diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2022-04-25 08:07:36 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2022-04-25 11:27:42 +0200 |
| commit | 0ede5bfc57b8910f6436a23955422fae109636c2 (patch) | |
| tree | b733de305f3c59d2b5835d815a0ccbbbe6b3fef6 /sys/linux/init.go | |
| parent | f3819cab601e2cd12383bf4e307988c3e3732dd4 (diff) | |
dashboard/config/linux: disable MSR writes
Randomly changing MSRs can have unpredictable results.
We tried to protect from writes on descriptions level,
but it does not work well, the fuzzer has figured out:
03:37:28 executing program 3:
syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00')
pwritev(r0, ...)
Fortunately there is a command line argument that disables all writes.
Use it instead.
Note: older kernels will need:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a7e1f67ed29f
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=02a16aa13574
Diffstat (limited to 'sys/linux/init.go')
| -rw-r--r-- | sys/linux/init.go | 14 |
1 files changed, 2 insertions, 12 deletions
diff --git a/sys/linux/init.go b/sys/linux/init.go index 6fa9665a8..6c486c2ed 100644 --- a/sys/linux/init.go +++ b/sys/linux/init.go @@ -48,10 +48,8 @@ func InitTarget(target *prog.Target) { TIOCSSERIAL: target.GetConst("TIOCSSERIAL"), TIOCGSERIAL: target.GetConst("TIOCGSERIAL"), // These are not present on all arches. - ARCH_SET_FS: target.ConstMap["ARCH_SET_FS"], - ARCH_SET_GS: target.ConstMap["ARCH_SET_GS"], - X86_IOC_RDMSR_REGS: target.ConstMap["X86_IOC_RDMSR_REGS"], - X86_IOC_WRMSR_REGS: target.ConstMap["X86_IOC_WRMSR_REGS"], + ARCH_SET_FS: target.ConstMap["ARCH_SET_FS"], + ARCH_SET_GS: target.ConstMap["ARCH_SET_GS"], } target.MakeDataMmap = targets.MakePosixMmap(target, true, true) @@ -160,8 +158,6 @@ type arch struct { USB_MAJOR uint64 TIOCSSERIAL uint64 TIOCGSERIAL uint64 - X86_IOC_RDMSR_REGS uint64 - X86_IOC_WRMSR_REGS uint64 } func (arch *arch) neutralize(c *prog.Call) { @@ -337,12 +333,6 @@ func (arch *arch) neutralizeIoctl(c *prog.Call) { // and would be nice to test, if/when we can neutralize based on sandbox value // we could prohibit it only under sandbox=none. cmd.Val = arch.TIOCGSERIAL - case arch.X86_IOC_WRMSR_REGS: - // Enabling X86_IOC_WRMSR_REGS would cause havoc as it can write to any MSR registers - // and there are a lot of things that could go wrong. - // TODO: Ideally, it would be great if we can have a restricted set of inputs for this - // such that we can write values only from that set. - cmd.Val = arch.X86_IOC_RDMSR_REGS } } |