executor: protect kcov/output regions with pkeys

Protect KCOV regions with pkeys if they are available. Protect output region with pkeys in snapshot mode. Snapshot mode is especially sensitive to output buffer corruption since its location is not randomized.
author: Dmitry Vyukov <dvyukov@google.com> 2024-08-14 17:46:34 +0200
committer: Dmitry Vyukov <dvyukov@google.com> 2024-08-16 09:31:43 +0000
commit: c3a6603be2cc031a8f2fa69e757e04a4ce647080 (patch)
tree: 863f68e6614951e732460b4725dd114fcedcfb7b /executor/common_linux.h
parent: 5340a9ab4c1ab7801ad1055041dec2c2ff50a254 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/executor/common_linux.h b/executor/common_linux.h
index 193afcdda..3669dee0f 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -5712,10 +5712,16 @@ static long syz_clone3(volatile long a0, volatile long a1)
 #endif
 
 #if SYZ_EXECUTOR || __NR_syz_pkey_set
+#include <errno.h>
+#define RESERVED_PKEY 15
 // syz_pkey_set(key pkey, val flags[pkey_flags])
 static long syz_pkey_set(volatile long pkey, volatile long val)
 {
 #if GOARCH_amd64 || GOARCH_386
+	if (pkey == RESERVED_PKEY) {
+		errno = EINVAL;
+		return -1;
+	}
 	uint32 eax = 0;
 	uint32 ecx = 0;
 	asm volatile("rdpkru"
author	Dmitry Vyukov <dvyukov@google.com>	2024-08-14 17:46:34 +0200
committer	Dmitry Vyukov <dvyukov@google.com>	2024-08-16 09:31:43 +0000
commit	c3a6603be2cc031a8f2fa69e757e04a4ce647080 (patch)
tree	863f68e6614951e732460b4725dd114fcedcfb7b /executor/common_linux.h
parent	5340a9ab4c1ab7801ad1055041dec2c2ff50a254 (diff)