diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2018-07-10 16:18:45 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2018-07-10 16:18:45 +0200 |
| commit | 95e7a88b9746c73e727b94d85a626cf6dd612f16 (patch) | |
| tree | 4b70e3e852520ceb6d9051457d4fea21221b5002 /pkg/host/host_linux.go | |
| parent | 01e35718418b9c51f079b62117aa984bb7e3568b (diff) | |
sys/linux: implement fuse as normal syscalls
Remove syz_fuse* and implement them as normal syscalls.
We not have enough expressive power to form mount options.
Diffstat (limited to 'pkg/host/host_linux.go')
| -rw-r--r-- | pkg/host/host_linux.go | 50 |
1 files changed, 33 insertions, 17 deletions
diff --git a/pkg/host/host_linux.go b/pkg/host/host_linux.go index 2a72ec5f0..1dfa3c978 100644 --- a/pkg/host/host_linux.go +++ b/pkg/host/host_linux.go @@ -32,6 +32,9 @@ func isSupported(c *prog.Syscall, sandbox string) (bool, string) { if strings.HasPrefix(c.Name, "openat$") { return isSupportedOpenAt(c) } + if strings.HasPrefix(c.Name, "mount$") { + return isSupportedMount(c, sandbox) + } // There are 3 possible strategies for detecting supported syscalls: // 1. Executes all syscalls with presumably invalid arguments and check for ENOprog. // But not all syscalls are safe to execute. For example, pause will hang, @@ -151,16 +154,6 @@ func isSupportedSyzkall(sandbox string, c *prog.Syscall) (bool, string) { return true, "" case "syz_open_pts": return true, "" - case "syz_fuse_mount": - if err := osutil.IsAccessible("/dev/fuse"); err != nil { - return false, err.Error() - } - return onlySandboxNoneOrNamespace(sandbox) - case "syz_fuseblk_mount": - if err := osutil.IsAccessible("/dev/fuse"); err != nil { - return false, err.Error() - } - return onlySandboxNoneOrNamespace(sandbox) case "syz_emit_ethernet", "syz_extract_tcp_res": reason := checkNetworkInjection() return reason == "", reason @@ -200,13 +193,7 @@ func isSupportedSyzkall(sandbox string, c *prog.Syscall) (bool, string) { if !ok { panic("syz_mount_image arg is not string") } - filesystemsOnce.Do(func() { - filesystems, _ = ioutil.ReadFile("/proc/filesystems") - }) - if !bytes.Contains(filesystems, []byte("\t"+fstype+"\n")) { - return false, "/proc/filesystems does not contain this fs" - } - return true, "" + return isSupportedFilesystem(fstype) case "syz_read_part_table": return onlySandboxNone(sandbox) } @@ -277,6 +264,35 @@ func isSupportedOpenAt(c *prog.Syscall) (bool, string) { return true, "" } +func isSupportedMount(c *prog.Syscall, sandbox string) (bool, string) { + fstype, ok := extractStringConst(c.Args[2]) + if !ok { + panic(fmt.Sprintf("%v: filesystem is not string const", c.Name)) + } + if ok, reason := isSupportedFilesystem(fstype); !ok { + return ok, reason + } + switch fstype { + case "fuse", "fuseblk": + if err := osutil.IsAccessible("/dev/fuse"); err != nil { + return false, err.Error() + } + return onlySandboxNoneOrNamespace(sandbox) + default: + return onlySandboxNone(sandbox) + } +} + +func isSupportedFilesystem(fstype string) (bool, string) { + filesystemsOnce.Do(func() { + filesystems, _ = ioutil.ReadFile("/proc/filesystems") + }) + if !bytes.Contains(filesystems, []byte("\t"+fstype+"\n")) { + return false, fmt.Sprintf("/proc/filesystems does not contain %v", fstype) + } + return true, "" +} + func extractStringConst(typ prog.Type) (string, bool) { ptr, ok := typ.(*prog.PtrType) if !ok { |