diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2024-04-18 09:09:32 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2024-04-30 09:36:03 +0000 |
| commit | b55e33926118ca417bb0ce0c76ceec7c220f65bc (patch) | |
| tree | 5741e99424e39b090bd3a4689929f74c3949078a | |
| parent | f10afd6936523834f5b3297e9771b19a8f0edcb5 (diff) | |
pkg/ipc: make it possible to change EnvFlags between executions
Pass EnvFlags into Exec instead of New.
This allows to change EnvFlags between executions.
Change of EnvFlags forces executor process restart
since it uses EnvFlags during setup.
Currently this is intended to be NFC since we always
pass the same EnvFlags.
In future this will allow to (1) reduce part of the
VM checking procedure to execution of programs with
different options (e.g. we can probe for coverage/comparisons
support, probe different sandboxes, etc);
(2) use it during fuzzing/reproduction, e.g. we can check
if the crash reproduces under setuid sandbox, or execute some
fuzzing programs in significantly different modes.
| -rw-r--r-- | executor/common_ext_test.go | 2 | ||||
| -rw-r--r-- | pkg/fuzzer/fuzzer_test.go | 6 | ||||
| -rw-r--r-- | pkg/ipc/ipc.go | 88 | ||||
| -rw-r--r-- | pkg/ipc/ipc_priv_test.go | 15 | ||||
| -rw-r--r-- | pkg/ipc/ipc_test.go | 6 | ||||
| -rw-r--r-- | pkg/ipc/ipcconfig/ipcconfig.go | 32 | ||||
| -rw-r--r-- | pkg/runtest/run.go | 38 | ||||
| -rw-r--r-- | syz-fuzzer/fuzzer.go | 32 | ||||
| -rw-r--r-- | syz-fuzzer/proc.go | 10 | ||||
| -rw-r--r-- | syz-fuzzer/testing.go | 12 | ||||
| -rw-r--r-- | syz-runner/runner.go | 3 | ||||
| -rw-r--r-- | tools/syz-execprog/execprog.go | 40 | ||||
| -rw-r--r-- | tools/syz-stress/stress.go | 18 |
13 files changed, 157 insertions, 145 deletions
diff --git a/executor/common_ext_test.go b/executor/common_ext_test.go index 672ad7c74..00bca4494 100644 --- a/executor/common_ext_test.go +++ b/executor/common_ext_test.go @@ -52,7 +52,7 @@ func TestCommonExt(t *testing.T) { t.Fatal(err) } cfg.Executor = bin - cfg.Flags |= ipc.FlagDebug + opts.EnvFlags |= ipc.FlagDebug env, err := ipc.MakeEnv(cfg, 0) if err != nil { t.Fatalf("failed to create env: %v", err) diff --git a/pkg/fuzzer/fuzzer_test.go b/pkg/fuzzer/fuzzer_test.go index 87068064f..6c6bb46fd 100644 --- a/pkg/fuzzer/fuzzer_test.go +++ b/pkg/fuzzer/fuzzer_test.go @@ -285,7 +285,7 @@ func newProc(t *testing.T, target *prog.Target, executor string) *executorProc { t.Fatal(err) } config.Executor = executor - config.Flags |= ipc.FlagSignal + execOpts.EnvFlags |= ipc.FlagSignal env, err := ipc.MakeEnv(config, 0) if err != nil { t.Fatal(err) @@ -303,10 +303,10 @@ func (proc *executorProc) execute(req *Request) (*Result, string, error) { execOpts := proc.execOpts // TODO: it's duplicated from fuzzer.go. if req.NeedSignal != rpctype.NoSignal { - execOpts.Flags |= ipc.FlagCollectSignal + execOpts.ExecFlags |= ipc.FlagCollectSignal } if req.NeedCover { - execOpts.Flags |= ipc.FlagCollectCover + execOpts.ExecFlags |= ipc.FlagCollectCover } // TODO: support req.NeedHints. output, info, _, err := proc.env.Exec(&execOpts, req.Prog) diff --git a/pkg/ipc/ipc.go b/pkg/ipc/ipc.go index daebc257d..ebdca1ef8 100644 --- a/pkg/ipc/ipc.go +++ b/pkg/ipc/ipc.go @@ -58,7 +58,11 @@ const ( ) type ExecOpts struct { - Flags ExecFlags + // Changing ExecFlags between executions does not cause executor process restart. + // Changing EnvFlags/SandboxArg does cause process restart. + ExecFlags ExecFlags + EnvFlags EnvFlags + SandboxArg int } // Config is the configuration for Env. @@ -70,10 +74,6 @@ type Config struct { UseForkServer bool // use extended protocol with handshake RateLimit bool // rate limit start of new processes for host fuzzer mode - // Flags are configuation flags, defined above. - Flags EnvFlags - SandboxArg int - Timeouts targets.Timeouts } @@ -267,7 +267,7 @@ func (env *Env) ExecProg(opts *ExecOpts, progData []byte) (output []byte, info * env.out[i] = 0 } - err0 = env.RestartIfNeeded() + err0 = env.RestartIfNeeded(opts) if err0 != nil { return } @@ -311,9 +311,12 @@ func (env *Env) ForceRestart() { } // RestartIfNeeded brings up an executor process if it was stopped. -func (env *Env) RestartIfNeeded() error { +func (env *Env) RestartIfNeeded(opts *ExecOpts) error { if env.cmd != nil { - return nil + if env.cmd.flags == opts.EnvFlags && env.cmd.sandboxArg == opts.SandboxArg { + return nil + } + env.ForceRestart() } if env.config.RateLimit { rateLimiterOnce.Do(func() { @@ -321,9 +324,8 @@ func (env *Env) RestartIfNeeded() error { }) <-rateLimiter } - tmpDirPath := "./" var err error - env.cmd, err = makeCommand(env.pid, env.bin, env.config, env.inFile, env.outFile, env.out, tmpDirPath) + env.cmd, err = env.makeCommand(opts, "./") return err } @@ -381,7 +383,7 @@ func (env *Env) parseOutput(opts *ExecOpts, ncalls int) (*ProgInfo, error) { if len(extraParts) == 0 { return info, nil } - info.Extra = convertExtra(extraParts, opts.Flags&FlagDedupCover > 0) + info.Extra = convertExtra(extraParts, opts.ExecFlags&FlagDedupCover > 0) return info, nil } @@ -491,17 +493,19 @@ func readUint32Array(outp *[]byte, size uint32) ([]uint32, bool) { } type command struct { - pid int - config *Config - timeout time.Duration - cmd *exec.Cmd - dir string - readDone chan []byte - exited chan error - inrp *os.File - outwp *os.File - outmem []byte - freshness int + pid int + config *Config + flags EnvFlags + sandboxArg int + timeout time.Duration + cmd *exec.Cmd + dir string + readDone chan []byte + exited chan error + inrp *os.File + outwp *os.File + outmem []byte + freshness int } const ( @@ -553,16 +557,15 @@ type callReply struct { // signal/cover/comps follow } -func makeCommand(pid int, bin []string, config *Config, inFile, outFile *os.File, outmem []byte, - tmpDirPath string) (*command, error) { - dir, err := os.MkdirTemp(tmpDirPath, "syzkaller-testdir") +func (env *Env) makeCommand(opts *ExecOpts, tmpDir string) (*command, error) { + dir, err := os.MkdirTemp(tmpDir, "syzkaller-testdir") if err != nil { return nil, fmt.Errorf("failed to create temp dir: %w", err) } dir = osutil.Abs(dir) - timeout := config.Timeouts.Program - if config.UseForkServer { + timeout := env.config.Timeouts.Program + if env.config.UseForkServer { // Executor has an internal timeout and protects against most hangs when fork server is enabled, // so we use quite large timeout. Executor can be slow due to global locks in namespaces // and other things, so let's better wait than report false misleading crashes. @@ -570,11 +573,13 @@ func makeCommand(pid int, bin []string, config *Config, inFile, outFile *os.File } c := &command{ - pid: pid, - config: config, - timeout: timeout, - dir: dir, - outmem: outmem, + pid: env.pid, + config: env.config, + flags: opts.EnvFlags, + sandboxArg: opts.SandboxArg, + timeout: timeout, + dir: dir, + outmem: env.out, } defer func() { if c != nil { @@ -611,16 +616,16 @@ func makeCommand(pid int, bin []string, config *Config, inFile, outFile *os.File c.readDone = make(chan []byte, 1) - cmd := osutil.Command(bin[0], bin[1:]...) - if inFile != nil && outFile != nil { - cmd.ExtraFiles = []*os.File{inFile, outFile} + cmd := osutil.Command(env.bin[0], env.bin[1:]...) + if env.inFile != nil && env.outFile != nil { + cmd.ExtraFiles = []*os.File{env.inFile, env.outFile} } cmd.Dir = dir // Tell ASAN to not mess with our NONFAILING. cmd.Env = append(append([]string{}, os.Environ()...), "ASAN_OPTIONS=handle_segv=0 allow_user_segv_handler=1") cmd.Stdin = outrp cmd.Stdout = inwp - if config.Flags&FlagDebug != 0 { + if c.flags&FlagDebug != 0 { close(c.readDone) cmd.Stderr = os.Stdout } else { @@ -694,9 +699,9 @@ func (c *command) close() { func (c *command) handshake() error { req := &handshakeReq{ magic: inMagic, - flags: uint64(c.config.Flags), + flags: uint64(c.flags), pid: uint64(c.pid), - sandboxArg: uint64(c.config.SandboxArg), + sandboxArg: uint64(c.sandboxArg), } reqData := (*[unsafe.Sizeof(*req)]byte)(unsafe.Pointer(req))[:] if _, err := c.outwp.Write(reqData); err != nil { @@ -744,10 +749,13 @@ func (c *command) wait() error { } func (c *command) exec(opts *ExecOpts, progData []byte) (output []byte, hanged bool, err0 error) { + if c.flags != opts.EnvFlags || c.sandboxArg != opts.SandboxArg { + panic("wrong command") + } req := &executeReq{ magic: inMagic, - envFlags: uint64(c.config.Flags), - execFlags: uint64(opts.Flags), + envFlags: uint64(c.flags), + execFlags: uint64(opts.ExecFlags), pid: uint64(c.pid), syscallTimeoutMS: uint64(c.config.Timeouts.Syscall / time.Millisecond), programTimeoutMS: uint64(c.config.Timeouts.Program / time.Millisecond), diff --git a/pkg/ipc/ipc_priv_test.go b/pkg/ipc/ipc_priv_test.go index 054916045..94c48af75 100644 --- a/pkg/ipc/ipc_priv_test.go +++ b/pkg/ipc/ipc_priv_test.go @@ -9,11 +9,16 @@ import ( func TestOutputDeadline(t *testing.T) { // Run the command that leaks stderr to a child process. - c, err := makeCommand(1, []string{ - "sh", - "-c", - "exec 1>&2; ( sleep 100; echo fail ) & echo done", - }, &Config{}, nil, nil, nil, "/tmp") + env := &Env{ + bin: []string{ + "sh", + "-c", + "exec 1>&2; ( sleep 100; echo fail ) & echo done", + }, + pid: 1, + config: &Config{}, + } + c, err := env.makeCommand(&ExecOpts{}, t.TempDir()) if err != nil { t.Fatal(err) } diff --git a/pkg/ipc/ipc_test.go b/pkg/ipc/ipc_test.go index ffb28d0a6..fcc8b5dcd 100644 --- a/pkg/ipc/ipc_test.go +++ b/pkg/ipc/ipc_test.go @@ -100,7 +100,6 @@ func TestExecute(t *testing.T) { UseShmem: useShmem, UseForkServer: useForkServer, Timeouts: timeouts, - SandboxArg: 0, } env, err := MakeEnv(cfg, 0) if err != nil { @@ -111,7 +110,7 @@ func TestExecute(t *testing.T) { for i := 0; i < 10; i++ { p := prepareTestProgram(target) opts := &ExecOpts{ - Flags: flag, + ExecFlags: flag, } output, info, hanged, err := env.Exec(opts, p) if err != nil { @@ -142,7 +141,6 @@ func TestParallel(t *testing.T) { UseShmem: useShmem, UseForkServer: useForkServer, Timeouts: timeouts, - SandboxArg: 0, } const P = 10 errs := make(chan error, P) @@ -204,7 +202,7 @@ func TestZlib(t *testing.T) { if err != nil { t.Fatal(err) } - cfg.Flags |= FlagDebug + opts.EnvFlags |= FlagDebug cfg.Executor = buildExecutor(t, target) defer os.Remove(cfg.Executor) env, err := MakeEnv(cfg, 0) diff --git a/pkg/ipc/ipcconfig/ipcconfig.go b/pkg/ipc/ipcconfig/ipcconfig.go index 4b4aacd8a..1a91b28fb 100644 --- a/pkg/ipc/ipcconfig/ipcconfig.go +++ b/pkg/ipc/ipcconfig/ipcconfig.go @@ -27,30 +27,30 @@ func Default(target *prog.Target) (*ipc.Config, *ipc.ExecOpts, error) { Executor: *flagExecutor, Timeouts: sysTarget.Timeouts(*flagSlowdown), } - if *flagSignal { - c.Flags |= ipc.FlagSignal - } - if *flagDebug { - c.Flags |= ipc.FlagDebug - } - sandboxFlags, err := ipc.SandboxToFlags(*flagSandbox) - if err != nil { - return nil, nil, err - } - c.SandboxArg = *flagSandboxArg - c.Flags |= sandboxFlags c.UseShmem = sysTarget.ExecutorUsesShmem c.UseForkServer = sysTarget.ExecutorUsesForkServer c.RateLimit = sysTarget.HostFuzzer && target.OS != targets.TestOS + opts := &ipc.ExecOpts{ - Flags: ipc.FlagDedupCover, + ExecFlags: ipc.FlagDedupCover, } if *flagThreaded { - opts.Flags |= ipc.FlagThreaded + opts.ExecFlags |= ipc.FlagThreaded } if *flagSignal { - opts.Flags |= ipc.FlagCollectSignal + opts.ExecFlags |= ipc.FlagCollectSignal } - + if *flagSignal { + opts.EnvFlags |= ipc.FlagSignal + } + if *flagDebug { + opts.EnvFlags |= ipc.FlagDebug + } + sandboxFlags, err := ipc.SandboxToFlags(*flagSandbox) + if err != nil { + return nil, nil, err + } + opts.SandboxArg = *flagSandboxArg + opts.EnvFlags |= sandboxFlags return c, opts, nil } diff --git a/pkg/runtest/run.go b/pkg/runtest/run.go index 751ecf74f..9e111377d 100644 --- a/pkg/runtest/run.go +++ b/pkg/runtest/run.go @@ -410,43 +410,43 @@ func (ctx *Context) createSyzTest(p *prog.Prog, sandbox string, threaded, cov bo if err != nil { return nil, err } - cfg.Flags |= sandboxFlags + opts.EnvFlags |= sandboxFlags if threaded { - opts.Flags |= ipc.FlagThreaded + opts.ExecFlags |= ipc.FlagThreaded } if cov { - cfg.Flags |= ipc.FlagSignal - opts.Flags |= ipc.FlagCollectSignal - opts.Flags |= ipc.FlagCollectCover + opts.EnvFlags |= ipc.FlagSignal + opts.ExecFlags |= ipc.FlagCollectSignal + opts.ExecFlags |= ipc.FlagCollectCover } if ctx.Features[host.FeatureExtraCoverage].Enabled { - cfg.Flags |= ipc.FlagExtraCover + opts.EnvFlags |= ipc.FlagExtraCover } if ctx.Features[host.FeatureDelayKcovMmap].Enabled { - cfg.Flags |= ipc.FlagDelayKcovMmap + opts.EnvFlags |= ipc.FlagDelayKcovMmap } if ctx.Features[host.FeatureNetInjection].Enabled { - cfg.Flags |= ipc.FlagEnableTun + opts.EnvFlags |= ipc.FlagEnableTun } if ctx.Features[host.FeatureNetDevices].Enabled { - cfg.Flags |= ipc.FlagEnableNetDev + opts.EnvFlags |= ipc.FlagEnableNetDev } - cfg.Flags |= ipc.FlagEnableNetReset - cfg.Flags |= ipc.FlagEnableCgroups + opts.EnvFlags |= ipc.FlagEnableNetReset + opts.EnvFlags |= ipc.FlagEnableCgroups if ctx.Features[host.FeatureDevlinkPCI].Enabled { - cfg.Flags |= ipc.FlagEnableDevlinkPCI + opts.EnvFlags |= ipc.FlagEnableDevlinkPCI } if ctx.Features[host.FeatureNicVF].Enabled { - cfg.Flags |= ipc.FlagEnableNicVF + opts.EnvFlags |= ipc.FlagEnableNicVF } if ctx.Features[host.FeatureVhciInjection].Enabled { - cfg.Flags |= ipc.FlagEnableVhciInjection + opts.EnvFlags |= ipc.FlagEnableVhciInjection } if ctx.Features[host.FeatureWifiEmulation].Enabled { - cfg.Flags |= ipc.FlagEnableWifi + opts.EnvFlags |= ipc.FlagEnableWifi } if ctx.Debug { - cfg.Flags |= ipc.FlagDebug + opts.EnvFlags |= ipc.FlagDebug } req := &RunRequest{ P: p, @@ -504,7 +504,7 @@ func (ctx *Context) createCTest(p *prog.Prog, sandbox string, threaded bool, tim P: p, Bin: bin, Opts: &ipc.ExecOpts{ - Flags: ipcFlags, + ExecFlags: ipcFlags, }, Repeat: times, } @@ -547,7 +547,7 @@ func checkCallResult(req *RunRequest, isC bool, run, call int, info *ipc.ProgInf // C code does not detect blocked/non-finished calls. continue } - if req.Opts.Flags&ipc.FlagThreaded == 0 { + if req.Opts.ExecFlags&ipc.FlagThreaded == 0 { // In non-threaded mode blocked syscalls will block main thread // and we won't detect blocked/unfinished syscalls. continue @@ -573,7 +573,7 @@ func checkCallResult(req *RunRequest, isC bool, run, call int, info *ipc.ProgInf if isC || inf.Flags&ipc.CallExecuted == 0 { return nil } - if req.Cfg.Flags&ipc.FlagSignal != 0 { + if req.Opts.EnvFlags&ipc.FlagSignal != 0 { // Signal is always deduplicated, so we may not get any signal // on a second invocation of the same syscall. // For calls that are not meant to collect synchronous coverage we diff --git a/syz-fuzzer/fuzzer.go b/syz-fuzzer/fuzzer.go index 48bdc1f96..abee43107 100644 --- a/syz-fuzzer/fuzzer.go +++ b/syz-fuzzer/fuzzer.go @@ -59,33 +59,33 @@ type executionResult struct { info *ipc.ProgInfo } -func createIPCConfig(features *host.Features, config *ipc.Config) { +func createIPCConfig(features *host.Features, opts *ipc.ExecOpts) { if features[host.FeatureExtraCoverage].Enabled { - config.Flags |= ipc.FlagExtraCover + opts.EnvFlags |= ipc.FlagExtraCover } if features[host.FeatureDelayKcovMmap].Enabled { - config.Flags |= ipc.FlagDelayKcovMmap + opts.EnvFlags |= ipc.FlagDelayKcovMmap } if features[host.FeatureNetInjection].Enabled { - config.Flags |= ipc.FlagEnableTun + opts.EnvFlags |= ipc.FlagEnableTun } if features[host.FeatureNetDevices].Enabled { - config.Flags |= ipc.FlagEnableNetDev + opts.EnvFlags |= ipc.FlagEnableNetDev } - config.Flags |= ipc.FlagEnableNetReset - config.Flags |= ipc.FlagEnableCgroups - config.Flags |= ipc.FlagEnableCloseFds + opts.EnvFlags |= ipc.FlagEnableNetReset + opts.EnvFlags |= ipc.FlagEnableCgroups + opts.EnvFlags |= ipc.FlagEnableCloseFds if features[host.FeatureDevlinkPCI].Enabled { - config.Flags |= ipc.FlagEnableDevlinkPCI + opts.EnvFlags |= ipc.FlagEnableDevlinkPCI } if features[host.FeatureNicVF].Enabled { - config.Flags |= ipc.FlagEnableNicVF + opts.EnvFlags |= ipc.FlagEnableNicVF } if features[host.FeatureVhciInjection].Enabled { - config.Flags |= ipc.FlagEnableVhciInjection + opts.EnvFlags |= ipc.FlagEnableVhciInjection } if features[host.FeatureWifiEmulation].Enabled { - config.Flags |= ipc.FlagEnableWifi + opts.EnvFlags |= ipc.FlagEnableWifi } } @@ -129,10 +129,10 @@ func main() { log.SyzFatalf("failed to create default ipc config: %v", err) } if *flagRawCover { - execOpts.Flags &^= ipc.FlagDedupCover + execOpts.ExecFlags &^= ipc.FlagDedupCover } timeouts := config.Timeouts - sandbox := ipc.FlagsToSandbox(config.Flags) + sandbox := ipc.FlagsToSandbox(execOpts.EnvFlags) shutdown := make(chan struct{}) osutil.HandleInterrupts(shutdown) go func() { @@ -218,7 +218,7 @@ func main() { for _, feat := range r.Features.Supported() { log.Logf(0, "%v: %v", feat.Name, feat.Reason) } - createIPCConfig(r.Features, config) + createIPCConfig(r.Features, execOpts) if *flagRunTest { runTest(target, manager, *flagName, config.Executor) @@ -239,7 +239,7 @@ func main() { gateCb := fuzzerTool.useBugFrames(r.Features, checkRes.MemoryLeakFrames, checkRes.DataRaceFrames) fuzzerTool.gate = ipc.NewGate(gateSize, gateCb) if checkRes.CoverFilterBitmap != nil { - execOpts.Flags |= ipc.FlagEnableCoverageFilter + execOpts.ExecFlags |= ipc.FlagEnableCoverageFilter if err := osutil.WriteFile("syz-cover-bitmap", checkRes.CoverFilterBitmap); err != nil { log.SyzFatalf("failed to write syz-cover-bitmap: %v", err) } diff --git a/syz-fuzzer/proc.go b/syz-fuzzer/proc.go index be1c82ab5..c4092a76d 100644 --- a/syz-fuzzer/proc.go +++ b/syz-fuzzer/proc.go @@ -41,16 +41,16 @@ func (proc *Proc) loop() { req := proc.nextRequest() opts := *proc.execOpts if req.NeedSignal == rpctype.NoSignal { - opts.Flags &= ^ipc.FlagCollectSignal + opts.ExecFlags &= ^ipc.FlagCollectSignal } if req.NeedCover { - opts.Flags |= ipc.FlagCollectCover + opts.ExecFlags |= ipc.FlagCollectCover } if req.NeedHints { - opts.Flags |= ipc.FlagCollectComps + opts.ExecFlags |= ipc.FlagCollectComps } if req.NeedRawCover { - opts.Flags &= ^ipc.FlagDedupCover + opts.ExecFlags &= ^ipc.FlagDedupCover } // Do not let too much state accumulate. const restartIn = 600 @@ -93,7 +93,7 @@ func (proc *Proc) execute(opts *ipc.ExecOpts, progID int64, progData []byte) (*i var hanged bool // On a heavily loaded VM, syz-executor may take significant time to start. // Let's do it outside of the gate ticket. - err := proc.env.RestartIfNeeded() + err := proc.env.RestartIfNeeded(opts) if err == nil { // Limit concurrency. ticket := proc.tool.gate.Enter() diff --git a/syz-fuzzer/testing.go b/syz-fuzzer/testing.go index a8783104e..78d1be585 100644 --- a/syz-fuzzer/testing.go +++ b/syz-fuzzer/testing.go @@ -129,22 +129,22 @@ func checkMachine(args *checkArgs) (*rpctype.CheckArgs, error) { return nil, err } if feat := features[host.FeatureCoverage]; !feat.Enabled && - args.ipcConfig.Flags&ipc.FlagSignal != 0 { + args.ipcExecOpts.EnvFlags&ipc.FlagSignal != 0 { return nil, fmt.Errorf("coverage is not supported (%v)", feat.Reason) } if feat := features[host.FeatureSandboxSetuid]; !feat.Enabled && - args.ipcConfig.Flags&ipc.FlagSandboxSetuid != 0 { + args.ipcExecOpts.EnvFlags&ipc.FlagSandboxSetuid != 0 { return nil, fmt.Errorf("sandbox=setuid is not supported (%v)", feat.Reason) } if feat := features[host.FeatureSandboxNamespace]; !feat.Enabled && - args.ipcConfig.Flags&ipc.FlagSandboxNamespace != 0 { + args.ipcExecOpts.EnvFlags&ipc.FlagSandboxNamespace != 0 { return nil, fmt.Errorf("sandbox=namespace is not supported (%v)", feat.Reason) } if feat := features[host.FeatureSandboxAndroid]; !feat.Enabled && - args.ipcConfig.Flags&ipc.FlagSandboxAndroid != 0 { + args.ipcExecOpts.EnvFlags&ipc.FlagSandboxAndroid != 0 { return nil, fmt.Errorf("sandbox=android is not supported (%v)", feat.Reason) } - createIPCConfig(features, args.ipcConfig) + createIPCConfig(features, args.ipcExecOpts) if err := checkSimpleProgram(args, features); err != nil { return nil, err } @@ -259,7 +259,7 @@ func checkSimpleProgram(args *checkArgs, features *host.Features) error { if info.Calls[0].Errno != 0 { return fmt.Errorf("simple call failed: %+v\n%s", info.Calls[0], output) } - if args.ipcConfig.Flags&ipc.FlagSignal != 0 && len(info.Calls[0].Signal) < 2 { + if args.ipcExecOpts.EnvFlags&ipc.FlagSignal != 0 && len(info.Calls[0].Signal) < 2 { return fmt.Errorf("got no coverage:\n%s", output) } return nil diff --git a/syz-runner/runner.go b/syz-runner/runner.go index 7bea3e1a5..496d6d07d 100644 --- a/syz-runner/runner.go +++ b/syz-runner/runner.go @@ -75,7 +75,8 @@ func main() { enabled[c] = true } if r.CheckUnsupportedCalls { - _, unsupported, err := host.DetectSupportedSyscalls(target, ipc.FlagsToSandbox(config.Flags), enabled) + sandbox := ipc.FlagsToSandbox(opts.EnvFlags) + _, unsupported, err := host.DetectSupportedSyscalls(target, sandbox, enabled) if err != nil { log.Fatalf("failed to get unsupported system calls: %v", err) } diff --git a/tools/syz-execprog/execprog.go b/tools/syz-execprog/execprog.go index 6bcc92a07..5d68dd2dd 100644 --- a/tools/syz-execprog/execprog.go +++ b/tools/syz-execprog/execprog.go @@ -185,7 +185,7 @@ func (ctx *Context) execute(pid int, env *ipc.Env, p *prog.Prog, progIndex int) for try := 0; ; try++ { output, info, hanged, err := env.ExecProg(callOpts, progData) if err != nil { - if ctx.config.Flags&ipc.FlagDebug != 0 { + if ctx.execOpts.EnvFlags&ipc.FlagDebug != 0 { log.Logf(0, "result: hanged=%v err=%v\n\n%s", hanged, err, output) } if try > 10 { @@ -361,52 +361,52 @@ func createConfig(target *prog.Target, features *host.Features, featuresFlags cs if err != nil { log.Fatalf("%v", err) } - if config.Flags&ipc.FlagSignal != 0 { - execOpts.Flags |= ipc.FlagCollectCover + if execOpts.EnvFlags&ipc.FlagSignal != 0 { + execOpts.ExecFlags |= ipc.FlagCollectCover } if *flagCoverFile != "" { - config.Flags |= ipc.FlagSignal - execOpts.Flags |= ipc.FlagCollectCover - execOpts.Flags &^= ipc.FlagDedupCover + execOpts.EnvFlags |= ipc.FlagSignal + execOpts.ExecFlags |= ipc.FlagCollectCover + execOpts.ExecFlags &^= ipc.FlagDedupCover } if *flagHints { - if execOpts.Flags&ipc.FlagCollectCover != 0 { - execOpts.Flags ^= ipc.FlagCollectCover + if execOpts.ExecFlags&ipc.FlagCollectCover != 0 { + execOpts.ExecFlags ^= ipc.FlagCollectCover } - execOpts.Flags |= ipc.FlagCollectComps + execOpts.ExecFlags |= ipc.FlagCollectComps } if features[host.FeatureExtraCoverage].Enabled { - config.Flags |= ipc.FlagExtraCover + execOpts.EnvFlags |= ipc.FlagExtraCover } if features[host.FeatureDelayKcovMmap].Enabled { - config.Flags |= ipc.FlagDelayKcovMmap + execOpts.EnvFlags |= ipc.FlagDelayKcovMmap } if featuresFlags["tun"].Enabled && features[host.FeatureNetInjection].Enabled { - config.Flags |= ipc.FlagEnableTun + execOpts.EnvFlags |= ipc.FlagEnableTun } if featuresFlags["net_dev"].Enabled && features[host.FeatureNetDevices].Enabled { - config.Flags |= ipc.FlagEnableNetDev + execOpts.EnvFlags |= ipc.FlagEnableNetDev } if featuresFlags["net_reset"].Enabled { - config.Flags |= ipc.FlagEnableNetReset + execOpts.EnvFlags |= ipc.FlagEnableNetReset } if featuresFlags["cgroups"].Enabled { - config.Flags |= ipc.FlagEnableCgroups + execOpts.EnvFlags |= ipc.FlagEnableCgroups } if featuresFlags["close_fds"].Enabled { - config.Flags |= ipc.FlagEnableCloseFds + execOpts.EnvFlags |= ipc.FlagEnableCloseFds } if featuresFlags["devlink_pci"].Enabled && features[host.FeatureDevlinkPCI].Enabled { - config.Flags |= ipc.FlagEnableDevlinkPCI + execOpts.EnvFlags |= ipc.FlagEnableDevlinkPCI } if featuresFlags["nic_vf"].Enabled && features[host.FeatureNicVF].Enabled { - config.Flags |= ipc.FlagEnableNicVF + execOpts.EnvFlags |= ipc.FlagEnableNicVF } if featuresFlags["vhci"].Enabled && features[host.FeatureVhciInjection].Enabled { - config.Flags |= ipc.FlagEnableVhciInjection + execOpts.EnvFlags |= ipc.FlagEnableVhciInjection } if featuresFlags["wifi"].Enabled && features[host.FeatureWifiEmulation].Enabled { - config.Flags |= ipc.FlagEnableWifi + execOpts.EnvFlags |= ipc.FlagEnableWifi } return config, execOpts } diff --git a/tools/syz-stress/stress.go b/tools/syz-stress/stress.go index 853021afb..8396148e2 100644 --- a/tools/syz-stress/stress.go +++ b/tools/syz-stress/stress.go @@ -151,31 +151,31 @@ func createIPCConfig(target *prog.Target, features *host.Features, featuresFlags return nil, nil, err } if featuresFlags["tun"].Enabled && features[host.FeatureNetInjection].Enabled { - config.Flags |= ipc.FlagEnableTun + execOpts.EnvFlags |= ipc.FlagEnableTun } if featuresFlags["net_dev"].Enabled && features[host.FeatureNetDevices].Enabled { - config.Flags |= ipc.FlagEnableNetDev + execOpts.EnvFlags |= ipc.FlagEnableNetDev } if featuresFlags["net_reset"].Enabled { - config.Flags |= ipc.FlagEnableNetReset + execOpts.EnvFlags |= ipc.FlagEnableNetReset } if featuresFlags["cgroups"].Enabled { - config.Flags |= ipc.FlagEnableCgroups + execOpts.EnvFlags |= ipc.FlagEnableCgroups } if featuresFlags["close_fds"].Enabled { - config.Flags |= ipc.FlagEnableCloseFds + execOpts.EnvFlags |= ipc.FlagEnableCloseFds } if featuresFlags["devlink_pci"].Enabled && features[host.FeatureDevlinkPCI].Enabled { - config.Flags |= ipc.FlagEnableDevlinkPCI + execOpts.EnvFlags |= ipc.FlagEnableDevlinkPCI } if featuresFlags["nic_vf"].Enabled && features[host.FeatureNicVF].Enabled { - config.Flags |= ipc.FlagEnableNicVF + execOpts.EnvFlags |= ipc.FlagEnableNicVF } if featuresFlags["vhci"].Enabled && features[host.FeatureVhciInjection].Enabled { - config.Flags |= ipc.FlagEnableVhciInjection + execOpts.EnvFlags |= ipc.FlagEnableVhciInjection } if featuresFlags["wifi"].Enabled && features[host.FeatureWifiEmulation].Enabled { - config.Flags |= ipc.FlagEnableWifi + execOpts.EnvFlags |= ipc.FlagEnableWifi } return config, execOpts, nil } |