sys/linux: add CET(Control-flow Enforcement Technology) user space SHSTK(Shadow Stack) test file

CET(Control-flow Enforcement Technology) is a security feature that includes
shadow stack and end branch to prevent ROP(Return Oriented programming)/JOP
(Jump Oriented Programming) attack from the root cause.
User space SHSTK which prevents ROP attack for user space process is in Linux
tip repo:
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/log/?h=x86/shstk
Add CET user space SHSTK test file in syzkaller to cover related fuzzing
tests.

Signed-off-by: Pengfei Xu <pengfei.xu@intel.com>

1 files changed, 27 insertions, 0 deletions

diff --git a/sys/linux/test/cet_user_shstk b/sys/linux/test/cet_user_shstk
new file mode 100644
index 000000000..587255f3f
--- /dev/null
+++ b/sys/linux/test/cet_user_shstk
@@ -0,0 +1,27 @@
+# requires: arch=amd64
+
+arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x1)
+arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x1)
+arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
+
+r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
+
+arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x2)
+arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x2)
+arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x2)
+
+ptrace(0x10, r0)
+
+ptrace$ARCH_SHSTK_DISABLE(0x1e, r0, 0x1, 0x5002)
+ptrace$ARCH_SHSTK_ENABLE(0x1e, r0, 0x1, 0x5001)
+ptrace$ARCH_SHSTK_UNLOCK(0x1e, r0, 0x1, 0x5004)
+
+ptrace$getregset(0x4204, r0, 0x204, &AUTO={&AUTO='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x8})
+ptrace$setregset(0x4205, r0, 0x204, &AUTO={&AUTO='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x8})
+
+ptrace(0x11, r0)
+
+mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3, 0x22, 0, 0x0)
+map_shadow_stack(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x1)
+
+arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x1)