diff options
| author | Alexander Potapenko <glider@google.com> | 2025-07-30 10:44:47 +0200 |
|---|---|---|
| committer | Alexander Potapenko <glider@google.com> | 2025-07-31 12:27:19 +0000 |
| commit | 9a518853aaea13e0a60411b7be7d3ff1f05962de (patch) | |
| tree | 646ae2c9dc6f44b86ddf90fe2c90a89b7236fe06 /pkg/flatrpc/flatrpc.fbs | |
| parent | dc769bad4c765a3c7b54150be90664e7a01caf40 (diff) | |
pkg/flatrpc, pkg/vminfo, executor: introduce readonly coverage
Add a new vminfo feature, FeatureKcovResetIoctl, that is true if the
kernel supports ioctl(KCOV_RESET_TRACE) making it possible to reset the
coverage buffer on the kernel side. This, in turn, allows us to map the
coverage buffer read-only, which will prevent all sorts of
userspace-generated corruptions at a cost of an extra syscall per program
execution.
The corresponding exec env flag, ExecEnv::ReadOnlyCoverage, turns on
read-only coverage in the executor. It is enabled by default
if FeatureKcovResetIoctl is on.
Diffstat (limited to 'pkg/flatrpc/flatrpc.fbs')
| -rw-r--r-- | pkg/flatrpc/flatrpc.fbs | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/pkg/flatrpc/flatrpc.fbs b/pkg/flatrpc/flatrpc.fbs index 58dc7b292..3876af965 100644 --- a/pkg/flatrpc/flatrpc.fbs +++ b/pkg/flatrpc/flatrpc.fbs @@ -16,6 +16,7 @@ enum Feature : uint64 (bit_flags) { Comparisons, ExtraCoverage, DelayKcovMmap, + KcovResetIoctl, SandboxNone, SandboxSetuid, SandboxNamespace, @@ -135,6 +136,7 @@ enum RequestFlag : uint64 (bit_flags) { enum ExecEnv : uint64 (bit_flags) { Debug, // debug output from executor Signal, // collect feedback signals (coverage) + ReadOnlyCoverage, // map coverage as readonly, use an ioctl to reset it ResetState, // fully reset executor state befor executing the test SandboxNone, // minimal sandboxing SandboxSetuid, // impersonate nobody user |