all: initialize vhci in linux

* all: initialize vhci in linux * executor/common_linux.h: improve vhci initialization * pkg/repro/repro.go: add missing vhci options * executor/common_linux.h: fix type and add missing header * executor, pkg: do it like NetInjection * pkg/csource/csource.go: do not emit syz_emit_vhci if vhci is not enabled * executor/common_linux.h: fix format string * executor/common_linux.h: initialize with memset For som reason {0} gets complains about missing braces... * executor/common_linux.h: simplify vhci init * executor/common_linux.h: try to bring all available hci devices up * executor/common_linux.h: find which hci device has been registered * executor/common_linux.h: use HCI_VENDOR_PKT response to retrieve device id * sys/linux/dev_vhci.txt: fix structs of inquiry and report packets * executor/common_linux.h: remove unnecessary return statement and check vendor_pkt read size * executor/common_linux.h: remove unnecessary return statement and check vendor_pkt read size * sys/linux/dev_vhci.txt: pack extended_inquiry_info_t * sys/linux/l2cap.txt: add l2cap_conf_opt struct * executor/common_linux.h: just fill bd addr will 0xaa * executor/common_linux.h: just fill bd addr will 0xaa
author: TheOfficialFloW <theflow@google.com> 2020-07-30 11:33:48 +0200
committer: GitHub <noreply@github.com> 2020-07-30 11:33:48 +0200
commit: b0947553167615d7bb1b67b22d2d080e5a5ab2cd (patch)
tree: f3f104edb509ef1cf89c1db3119052f4d7d4e7ae /sys/linux/dev_vhci.txt
parent: 233283a191b3c32a48c56928985c8e2cfc004aeb (diff)
1 files changed, 39 insertions, 11 deletions
diff --git a/sys/linux/dev_vhci.txt b/sys/linux/dev_vhci.txt
index 48ef737d6..040d4e2a1 100644
--- a/sys/linux/dev_vhci.txt
+++ b/sys/linux/dev_vhci.txt
@@ -6,9 +6,7 @@ include <net/bluetooth/hci_sock.h>
 include <net/bluetooth/sco.h>
 include <net/bluetooth/hci.h>
 
-resource fd_vhci[fd]
-openat$vhci(fd const[AT_FDCWD], file ptr[in, string["/dev/vhci"]], flags flags[open_flags]) fd_vhci
-write$vhci(fd fd_vhci, data ptr[in, vhci_command], size bytesize[data])
+syz_emit_vhci(data ptr[in, vhci_command], size bytesize[data])
 
 vhci_command [
 	HCI_EVENT_PKT	vhci_command_event_pkt
@@ -42,14 +40,14 @@ vhci_command_vendor_pkt {
 vhci_vendor_pkt_opcode = HCI_PRIMARY, HCI_AMP, HCI_EXTERNAL_CONFIG, HCI_RAW_DEVICE
 
 type hci_acl_hdr[DATA] {
-	bc	int16:2
+	handle	const[0x100, int16:12]
 	pb	int16:2
-	handle	int16:12
+	bc	int16:2
 	dlen	bytesize[DATA, int16]
 } [packed]
 
 hci_event_hdr_un [
-	extended_inquiry_info			hci_event_hdr_t[HCI_EV_EXTENDED_INQUIRY_RESULT, extended_inquiry_info]
+	extended_inquiry_info			hci_event_hdr_t[HCI_EV_EXTENDED_INQUIRY_RESULT, extended_inquiry_info_t]
 	hci_ev_auth_complete			hci_event_hdr_t[HCI_EV_AUTH_COMPLETE, hci_ev_auth_complete]
 	hci_ev_change_link_key_complete		hci_event_hdr_t[HCI_EV_CHANGE_LINK_KEY_COMPLETE, hci_ev_change_link_key_complete]
 	hci_ev_channel_selected			hci_event_hdr_t[HCI_EV_CHANNEL_SELECTED, hci_ev_channel_selected]
@@ -97,9 +95,9 @@ hci_event_hdr_un [
 	hci_ev_user_confirm_req			hci_event_hdr_t[HCI_EV_USER_CONFIRM_REQUEST, hci_ev_user_confirm_req]
 	hci_ev_user_passkey_notify		hci_event_hdr_t[HCI_EV_USER_PASSKEY_NOTIFY, hci_ev_user_passkey_notify]
 	hci_ev_user_passkey_req			hci_event_hdr_t[HCI_EV_USER_PASSKEY_REQUEST, hci_ev_user_passkey_req]
-	inquiry_info				hci_event_hdr_t[HCI_EV_INQUIRY_RESULT, inquiry_info]
-	inquiry_info_with_rssi			hci_event_hdr_t[HCI_EV_INQUIRY_RESULT_WITH_RSSI, inquiry_info_with_rssi]
-	inquiry_info_with_rssi_and_pscan_mode	hci_event_hdr_t[HCI_EV_INQUIRY_RESULT_WITH_RSSI, inquiry_info_with_rssi_and_pscan_mode]
+	inquiry_info				hci_event_hdr_t[HCI_EV_INQUIRY_RESULT, inquiry_info_t]
+	inquiry_info_with_rssi			hci_event_hdr_t[HCI_EV_INQUIRY_RESULT_WITH_RSSI, inquiry_info_with_rssi_t]
+	inquiry_info_with_rssi_and_pscan_mode	hci_event_hdr_t[HCI_EV_INQUIRY_RESULT_WITH_RSSI, inquiry_info_with_rssi_and_pscan_mode_t]
 ] [varlen]
 
 type hci_event_hdr_t[EVENT, PAYLOAD] {
@@ -113,13 +111,13 @@ type hci_event_hdr[EVENT] {
 } [packed]
 
 hci_ev_le_meta_un [
-	hci_ev_le_advertising_info	hci_ev_le_meta_t[HCI_EV_LE_ADVERTISING_REPORT, hci_ev_le_advertising_info]
+	hci_ev_le_advertising_info	hci_ev_le_meta_t[HCI_EV_LE_ADVERTISING_REPORT, hci_ev_le_advertising_info_t]
 	hci_ev_le_conn_complete		hci_ev_le_meta_t[HCI_EV_LE_CONN_COMPLETE, hci_ev_le_conn_complete]
 	hci_ev_le_conn_update_complete	hci_ev_le_meta_t[HCI_EV_LE_CONN_UPDATE_COMPLETE, hci_ev_le_conn_update_complete]
 	hci_ev_le_data_len_change	hci_ev_le_meta_t[HCI_EV_LE_DATA_LEN_CHANGE, hci_ev_le_data_len_change]
 	hci_ev_le_direct_adv_info	hci_ev_le_meta_t[HCI_EV_LE_DIRECT_ADV_REPORT, hci_ev_le_direct_adv_info]
 	hci_ev_le_enh_conn_complete	hci_ev_le_meta_t[HCI_EV_LE_ENHANCED_CONN_COMPLETE, hci_ev_le_enh_conn_complete]
-	hci_ev_le_ext_adv_report	hci_ev_le_meta_t[HCI_EV_LE_EXT_ADV_REPORT, hci_ev_le_ext_adv_report]
+	hci_ev_le_ext_adv_report	hci_ev_le_meta_t[HCI_EV_LE_EXT_ADV_REPORT, hci_ev_le_ext_adv_report_t]
 	hci_ev_le_ltk_req		hci_ev_le_meta_t[HCI_EV_LE_LTK_REQ, hci_ev_le_ltk_req]
 	hci_ev_le_phy_update_complete	hci_ev_le_meta_t[HCI_EV_LE_PHY_UPDATE_COMPLETE, hci_ev_le_phy_update_complete]
 	hci_ev_le_remote_conn_param_req	hci_ev_le_meta_t[HCI_EV_LE_REMOTE_CONN_PARAM_REQ, hci_ev_le_remote_conn_param_req]
@@ -215,6 +213,11 @@ type hci_ev_cmd_complete[OPCODE] {
 link_types = SCO_LINK, ACL_LINK, ESCO_LINK
 bdaddr_types = ADDR_LE_DEV_PUBLIC, ADDR_LE_DEV_RANDOM
 
+extended_inquiry_info_t {
+	num_rsp	len[rsps, int8]
+	rsps	array[extended_inquiry_info]
+} [packed]
+
 extended_inquiry_info {
 	bdaddr			bdaddr_t
 	pscan_rep_mode		int8
@@ -327,6 +330,11 @@ hci_ev_keypress_notify {
 	type	int8
 } [packed]
 
+hci_ev_le_advertising_info_t {
+	num_reports	len[reports, int8]
+	reports		array[hci_ev_le_advertising_info]
+} [packed]
+
 hci_ev_le_advertising_info {
 	evt_type	int8
 	bdaddr_type	flags[bdaddr_types, int8]
@@ -386,6 +394,11 @@ hci_ev_le_enh_conn_complete {
 	clk_accurancy		int8
 } [packed]
 
+hci_ev_le_ext_adv_report_t {
+	num_reports	len[reports, int8]
+	reports		array[hci_ev_le_ext_adv_report]
+} [packed]
+
 hci_ev_le_ext_adv_report {
 	evt_type		int16
 	bdaddr_type		flags[bdaddr_types, int8]
@@ -1001,6 +1014,11 @@ hci_qos {
 	delay_variation	int32
 } [packed]
 
+inquiry_info_t {
+	num_rsp	len[rsps, int8]
+	rsps	array[inquiry_info]
+} [packed]
+
 inquiry_info {
 	bdaddr			bdaddr_t
 	pscan_rep_mode		int8
@@ -1010,6 +1028,11 @@ inquiry_info {
 	clock_offset		int16
 } [packed]
 
+inquiry_info_with_rssi_t {
+	num_rsp	len[rsps, int8]
+	rsps	array[inquiry_info_with_rssi]
+} [packed]
+
 inquiry_info_with_rssi {
 	bdaddr			bdaddr_t
 	pscan_rep_mode		int8
@@ -1019,6 +1042,11 @@ inquiry_info_with_rssi {
 	rssi			int8
 } [packed]
 
+inquiry_info_with_rssi_and_pscan_mode_t {
+	num_rsp	len[rsps, int8]
+	rsps	array[inquiry_info_with_rssi_and_pscan_mode]
+} [packed]
+
 inquiry_info_with_rssi_and_pscan_mode {
 	bdaddr			bdaddr_t
 	pscan_rep_mode		int8
author	TheOfficialFloW <theflow@google.com>	2020-07-30 11:33:48 +0200
committer	GitHub <noreply@github.com>	2020-07-30 11:33:48 +0200
commit	b0947553167615d7bb1b67b22d2d080e5a5ab2cd (patch)
tree	f3f104edb509ef1cf89c1db3119052f4d7d4e7ae /sys/linux/dev_vhci.txt
parent	233283a191b3c32a48c56928985c8e2cfc004aeb (diff)