diff options
| author | 6eanut <jiakaiPeanut@gmail.com> | 2026-01-08 10:04:33 +0800 |
|---|---|---|
| committer | Alexander Potapenko <glider@google.com> | 2026-01-20 09:02:10 +0000 |
| commit | 06648d9ccf5ec6f9453ef09b0fdbdebf020ee0f8 (patch) | |
| tree | 870fdbadb35555247853ecb3ae94a400b36d077c /sys/linux/test | |
| parent | 300ecf9e8fcda4e7a0cef8249ca1d6d1394ca4f1 (diff) | |
executor, sys/linux, pkg: enable syz_kvm_setup_cpu for riscv64
This patch implements syz_kvm_setup_cpu for riscv64 architecture.
The pseudo-syscall accepts VM fd, vCPU fd, host memory, and guest code
as parameters. Additional parameters (ntext, flags, opts, nopt) are
included for interface consistency with other architectures but are
currently unused on riscv64.
Implementation:
- Set up guest memory via KVM_SET_USER_MEMORY_REGION
- Copy guest code to guest memory
- Initialize guest registers to enable code execution in S-mode
- Return 0 on success, -1 on failure
Testing:
A test file syz_kvm_setup_cpu_riscv64 is included in sys/linux/test/
to verify basic functionality.
Known limitations:
- ifuzz is not yet compatible with riscv64. Temporary workaround: set
text[riscv64] to TextTarget and return nil in createTargetIfuzzConfig
for riscv64 to ensure generateText and mutateText work correctly.
This patch also adds support for KVM_GET_ONE_REG ioctl.
Diffstat (limited to 'sys/linux/test')
| -rw-r--r-- | sys/linux/test/syz_kvm_setup_cpu_riscv64 | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/sys/linux/test/syz_kvm_setup_cpu_riscv64 b/sys/linux/test/syz_kvm_setup_cpu_riscv64 new file mode 100644 index 000000000..3e7c222f1 --- /dev/null +++ b/sys/linux/test/syz_kvm_setup_cpu_riscv64 @@ -0,0 +1,24 @@ +# +# requires: arch=riscv64 +# + +r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) +r1 = ioctl$KVM_CREATE_VM(r0, AUTO, 0x0) +r2 = ioctl$KVM_CREATE_VCPU(r1, AUTO, 0x0) + +# +# Set the register +# 0x04200513, li a0, 0x42 (addi a0, zero, 0x42) +# 0x06300593, li a1, 0x63 (addi a1, zero, 0x63) +# Load the MMIO address to t1 (without affecting a0, a1) +# 0x40000337, lui t1, 0x40000 (load 20 bits high to t1) +# Read from the MMIO address (this triggers KVM_EXIT_MMIO) +# 0x00032683, lw a3, 0(t1) (read from address 0x40000000 to a3) +# +syz_kvm_setup_cpu$riscv64(r1, r2, &(0x7f0000fe8000/0x180000)=nil,&(0x7f0000000000)=[{0x0, &(0x7f0000001000)="13052004930530063703004083260300", 0xf}], 0x1, 0x0, 0x0, 0x0) + +ioctl$KVM_RUN(r2, AUTO, 0x0) + +ioctl$KVM_GET_ONE_REG(r2, AUTO, &AUTO=@riscv64_core={0x803000000200000a, &AUTO}) +ioctl$KVM_GET_ONE_REG(r2, AUTO, &AUTO=@riscv64_config={0x8030000001000000, &AUTO}) +ioctl$KVM_GET_ONE_REG(r2, AUTO, &AUTO=@riscv64_csr={0x8030000003000000, &AUTO})
\ No newline at end of file |