diff options
| author | juanPabloMiceli <48705702+juanPabloMiceli@users.noreply.github.com> | 2023-01-19 15:59:14 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-19 15:59:14 -0500 |
| commit | 551737f1076a910f809cc27ac629c587bc84fc2d (patch) | |
| tree | 7e847ee19f02e49269ac04437a5e62852aa2bf7e /executor | |
| parent | 71197f3ac138d7cb03551b7d2159bfc4ecf5c5c2 (diff) | |
vm/starnix: add support for fuzzing starnix (#3624)
This commit adds a new VM for fuzzing starnix.
The VM will boot a fuchsia image using the `ffx` tool and will connect to an adb server inside it. Fuzzing will be done using HostFuzzer mode due to some features not being implemented yet in starnix. Once this is possible, fuzzing will be performed without HostFuzzer mode.
Co-authored-by: Juampi Miceli <jpmiceli@google.com>
Diffstat (limited to 'executor')
| -rw-r--r-- | executor/common_linux.h | 14 | ||||
| -rw-r--r-- | executor/executor_linux.h | 4 |
2 files changed, 11 insertions, 7 deletions
diff --git a/executor/common_linux.h b/executor/common_linux.h index 64e3f8fb5..06d94fe67 100644 --- a/executor/common_linux.h +++ b/executor/common_linux.h @@ -2271,7 +2271,7 @@ static long syz_memcpy_off(volatile long a0, volatile long a1, volatile long a2, } #endif -#if SYZ_EXECUTOR || SYZ_REPEAT && SYZ_NET_INJECTION +#if (SYZ_EXECUTOR || SYZ_REPEAT && SYZ_NET_INJECTION) && SYZ_EXECUTOR_USES_FORK_SERVER static void flush_tun() { #if SYZ_EXECUTOR @@ -3119,7 +3119,7 @@ static volatile long syz_kvm_setup_cpu(volatile long a0, volatile long a1, volat #endif #endif -#if SYZ_EXECUTOR || SYZ_NET_RESET +#if (SYZ_EXECUTOR || SYZ_NET_RESET) && SYZ_EXECUTOR_USES_FORK_SERVER #include <errno.h> #include <net/if.h> #include <netinet/in.h> @@ -3698,7 +3698,7 @@ static void setup_cgroups() write_file("/syzcgroup/cpu/cpuset.memory_pressure_enabled", "1"); } -#if SYZ_EXECUTOR || SYZ_REPEAT +#if (SYZ_EXECUTOR || SYZ_REPEAT) && SYZ_EXECUTOR_USES_FORK_SERVER static void setup_cgroups_loop() { #if SYZ_EXECUTOR @@ -4597,7 +4597,7 @@ static int fault_injected(int fail_fd) } #endif -#if SYZ_EXECUTOR || SYZ_REPEAT +#if (SYZ_EXECUTOR || SYZ_REPEAT) && SYZ_EXECUTOR_USES_FORK_SERVER #include <dirent.h> #include <errno.h> #include <fcntl.h> @@ -4654,7 +4654,7 @@ static void kill_and_wait(int pid, int* status) } #endif -#if SYZ_EXECUTOR || SYZ_REPEAT && (SYZ_CGROUPS || SYZ_NET_RESET) +#if (SYZ_EXECUTOR || SYZ_REPEAT && (SYZ_CGROUPS || SYZ_NET_RESET)) && SYZ_EXECUTOR_USES_FORK_SERVER #include <fcntl.h> #include <sys/ioctl.h> #include <sys/stat.h> @@ -4673,7 +4673,7 @@ static void setup_loop() } #endif -#if SYZ_EXECUTOR || SYZ_REPEAT && (SYZ_NET_RESET || __NR_syz_mount_image || __NR_syz_read_part_table) +#if (SYZ_EXECUTOR || SYZ_REPEAT && (SYZ_NET_RESET || __NR_syz_mount_image || __NR_syz_read_part_table)) && SYZ_EXECUTOR_USES_FORK_SERVER #define SYZ_HAVE_RESET_LOOP 1 static void reset_loop() { @@ -4692,7 +4692,7 @@ static void reset_loop() } #endif -#if SYZ_EXECUTOR || SYZ_REPEAT +#if (SYZ_EXECUTOR || SYZ_REPEAT) && SYZ_EXECUTOR_USES_FORK_SERVER #include <sys/prctl.h> #include <unistd.h> diff --git a/executor/executor_linux.h b/executor/executor_linux.h index 54246bda9..630ceb81f 100644 --- a/executor/executor_linux.h +++ b/executor/executor_linux.h @@ -95,9 +95,11 @@ static void cover_protect(cover_t* cov) { } +#if SYZ_EXECUTOR_USES_SHMEM static void cover_unprotect(cover_t* cov) { } +#endif static void cover_mmap(cover_t* cov) { @@ -158,6 +160,7 @@ static void cover_collect(cover_t* cov) cov->size = *(uint32*)cov->data; } +#if SYZ_EXECUTOR_USES_SHMEM static bool use_cover_edges(uint32 pc) { return true; @@ -176,6 +179,7 @@ static bool use_cover_edges(uint64 pc) #endif return true; } +#endif static bool detect_kernel_bitness() { |