executor: arm64: sys/linux: implement syz_kvm_setup_syzos_vm and syz_kvm_add_vcpu

The old syz_kvm_setup_cpu() API mixed together VM and VCPU setup, making it
harder to create and fuzz two VCPUs in the same VM.
Introduce two new pseudo-syscalls, syz_kvm_setup_syzos_vm() and syz_kvm_add_vcpu(),
that will simplify this task.

syz_kvm_setup_syzos_vm() takes a VM file descriptor, performs VM setup
(allocates guest memory and installs SYZOS code into it) and returns a
new kvm_syz_vm resource, which is in fact a pointer to `struct kvm_syz_vm`
encapsulating VM-specific data in the C code.

syz_kvm_add_vcpu() takes the VM ID denoted by kvm_syz_vm and creates a
new VCPU within that VM with a proper CPU number. It then stores the
fuzzer-supplied SYZOS API sequence into the corresponding part (indexed by
CPU number) of the VM memory slot, and sets up the CPU registers to interpret
that sequence.

The new pseudo-syscall let the fuzzer create independent CPUs that run different
code sequences without interfering with each other.

1 files changed, 3 insertions, 1 deletions

diff --git a/executor/common_kvm_arm64_syzos.h b/executor/common_kvm_arm64_syzos.h
index ebfed175c..a22c0651c 100644
--- a/executor/common_kvm_arm64_syzos.h
+++ b/executor/common_kvm_arm64_syzos.h
@@ -79,7 +79,9 @@ typedef enum {
 
 // Main guest function that performs necessary setup and passes the control to the user-provided
 // payload.
-GUEST_CODE static void guest_main(uint64 size, uint64 cpu)
+__attribute__((used))
+GUEST_CODE static void
+guest_main(uint64 size, uint64 cpu)
 {
 	uint64 addr = ARM64_ADDR_USER_CODE + cpu * 0x1000;