diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2024-07-16 09:55:52 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2024-07-16 15:54:51 +0000 |
| commit | 457b17b959f1e4ae6a1b64fae7e192f035ef20aa (patch) | |
| tree | 3c01d7fe29d418b046a44a8350c5511120443080 /executor/common_linux.h | |
| parent | 65bedc1660e82c1da64f7be7e8212a0cc4aa531a (diff) | |
executor: fix setup of cad_pid
cad_pid must not point to a persistent runner process,
b/c it will be killed on ctrl+alt+del.
Fixes #5027
Diffstat (limited to 'executor/common_linux.h')
| -rw-r--r-- | executor/common_linux.h | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/executor/common_linux.h b/executor/common_linux.h index 336853e4f..38951d785 100644 --- a/executor/common_linux.h +++ b/executor/common_linux.h @@ -5049,13 +5049,23 @@ static const char* setup_usb() #if SYZ_EXECUTOR || SYZ_SYSCTL #include <errno.h> +#include <signal.h> #include <stdio.h> #include <string.h> +#include <sys/wait.h> static void setup_sysctl() { - char mypid[32]; - snprintf(mypid, sizeof(mypid), "%d", getpid()); + // See ctrl-alt-del comment below. + int cad_pid = fork(); + if (cad_pid < 0) + fail("fork failed"); + if (cad_pid == 0) { + for (;;) + sleep(100); + } + char tmppid[32]; + snprintf(tmppid, sizeof(tmppid), "%d", cad_pid); // TODO: consider moving all sysctl's into CMDLINE config later. // Kernel has support for setting sysctl's via command line since 3db978d480e28 (v5.8). @@ -5093,17 +5103,22 @@ static void setup_sysctl() // (sshd or another random test process). {"/proc/sys/vm/oom_kill_allocating_task", "1"}, // This blocks some of the ways the fuzzer can trigger a reboot. - // ctrl-alt-del=0 tells kernel to signal cad_pid instead of rebooting - // and setting cad_pid to the current pid (transient "syz-executor setup") makes it a no-op. + // ctrl-alt-del=0 tells kernel to signal cad_pid instead of rebooting. + // We set cad_pid to a transient process pid ctrl-alt-del a no-op. + // Note: we need to write a live process pid. // For context see: https://groups.google.com/g/syzkaller-bugs/c/WqOY4TiRnFg/m/6P9u8lWZAQAJ {"/proc/sys/kernel/ctrl-alt-del", "0"}, - {"/proc/sys/kernel/cad_pid", mypid}, + {"/proc/sys/kernel/cad_pid", tmppid}, + }; for (size_t i = 0; i < sizeof(files) / sizeof(files[0]); i++) { if (!write_file(files[i].name, files[i].data)) { debug("write to %s failed: %s\n", files[i].name, strerror(errno)); } } + kill(cad_pid, SIGKILL); + while (waitpid(cad_pid, NULL, 0) != cad_pid) + ; } #endif |