executor: introduce syz_pidfd_open()

This kernel interface provides access to fds of other processes, which is readily abused by the fuzzer to mangle parent syz-executor fds. Pid=1 is the parent syz-executor process when PID namespace is created. Sanitize it in the new syz_pidfd_open() pseudo-syscall. We could not patch the argument in sys/linux/init.go because the first argument is a resource.
author: Aleksandr Nogikh <nogikh@google.com> 2023-12-18 11:58:39 +0100
committer: Aleksandr Nogikh <nogikh@google.com> 2023-12-19 00:16:19 +0000
commit: 3ad490ea48468e50fe91f6f6b2ca4cbc74d924bf (patch)
tree: d6960156ac4fcbeb908fbbbba79c8716d8e47172 /pkg/csource/generated.go
parent: 924661f4beda6a647079237cc843df44626fc44b (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go
index 4c3fae47c..e65b95095 100644
--- a/pkg/csource/generated.go
+++ b/pkg/csource/generated.go
@@ -11823,6 +11823,18 @@ static void setup_swap()
 
 #endif
 
+#if SYZ_EXECUTOR || __NR_syz_pidfd_open
+#include <sys/syscall.h>
+static long syz_pidfd_open(volatile long pid, volatile long flags)
+{
+	if (pid == 1) {
+		pid = 0;
+	}
+	return syscall(__NR_pidfd_open, pid, flags);
+}
+
+#endif
+
 #elif GOOS_test
 
 #include <stdlib.h>
author	Aleksandr Nogikh <nogikh@google.com>	2023-12-18 11:58:39 +0100
committer	Aleksandr Nogikh <nogikh@google.com>	2023-12-19 00:16:19 +0000
commit	3ad490ea48468e50fe91f6f6b2ca4cbc74d924bf (patch)
tree	d6960156ac4fcbeb908fbbbba79c8716d8e47172 /pkg/csource/generated.go
parent	924661f4beda6a647079237cc843df44626fc44b (diff)