diff options
| author | Aleksandr Nogikh <nogikh@google.com> | 2021-10-26 15:15:11 +0000 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2021-10-29 10:10:32 +0200 |
| commit | c40503e1fa86f3027e003118aaf91646a82f2b5d (patch) | |
| tree | da694c2add8430574310be74ea8566d11990f50a /pkg/csource | |
| parent | 2353a3ec6e28d26c020ea7176d16d8fafb772e24 (diff) | |
all: add binderfs fuzzing support
Create one instance of binderfs per process and add descriptions to
enable syzkaller to create binderfs mounts and binder devices itself.
Keep descriptions compatible with the legacy mode (when devices are
created at boot time).
Diffstat (limited to 'pkg/csource')
| -rw-r--r-- | pkg/csource/generated.go | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go index 44b6a1297..8b8fadc5c 100644 --- a/pkg/csource/generated.go +++ b/pkg/csource/generated.go @@ -8251,6 +8251,8 @@ static void initialize_cgroups() #if SYZ_EXECUTOR || SYZ_SANDBOX_NONE || SYZ_SANDBOX_SETUID || SYZ_SANDBOX_NAMESPACE || SYZ_SANDBOX_ANDROID #include <errno.h> #include <sys/mount.h> +#include <sys/stat.h> +#include <unistd.h> static void setup_common() { @@ -8259,6 +8261,22 @@ static void setup_common() } } +static void setup_binderfs() +{ + if (mkdir("/dev/binderfs", 0777)) { + debug("mkdir(/dev/binderfs) failed: %d\n", errno); + } + + if (mount("binder", "/dev/binderfs", "binder", 0, NULL)) { + debug("mount of binder at /dev/binderfs failed: %d\n", errno); + } +#if !SYZ_EXECUTOR && !SYZ_USE_TMP_DIR + if (symlink("/dev/binderfs", "./binderfs")) { + debug("symlink(/dev/binderfs, ./binderfs) failed: %d\n", errno); + } +#endif +} + #include <sched.h> #include <sys/prctl.h> #include <sys/resource.h> @@ -8406,6 +8424,7 @@ static int do_sandbox_none(void) #if SYZ_EXECUTOR || SYZ_WIFI initialize_wifi_devices(); #endif + setup_binderfs(); loop(); doexit(1); } @@ -8449,6 +8468,7 @@ static int do_sandbox_setuid(void) #if SYZ_EXECUTOR || SYZ_WIFI initialize_wifi_devices(); #endif + setup_binderfs(); const int nobody = 65534; if (setgroups(0, NULL)) @@ -8549,6 +8569,7 @@ static int namespace_sandbox_proc(void* arg) fail("chroot failed"); if (chdir("/")) fail("chdir failed"); + setup_binderfs(); drop_caps(); loop(); @@ -9217,6 +9238,7 @@ static int do_sandbox_android(void) setfilecon(".", SELINUX_LABEL_APP_DATA_FILE); setcon(SELINUX_CONTEXT_UNTRUSTED_APP); + setup_binderfs(); loop(); doexit(1); } @@ -9477,6 +9499,7 @@ static void reset_loop() #if SYZ_EXECUTOR || SYZ_REPEAT #include <sys/prctl.h> +#include <unistd.h> #define SYZ_HAVE_SETUP_TEST 1 static void setup_test() @@ -9490,6 +9513,11 @@ static void setup_test() #if SYZ_EXECUTOR || SYZ_NET_INJECTION flush_tun(); #endif +#if SYZ_EXECUTOR || SYZ_USE_TMP_DIR + if (symlink("/dev/binderfs", "./binderfs")) { + debug("symlink(/dev/binderfs, ./binderfs) failed: %d", errno); + } +#endif } #endif |