diff options
| author | Andrey Konovalov <andreyknvl@google.com> | 2020-04-01 19:37:07 +0200 |
|---|---|---|
| committer | Andrey Konovalov <andreyknvl@gmail.com> | 2020-04-03 12:42:06 +0200 |
| commit | 09ff5abc02a0e38bb275a91380fc03d6cd0d47a5 (patch) | |
| tree | a39602cd91fbad39b6e10a8455b58d7f59831965 /pkg/csource | |
| parent | ca1beb07f02e67ba2faa81a5b56b061111f818f3 (diff) | |
csource, executor: add usb emulation feature
The feature gets enabled when /dev/raw-gadget is present and accessible.
With this feature enabled, executor will do chmod 0666 /dev/raw-gadget on
startup, which makes it possible to do USB fuzzing in setuid and namespace
sandboxes. There should be no backwards compatibility issues with syz
reproducers that don't explicitly enable this feature, as they currently only
work in none sandbox.
Diffstat (limited to 'pkg/csource')
| -rw-r--r-- | pkg/csource/common.go | 1 | ||||
| -rw-r--r-- | pkg/csource/generated.go | 11 | ||||
| -rw-r--r-- | pkg/csource/options.go | 6 | ||||
| -rw-r--r-- | pkg/csource/options_test.go | 9 |
4 files changed, 27 insertions, 0 deletions
diff --git a/pkg/csource/common.go b/pkg/csource/common.go index 542cf36bb..96d719b67 100644 --- a/pkg/csource/common.go +++ b/pkg/csource/common.go @@ -112,6 +112,7 @@ func commonDefines(p *prog.Prog, opts Options) map[string]bool { "SYZ_CLOSE_FDS": opts.CloseFDs, "SYZ_KCSAN": opts.KCSAN, "SYZ_DEVLINK_PCI": opts.DevlinkPCI, + "SYZ_USB": opts.USB, "SYZ_USE_TMP_DIR": opts.UseTmpDir, "SYZ_HANDLE_SEGV": opts.HandleSegv, "SYZ_REPRO": opts.Repro, diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go index 3bf6c0aa8..98619862b 100644 --- a/pkg/csource/generated.go +++ b/pkg/csource/generated.go @@ -7066,6 +7066,14 @@ static void setup_kcsan_filterlist(char** frames, int nframes, bool blacklist) #endif #endif +#if SYZ_EXECUTOR || SYZ_USB +static void setup_usb() +{ + if (chmod("/dev/raw-gadget", 0666)) + fail("failed to chmod /dev/raw-gadget"); +} +#endif + #elif GOOS_test #include <stdlib.h> @@ -7549,6 +7557,9 @@ int main(void) #if SYZ_KCSAN setup_kcsan(); #endif +#if SYZ_USB + setup_usb(); +#endif #if SYZ_HANDLE_SEGV install_segv_handler(); diff --git a/pkg/csource/options.go b/pkg/csource/options.go index 27529f429..01389240c 100644 --- a/pkg/csource/options.go +++ b/pkg/csource/options.go @@ -39,6 +39,7 @@ type Options struct { CloseFDs bool `json:"close_fds"` KCSAN bool `json:"kcsan,omitempty"` DevlinkPCI bool `json:"devlinkpci,omitempty"` + USB bool `json:"usb,omitempty"` UseTmpDir bool `json:"tmpdir,omitempty"` HandleSegv bool `json:"segv,omitempty"` @@ -131,6 +132,9 @@ func (opts Options) checkLinuxOnly(OS string) error { if opts.DevlinkPCI { return fmt.Errorf("option DevlinkPCI is not supported on %v", OS) } + if opts.USB { + return fmt.Errorf("option USB is not supported on %v", OS) + } if opts.Sandbox == sandboxNamespace || (opts.Sandbox == sandboxSetuid && !(OS == openbsd || OS == freebsd || OS == netbsd)) || opts.Sandbox == sandboxAndroid { @@ -171,6 +175,7 @@ func DefaultOpts(cfg *mgrconfig.Config) Options { opts.BinfmtMisc = false opts.CloseFDs = false opts.DevlinkPCI = false + opts.USB = false } if cfg.Sandbox == "" || cfg.Sandbox == "setuid" { opts.NetReset = false @@ -250,6 +255,7 @@ func defaultFeatures(value bool) Features { "binfmt_misc": {"setup binfmt_misc for testing", value}, "close_fds": {"close fds after each program", value}, "devlink_pci": {"setup devlink PCI device", value}, + "usb": {"setup and use /dev/raw-gadget for USB emulation", value}, } } diff --git a/pkg/csource/options_test.go b/pkg/csource/options_test.go index b15783359..d4e1832e7 100644 --- a/pkg/csource/options_test.go +++ b/pkg/csource/options_test.go @@ -220,6 +220,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": true, "close_fds": true, "devlink_pci": true, + "usb": true, }}, {"none", "none", false, map[string]bool{ "tun": false, @@ -229,6 +230,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": false, "close_fds": false, "devlink_pci": false, + "usb": false, }}, {"all", "none", true, map[string]bool{ "tun": true, @@ -238,6 +240,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": true, "close_fds": true, "devlink_pci": true, + "usb": true, }}, {"", "none", true, map[string]bool{ "tun": false, @@ -247,6 +250,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": false, "close_fds": false, "devlink_pci": false, + "usb": false, }}, {"none", "all", true, map[string]bool{ "tun": false, @@ -256,6 +260,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": false, "close_fds": false, "devlink_pci": false, + "usb": false, }}, {"none", "", true, map[string]bool{ "tun": true, @@ -265,6 +270,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": true, "close_fds": true, "devlink_pci": true, + "usb": true, }}, {"tun,net_dev", "none", true, map[string]bool{ "tun": true, @@ -274,6 +280,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": false, "close_fds": false, "devlink_pci": false, + "usb": false, }}, {"none", "cgroups,net_dev", true, map[string]bool{ "tun": true, @@ -283,6 +290,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": true, "close_fds": true, "devlink_pci": true, + "usb": true, }}, {"close_fds", "none", true, map[string]bool{ "tun": false, @@ -292,6 +300,7 @@ func TestParseFeaturesFlags(t *testing.T) { "binfmt_misc": false, "close_fds": true, "devlink_pci": false, + "usb": false, }}, } for i, test := range tests { |