program that maps data segment. +// Also used for testing as the simplest program. +func (target *Target) DataMmapProg() *Prog { return &Prog{ Target: target, - Calls: []*Call{target.MakeMmap(0, target.PageSize)}, - } -} - -func (target *Target) GenerateUberMmapProg() *Prog { - return &Prog{ - Target: target, - Calls: []*Call{target.MakeMmap(0, target.NumPages*target.PageSize)}, + Calls: target.MakeDataMmap(), } } diff --git a/prog/target.go b/prog/target.go index b19645ea2..5c97b5e50 100644 --- a/prog/target.go +++ b/prog/target.go @@ -25,8 +25,8 @@ type Target struct { Structs []*KeyedStruct Consts []ConstValue - // MakeMmap creates call that maps [addr, addr+size) memory range. - MakeMmap func(addr, size uint64) *Call + // MakeDataMmap creates calls that mmaps target data memory range. + MakeDataMmap func() []*Call // Neutralize neutralizes harmful calls by transforming them into non-harmful ones // (e.g. an ioctl that turns off console output is turned into ioctl that turns on output). diff --git a/sys/akaros/init.go b/sys/akaros/init.go index c5098ce7f..3016b3dee 100644 --- a/sys/akaros/init.go +++ b/sys/akaros/init.go @@ -16,7 +16,7 @@ func InitTarget(target *prog.Target) { arch := &arch{ MAP_FIXED: target.GetConst("MAP_FIXED"), } - target.MakeMmap = targets.MakePosixMmap(target, true) + target.MakeDataMmap = targets.MakePosixMmap(target, true) target.Neutralize = arch.Neutralize } diff --git a/sys/freebsd/init.go b/sys/freebsd/init.go index 8629ea235..eff43b288 100644 --- a/sys/freebsd/init.go +++ b/sys/freebsd/init.go @@ -13,7 +13,7 @@ func InitTarget(target *prog.Target) { unix: targets.MakeUnixNeutralizer(target), } - target.MakeMmap = targets.MakePosixMmap(target, true) + target.MakeDataMmap = targets.MakePosixMmap(target, true) target.Neutralize = arch.unix.Neutralize } diff --git a/sys/fuchsia/init.go b/sys/fuchsia/init.go index 30cb3d7d1..2fbbd4bdf 100644 --- a/sys/fuchsia/init.go +++ b/sys/fuchsia/init.go @@ -11,5 +11,5 @@ import ( ) func InitTarget(target *prog.Target) { - target.MakeMmap = targets.MakeSyzMmap(target) + target.MakeDataMmap = targets.MakeSyzMmap(target) } diff --git a/sys/linux/init.go b/sys/linux/init.go index 7638860d5..6a10c7d82 100644 --- a/sys/linux/init.go +++ b/sys/linux/init.go @@ -48,7 +48,7 @@ func InitTarget(target *prog.Target) { ARCH_SET_GS: target.ConstMap["ARCH_SET_GS"], } - target.MakeMmap = targets.MakePosixMmap(target, true) + target.MakeDataMmap = targets.MakePosixMmap(target, true) target.Neutralize = arch.neutralize target.SpecialTypes = map[string]func(g *prog.Gen, typ prog.Type, old prog.Arg) ( prog.Arg, []*prog.Call){ diff --git a/sys/netbsd/init.go b/sys/netbsd/init.go index 5a07bcb09..c90c51eb8 100644 --- a/sys/netbsd/init.go +++ b/sys/netbsd/init.go @@ -13,7 +13,7 @@ func InitTarget(target *prog.Target) { unix: targets.MakeUnixNeutralizer(target), } - target.MakeMmap = targets.MakePosixMmap(target, false) + target.MakeDataMmap = targets.MakePosixMmap(target, false) target.Neutralize = arch.unix.Neutralize } diff --git a/sys/openbsd/init.go b/sys/openbsd/init.go index 9f9a59ebf..40ab996f4 100644 --- a/sys/openbsd/init.go +++ b/sys/openbsd/init.go @@ -19,7 +19,7 @@ func InitTarget(target *prog.Target) { S_IFCHR: target.GetConst("S_IFCHR"), } - target.MakeMmap = targets.MakePosixMmap(target, false) + target.MakeDataMmap = targets.MakePosixMmap(target, false) target.Neutralize = arch.neutralize target.AnnotateCall = arch.annotateCall } diff --git a/sys/targets/common.go b/sys/targets/common.go index 72c485f81..75a1aba4f 100644 --- a/sys/targets/common.go +++ b/sys/targets/common.go @@ -7,8 +7,8 @@ import ( "github.com/google/syzkaller/prog" ) -// MakePosixMmap creates a "normal" posix mmap call that maps [addr, addr+size) range. -func MakePosixMmap(target *prog.Target, exec bool) func(addr, size uint64) *prog.Call { +// MakePosixMmap creates a "normal" posix mmap call that maps the target data range. +func MakePosixMmap(target *prog.Target, exec bool) func() []*prog.Call { meta := target.SyscallMap["mmap"] prot := target.GetConst("PROT_READ") | target.GetConst("PROT_WRITE") if exec { @@ -16,9 +16,10 @@ func MakePosixMmap(target *prog.Target, exec bool) func(addr, size uint64) *prog } flags := target.GetConst("MAP_ANONYMOUS") | target.GetConst("MAP_PRIVATE") | target.GetConst("MAP_FIXED") const invalidFD = ^uint64(0) - return func(addr, size uint64) *prog.Call { + size := target.NumPages * target.PageSize + return func() []*prog.Call { args := []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), + prog.MakeVmaPointerArg(meta.Args[0], 0, size), prog.MakeConstArg(meta.Args[1], size), prog.MakeConstArg(meta.Args[2], prot), prog.MakeConstArg(meta.Args[3], flags), @@ -32,24 +33,28 @@ func MakePosixMmap(target *prog.Target, exec bool) func(addr, size uint64) *prog } args = append(args, prog.MakeConstArg(meta.Args[i], 0)) - return &prog.Call{ + mmapCall := &prog.Call{ Meta: meta, Args: args, Ret: prog.MakeReturnArg(meta.Ret), } + return []*prog.Call{mmapCall} } } -func MakeSyzMmap(target *prog.Target) func(addr, size uint64) *prog.Call { +func MakeSyzMmap(target *prog.Target) func() []*prog.Call { meta := target.SyscallMap["syz_mmap"] - return func(addr, size uint64) *prog.Call { - return &prog.Call{ - Meta: meta, - Args: []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), - prog.MakeConstArg(meta.Args[1], size), + size := target.NumPages * target.PageSize + return func() []*prog.Call { + return []*prog.Call{ + &prog.Call{ + Meta: meta, + Args: []prog.Arg{ + prog.MakeVmaPointerArg(meta.Args[0], 0, size), + prog.MakeConstArg(meta.Args[1], size), + }, + Ret: prog.MakeReturnArg(meta.Ret), }, - Ret: prog.MakeReturnArg(meta.Ret), } } } diff --git a/sys/test/init.go b/sys/test/init.go index 815c99a98..ee2281f70 100644 --- a/sys/test/init.go +++ b/sys/test/init.go @@ -9,5 +9,5 @@ import ( ) func InitTarget(target *prog.Target) { - target.MakeMmap = targets.MakeSyzMmap(target) + target.MakeDataMmap = targets.MakeSyzMmap(target) } diff --git a/sys/trusty/init.go b/sys/trusty/init.go index d437b5d3f..2ec63cbf3 100644 --- a/sys/trusty/init.go +++ b/sys/trusty/init.go @@ -9,5 +9,5 @@ import ( ) func InitTarget(target *prog.Target) { - target.MakeMmap = targets.MakeSyzMmap(target) + target.MakeDataMmap = targets.MakeSyzMmap(target) } diff --git a/sys/windows/init.go b/sys/windows/init.go index 5c1a1e9a9..6a245cdba 100644 --- a/sys/windows/init.go +++ b/sys/windows/init.go @@ -9,16 +9,18 @@ import ( func InitTarget(target *prog.Target) { arch := &arch{ + target: target, virtualAllocSyscall: target.SyscallMap["VirtualAlloc"], MEM_COMMIT: target.GetConst("MEM_COMMIT"), MEM_RESERVE: target.GetConst("MEM_RESERVE"), PAGE_EXECUTE_READWRITE: target.GetConst("PAGE_EXECUTE_READWRITE"), } - target.MakeMmap = arch.makeMmap + target.MakeDataMmap = arch.makeMmap } type arch struct { + target *prog.Target virtualAllocSyscall *prog.Syscall MEM_COMMIT uint64 @@ -26,16 +28,19 @@ type arch struct { PAGE_EXECUTE_READWRITE uint64 } -func (arch *arch) makeMmap(addr, size uint64) *prog.Call { +func (arch *arch) makeMmap() []*prog.Call { meta := arch.virtualAllocSyscall - return &prog.Call{ - Meta: meta, - Args: []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), - prog.MakeConstArg(meta.Args[1], size), - prog.MakeConstArg(meta.Args[2], arch.MEM_COMMIT|arch.MEM_RESERVE), - prog.MakeConstArg(meta.Args[3], arch.PAGE_EXECUTE_READWRITE), + size := arch.target.NumPages * arch.target.PageSize + return []*prog.Call{ + &prog.Call{ + Meta: meta, + Args: []prog.Arg{ + prog.MakeVmaPointerArg(meta.Args[0], 0, size), + prog.MakeConstArg(meta.Args[1], size), + prog.MakeConstArg(meta.Args[2], arch.MEM_COMMIT|arch.MEM_RESERVE), + prog.MakeConstArg(meta.Args[3], arch.PAGE_EXECUTE_READWRITE), + }, + Ret: prog.MakeReturnArg(meta.Ret), }, - Ret: prog.MakeReturnArg(meta.Ret), } } diff --git a/syz-fuzzer/testing.go b/syz-fuzzer/testing.go index 85c93a6df..2ed615c80 100644 --- a/syz-fuzzer/testing.go +++ b/syz-fuzzer/testing.go @@ -241,7 +241,7 @@ func checkSimpleProgram(args *checkArgs, features *host.Features) error { return fmt.Errorf("failed to create ipc env: %v", err) } defer env.Close() - p := args.target.GenerateSimpleProg() + p := args.target.DataMmapProg() output, info, hanged, err := env.Exec(args.ipcExecOpts, p) if err != nil { return fmt.Errorf("program execution failed: %v\n%s", err, output) |