diff options
| author | Dylan Yudaken <dyudaken@gmail.com> | 2023-07-25 20:29:44 +0100 |
|---|---|---|
| committer | Aleksandr Nogikh <nogikh@google.com> | 2023-07-30 13:35:50 +0000 |
| commit | 458a107b4b78803973245909f1f3ab19081ca63b (patch) | |
| tree | 07d4399418cd05a66f939eb35f4f0047e372023a /sys/linux | |
| parent | 924768299f97ac88b84f09eb979919305c8af5bb (diff) | |
sys/linux/io_uring, executor/common_linux: fix io_uring segfault
In Linux 6.4+ it is not allowed to provide a vma to mmap(2) [1]. Change
the API to request the address from the Kernel.
Note I do not know why this was done in the first place, but it seems
not to be useful.
[1]: https://github.com/torvalds/linux/commit/d808459b2e31bd5123a14258a7a529995db974c8
Diffstat (limited to 'sys/linux')
| -rw-r--r-- | sys/linux/io_uring.txt | 2 | ||||
| -rw-r--r-- | sys/linux/test/io_uring | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/sys/linux/io_uring.txt b/sys/linux/io_uring.txt index efd8723b0..ed7112bad 100644 --- a/sys/linux/io_uring.txt +++ b/sys/linux/io_uring.txt @@ -19,7 +19,7 @@ define IORING_MAX_CQ_ENTRIES (2 * IORING_MAX_ENTRIES) # First does the setup calling io_uring_setup, than calls mmap to map the ring and # the sqes. It is hard for the fuzzer to generate correct programs using mmap calls # with fuzzer-provided mmap length. This wrapper ensures correct length computation. -syz_io_uring_setup(entries int32[1:IORING_MAX_ENTRIES], params ptr[inout, io_uring_params], addr_ring vma, addr_sqes vma, ring_ptr ptr[out, ring_ptr], sqes_ptr ptr[out, sqes_ptr]) fd_io_uring +syz_io_uring_setup(entries int32[1:IORING_MAX_ENTRIES], params ptr[inout, io_uring_params], ring_ptr ptr[out, ring_ptr], sqes_ptr ptr[out, sqes_ptr]) fd_io_uring io_uring_setup(entries int32[1:IORING_MAX_ENTRIES], params ptr[inout, io_uring_params]) fd_io_uring io_uring_enter(fd fd_io_uring, to_submit int32[0:IORING_MAX_ENTRIES], min_complete int32[0:IORING_MAX_CQ_ENTRIES], flags flags[io_uring_enter_flags], sigmask ptr[in, sigset_t], size len[sigmask]) diff --git a/sys/linux/test/io_uring b/sys/linux/test/io_uring index 3e7e80371..9bb7fb66f 100644 --- a/sys/linux/test/io_uring +++ b/sys/linux/test/io_uring @@ -1,6 +1,6 @@ # Create an io_uring instance -r0 = syz_io_uring_setup(0x1, &AUTO={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "000000000000000000000000", [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &AUTO=<r1=>0x0, &AUTO=<r2=>0x0) +r0 = syz_io_uring_setup(0xF00, &AUTO={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "000000000000000000000000", [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &AUTO=<r1=>0x0, &AUTO=<r2=>0x0) # Set IORING_CQ_EVENTFD_DISABLED. Has no side-effect for the test, # only tests syz_memcpy_off(). |