diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2022-01-11 20:20:35 +0100 |
|---|---|---|
| committer | Aleksandr Nogikh <wp32pw@gmail.com> | 2022-01-13 17:03:25 +0100 |
| commit | b8d780ab30ab6ba340c43ad1944096dae15e6e79 (patch) | |
| tree | 18f7079c2d241bc63e35b5a89aa92d4715ce7def /sys/linux | |
| parent | 65ab1192dcd0323e1b51e8e2f074fb5d6fcb2a1f (diff) | |
sys/linux: fix bugs pointed out by syz-check
Update #590
Diffstat (limited to 'sys/linux')
64 files changed, 607 insertions, 473 deletions
diff --git a/sys/linux/bpf.txt b/sys/linux/bpf.txt index 57034afb7..11c028d4b 100644 --- a/sys/linux/bpf.txt +++ b/sys/linux/bpf.txt @@ -582,29 +582,34 @@ bpf_prog_info { xlated_prog_insns int64 load_time int64 created_by_uid int32 - nr_map_ids int32 - map_ids int64 + nr_map_ids len[map_ids, int32] (in) +# We could declare these as bpf_map_id, but this is not the best way to obtain these resources. + map_ids ptr64[out, array[int32]] name array[int8, BPF_OBJ_NAME_LEN] - ifindex int32 + ifindex ifindex gpl_compatible int32:1 netns_dev int64 netns_ino int64 - nr_jited_ksyms int32 - nr_jited_func_lens int32 - jited_ksyms ptr64[in, int64] - jited_func_lens int64 + nr_jited_ksyms len[jited_ksyms, int32] (in) + nr_jited_func_lens len[jited_func_lens, int32] (in) + jited_ksyms ptr64[out, array[int64]] + jited_func_lens ptr64[out, array[int32]] btf_id bpf_btf_id - func_info_rec_size int32 - func_info ptr64[in, bpf_func_info] - nr_func_info int32 - nr_line_info int32 - line_info ptr64[in, bpf_line_info] - jited_line_info ptr64[in, int64] - nr_jited_line_info int32 - line_info_rec_size int32 - jited_line_info_rec_size int32 - nr_prog_tags int32 - prog_tags ptr64[in, int64] + func_info_rec_size const[BPF_FUNC_INFO_SIZE, int32] (in) + func_info ptr64[out, array[bpf_func_info]] + nr_func_info bytesize[func_info, int32] (in) + nr_line_info len[line_info, int32] (in) + line_info ptr64[out, bpf_line_info] + jited_line_info ptr64[out, int64] + nr_jited_line_info len[jited_line_info, int32] (in) + line_info_rec_size const[BPF_LINE_INFO_SIZE, int32] (in) + jited_line_info_rec_size const[8, int32] (in) + nr_prog_tags len[prog_tags, int32] (in) + prog_tags ptr64[out, int64] + run_time_ns int64 + run_cnt int64 + recursion_misses int64 + verified_insns int32 } [align[8]] bpf_get_map_info_arg { @@ -614,25 +619,36 @@ bpf_get_map_info_arg { } bpf_map_info { - type int32 - id bpf_map_id - key_size int32 - value_size int32 - max_entries int32 - map_flags int32 - name array[int8, BPF_OBJ_NAME_LEN] + type int32 + id bpf_map_id + key_size int32 + value_size int32 + max_entries int32 + map_flags int32 + name array[int8, BPF_OBJ_NAME_LEN] + ifindex ifindex + btf_vmlinux_value_type_id int32 + netns_dev int64 + netns_ino int64 + btf_id int32 + btf_key_type_id int32 + btf_value_type_id int32 + map_extra align64[int64] } [align[8]] bpf_get_btf_info_arg { btf fd_btf (in) len len[info, int32] (in) - info ptr64[inout, bpf_btf_info] + info ptr64[out, bpf_btf_info] } bpf_btf_info { btf ptr64[out, array[int8]] - btf_size bytesize[btf, int32] - id bpf_btf_id (out) + btf_size bytesize[btf, int32] (in) + id bpf_btf_id + name ptr64[out, array[int8]] + name_len bytesize[name, int32] + kernel_btf int32 } [align[8]] bpf_prog_query { diff --git a/sys/linux/bpf.txt.const b/sys/linux/bpf.txt.const index 4a4462f3b..4fee5e2c5 100644 --- a/sys/linux/bpf.txt.const +++ b/sys/linux/bpf.txt.const @@ -253,7 +253,7 @@ BTF_KIND_VOLATILE = 9 BTF_MAGIC = 60319 BTF_VERSION = 1 MAX_BPF_REG = 11 -__BPF_FUNC_MAX_ID = 180 +__BPF_FUNC_MAX_ID = 186 __MAX_BPF_REG = 11 __NR_bpf = 280, 386:357, amd64:321, arm:386, mips64le:5315, ppc64le:361, s390x:351 bpf_call_code = 133 diff --git a/sys/linux/bpf.txt.warn b/sys/linux/bpf.txt.warn index 71cb56914..3a498f7b7 100644 --- a/sys/linux/bpf.txt.warn +++ b/sys/linux/bpf.txt.warn @@ -41,14 +41,8 @@ no-such-struct: bpf_link_get_next_id_arg no-such-struct: bpf_prog_get_fd_by_id_arg no-such-struct: bpf_prog_bind_map_arg no-such-struct: bpf_get_prog_info_arg -bad-field-number: bpf_prog_info: syz=32 kernel=36 -bad-struct-size: bpf_prog_info: syz=192 kernel=224 no-such-struct: bpf_get_map_info_arg -bad-field-number: bpf_map_info: syz=7 kernel=15 -bad-struct-size: bpf_map_info: syz=40 kernel=88 no-such-struct: bpf_get_btf_info_arg -bad-field-number: bpf_btf_info: syz=3 kernel=6 -bad-struct-size: bpf_btf_info: syz=16 kernel=32 no-such-struct: bpf_prog_query no-such-struct: bpf_btf_load no-such-struct: btf_type_int diff --git a/sys/linux/damon.txt b/sys/linux/damon.txt index 35313faa0..e950766f9 100644 --- a/sys/linux/damon.txt +++ b/sys/linux/damon.txt @@ -20,7 +20,7 @@ openat$damon_kdamond_pid(fd const[AT_FDCWD], file ptr[in, string["/sys/kernel/de openat$damon_mk_contexts(fd const[AT_FDCWD], file ptr[in, string["/sys/kernel/debug/damon/mk_contexts"]], flags flags[open_flags], mode flags[open_mode]) fd_damon_contexts openat$damon_rm_contexts(fd const[AT_FDCWD], file ptr[in, string["/sys/kernel/debug/damon/rm_contexts"]], flags flags[open_flags], mode flags[open_mode]) fd_damon_contexts -write$damon_target_ids(fd fd_damon_target_ids, buf ptr[in, damon_target_id_input], count len[buf]) +write$damon_target_ids(fd fd_damon_target_ids, buf ptr[in, damon_target_id_input], count bytesize[buf]) write$damon_attrs(fd fd_damon_attrs, buf ptr[in, damon_attrs], count len[buf]) write$damon_init_regions(fd fd_damon_init_regions, buf ptr[in, damon_init_regions], count len[buf]) write$damon_monitor_on(fd fd_damon_monitor_on, buf ptr[in, string["on"]], count len[buf]) diff --git a/sys/linux/dev_block.txt b/sys/linux/dev_block.txt index 47b32976f..4ce5e5707 100644 --- a/sys/linux/dev_block.txt +++ b/sys/linux/dev_block.txt @@ -67,7 +67,9 @@ blk_zone { cond int8 non_seq int8 reset int8 - reserved array[const[0, int8], 36] + resv array[const[0, int8], 4] + capacity int64 + reserved array[const[0, int8], 24] } blk_zone_range { diff --git a/sys/linux/dev_block.txt.warn b/sys/linux/dev_block.txt.warn deleted file mode 100644 index 9787ab2b7..000000000 --- a/sys/linux/dev_block.txt.warn +++ /dev/null @@ -1,2 +0,0 @@ -bad-field-number: blk_zone: syz=8 kernel=10 -bad-field-size: blk_zone.reserved/resv: syz=36 kernel=4 diff --git a/sys/linux/dev_dri.txt b/sys/linux/dev_dri.txt index dec96c61b..e78bf4df0 100644 --- a/sys/linux/dev_dri.txt +++ b/sys/linux/dev_dri.txt @@ -24,7 +24,7 @@ syz_open_dev$drirender(dev ptr[in, string["/dev/dri/renderD#"]], id intptr, flag openat$drirender128(fd const[AT_FDCWD], file ptr[in, string["/dev/dri/renderD128"]], flags flags[open_flags], mode const[0]) fd_dri ioctl$DRM_IOCTL_VERSION(fd fd_dri, cmd const[DRM_IOCTL_VERSION], arg ptr[in, drm_version]) -ioctl$DRM_IOCTL_GET_UNIQUE(fd fd_dri, cmd const[DRM_IOCTL_GET_UNIQUE], arg ptr[in, drm_unique_out]) +ioctl$DRM_IOCTL_GET_UNIQUE(fd fd_dri, cmd const[DRM_IOCTL_GET_UNIQUE], arg ptr[in, drm_unique$out]) ioctl$DRM_IOCTL_GET_MAGIC(fd fd_dri, cmd const[DRM_IOCTL_GET_MAGIC], arg ptr[in, int32]) ioctl$DRM_IOCTL_IRQ_BUSID(fd fd_dri, cmd const[DRM_IOCTL_IRQ_BUSID], arg ptr[in, drm_irq_busid]) ioctl$DRM_IOCTL_GET_MAP(fd fd_dri, cmd const[DRM_IOCTL_GET_MAP], arg ptr[inout, drm_map$DRM_IOCTL_GET_MAP]) @@ -33,7 +33,7 @@ ioctl$DRM_IOCTL_GET_STATS(fd fd_dri, cmd const[DRM_IOCTL_GET_STATS], arg buffer[ ioctl$DRM_IOCTL_GET_CAP(fd fd_dri, cmd const[DRM_IOCTL_GET_CAP], arg ptr[in, drm_get_cap]) ioctl$DRM_IOCTL_SET_CLIENT_CAP(fd fd_dri, cmd const[DRM_IOCTL_SET_CLIENT_CAP], arg ptr[in, drm_get_cap]) ioctl$DRM_IOCTL_SET_VERSION(fd fd_dri, cmd const[DRM_IOCTL_SET_VERSION], arg ptr[in, drm_set_version]) -ioctl$DRM_IOCTL_SET_UNIQUE(fd fd_dri, cmd const[DRM_IOCTL_SET_UNIQUE], arg ptr[in, drm_unique_in]) +ioctl$DRM_IOCTL_SET_UNIQUE(fd fd_dri, cmd const[DRM_IOCTL_SET_UNIQUE], arg ptr[in, drm_unique$in]) ioctl$DRM_IOCTL_AUTH_MAGIC(fd fd_dri, cmd const[DRM_IOCTL_AUTH_MAGIC], arg ptr[in, int32]) ioctl$DRM_IOCTL_ADD_MAP(fd fd_dri, cmd const[DRM_IOCTL_ADD_MAP], arg ptr[inout, drm_map$DRM_IOCTL_ADD_MAP]) ioctl$DRM_IOCTL_RM_MAP(fd fd_dri, cmd const[DRM_IOCTL_RM_MAP], arg ptr[in, drm_map$DRM_IOCTL_RM_MAP]) @@ -66,7 +66,7 @@ ioctl$DRM_IOCTL_AGP_BIND(fd fd_dri, cmd const[DRM_IOCTL_AGP_BIND], arg ptr[in, d ioctl$DRM_IOCTL_AGP_UNBIND(fd fd_dri, cmd const[DRM_IOCTL_AGP_UNBIND], arg ptr[in, drm_agp_binding]) ioctl$DRM_IOCTL_SG_ALLOC(fd fd_dri, cmd const[DRM_IOCTL_SG_ALLOC], arg ptr[in, drm_scatter_gather]) ioctl$DRM_IOCTL_SG_FREE(fd fd_dri, cmd const[DRM_IOCTL_SG_FREE], arg ptr[in, drm_scatter_gather]) -ioctl$DRM_IOCTL_WAIT_VBLANK(fd fd_dri, cmd const[DRM_IOCTL_WAIT_VBLANK], arg ptr[in, drm_wait_vblank]) +ioctl$DRM_IOCTL_WAIT_VBLANK(fd fd_dri, cmd const[DRM_IOCTL_WAIT_VBLANK], arg ptr[in, drm_wait_vblank_request]) ioctl$DRM_IOCTL_MODESET_CTL(fd fd_dri, cmd const[DRM_IOCTL_MODESET_CTL], arg ptr[in, drm_modeset_ctl]) ioctl$DRM_IOCTL_GEM_OPEN(fd fd_dri, cmd const[DRM_IOCTL_GEM_OPEN], arg ptr[inout, drm_gem_open]) ioctl$DRM_IOCTL_GEM_CLOSE(fd fd_dri, cmd const[DRM_IOCTL_GEM_CLOSE], arg ptr[in, drm_gem_close]) @@ -361,16 +361,22 @@ drm_mode_atomic_flags = DRM_MODE_PAGE_FLIP_EVENT, DRM_MODE_ATOMIC_TEST_ONLY, DRM resource fd_drm_syncobj[fd] resource drm_syncobj[int32] -resource drm_syncpoint[int64] + +# TODO: drm_syncpoint should be a resource and it used to be. +# But it was produced only by drm_syncobj_wait/drm_syncobj_timeline_wait.first_signaled +# which actually returns some int32 index rather than int64 syncpoint. +# Once it was fixed nothing produces drm_syncpoint anymore, so it was downgraded to plain int. +# resource drm_syncpoint[int64] +type drm_syncpoint int64 # See https://www.kernel.org/doc/html/latest/gpu/drm-mm.html#drm-sync-objects # for more details ioctl$DRM_IOCTL_SYNCOBJ_CREATE(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_CREATE], arg ptr[inout, drm_syncobj_create]) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_DESTROY], arg ptr[in, drm_syncobj_destroy]) -ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD], arg ptr[inout, drm_syncobj_handle_to_sync_file]) -ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD], arg ptr[inout, drm_syncobj_handle_to_fd]) -ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE], arg ptr[inout, drm_syncobj_handle_from_sync_file]) -ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE], arg ptr[inout, drm_syncobj_handle_from_fd]) +ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD], arg ptr[inout, drm_syncobj_handle$to_sync_file]) +ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD], arg ptr[inout, drm_syncobj_handle$to_fd]) +ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE], arg ptr[inout, drm_syncobj_handle$from_sync_file]) +ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE], arg ptr[inout, drm_syncobj_handle$from_fd]) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_TRANSFER], arg ptr[inout, drm_syncobj_transfer]) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_WAIT], arg ptr[inout, drm_syncobj_wait]) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(fd fd_dri, cmd const[DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT], arg ptr[inout, drm_syncobj_timeline_wait]) @@ -389,28 +395,28 @@ drm_syncobj_destroy { pad const[0, int32] } -drm_syncobj_handle_to_sync_file { +drm_syncobj_handle$to_sync_file { handle drm_syncobj (in) flags const[DRM_SYNCOBJ_HANDLE_TO_FD_FLAGS_EXPORT_SYNC_FILE, int32] fd fd_sync_file (out) pad const[0, int32] } -drm_syncobj_handle_to_fd { +drm_syncobj_handle$to_fd { handle drm_syncobj (in) flags const[0, int32] fd fd_drm_syncobj (out) pad const[0, int32] } -drm_syncobj_handle_from_sync_file { +drm_syncobj_handle$from_sync_file { handle drm_syncobj (out) flags const[DRM_SYNCOBJ_FD_TO_HANDLE_FLAGS_IMPORT_SYNC_FILE, int32] fd fd_sync_file (in) pad const[0, int32] } -drm_syncobj_handle_from_fd { +drm_syncobj_handle$from_fd { handle drm_syncobj (out) flags const[0, int32] fd fd_drm_syncobj (in) @@ -420,8 +426,8 @@ drm_syncobj_handle_from_fd { drm_syncobj_transfer { src_handle drm_syncobj (in) dst_handle drm_syncobj (in) - src_point drm_syncpoint[opt] - dst_point drm_syncpoint[opt] + src_point drm_syncpoint (in) + dst_point drm_syncpoint (in) flags flags[drm_syncobj_wait_flags, int32] (in) pad const[0, int32] } @@ -431,7 +437,7 @@ drm_syncobj_wait { timeout_nsec int64 (in) count_handles len[handles, int32] flags flags[drm_syncobj_wait_flags, int32] (in) - first_signaled drm_syncpoint (out) + first_signaled int32 (out) pad const[0, int32] } @@ -441,7 +447,7 @@ drm_syncobj_timeline_wait { timeout_nsec int64 count_handles len[handles, int32] flags flags[drm_syncobj_wait_flags, int32] (in) - first_signaled drm_syncpoint (out) + first_signaled int32 (out) pad const[0, int32] } @@ -508,12 +514,12 @@ drm_version { desc buffer[out] } -drm_unique_in { +drm_unique$in { len len[uni, intptr] uni buffer[in] } -drm_unique_out { +drm_unique$out { len len[uni, intptr] uni buffer[out] } @@ -667,10 +673,10 @@ drm_scatter_gather { handle drm_agp_handle } -drm_wait_vblank { +drm_wait_vblank_request { type flags[drm_vblank_seq_type, int32] seq int32 - signal signalno + signal intptr } drm_modeset_ctl { @@ -734,21 +740,21 @@ drm_mode_crtc { } drm_mode_modeinfo { - clock int32 - hdisp int16 - hsyncs int16 - hsynce int16 - htotal int16 - hskew int16 - vdisp int16 - vsyncs int16 - vsynce int16 - vtotal int16 - vscan int16 - vrefr int16 - flag int32 - type int32 - name array[int8, DRM_DISPLAY_MODE_LEN] + clock int32 + hdisplay int16 + hsync_start int16 + hsync_end int16 + htotal int16 + hskew int16 + vdisplay int16 + vsync_start int16 + vsync_end int16 + vtotal int16 + vscan int16 + vrefresh int32 + flags int32 + type int32 + name array[int8, DRM_DISPLAY_MODE_LEN] } drm_agp_mem_type = 0, 1, 2, AGP_USER_MEMORY, AGP_USER_CACHED_MEMORY diff --git a/sys/linux/dev_dri.txt.warn b/sys/linux/dev_dri.txt.warn deleted file mode 100644 index 71d602373..000000000 --- a/sys/linux/dev_dri.txt.warn +++ /dev/null @@ -1,16 +0,0 @@ -no-such-struct: drm_syncobj_handle_to_sync_file -no-such-struct: drm_syncobj_handle_to_fd -no-such-struct: drm_syncobj_handle_from_sync_file -no-such-struct: drm_syncobj_handle_from_fd -bad-struct-size: drm_syncobj_wait: syz=36 kernel=32 [386] -bad-struct-size: drm_syncobj_wait: syz=40 kernel=32 [amd64,arm,arm64] -bad-field-size: drm_syncobj_wait.first_signaled: syz=8 kernel=4 -bad-field-offset: drm_syncobj_wait.pad: syz=32 kernel=28 -bad-struct-size: drm_syncobj_timeline_wait: syz=44 kernel=40 [386] -bad-struct-size: drm_syncobj_timeline_wait: syz=48 kernel=40 [amd64,arm,arm64] -bad-field-size: drm_syncobj_timeline_wait.first_signaled: syz=8 kernel=4 -bad-field-offset: drm_syncobj_timeline_wait.pad: syz=40 kernel=36 -no-such-struct: drm_unique_in -no-such-struct: drm_unique_out -no-such-struct: drm_wait_vblank -bad-field-size: drm_mode_modeinfo.vrefr/vrefresh: syz=2 kernel=4 diff --git a/sys/linux/dev_kvm.txt b/sys/linux/dev_kvm.txt index e00624f66..e8c74386f 100644 --- a/sys/linux/dev_kvm.txt +++ b/sys/linux/dev_kvm.txt @@ -604,9 +604,12 @@ kvm_vcpu_events { } kvm_clock_data { - clock int64 - flags int32 - pad array[const[0, int32], 9] + clock int64 + flags int32 + pad0 int32 + realtime int64 + host_tsc int64 + pad array[const[0, int32], 4] } kvm_xen_hvm_config { diff --git a/sys/linux/dev_kvm.txt.warn b/sys/linux/dev_kvm.txt.warn index 0e7a5c223..031f0a3d6 100644 --- a/sys/linux/dev_kvm.txt.warn +++ b/sys/linux/dev_kvm.txt.warn @@ -75,8 +75,6 @@ bad-field-size: kvm_vcpu_events.innr/reserved: syz=1 kernel=27 [386,amd64] bad-field-offset: kvm_vcpu_events.insoft/exception_has_payload: syz=10 kernel=55 [386,amd64] bad-field-offset: kvm_vcpu_events.inshad/exception_payload: syz=11 kernel=56 [386,amd64] bad-field-size: kvm_vcpu_events.inshad/exception_payload: syz=1 kernel=8 [386,amd64] -bad-field-number: kvm_clock_data: syz=3 kernel=6 [386,amd64,arm64] -bad-field-size: kvm_clock_data.pad/pad0: syz=36 kernel=4 [386,amd64,arm64] bad-field-number: kvm_regs: syz=3 kernel=18 [386,amd64] bad-field-number: kvm_regs: syz=3 kernel=5 [arm64] bad-struct-size: kvm_regs: syz=144 kernel=864 [arm64] diff --git a/sys/linux/dev_media.txt b/sys/linux/dev_media.txt index 8a3f845c0..523dd1317 100644 --- a/sys/linux/dev_media.txt +++ b/sys/linux/dev_media.txt @@ -28,9 +28,10 @@ media_entity_desc { } [size[MEDIA_ENTITY_DESC_SIZE]] media_links_enum { - entity media_entity_id (in) - pads ptr[out, array[media_pad_desc, 2]] - links ptr[out, array[media_link_desc, 2]] + entity media_entity_id (in) + pads ptr[out, array[media_pad_desc, 2]] + links ptr[out, array[media_link_desc, 2]] + reserved array[const[0, int32], 4] } media_link_desc { @@ -89,8 +90,7 @@ media_v2_pad { flags int32 # The v1 pad indexes are int16, so we use int16 as resource base, # but v2 pad indexes are int32, so we need the pad. - index media_pad_index - index_pad const[0, int16] + index padto32[media_pad_index] reserved array[int32, 4] } [packed] diff --git a/sys/linux/dev_media.txt.warn b/sys/linux/dev_media.txt.warn index 27505cbc7..a2d0f4436 100644 --- a/sys/linux/dev_media.txt.warn +++ b/sys/linux/dev_media.txt.warn @@ -1,8 +1 @@ bad-field-number: media_entity_desc: syz=1 kernel=10 -bad-field-number: media_links_enum: syz=3 kernel=4 -bad-struct-size: media_links_enum: syz=12 kernel=28 [386,arm] -bad-struct-size: media_links_enum: syz=24 kernel=40 [amd64,arm64] -bad-field-number: media_v2_pad: syz=6 kernel=5 -bad-field-size: media_v2_pad.index: syz=2 kernel=4 -bad-field-offset: media_v2_pad.index_pad/reserved: syz=14 kernel=16 -bad-field-size: media_v2_pad.index_pad/reserved: syz=2 kernel=16 diff --git a/sys/linux/dev_nbd.txt b/sys/linux/dev_nbd.txt index 3fe5482dd..9bc852628 100644 --- a/sys/linux/dev_nbd.txt +++ b/sys/linux/dev_nbd.txt @@ -43,6 +43,7 @@ nbd_attr_policy [ NBD_ATTR_CLIENT_FLAGS nlattr[NBD_ATTR_CLIENT_FLAGS, flags[nbd_client_flags, int64]] NBD_ATTR_SOCKETS nlnest[NBD_ATTR_SOCKETS, array[nlattr[NBD_SOCK_FD, sock_nbd_client]]] NBD_ATTR_DEAD_CONN_TIMEOUT nlattr[NBD_ATTR_DEAD_CONN_TIMEOUT, int64] + NBD_ATTR_BACKEND_IDENTIFIER nlattr[NBD_ATTR_BACKEND_IDENTIFIER, stringnoz] ] [varlen] nbd_server_flags = NBD_FLAG_HAS_FLAGS, NBD_FLAG_READ_ONLY, NBD_FLAG_SEND_FLUSH, NBD_FLAG_SEND_FUA, NBD_FLAG_SEND_TRIM, NBD_FLAG_CAN_MULTI_CONN diff --git a/sys/linux/dev_nbd.txt.const b/sys/linux/dev_nbd.txt.const index 3a991bd46..9eccaade7 100644 --- a/sys/linux/dev_nbd.txt.const +++ b/sys/linux/dev_nbd.txt.const @@ -1,6 +1,7 @@ # Code generated by syz-sysgen. DO NOT EDIT. arches = 386, amd64, arm, arm64, mips64le, ppc64le, riscv64, s390x AF_UNIX = 1 +NBD_ATTR_BACKEND_IDENTIFIER = 10 NBD_ATTR_BLOCK_SIZE_BYTES = 3 NBD_ATTR_CLIENT_FLAGS = 6 NBD_ATTR_DEAD_CONN_TIMEOUT = 8 diff --git a/sys/linux/dev_nbd.txt.warn b/sys/linux/dev_nbd.txt.warn index 3b9b00b03..8662879e4 100644 --- a/sys/linux/dev_nbd.txt.warn +++ b/sys/linux/dev_nbd.txt.warn @@ -1,3 +1,3 @@ -bad-netlink-attr: nbd_attr_policy: missing attributes: [9 10] +bad-netlink-attr: nbd_attr_policy: missing attributes: [9] no-such-struct: nbd_sock_pair bad-field-size: nbd_reply.handle_tag/handle: syz=2 kernel=8 diff --git a/sys/linux/dev_qat_adf_ctl.txt b/sys/linux/dev_qat_adf_ctl.txt index 25d646c72..cf113217a 100644 --- a/sys/linux/dev_qat_adf_ctl.txt +++ b/sys/linux/dev_qat_adf_ctl.txt @@ -25,7 +25,7 @@ adf_user_cfg_ctl_data { adf_user_cfg_section { name string[qat_section_name, ADF_CFG_MAX_SECTION_LEN_IN_BYTES] - params adf_ptr64[adf_user_cfg_key_val] + params adf_ptr64[adf_user_cfg_key_val_u] next adf_ptr64[adf_user_cfg_section] } [packed] @@ -33,16 +33,16 @@ qat_section_name = "GENERAL", "KERNEL", "Accelerator", "Accelerator0", "Accelera # Key-values -adf_user_cfg_key_val [ - adf_dec adf_user_cfg_key_val_t[ADF_DEC, adf_user_cfg_val_dec] - adf_hex adf_user_cfg_key_val_t[ADF_HEX, adf_user_cfg_val_hex] - adf_str adf_user_cfg_key_val_t[ADF_STR, adf_user_cfg_val_str] +adf_user_cfg_key_val_u [ + adf_dec adf_user_cfg_key_val[ADF_DEC, adf_user_cfg_val_dec] + adf_hex adf_user_cfg_key_val[ADF_HEX, adf_user_cfg_val_hex] + adf_str adf_user_cfg_key_val[ADF_STR, adf_user_cfg_val_str] ] -type adf_user_cfg_key_val_t[TYPE, VAL] { +type adf_user_cfg_key_val[TYPE, VAL] { key adf_user_cfg_key val VAL - next adf_ptr64[adf_user_cfg_key_val] + next adf_ptr64[adf_user_cfg_key_val_u] type const[TYPE, int32] } [packed] diff --git a/sys/linux/dev_qat_adf_ctl.txt.warn b/sys/linux/dev_qat_adf_ctl.txt.warn index de03afe9f..dc4905a8b 100644 --- a/sys/linux/dev_qat_adf_ctl.txt.warn +++ b/sys/linux/dev_qat_adf_ctl.txt.warn @@ -1,7 +1,7 @@ no-such-struct: adf_user_cfg_ctl_data [arm,arm64] no-such-struct: adf_user_cfg_section [arm,arm64] +no-such-struct: adf_user_cfg_key_val_u no-such-struct: adf_user_cfg_key_val [arm,arm64] -no-such-struct: adf_user_cfg_key_val_t no-such-struct: adf_user_cfg_key no-such-struct: adf_user_cfg_format_keys no-such-struct: adf_user_cfg_bank_keys diff --git a/sys/linux/dev_snapshot.txt b/sys/linux/dev_snapshot.txt index 34f8ed392..0d06459c4 100644 --- a/sys/linux/dev_snapshot.txt +++ b/sys/linux/dev_snapshot.txt @@ -31,4 +31,4 @@ ioctl$SNAPSHOT_SET_SWAP_AREA(fd fd_snapshot, cmd const[SNAPSHOT_SET_SWAP_AREA], resume_swap_area { offset int64 dev int32 -} +} [packed] diff --git a/sys/linux/dev_snapshot.txt.warn b/sys/linux/dev_snapshot.txt.warn deleted file mode 100644 index 810631639..000000000 --- a/sys/linux/dev_snapshot.txt.warn +++ /dev/null @@ -1 +0,0 @@ -bad-struct-size: resume_swap_area: syz=16 kernel=12 [amd64,arm,arm64] diff --git a/sys/linux/dev_snd_midi.txt b/sys/linux/dev_snd_midi.txt index 4f2bb71d0..9ac6df2c5 100644 --- a/sys/linux/dev_snd_midi.txt +++ b/sys/linux/dev_snd_midi.txt @@ -43,7 +43,8 @@ snd_rawmidi_params { buffer_size intptr avail_min intptr no_active_sensing int32:1 - reserved array[const[0, int8], 16] + mode int32 + reserved array[const[0, int8], 12] } snd_rawmidi_status32 { diff --git a/sys/linux/dev_snd_midi.txt.warn b/sys/linux/dev_snd_midi.txt.warn deleted file mode 100644 index 090254a4c..000000000 --- a/sys/linux/dev_snd_midi.txt.warn +++ /dev/null @@ -1,4 +0,0 @@ -bad-field-number: snd_rawmidi_params: syz=5 kernel=6 -bad-field-offset: snd_rawmidi_params.reserved/mode: syz=13 kernel=16 [386,arm] -bad-field-offset: snd_rawmidi_params.reserved/mode: syz=25 kernel=28 [amd64,arm64] -bad-field-size: snd_rawmidi_params.reserved/mode: syz=16 kernel=4 diff --git a/sys/linux/dev_vhci.txt b/sys/linux/dev_vhci.txt index 842c82a17..b74691521 100644 --- a/sys/linux/dev_vhci.txt +++ b/sys/linux/dev_vhci.txt @@ -899,7 +899,7 @@ hci_ev_le_meta_un [ hci_ev_le_data_len_change hci_ev_le_meta_t[HCI_EV_LE_DATA_LEN_CHANGE, hci_ev_le_data_len_change] hci_ev_le_direct_adv_info hci_ev_le_meta_t[HCI_EV_LE_DIRECT_ADV_REPORT, hci_ev_le_direct_adv_info] hci_ev_le_enh_conn_complete hci_ev_le_meta_t[HCI_EV_LE_ENHANCED_CONN_COMPLETE, hci_ev_le_enh_conn_complete] - hci_ev_le_ext_adv_report hci_ev_le_meta_t[HCI_EV_LE_EXT_ADV_REPORT, hci_ev_le_ext_adv_report_t] + hci_ev_le_ext_adv_report hci_ev_le_meta_t[HCI_EV_LE_EXT_ADV_REPORT, hci_ev_le_ext_adv_report] hci_ev_le_ltk_req hci_ev_le_meta_t[HCI_EV_LE_LTK_REQ, hci_ev_le_ltk_req] hci_ev_le_phy_update_complete hci_ev_le_meta_t[HCI_EV_LE_PHY_UPDATE_COMPLETE, hci_ev_le_phy_update_complete] hci_ev_le_remote_conn_param_req hci_ev_le_meta_t[HCI_EV_LE_REMOTE_CONN_PARAM_REQ, hci_ev_le_remote_conn_param_req] @@ -1220,13 +1220,13 @@ hci_ev_le_enh_conn_complete { clk_accurancy int8 } [packed] -hci_ev_le_ext_adv_report_t { - num_reports len[reports, int8] - reports array[hci_ev_le_ext_adv_report] +hci_ev_le_ext_adv_report { + num len[info, int8] + info array[hci_ev_le_ext_adv_info] } [packed] -hci_ev_le_ext_adv_report { - evt_type flags[hci_legacy_adv_evt_type, int16] +hci_ev_le_ext_adv_info { + type flags[hci_legacy_adv_evt_type, int16] bdaddr_type flags[bdaddr_types, int8] bdaddr bdaddr_t primary_phy int8 @@ -1478,7 +1478,7 @@ hci_rp_delete_reserved_lt_addr { hci_rp_delete_stored_link_key { status int8 - num_keys int8 + num_keys int16 } [packed] hci_rp_le_ltk_neg_reply { @@ -1766,8 +1766,8 @@ hci_rp_read_ssp_mode { hci_rp_read_stored_link_key { status int8 - max_keys int8 - num_keys int8 + max_keys int16 + num_keys int16 } [packed] hci_rp_read_tx_power { diff --git a/sys/linux/dev_vhci.txt.warn b/sys/linux/dev_vhci.txt.warn index 01c7772ac..3e4e88f69 100644 --- a/sys/linux/dev_vhci.txt.warn +++ b/sys/linux/dev_vhci.txt.warn @@ -13,14 +13,6 @@ no-such-struct: hci_event_hdr_t no-such-struct: hci_ev_le_meta_t no-such-struct: hci_ev_cmd_complete_t compiler: len target reports refer to an array with variable-size elements (do you mean bytesize?) -bad-field-size: hci_ev_le_ext_adv_report.evt_type/num: syz=2 kernel=1 -bad-field-offset: hci_ev_le_ext_adv_report.bdaddr_type/info: syz=2 kernel=1 -bad-field-size: hci_ev_le_ext_adv_report.bdaddr_type/info: syz=1 kernel=0 -bad-struct-size: hci_rp_delete_stored_link_key: syz=2 kernel=3 -bad-field-size: hci_rp_delete_stored_link_key.num_keys: syz=1 kernel=2 -bad-struct-size: hci_rp_read_stored_link_key: syz=3 kernel=5 -bad-field-size: hci_rp_read_stored_link_key.max_keys: syz=1 kernel=2 -bad-field-offset: hci_rp_read_stored_link_key.num_keys: syz=2 kernel=3 -bad-field-size: hci_rp_read_stored_link_key.num_keys: syz=1 kernel=2 +compiler: len target info refer to an array with variable-size elements (do you mean bytesize?) no-such-struct: inquiry_info_with_rssi no-such-struct: inquiry_info_with_rssi_and_pscan_mode diff --git a/sys/linux/dev_video4linux.txt b/sys/linux/dev_video4linux.txt index fb9b75b7d..07c627d15 100644 --- a/sys/linux/dev_video4linux.txt +++ b/sys/linux/dev_video4linux.txt @@ -49,14 +49,14 @@ ioctl$VIDIOC_S_FMT(fd fd_video, cmd const[VIDIOC_S_FMT], arg ptr[inout, v4l2_for ioctl$VIDIOC_REQBUFS(fd fd_video, cmd const[VIDIOC_REQBUFS], arg ptr[inout, v4l2_requestbuffers[v4l2_buf_type]]) # This variant serves as fd_v4l2_buffer constructor. # Potentially more ioctl can create fd_v4l2_buffer, but the kernel code is hard to understand. -ioctl$VIDIOC_QUERYBUF_DMABUF(fd fd_video, cmd const[VIDIOC_QUERYBUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type, V4L2_MEMORY_DMABUF, fd_v4l2_buffer]]) -ioctl$VIDIOC_QUERYBUF(fd fd_video, cmd const[VIDIOC_QUERYBUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type]]) +ioctl$VIDIOC_QUERYBUF_DMABUF(fd fd_video, cmd const[VIDIOC_QUERYBUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type, V4L2_MEMORY_DMABUF, fd_v4l2_buffer]]) +ioctl$VIDIOC_QUERYBUF(fd fd_video, cmd const[VIDIOC_QUERYBUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type]]) ioctl$VIDIOC_G_FBUF(fd fd_video, cmd const[VIDIOC_G_FBUF], arg ptr[inout, v4l2_framebuffer]) ioctl$VIDIOC_S_FBUF(fd fd_video, cmd const[VIDIOC_S_FBUF], arg ptr[in, v4l2_framebuffer]) ioctl$VIDIOC_OVERLAY(fd fd_video, cmd const[VIDIOC_OVERLAY], arg ptr[in, int32]) -ioctl$VIDIOC_QBUF(fd fd_video, cmd const[VIDIOC_QBUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type]]) +ioctl$VIDIOC_QBUF(fd fd_video, cmd const[VIDIOC_QBUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type]]) ioctl$VIDIOC_EXPBUF(fd fd_video, cmd const[VIDIOC_EXPBUF], arg ptr[inout, v4l2_exportbuffer[v4l2_buf_type]]) -ioctl$VIDIOC_DQBUF(fd fd_video, cmd const[VIDIOC_DQBUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type]]) +ioctl$VIDIOC_DQBUF(fd fd_video, cmd const[VIDIOC_DQBUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type]]) ioctl$VIDIOC_STREAMON(fd fd_video, cmd const[VIDIOC_STREAMON], arg ptr[in, int32]) ioctl$VIDIOC_STREAMOFF(fd fd_video, cmd const[VIDIOC_STREAMOFF], arg ptr[in, int32]) ioctl$VIDIOC_G_PARM(fd fd_video, cmd const[VIDIOC_G_PARM], arg ptr[inout, v4l2_streamparm]) @@ -116,7 +116,7 @@ ioctl$VIDIOC_DQEVENT(fd fd_video, cmd const[VIDIOC_DQEVENT], arg ptr[out, v4l2_e ioctl$VIDIOC_SUBSCRIBE_EVENT(fd fd_video, cmd const[VIDIOC_SUBSCRIBE_EVENT], arg ptr[in, v4l2_event_subscription]) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(fd fd_video, cmd const[VIDIOC_UNSUBSCRIBE_EVENT], arg ptr[in, v4l2_event_subscription]) ioctl$VIDIOC_CREATE_BUFS(fd fd_video, cmd const[VIDIOC_CREATE_BUFS], arg ptr[inout, v4l2_create_buffers[v4l2_buf_type]]) -ioctl$VIDIOC_PREPARE_BUF(fd fd_video, cmd const[VIDIOC_PREPARE_BUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type]]) +ioctl$VIDIOC_PREPARE_BUF(fd fd_video, cmd const[VIDIOC_PREPARE_BUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type]]) ioctl$VIDIOC_G_SELECTION(fd fd_video, cmd const[VIDIOC_G_SELECTION], arg ptr[inout, v4l2_selection]) ioctl$VIDIOC_S_SELECTION(fd fd_video, cmd const[VIDIOC_S_SELECTION], arg ptr[inout, v4l2_selection]) ioctl$VIDIOC_DECODER_CMD(fd fd_video, cmd const[VIDIOC_DECODER_CMD], arg ptr[inout, v4l2_decoder_cmd]) @@ -272,22 +272,23 @@ type v4l2_requestbuffers[BUF_TYPE] { type flags[BUF_TYPE, int32] memory flags[v4l2_memory, int32] capabilities const[0, int32] - reserved const[0, int32] -} - -type v4l2_buffer[BUF_TYPE] [ - mmap v4l2_buffer_t[BUF_TYPE, V4L2_MEMORY_MMAP, intptr] - userptr v4l2_buffer_t[BUF_TYPE, V4L2_MEMORY_USERPTR, ptr[out, int8]] - overlay v4l2_buffer_t[BUF_TYPE, V4L2_MEMORY_OVERLAY, int32] - fd v4l2_buffer_t[BUF_TYPE, V4L2_MEMORY_DMABUF, fd_v4l2_buffer[opt]] - multiplanar_mmap v4l2_buffer_t[BUF_TYPE, V4L2_MEMORY_MMAP, ptr[inout, array[v4l2_plane[intptr], 2]]] - multiplanar_userptr v4l2_buffer_t[BUF_TYPE, V4L2_MEMORY_USERPTR, array[v4l2_plane[ptr[out, int8]], 2]] - multiplanar_overlay v4l2_buffer_t[BUF_TYPE, V4L2_MEMORY_OVERLAY, array[v4l2_plane[int32], 2]] - multiplanar_fd v4l2_buffer_t[BUF_TYPE, V4L2_MEMORY_DMABUF, array[v4l2_plane[fd_v4l2_buffer[opt]], 2]] + flags int8 + reserved array[const[0, int8], 3] +} + +type v4l2_buffer_t[BUF_TYPE] [ + mmap v4l2_buffer[BUF_TYPE, V4L2_MEMORY_MMAP, intptr] + userptr v4l2_buffer[BUF_TYPE, V4L2_MEMORY_USERPTR, ptr[out, int8]] + overlay v4l2_buffer[BUF_TYPE, V4L2_MEMORY_OVERLAY, int32] + fd v4l2_buffer[BUF_TYPE, V4L2_MEMORY_DMABUF, fd_v4l2_buffer[opt]] + multiplanar_mmap v4l2_buffer[BUF_TYPE, V4L2_MEMORY_MMAP, ptr[inout, array[v4l2_plane[intptr], 2]]] + multiplanar_userptr v4l2_buffer[BUF_TYPE, V4L2_MEMORY_USERPTR, ptr[inout, array[v4l2_plane[ptr[out, int8]], 2]]] + multiplanar_overlay v4l2_buffer[BUF_TYPE, V4L2_MEMORY_OVERLAY, ptr[inout, array[v4l2_plane[int32], 2]]] + multiplanar_fd v4l2_buffer[BUF_TYPE, V4L2_MEMORY_DMABUF, ptr[inout, array[v4l2_plane[fd_v4l2_buffer[opt]], 2]]] ] # TODO: The field directions needs to be defined. Recursively v4l2_plane, v4l2_plane_union needs checking. -type v4l2_buffer_t[BUF_TYPE, MEM_TYPE, ARG_TYPE] { +type v4l2_buffer[BUF_TYPE, MEM_TYPE, ARG_TYPE] { index int32 type flags[BUF_TYPE, int32] bytesused len[type, int32] diff --git a/sys/linux/dev_video4linux.txt.warn b/sys/linux/dev_video4linux.txt.warn index 3d117c54e..7b3ffcb6f 100644 --- a/sys/linux/dev_video4linux.txt.warn +++ b/sys/linux/dev_video4linux.txt.warn @@ -1,12 +1,25 @@ bad-field-number: v4l2_fmtdesc: syz=6 kernel=7 bad-field-size: v4l2_fmtdesc.reserved/mbus_code: syz=16 kernel=4 no-such-struct: v4l2_format_fmt -bad-field-number: v4l2_requestbuffers: syz=5 kernel=6 -bad-field-size: v4l2_requestbuffers.reserved/flags: syz=4 kernel=1 -bad-struct-size: v4l2_buffer: syz=184 kernel=76 [386] -bad-struct-size: v4l2_buffer: syz=184 kernel=80 [arm] -bad-struct-size: v4l2_buffer: syz=208 kernel=88 [amd64,arm64] no-such-struct: v4l2_buffer_t +bad-struct-size: v4l2_buffer: syz=68 kernel=76 [386] +bad-struct-size: v4l2_buffer: syz=68 kernel=80 [arm] +bad-field-offset: v4l2_buffer.timestamp: syz=20 kernel=24 [arm] +bad-field-size: v4l2_buffer.timestamp: syz=8 kernel=16 [386,arm] +bad-field-offset: v4l2_buffer.timecode: syz=28 kernel=36 [386] +bad-field-offset: v4l2_buffer.timecode: syz=28 kernel=40 [arm] +bad-field-offset: v4l2_buffer.sequence: syz=44 kernel=52 [386] +bad-field-offset: v4l2_buffer.sequence: syz=44 kernel=56 [arm] +bad-field-offset: v4l2_buffer.memory: syz=48 kernel=56 [386] +bad-field-offset: v4l2_buffer.memory: syz=48 kernel=60 [arm] +bad-field-offset: v4l2_buffer.m: syz=52 kernel=60 [386] +bad-field-offset: v4l2_buffer.m: syz=52 kernel=64 [arm] +bad-field-offset: v4l2_buffer.length: syz=56 kernel=64 [386] +bad-field-offset: v4l2_buffer.length: syz=56 kernel=68 [arm] +bad-field-offset: v4l2_buffer.reserved2: syz=60 kernel=68 [386] +bad-field-offset: v4l2_buffer.reserved2: syz=60 kernel=72 [arm] +bad-field-offset: v4l2_buffer.request_fd/: syz=64 kernel=72 [386] +bad-field-offset: v4l2_buffer.request_fd/: syz=64 kernel=76 [arm] no-such-struct: v4l2_framebuffer_union no-such-struct: v4l2_streamparm_union no-such-struct: v4l2_querymenu_union diff --git a/sys/linux/dev_video4linux_vim2m.txt b/sys/linux/dev_video4linux_vim2m.txt index 582078193..6ca9a90ad 100644 --- a/sys/linux/dev_video4linux_vim2m.txt +++ b/sys/linux/dev_video4linux_vim2m.txt @@ -38,10 +38,10 @@ ioctl$vim2m_VIDIOC_G_FMT(fd fd_vim2m, cmd const[VIDIOC_G_FMT], arg ptr[inout, v4 ioctl$vim2m_VIDIOC_TRY_FMT(fd fd_vim2m, cmd const[VIDIOC_TRY_FMT], arg ptr[inout, v4l2_format[v4l2_buf_type_vim2m]]) ioctl$vim2m_VIDIOC_S_FMT(fd fd_vim2m, cmd const[VIDIOC_S_FMT], arg ptr[inout, v4l2_format[v4l2_buf_type_vim2m]]) ioctl$vim2m_VIDIOC_REQBUFS(fd fd_vim2m, cmd const[VIDIOC_REQBUFS], arg ptr[inout, v4l2_requestbuffers[v4l2_buf_type_vim2m]]) -ioctl$vim2m_VIDIOC_QUERYBUF(fd fd_vim2m, cmd const[VIDIOC_QUERYBUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type_vim2m]]) -ioctl$vim2m_VIDIOC_QBUF(fd fd_vim2m, cmd const[VIDIOC_QBUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type_vim2m]]) -ioctl$vim2m_VIDIOC_DQBUF(fd fd_vim2m, cmd const[VIDIOC_DQBUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type_vim2m]]) -ioctl$vim2m_VIDIOC_PREPARE_BUF(fd fd_vim2m, cmd const[VIDIOC_PREPARE_BUF], arg ptr[inout, v4l2_buffer[v4l2_buf_type_vim2m]]) +ioctl$vim2m_VIDIOC_QUERYBUF(fd fd_vim2m, cmd const[VIDIOC_QUERYBUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type_vim2m]]) +ioctl$vim2m_VIDIOC_QBUF(fd fd_vim2m, cmd const[VIDIOC_QBUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type_vim2m]]) +ioctl$vim2m_VIDIOC_DQBUF(fd fd_vim2m, cmd const[VIDIOC_DQBUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type_vim2m]]) +ioctl$vim2m_VIDIOC_PREPARE_BUF(fd fd_vim2m, cmd const[VIDIOC_PREPARE_BUF], arg ptr[inout, v4l2_buffer_t[v4l2_buf_type_vim2m]]) ioctl$vim2m_VIDIOC_CREATE_BUFS(fd fd_vim2m, cmd const[VIDIOC_CREATE_BUFS], arg ptr[inout, v4l2_create_buffers[v4l2_buf_type_vim2m]]) ioctl$vim2m_VIDIOC_EXPBUF(fd fd_vim2m, cmd const[VIDIOC_EXPBUF], arg ptr[inout, v4l2_exportbuffer[v4l2_buf_type_vim2m]]) ioctl$vim2m_VIDIOC_S_CTRL(fd fd_vim2m, cmd const[VIDIOC_S_CTRL], arg ptr[inout, v4l2_control]) diff --git a/sys/linux/fs_ioctl_autofs.txt b/sys/linux/fs_ioctl_autofs.txt index d6f9c2bc8..a53d6c7e3 100644 --- a/sys/linux/fs_ioctl_autofs.txt +++ b/sys/linux/fs_ioctl_autofs.txt @@ -36,51 +36,51 @@ autofs_packet_expire { # Communication via /dev/autofs. -autofs_args_protover { +args_protover { version int32 } -autofs_args_protosubver { +args_protosubver { sub_version int32 } -autofs_args_openmount { +args_openmount { devid int32 } -autofs_args_ready { +args_ready { token int32 } -autofs_args_fail { +args_fail { token int32 status int32 } -autofs_args_setpipefd { +args_setpipefd { pipefd fd } -autofs_args_timeout { +args_timeout { timeout int64 } -autofs_args_requester { +args_requester { uid uid gid gid } -autofs_args_expire { +args_expire { how flags[autofs_exp_how, int32] } -autofs_args_askumount { +args_askumount { may_umount int32 } autofs_type = AUTOFS_TYPE_ANY, AUTOFS_TYPE_INDIRECT, AUTOFS_TYPE_DIRECT, AUTOFS_TYPE_OFFSET -autofs_args_ismountpoint { +args_ismountpoint { type flags[autofs_type, int32] devid int32 (out_overlay) magic int32 @@ -102,16 +102,16 @@ type autofs_dev_ioctl[NESTED] { } ioctl$AUTOFS_DEV_IOCTL_VERSION(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_VERSION], arg ptr[inout, autofs_dev_ioctl[void]]) -ioctl$AUTOFS_DEV_IOCTL_PROTOVER(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_PROTOVER], arg ptr[inout, autofs_dev_ioctl[autofs_args_protover]]) -ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_PROTOSUBVER], arg ptr[inout, autofs_dev_ioctl[autofs_args_protosubver]]) -ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_OPENMOUNT], arg ptr[inout, autofs_dev_ioctl[autofs_args_openmount]]) +ioctl$AUTOFS_DEV_IOCTL_PROTOVER(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_PROTOVER], arg ptr[inout, autofs_dev_ioctl[args_protover]]) +ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_PROTOSUBVER], arg ptr[inout, autofs_dev_ioctl[args_protosubver]]) +ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_OPENMOUNT], arg ptr[inout, autofs_dev_ioctl[args_openmount]]) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_CLOSEMOUNT], arg ptr[inout, autofs_dev_ioctl[void]]) -ioctl$AUTOFS_DEV_IOCTL_READY(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_READY], arg ptr[inout, autofs_dev_ioctl[autofs_args_ready]]) -ioctl$AUTOFS_DEV_IOCTL_FAIL(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_FAIL], arg ptr[inout, autofs_dev_ioctl[autofs_args_fail]]) -ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_SETPIPEFD], arg ptr[inout, autofs_dev_ioctl[autofs_args_setpipefd]]) +ioctl$AUTOFS_DEV_IOCTL_READY(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_READY], arg ptr[inout, autofs_dev_ioctl[args_ready]]) +ioctl$AUTOFS_DEV_IOCTL_FAIL(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_FAIL], arg ptr[inout, autofs_dev_ioctl[args_fail]]) +ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_SETPIPEFD], arg ptr[inout, autofs_dev_ioctl[args_setpipefd]]) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_CATATONIC], arg ptr[inout, autofs_dev_ioctl[void]]) -ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_TIMEOUT], arg ptr[inout, autofs_dev_ioctl[autofs_args_timeout]]) -ioctl$AUTOFS_DEV_IOCTL_REQUESTER(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_REQUESTER], arg ptr[inout, autofs_dev_ioctl[autofs_args_requester]]) -ioctl$AUTOFS_DEV_IOCTL_EXPIRE(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_EXPIRE], arg ptr[inout, autofs_dev_ioctl[autofs_args_expire]]) -ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_ASKUMOUNT], arg ptr[inout, autofs_dev_ioctl[autofs_args_askumount]]) -ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_ISMOUNTPOINT], arg ptr[inout, autofs_dev_ioctl[autofs_args_ismountpoint]]) +ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_TIMEOUT], arg ptr[inout, autofs_dev_ioctl[args_timeout]]) +ioctl$AUTOFS_DEV_IOCTL_REQUESTER(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_REQUESTER], arg ptr[inout, autofs_dev_ioctl[args_requester]]) +ioctl$AUTOFS_DEV_IOCTL_EXPIRE(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_EXPIRE], arg ptr[inout, autofs_dev_ioctl[args_expire]]) +ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_ASKUMOUNT], arg ptr[inout, autofs_dev_ioctl[args_askumount]]) +ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(fd fd_autofs, cmd const[AUTOFS_DEV_IOCTL_ISMOUNTPOINT], arg ptr[inout, autofs_dev_ioctl[args_ismountpoint]]) diff --git a/sys/linux/fs_ioctl_autofs.txt.warn b/sys/linux/fs_ioctl_autofs.txt.warn index d762a1302..c78e96c36 100644 --- a/sys/linux/fs_ioctl_autofs.txt.warn +++ b/sys/linux/fs_ioctl_autofs.txt.warn @@ -1,12 +1,2 @@ -no-such-struct: autofs_args_protover -no-such-struct: autofs_args_protosubver -no-such-struct: autofs_args_openmount -no-such-struct: autofs_args_ready -no-such-struct: autofs_args_fail -no-such-struct: autofs_args_setpipefd -no-such-struct: autofs_args_timeout -no-such-struct: autofs_args_requester -no-such-struct: autofs_args_expire -no-such-struct: autofs_args_askumount no-such-struct: autofs_dev_ioctl_base bad-field-size: autofs_dev_ioctl.base/ver_major: syz=24 kernel=4 diff --git a/sys/linux/fs_ioctl_btrfs.txt b/sys/linux/fs_ioctl_btrfs.txt index 8e5a33ea3..6f854f93a 100644 --- a/sys/linux/fs_ioctl_btrfs.txt +++ b/sys/linux/fs_ioctl_btrfs.txt @@ -275,12 +275,13 @@ btrfs_ioctl_timespec { } btrfs_ioctl_send_args { - send_fd align64[fd] + send_fd padto64[fd] clone_sources_count len[clone_sources, int64] clone_sources ptr[in, array[subvolid]] parent_root int64 flags flags[btrfs_ioctl_send_flags, int64] - reserved array[int64, 4] + version int32[0:1] + reserved array[const[0, int8], 28] } #This pads the struct to 1032 bytes. It was originally meant to pad to @@ -439,7 +440,7 @@ btrfs_balance_ctl_values = BTRFS_BALANCE_CTL_PAUSE, BTRFS_BALANCE_CTL_CANCEL btrfs_balance_args_flags = BTRFS_BALANCE_ARGS_PROFILES, BTRFS_BALANCE_ARGS_USAGE, BTRFS_BALANCE_ARGS_DEVID, BTRFS_BALANCE_ARGS_DRANGE, BTRFS_BALANCE_ARGS_VRANGE, BTRFS_BALANCE_ARGS_LIMIT, BTRFS_BALANCE_ARGS_LIMIT_RANGE, BTRFS_BALANCE_ARGS_STRIPES_RANGE, BTRFS_BALANCE_ARGS_USAGE_RANGE btrfs_ioctl_balance_args_states = BTRFS_BALANCE_STATE_RUNNING, BTRFS_BALANCE_STATE_PAUSE_REQ, BTRFS_BALANCE_STATE_CANCEL_REQ btrfs_ioctl_balance_args_flags = BTRFS_BALANCE_DATA, BTRFS_BALANCE_SYSTEM, BTRFS_BALANCE_METADATA, BTRFS_BALANCE_FORCE, BTRFS_BALANCE_RESUME -btrfs_ioctl_send_flags = BTRFS_SEND_FLAG_NO_FILE_DATA, BTRFS_SEND_FLAG_OMIT_STREAM_HEADER, BTRFS_SEND_FLAG_OMIT_END_CMD +btrfs_ioctl_send_flags = BTRFS_SEND_FLAG_NO_FILE_DATA, BTRFS_SEND_FLAG_OMIT_STREAM_HEADER, BTRFS_SEND_FLAG_OMIT_END_CMD, BTRFS_SEND_FLAG_VERSION btrfs_ioctl_get_dev_stats_flags = BTRFS_DEV_STATS_RESET btrfs_ioctl_quota_ctl_cmd = BTRFS_QUOTA_CTL_ENABLE, BTRFS_QUOTA_CTL_DISABLE, BTRFS_QUOTA_CTL_RESCAN__NOTUSED btrfs_ioctl_dev_replace_args_cmd = BTRFS_IOCTL_DEV_REPLACE_CMD_START, BTRFS_IOCTL_DEV_REPLACE_CMD_STATUS, BTRFS_IOCTL_DEV_REPLACE_CMD_CANCEL, BTRFS_IOCTL_DEV_REPLACE_RESULT_NO_ERROR, BTRFS_IOCTL_DEV_REPLACE_RESULT_NOT_STARTED, BTRFS_IOCTL_DEV_REPLACE_RESULT_ALREADY_STARTED, BTRFS_IOCTL_DEV_REPLACE_RESULT_SCRUB_INPROGRESS diff --git a/sys/linux/fs_ioctl_btrfs.txt.const b/sys/linux/fs_ioctl_btrfs.txt.const index 7b98359bb..e83fd297f 100644 --- a/sys/linux/fs_ioctl_btrfs.txt.const +++ b/sys/linux/fs_ioctl_btrfs.txt.const @@ -119,6 +119,7 @@ BTRFS_SEARCH_ARGS_BUFSIZE = 3992 BTRFS_SEND_FLAG_NO_FILE_DATA = 1 BTRFS_SEND_FLAG_OMIT_END_CMD = 4 BTRFS_SEND_FLAG_OMIT_STREAM_HEADER = 2 +BTRFS_SEND_FLAG_VERSION = 8 BTRFS_SUBVOL_MAX = 4040 BTRFS_SUBVOL_QGROUP_INHERIT = 4 BTRFS_SUBVOL_RDONLY = 2 diff --git a/sys/linux/fs_ioctl_btrfs.txt.warn b/sys/linux/fs_ioctl_btrfs.txt.warn index 19a70cc4a..169c847e4 100644 --- a/sys/linux/fs_ioctl_btrfs.txt.warn +++ b/sys/linux/fs_ioctl_btrfs.txt.warn @@ -9,9 +9,6 @@ bad-field-number: btrfs_ioctl_scrub_args: syz=5 kernel=6 bad-field-size: btrfs_ioctl_scrub_args.unused/progress: syz=992 kernel=120 no-such-struct: btrfs_balance_args_u no-such-struct: btrfs_balance_args_u_s1 -bad-field-number: btrfs_ioctl_send_args: syz=6 kernel=7 -bad-struct-size: btrfs_ioctl_send_args: syz=72 kernel=68 [386] -bad-field-size: btrfs_ioctl_send_args.reserved/version: syz=32 kernel=4 no-such-struct: btrfs_ioctl_dev_replace_args_u bad-field-number: btrfs_ioctl_dev_replace_status_params: syz=1 kernel=6 bad-field-size: btrfs_ioctl_dev_replace_status_params.dummys/replace_state: syz=48 kernel=8 diff --git a/sys/linux/fs_ioctl_fat.txt b/sys/linux/fs_ioctl_fat.txt index ed38ed4f1..52c8d3737 100644 --- a/sys/linux/fs_ioctl_fat.txt +++ b/sys/linux/fs_ioctl_fat.txt @@ -6,7 +6,7 @@ include <uapi/linux/msdos_fs.h> __fat_dirent { d_ino intptr - d_off int64 + d_off intptr d_reclen len[d_name, int16] d_name string[filename, 256] } diff --git a/sys/linux/fs_ioctl_fat.txt.warn b/sys/linux/fs_ioctl_fat.txt.warn deleted file mode 100644 index 4f60a80a7..000000000 --- a/sys/linux/fs_ioctl_fat.txt.warn +++ /dev/null @@ -1,7 +0,0 @@ -bad-struct-size: __fat_dirent: syz=272 kernel=268 [386] -bad-struct-size: __fat_dirent: syz=280 kernel=268 [arm] -bad-field-offset: __fat_dirent.d_off: syz=8 kernel=4 [arm,386,arm] -bad-field-offset: __fat_dirent.d_reclen: syz=12 kernel=8 [386] -bad-field-offset: __fat_dirent.d_reclen: syz=16 kernel=8 [arm] -bad-field-offset: __fat_dirent.d_name: syz=14 kernel=10 [386] -bad-field-offset: __fat_dirent.d_name: syz=18 kernel=10 [arm] diff --git a/sys/linux/futex.txt b/sys/linux/futex.txt index 98409960f..9fd161e51 100644 --- a/sys/linux/futex.txt +++ b/sys/linux/futex.txt @@ -17,13 +17,13 @@ robust_list { next ptr[in, robust_list, opt] } -futex_waitv(addr ptr[in, array[futex_waitv_struct, 0:FUTEX_WAITV_MAX_INDEX]], val len[addr], flg const[0], timeout ptr[in, timespec], clockid flags[futex_clock_id]) +futex_waitv(addr ptr[in, array[futex_waitv, 0:FUTEX_WAITV_MAX_INDEX]], val len[addr], flg const[0], timeout ptr[in, timespec], clockid flags[futex_clock_id]) -futex_waitv_struct { +futex_waitv { val int64 - uaddr ptr[in, int64] - flgs flags[struct_flags_op, int32] - reserved const[0, int32] + uaddr ptr64[in, int64] + flags flags[struct_flags_op, int32] + __reserved const[0, int32] } futex_op = FUTEX_WAIT, FUTEX_WAKE, FUTEX_FD, FUTEX_REQUEUE, FUTEX_CMP_REQUEUE, FUTEX_WAKE_OP, FUTEX_LOCK_PI, FUTEX_UNLOCK_PI, FUTEX_TRYLOCK_PI, FUTEX_WAIT_BITSET, FUTEX_WAKE_BITSET, FUTEX_WAIT_REQUEUE_PI, FUTEX_CMP_REQUEUE_PI, FUTEX_LOCK_PI2, FUTEX_PRIVATE_FLAG, FUTEX_CLOCK_REALTIME diff --git a/sys/linux/futex.txt.warn b/sys/linux/futex.txt.warn deleted file mode 100644 index efa770e0f..000000000 --- a/sys/linux/futex.txt.warn +++ /dev/null @@ -1 +0,0 @@ -no-such-struct: futex_waitv_struct diff --git a/sys/linux/io_uring.txt b/sys/linux/io_uring.txt index 1452aa122..8b5bf9998 100644 --- a/sys/linux/io_uring.txt +++ b/sys/linux/io_uring.txt @@ -125,40 +125,40 @@ syz_io_uring_complete(ring_ptr ring_ptr) fd syz_io_uring_submit(ring_ptr ring_ptr, sqes_ptr sqes_ptr, sqe ptr[in, io_uring_sqe_u], sqes_index int32) io_uring_sqe_u [ - IORING_OP_NOP io_uring_sqe_nop + IORING_OP_NOP io_uring_sqe$nop IORING_OP_READV io_uring_sqe_readv - IORING_OP_WRITEV io_uring_sqe_writev - IORING_OP_FSYNC io_uring_sqe_fsync - IORING_OP_READ_FIXED io_uring_sqe_read_fixed - IORING_OP_WRITE_FIXED io_uring_sqe_write_fixed - IORING_OP_POLL_ADD io_uring_sqe_poll_add - IORING_OP_POLL_REMOVE io_uring_sqe_poll_remove - IORING_OP_SYNC_FILE_RANGE io_uring_sqe_sync_file_range - IORING_OP_SENDMSG io_uring_sqe_sendmsg - IORING_OP_RECVMSG io_uring_sqe_recvmsg - IORING_OP_TIMEOUT io_uring_sqe_timeout - IORING_OP_TIMEOUT_REMOVE io_uring_sqe_timeout_remove - IORING_OP_ACCEPT io_uring_sqe_accept - IORING_OP_ASYNC_CANCEL io_uring_sqe_async_cancel - IORING_OP_LINK_TIMEOUT io_uring_sqe_link_timeout - IORING_OP_CONNECT io_uring_sqe_connect - IORING_OP_FALLOCATE io_uring_sqe_fallocate - IORING_OP_OPENAT io_uring_sqe_openat - IORING_OP_CLOSE io_uring_sqe_close - IORING_OP_FILES_UPDATE io_uring_sqe_files_update - IORING_OP_STATX io_uring_sqe_statx + IORING_OP_WRITEV io_uring_sqe$writev + IORING_OP_FSYNC io_uring_sqe$fsync + IORING_OP_READ_FIXED io_uring_sqe$read_fixed + IORING_OP_WRITE_FIXED io_uring_sqe$write_fixed + IORING_OP_POLL_ADD io_uring_sqe$poll_add + IORING_OP_POLL_REMOVE io_uring_sqe$poll_remove + IORING_OP_SYNC_FILE_RANGE io_uring_sqe$sync_file_range + IORING_OP_SENDMSG io_uring_sqe$sendmsg + IORING_OP_RECVMSG io_uring_sqe$recvmsg + IORING_OP_TIMEOUT io_uring_sqe$timeout + IORING_OP_TIMEOUT_REMOVE io_uring_sqe$timeout_remove + IORING_OP_ACCEPT io_uring_sqe$accept + IORING_OP_ASYNC_CANCEL io_uring_sqe$async_cancel + IORING_OP_LINK_TIMEOUT io_uring_sqe$link_timeout + IORING_OP_CONNECT io_uring_sqe$connect + IORING_OP_FALLOCATE io_uring_sqe$fallocate + IORING_OP_OPENAT io_uring_sqe$openat + IORING_OP_CLOSE io_uring_sqe$close + IORING_OP_FILES_UPDATE io_uring_sqe$files_update + IORING_OP_STATX io_uring_sqe$statx IORING_OP_READ io_uring_sqe_read - IORING_OP_WRITE io_uring_sqe_write - IORING_OP_FADVISE io_uring_sqe_fadvise - IORING_OP_MADVISE io_uring_sqe_madvise - IORING_OP_SEND io_uring_sqe_send + IORING_OP_WRITE io_uring_sqe$write + IORING_OP_FADVISE io_uring_sqe$fadvise + IORING_OP_MADVISE io_uring_sqe$madvise + IORING_OP_SEND io_uring_sqe$send IORING_OP_RECV io_uring_sqe_recv - IORING_OP_OPENAT2 io_uring_sqe_openat2 + IORING_OP_OPENAT2 io_uring_sqe$openat2 IORING_OP_EPOLL_CTL io_uring_sqe_epoll_ctl - IORING_OP_SPLICE io_uring_sqe_splice - IORING_OP_PROVIDE_BUFFERS io_uring_sqe_provide_buffers - IORING_OP_REMOVE_BUFFERS io_uring_sqe_remove_buffers - IORING_OP_TEE io_uring_sqe_tee + IORING_OP_SPLICE io_uring_sqe$splice + IORING_OP_PROVIDE_BUFFERS io_uring_sqe$provide_buffers + IORING_OP_REMOVE_BUFFERS io_uring_sqe$remove_buffers + IORING_OP_TEE io_uring_sqe$tee ] # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # @@ -169,7 +169,7 @@ io_uring_sqe_u [ # sqe type template # -type io_uring_sqe_t[OP, IOPRIO, FD, OFF, ADDR, LEN, MISC_FLAGS, USER_DATA, MISC] { +type io_uring_sqe[OP, IOPRIO, FD, OFF, ADDR, LEN, MISC_FLAGS, USER_DATA, MISC] { opcode const[OP, int8] flags flags[iosqe_flags, int8] ioprio IOPRIO @@ -191,62 +191,62 @@ define SIZEOF_IO_URING_SQE 64 # Instantiation of sqes for each op # -type io_uring_sqe_nop io_uring_sqe_t[IORING_OP_NOP, const[0, int16], const[0, int32], const[0, int64], const[0, int64], const[0, int32], const[0, int32], zero_flag, array[const[0, int64], 3]] +type io_uring_sqe$nop io_uring_sqe[IORING_OP_NOP, const[0, int16], const[0, int32], const[0, int64], const[0, int64], const[0, int32], const[0, int32], zero_flag, array[const[0, int64], 3]] io_uring_sqe_readv [ - pass_iovec io_uring_sqe_t[IORING_OP_READV, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], ptr[in, array[iovec_out]], len[addr, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, personality_only_misc] - use_registered_buffer io_uring_sqe_t[IORING_OP_READV, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], const[0, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] + pass_iovec io_uring_sqe[IORING_OP_READV, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], ptr[in, array[iovec_out]], len[addr, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, personality_only_misc] + use_registered_buffer io_uring_sqe[IORING_OP_READV, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], const[0, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] ] -type io_uring_sqe_writev io_uring_sqe_t[IORING_OP_WRITEV, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], ptr[in, array[iovec_in]], len[addr, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] -type io_uring_sqe_fsync io_uring_sqe_t[IORING_OP_FSYNC, const[0, int16], fd_or_fixed_fd_index, const[0, int64], const[0, int64], const[0, int32], flags[io_uring_fsync_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_read_fixed io_uring_sqe_t[IORING_OP_READ_FIXED, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], int64, int32, flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] -type io_uring_sqe_write_fixed io_uring_sqe_t[IORING_OP_WRITE_FIXED, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], int64, int32, flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] -type io_uring_sqe_poll_add io_uring_sqe_t[IORING_OP_POLL_ADD, const[0, int16], fd_or_fixed_fd_index, const[0, int64], const[0, int64], const[0, int32], io_uring_sqe_poll_add_misc_flags, sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_poll_remove io_uring_sqe_t[IORING_OP_POLL_REMOVE, const[0, int16], const[0, int32], const[0, int64], flags[sqe_user_data, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_sync_file_range io_uring_sqe_t[IORING_OP_SYNC_FILE_RANGE, const[0, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], int32, flags[sync_file_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_sendmsg io_uring_sqe_t[IORING_OP_SENDMSG, const[0, int16], sock, const[0, int64], ptr[in, send_msghdr], const[0, int32], flags[send_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_recvmsg io_uring_sqe_t[IORING_OP_RECVMSG, const[0, int16], sock, const[0, int64], ptr[inout, recv_msghdr], const[0, int32], flags[recv_flags, int32], sqe_user_data_not_openat, buf_group_personality_misc] -type io_uring_sqe_timeout io_uring_sqe_t[IORING_OP_TIMEOUT, const[0, int16], const[0, int32], io_uring_timeout_completion_event_count, ptr[in, timespec], const[1, int32], flags[io_uring_timeout_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_timeout_remove io_uring_sqe_t[IORING_OP_TIMEOUT_REMOVE, const[0, int16], const[0, int32], const[0, int64], flags[sqe_user_data, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_accept io_uring_sqe_t[IORING_OP_ACCEPT, const[0, int16], sock, ptr[inout, len[addr, int32]], ptr[out, sockaddr_storage, opt], const[0, int32], flags[accept_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_async_cancel io_uring_sqe_t[IORING_OP_ASYNC_CANCEL, const[0, int16], const[0, int32], const[0, int64], flags[sqe_user_data, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_link_timeout io_uring_sqe_t[IORING_OP_LINK_TIMEOUT, const[0, int16], const[0, int32], const[0, int64], ptr[in, timespec], const[1, int32], flags[io_uring_timeout_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_connect io_uring_sqe_t[IORING_OP_CONNECT, const[0, int16], sock, len[addr, int32], ptr[in, sockaddr_storage], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_fallocate io_uring_sqe_t[IORING_OP_FALLOCATE, const[0, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], int32, const[0, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_openat io_uring_sqe_t[IORING_OP_OPENAT, const[0, int16], fd_dir[opt], const[0, int64], ptr[in, filename], flags[open_mode, int32], flags[open_flags, int32], sqe_user_data_openat, personality_only_misc] -type io_uring_sqe_close io_uring_sqe_t[IORING_OP_CLOSE, const[0, int16], fd, const[0, int64], const[0, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_files_update io_uring_sqe_t[IORING_OP_FILES_UPDATE, const[0, int16], const[0, int32], fileoff[int64], ptr[in, array[fd]], len[addr, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_statx io_uring_sqe_t[IORING_OP_STATX, const[0, int16], fd_dir[opt], ptr[out, statx], ptr[in, filename], flags[statx_mask, int32], flags[statx_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$writev io_uring_sqe[IORING_OP_WRITEV, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], ptr[in, array[iovec_in]], len[addr, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] +type io_uring_sqe$fsync io_uring_sqe[IORING_OP_FSYNC, const[0, int16], fd_or_fixed_fd_index, const[0, int64], const[0, int64], const[0, int32], flags[io_uring_fsync_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$read_fixed io_uring_sqe[IORING_OP_READ_FIXED, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], int64, int32, flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] +type io_uring_sqe$write_fixed io_uring_sqe[IORING_OP_WRITE_FIXED, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], int64, int32, flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] +type io_uring_sqe$poll_add io_uring_sqe[IORING_OP_POLL_ADD, const[0, int16], fd_or_fixed_fd_index, const[0, int64], const[0, int64], const[0, int32], io_uring_sqe_poll_add_misc_flags, sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$poll_remove io_uring_sqe[IORING_OP_POLL_REMOVE, const[0, int16], const[0, int32], const[0, int64], flags[sqe_user_data, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$sync_file_range io_uring_sqe[IORING_OP_SYNC_FILE_RANGE, const[0, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], int32, flags[sync_file_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$sendmsg io_uring_sqe[IORING_OP_SENDMSG, const[0, int16], sock, const[0, int64], ptr[in, send_msghdr], const[0, int32], flags[send_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$recvmsg io_uring_sqe[IORING_OP_RECVMSG, const[0, int16], sock, const[0, int64], ptr[inout, recv_msghdr], const[0, int32], flags[recv_flags, int32], sqe_user_data_not_openat, buf_group_personality_misc] +type io_uring_sqe$timeout io_uring_sqe[IORING_OP_TIMEOUT, const[0, int16], const[0, int32], io_uring_timeout_completion_event_count, ptr[in, timespec], const[1, int32], flags[io_uring_timeout_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$timeout_remove io_uring_sqe[IORING_OP_TIMEOUT_REMOVE, const[0, int16], const[0, int32], const[0, int64], flags[sqe_user_data, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$accept io_uring_sqe[IORING_OP_ACCEPT, const[0, int16], sock, ptr[inout, len[addr, int32]], ptr[out, sockaddr_storage, opt], const[0, int32], flags[accept_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$async_cancel io_uring_sqe[IORING_OP_ASYNC_CANCEL, const[0, int16], const[0, int32], const[0, int64], flags[sqe_user_data, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$link_timeout io_uring_sqe[IORING_OP_LINK_TIMEOUT, const[0, int16], const[0, int32], const[0, int64], ptr[in, timespec], const[1, int32], flags[io_uring_timeout_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$connect io_uring_sqe[IORING_OP_CONNECT, const[0, int16], sock, len[addr, int32], ptr[in, sockaddr_storage], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$fallocate io_uring_sqe[IORING_OP_FALLOCATE, const[0, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], int32, const[0, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$openat io_uring_sqe[IORING_OP_OPENAT, const[0, int16], fd_dir[opt], const[0, int64], ptr[in, filename], flags[open_mode, int32], flags[open_flags, int32], sqe_user_data_openat, personality_only_misc] +type io_uring_sqe$close io_uring_sqe[IORING_OP_CLOSE, const[0, int16], fd, const[0, int64], const[0, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$files_update io_uring_sqe[IORING_OP_FILES_UPDATE, const[0, int16], const[0, int32], fileoff[int64], ptr[in, array[fd]], len[addr, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$statx io_uring_sqe[IORING_OP_STATX, const[0, int16], fd_dir[opt], ptr[out, statx], ptr[in, filename], flags[statx_mask, int32], flags[statx_flags, int32], sqe_user_data_not_openat, personality_only_misc] io_uring_sqe_read [ - pass_buffer io_uring_sqe_t[IORING_OP_READ, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], buffer[out], bytesize[addr, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, personality_only_misc] - use_registered_buffer io_uring_sqe_t[IORING_OP_READ, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], const[0, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] + pass_buffer io_uring_sqe[IORING_OP_READ, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], buffer[out], bytesize[addr, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, personality_only_misc] + use_registered_buffer io_uring_sqe[IORING_OP_READ, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], const[0, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, buf_index_personality_misc] ] -type io_uring_sqe_write io_uring_sqe_t[IORING_OP_WRITE, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], buffer[in], bytesize[addr, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_fadvise io_uring_sqe_t[IORING_OP_FADVISE, const[0, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], int32, flags[fadvise_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_madvise io_uring_sqe_t[IORING_OP_MADVISE, const[0, int16], const[0, int32], const[0, int64], vma, len[addr, int32], flags[madvise_flags, int32], sqe_user_data_not_openat, personality_only_misc] -type io_uring_sqe_send io_uring_sqe_t[IORING_OP_SEND, const[0, int16], sock, const[0, int64], buffer[in], len[addr, int32], flags[send_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$write io_uring_sqe[IORING_OP_WRITE, flags[ioprio_priorities, int16], fd_or_fixed_fd_index, fileoff[int64], buffer[in], bytesize[addr, int32], flags[rwf_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$fadvise io_uring_sqe[IORING_OP_FADVISE, const[0, int16], fd_or_fixed_fd_index, fileoff[int64], const[0, int64], int32, flags[fadvise_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$madvise io_uring_sqe[IORING_OP_MADVISE, const[0, int16], const[0, int32], const[0, int64], vma, len[addr, int32], flags[madvise_flags, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$send io_uring_sqe[IORING_OP_SEND, const[0, int16], sock, const[0, int64], buffer[in], len[addr, int32], flags[send_flags, int32], sqe_user_data_not_openat, personality_only_misc] io_uring_sqe_recv [ - pass_buffer io_uring_sqe_t[IORING_OP_RECV, const[0, int16], sock, const[0, int64], buffer[inout], len[addr, int32], flags[recv_flags, int32], sqe_user_data_not_openat, personality_only_misc] - use_registered_buffer io_uring_sqe_t[IORING_OP_RECV, const[0, int16], sock, const[0, int64], const[0, int64], const[0, int32], flags[recv_flags, int32], sqe_user_data_not_openat, buf_group_personality_misc] + pass_buffer io_uring_sqe[IORING_OP_RECV, const[0, int16], sock, const[0, int64], buffer[inout], len[addr, int32], flags[recv_flags, int32], sqe_user_data_not_openat, personality_only_misc] + use_registered_buffer io_uring_sqe[IORING_OP_RECV, const[0, int16], sock, const[0, int64], const[0, int64], const[0, int32], flags[recv_flags, int32], sqe_user_data_not_openat, buf_group_personality_misc] ] -type io_uring_sqe_openat2 io_uring_sqe_t[IORING_OP_OPENAT2, const[0, int16], fd_dir[opt], ptr[in, open_how], ptr[in, filename], bytesize[off, int32], const[0, int32], sqe_user_data_openat, personality_only_misc] -type io_uring_sqe_epoll_ctl_t[EPOLL_OP, EPOLL_EVENTS] io_uring_sqe_t[IORING_OP_EPOLL_CTL, const[0, int16], fd_epoll, EPOLL_EVENTS, fd, const[EPOLL_OP, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] +type io_uring_sqe$openat2 io_uring_sqe[IORING_OP_OPENAT2, const[0, int16], fd_dir[opt], ptr[in, open_how], ptr[in, filename], bytesize[off, int32], const[0, int32], sqe_user_data_openat, personality_only_misc] +type io_uring_sqe$epoll_ctl_t[EPOLL_OP, EPOLL_EVENTS] io_uring_sqe[IORING_OP_EPOLL_CTL, const[0, int16], fd_epoll, EPOLL_EVENTS, fd, const[EPOLL_OP, int32], const[0, int32], sqe_user_data_not_openat, personality_only_misc] io_uring_sqe_epoll_ctl [ - add io_uring_sqe_epoll_ctl_t[EPOLL_CTL_ADD, ptr[in, epoll_event]] - del io_uring_sqe_epoll_ctl_t[EPOLL_CTL_DEL, const[0, int64]] - mod io_uring_sqe_epoll_ctl_t[EPOLL_CTL_MOD, ptr[in, epoll_event]] + add io_uring_sqe$epoll_ctl_t[EPOLL_CTL_ADD, ptr[in, epoll_event]] + del io_uring_sqe$epoll_ctl_t[EPOLL_CTL_DEL, const[0, int64]] + mod io_uring_sqe$epoll_ctl_t[EPOLL_CTL_MOD, ptr[in, epoll_event]] ] -type io_uring_sqe_splice io_uring_sqe_t[IORING_OP_SPLICE, const[0, int16], fd_or_fixed_fd_index, fileoff[int64], io_uring_sqe_splice_off_in, int32, flags[splice_flags, int32], sqe_user_data_not_openat, io_uring_sqe_splice_misc] -type io_uring_sqe_provide_buffers io_uring_sqe_t[IORING_OP_PROVIDE_BUFFERS, const[0, int16], int32, io_uring_bid[int64], buffer[in], int32, const[0, int32], sqe_user_data_not_openat, buf_group_personality_misc] -type io_uring_sqe_remove_buffers io_uring_sqe_t[IORING_OP_PROVIDE_BUFFERS, const[0, int16], int32, const[0, int64], const[0, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, buf_group_personality_misc] -type io_uring_sqe_tee io_uring_sqe_t[IORING_OP_TEE, const[0, int16], fd_or_fixed_fd_index, const[0, int64], const[0, int64], int32, flags[splice_flags, int32], sqe_user_data_not_openat, io_uring_sqe_tee_misc] +type io_uring_sqe$splice io_uring_sqe[IORING_OP_SPLICE, const[0, int16], fd_or_fixed_fd_index, fileoff[int64], io_uring_sqe_splice_off_in, int32, flags[splice_flags, int32], sqe_user_data_not_openat, io_uring_sqe_splice_misc] +type io_uring_sqe$provide_buffers io_uring_sqe[IORING_OP_PROVIDE_BUFFERS, const[0, int16], int32, io_uring_bid[int64], buffer[in], int32, const[0, int32], sqe_user_data_not_openat, buf_group_personality_misc] +type io_uring_sqe$remove_buffers io_uring_sqe[IORING_OP_PROVIDE_BUFFERS, const[0, int16], int32, const[0, int64], const[0, int64], const[0, int32], const[0, int32], sqe_user_data_not_openat, buf_group_personality_misc] +type io_uring_sqe$tee io_uring_sqe[IORING_OP_TEE, const[0, int16], fd_or_fixed_fd_index, const[0, int64], const[0, int64], int32, flags[splice_flags, int32], sqe_user_data_not_openat, io_uring_sqe_tee_misc] # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # @@ -307,7 +307,7 @@ io_uring_sqe_splice_off_in { splice_off_in fd } -# Descriptions for MISC field of io_uring_sqe_t. The content for most are common +# Descriptions for MISC field of io_uring_sqe. The content for most are common # while there are a few specials. personality_only_misc { diff --git a/sys/linux/io_uring.txt.warn b/sys/linux/io_uring.txt.warn index 744cb41cb..c835ddef3 100644 --- a/sys/linux/io_uring.txt.warn +++ b/sys/linux/io_uring.txt.warn @@ -1,5 +1,17 @@ no-such-struct: io_uring_sqe_u -no-such-struct: io_uring_sqe_t +bad-field-number: io_uring_sqe: syz=10 kernel=13 +bad-field-size: io_uring_sqe.off/: syz=4 kernel=8 +bad-field-offset: io_uring_sqe.addr/: syz=12 kernel=16 [386,arm] +bad-field-size: io_uring_sqe.addr/: syz=4 kernel=8 +bad-field-offset: io_uring_sqe.len: syz=16 kernel=24 [386,arm] +bad-field-offset: io_uring_sqe.len: syz=20 kernel=24 +bad-field-offset: io_uring_sqe.misc_flags/: syz=20 kernel=28 [386,arm] +bad-field-offset: io_uring_sqe.misc_flags/: syz=24 kernel=28 +bad-field-offset: io_uring_sqe.user_data: syz=24 kernel=32 [386,arm] +bad-field-offset: io_uring_sqe.user_data: syz=28 kernel=32 [386] +bad-field-offset: io_uring_sqe.misc/: syz=32 kernel=40 [386,arm] +bad-field-offset: io_uring_sqe.misc/: syz=36 kernel=40 [386] +bad-field-size: io_uring_sqe.misc/: syz=24 kernel=2 no-such-struct: io_uring_sqe_readv no-such-struct: io_uring_sqe_read no-such-struct: io_uring_sqe_recv diff --git a/sys/linux/socket_netlink_audit.txt b/sys/linux/socket_netlink_audit.txt index 82c04c04e..d018e7bae 100644 --- a/sys/linux/socket_netlink_audit.txt +++ b/sys/linux/socket_netlink_audit.txt @@ -28,16 +28,17 @@ sendmsg$AUDIT_TTY_GET(fd sock_nl_audit, msg nl_audit_msg[AUDIT_TTY_GET, void], f sendmsg$AUDIT_TTY_SET(fd sock_nl_audit, msg nl_audit_msg[AUDIT_TTY_SET, audit_tty_status], f flags[send_flags]) audit_status { - mask flags[audit_status_mask, int32] - enabled bool32 - failure flags[audit_fail_action, int32] - pid pid - rate_limit int32 - backlog_limit int32 - lost int32 - backlog int32 - feature_bitmap const[0, int32] - backlog_wait_time int32 + mask flags[audit_status_mask, int32] + enabled bool32 + failure flags[audit_fail_action, int32] + pid pid + rate_limit int32 + backlog_limit int32 + lost int32 + backlog int32 + feature_bitmap const[0, int32] + backlog_wait_time int32 + backlog_wait_time_actual int32 } audit_status_mask = AUDIT_STATUS_ENABLED, AUDIT_STATUS_FAILURE, AUDIT_STATUS_PID, AUDIT_STATUS_RATE_LIMIT, AUDIT_STATUS_BACKLOG_LIMIT, AUDIT_STATUS_BACKLOG_WAIT_TIME, AUDIT_STATUS_LOST diff --git a/sys/linux/socket_netlink_audit.txt.warn b/sys/linux/socket_netlink_audit.txt.warn deleted file mode 100644 index 0ddcf46bc..000000000 --- a/sys/linux/socket_netlink_audit.txt.warn +++ /dev/null @@ -1,2 +0,0 @@ -bad-field-number: audit_status: syz=10 kernel=11 -bad-struct-size: audit_status: syz=40 kernel=44 diff --git a/sys/linux/socket_netlink_generic_80211.txt b/sys/linux/socket_netlink_generic_80211.txt index 270e98b46..a2d7748f9 100644 --- a/sys/linux/socket_netlink_generic_80211.txt +++ b/sys/linux/socket_netlink_generic_80211.txt @@ -274,8 +274,12 @@ nl80211_key_type = NL80211_KEYTYPE_GROUP, NL80211_KEYTYPE_PAIRWISE, NL80211_KEYT nl80211_cipher_suite = WLAN_CIPHER_SUITE_WEP40, WLAN_CIPHER_SUITE_WEP104 he_obss_pd_policy [ - NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET nlattr[NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET, int8[1:20]] - NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET nlattr[NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET, int8[1:20]] + NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET nlattr[NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET, int8[1:20]] + NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET nlattr[NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET, int8[1:20]] + NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET nlattr[NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET, int8[1:20]] + NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP nlattr[NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP, array[int8, 8]] + NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP nlattr[NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP, array[int8, 8]] + NL80211_HE_OBSS_PD_ATTR_SR_CTRL nlattr[NL80211_HE_OBSS_PD_ATTR_SR_CTRL, int8] ] he_bss_color_policy [ @@ -340,10 +344,17 @@ nl80211_txattr_policy [ NL80211_TXRATE_HT nlattr[NL80211_TXRATE_HT, array[nl80211_ht_rate, 0:NL80211_MAX_SUPP_HT_RATES]] NL80211_TXRATE_VHT nlattr[NL80211_TXRATE_VHT, nl80211_txrate_vht] NL80211_TXRATE_GI nlattr[NL80211_TXRATE_GI, flags[nl80211_txrate_gi, int8]] + NL80211_TXRATE_HE nlattr[NL80211_TXRATE_HE, nl80211_txrate_he] + NL80211_TXRATE_HE_GI nlattr[NL80211_TXRATE_HE_GI, int8[NL80211_RATE_INFO_HE_GI_0_8:NL80211_RATE_INFO_HE_GI_3_2]] + NL80211_TXRATE_HE_LTF nlattr[NL80211_TXRATE_HE_LTF, int8[NL80211_RATE_INFO_HE_1XLTF:NL80211_RATE_INFO_HE_4XLTF]] ] [varlen] nl80211_txrate_gi = NL80211_TXRATE_DEFAULT_GI, NL80211_TXRATE_FORCE_SGI, NL80211_TXRATE_FORCE_LGI +nl80211_txrate_he { + mcs array[int16, NL80211_HE_NSS_MAX] +} + nl80211_txrate_vht { mcs array[int16, NL80211_VHT_NSS_MAX] } @@ -496,6 +507,8 @@ nl80211_meshconf_params_policy [ NL80211_MESHCONF_AWAKE_WINDOW nlattr[NL80211_MESHCONF_AWAKE_WINDOW, int16] NL80211_MESHCONF_PLINK_TIMEOUT nlattr[NL80211_MESHCONF_PLINK_TIMEOUT, int32] NL80211_MESHCONF_CONNECTED_TO_GATE nlattr[NL80211_MESHCONF_CONNECTED_TO_GATE, bool8] + NL80211_MESHCONF_NOLEARN nlattr[NL80211_MESHCONF_NOLEARN, bool8] + NL80211_MESHCONF_CONNECTED_TO_AS nlattr[NL80211_MESHCONF_CONNECTED_TO_AS, bool8] ] [varlen] ieee80211_op_mode = IEEE80211_HT_OP_MODE_PROTECTION, IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT, IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT @@ -557,6 +570,7 @@ nl80211_match_band_rssi_policy [ NL80211_BAND_5GHZ nlattr[NL80211_BAND_5GHZ, int32] NL80211_BAND_6GHZ nlattr[NL80211_BAND_6GHZ, int32] NL80211_BAND_60GHZ nlattr[NL80211_BAND_60GHZ, int32] + NL80211_BAND_LC nlattr[NL80211_BAND_LC, int32] ] [varlen] nl80211_policy$join_ibss [ @@ -606,7 +620,7 @@ nl80211_policy$crypto_settings [ NL80211_ATTR_CIPHER_SUITE_GROUP nlattr[NL80211_ATTR_CIPHER_SUITE_GROUP, flags[ieee80211_cipher_suites, int32]] NL80211_ATTR_WPA_VERSIONS nlattr[NL80211_ATTR_WPA_VERSIONS, flags[nl80211_wpa_versions, int32]] NL80211_ATTR_AKM_SUITES nlattr[NL80211_ATTR_AKM_SUITES, array[flags[ieee80211_akm_suites, int32]]] - NL80211_ATTR_PMK nlattr[NL80211_ATTR_PMK, array[int8, NL80211_ATTR_PMK]] + NL80211_ATTR_PMK nlattr[NL80211_ATTR_PMK, array[int8, 0:PMK_MAX_LEN]] NL80211_ATTR_SAE_PASSWORD nlattr[NL80211_ATTR_SAE_PASSWORD, array[int8, 0:SAE_PASSWORD_MAX_LEN]] ] [varlen] @@ -625,8 +639,8 @@ nl80211_policy$connect [ NL80211_ATTR_IE nlattr[NL80211_ATTR_IE, array[ieee80211_ie]] NL80211_ATTR_USE_MFP nlattr[NL80211_ATTR_USE_MFP, flags[nl80211_mfp_flags, int32]] NL80211_ATTR_PREV_BSSID nlattr[NL80211_ATTR_PREV_BSSID, ieee80211_bssid] - NL80211_ATTR_WIPHY_EDMG_CHANNELS nlattr[NL80211_ATTR_WIPHY_EDMG_CHANNELS, int8] - NL80211_ATTR_WIPHY_EDMG_BW_CONFIG nlattr[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG, int8] + NL80211_ATTR_WIPHY_EDMG_CHANNELS nlattr[NL80211_ATTR_WIPHY_EDMG_CHANNELS, int8[NL80211_EDMG_CHANNELS_MIN:NL80211_EDMG_CHANNELS_MAX]] + NL80211_ATTR_WIPHY_EDMG_BW_CONFIG nlattr[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG, int8[NL80211_EDMG_BW_CONFIG_MIN:NL80211_EDMG_BW_CONFIG_MAX]] NL80211_ATTR_KEYS nlnest[NL80211_ATTR_KEYS, array[nlnest[0, array[nl80211_key_policy]]]] NL80211_ATTR_DISABLE_HT nlattr[NL80211_ATTR_DISABLE_HT, void] NL80211_ATTR_HT_CAPABILITY nlattr[NL80211_ATTR_HT_CAPABILITY, ieee80211_ht_cap] @@ -659,6 +673,7 @@ nl80211_pmsr_ftm_req_attr_policy [ NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC nlattr[NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC, void] NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED nlattr[NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED, void] NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED nlattr[NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED, void] + NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK nlattr[NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK, void] ] [varlen] nl80211_pmsr_req_data_policy [ @@ -670,14 +685,14 @@ nl80211_pmsr_req_attr_policy [ NL80211_PMSR_REQ_ATTR_GET_AP_TSF nlattr[NL80211_PMSR_REQ_ATTR_GET_AP_TSF, void] ] [varlen] -nl80211_psmr_peer_attr_policy [ +nl80211_pmsr_peer_attr_policy [ NL80211_PMSR_PEER_ATTR_ADDR nlattr[NL80211_PMSR_PEER_ATTR_ADDR, ieee80211_mac_addr] NL80211_PMSR_PEER_ATTR_CHAN nlnest[NL80211_PMSR_PEER_ATTR_CHAN, array[nl80211_policy$chandef_params]] NL80211_PMSR_PEER_ATTR_REQ nlnest[NL80211_PMSR_PEER_ATTR_REQ, array[nl80211_pmsr_req_attr_policy]] ] [varlen] nl80211_pmsr_attr_policy [ - NL80211_PMSR_ATTR_PEERS nlnest[NL80211_PMSR_ATTR_PEERS, array[nlnest[0, array[nl80211_psmr_peer_attr_policy]]]] + NL80211_PMSR_ATTR_PEERS nlnest[NL80211_PMSR_ATTR_PEERS, array[nlnest[0, array[nl80211_pmsr_peer_attr_policy]]]] ] [varlen] nl80211_policy$upd_owe_info [ @@ -834,7 +849,7 @@ nl80211_policy$set_qos_map [ NL80211_ATTR_QOS_MAP nlattr[NL80211_ATTR_QOS_MAP, nl80211_qos_map] ] [varlen] -nl80211_cqm [ +nl80211_attr_cqm_policy [ NL80211_ATTR_CQM_RSSI_THOLD nlattr[NL80211_ATTR_CQM_RSSI_THOLD, array[int32]] NL80211_ATTR_CQM_RSSI_HYST nlattr[NL80211_ATTR_CQM_RSSI_HYST, int32] NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT nlattr[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, int32] @@ -845,7 +860,7 @@ nl80211_cqm [ ] [varlen] nl80211_policy$cqm [ - NL80211_ATTR_CQM nlnest[NL80211_ATTR_CQM, array[nl80211_cqm]] + NL80211_ATTR_CQM nlnest[NL80211_ATTR_CQM, array[nl80211_attr_cqm_policy]] ] [varlen] nl80211_policy$mgmt_frame [ diff --git a/sys/linux/socket_netlink_generic_80211.txt.const b/sys/linux/socket_netlink_generic_80211.txt.const index 75f543807..675cdf35f 100644 --- a/sys/linux/socket_netlink_generic_80211.txt.const +++ b/sys/linux/socket_netlink_generic_80211.txt.const @@ -252,6 +252,7 @@ NL80211_BAND_60GHZ = 2 NL80211_BAND_60GHZ_BIT = 4 NL80211_BAND_6GHZ = 3 NL80211_BAND_6GHZ_BIT = 8 +NL80211_BAND_LC = 5 NL80211_BSS_SELECT_ATTR_BAND_PREF = 2 NL80211_BSS_SELECT_ATTR_RSSI = 1 NL80211_BSS_SELECT_ATTR_RSSI_ADJUST = 3 @@ -392,8 +393,13 @@ NL80211_FTM_RESP_ATTR_LCI = 2 NL80211_HE_BSS_COLOR_ATTR_COLOR = 1 NL80211_HE_BSS_COLOR_ATTR_DISABLED = 2 NL80211_HE_BSS_COLOR_ATTR_PARTIAL = 3 +NL80211_HE_NSS_MAX = 8 +NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP = 4 NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET = 2 NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET = 1 +NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET = 3 +NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP = 5 +NL80211_HE_OBSS_PD_ATTR_SR_CTRL = 6 NL80211_HIDDEN_SSID_NOT_IN_USE = 0 NL80211_HIDDEN_SSID_ZERO_CONTENTS = 2 NL80211_IFTYPE_ADHOC = 1 @@ -434,6 +440,7 @@ NL80211_MAX_SUPP_RATES = 32 NL80211_MESHCONF_AUTO_OPEN_PLINKS = 7 NL80211_MESHCONF_AWAKE_WINDOW = 27 NL80211_MESHCONF_CONFIRM_TIMEOUT = 2 +NL80211_MESHCONF_CONNECTED_TO_AS = 31 NL80211_MESHCONF_CONNECTED_TO_GATE = 29 NL80211_MESHCONF_ELEMENT_TTL = 15 NL80211_MESHCONF_FORWARDING = 19 @@ -453,6 +460,7 @@ NL80211_MESHCONF_HWMP_ROOT_INTERVAL = 24 NL80211_MESHCONF_MAX_PEER_LINKS = 4 NL80211_MESHCONF_MAX_RETRIES = 5 NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT = 10 +NL80211_MESHCONF_NOLEARN = 30 NL80211_MESHCONF_PATH_REFRESH_TIME = 9 NL80211_MESHCONF_PLINK_TIMEOUT = 28 NL80211_MESHCONF_POWER_MODE = 26 @@ -514,6 +522,7 @@ NL80211_PMSR_FTM_REQ_ATTR_ASAP = 1 NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION = 5 NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD = 4 NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST = 6 +NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK = 12 NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED = 11 NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP = 3 NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES = 7 @@ -534,6 +543,10 @@ NL80211_PREAMBLE_LEGACY = 0 NL80211_PREAMBLE_VHT = 2 NL80211_PS_DISABLED = 0 NL80211_PS_ENABLED = 1 +NL80211_RATE_INFO_HE_1XLTF = 0 +NL80211_RATE_INFO_HE_4XLTF = 2 +NL80211_RATE_INFO_HE_GI_0_8 = 0 +NL80211_RATE_INFO_HE_GI_3_2 = 2 NL80211_REKEY_DATA_AKM = 4 NL80211_REKEY_DATA_KCK = 2 NL80211_REKEY_DATA_KEK = 1 @@ -596,6 +609,9 @@ NL80211_TXRATE_DEFAULT_GI = 0 NL80211_TXRATE_FORCE_LGI = 2 NL80211_TXRATE_FORCE_SGI = 1 NL80211_TXRATE_GI = 4 +NL80211_TXRATE_HE = 5 +NL80211_TXRATE_HE_GI = 6 +NL80211_TXRATE_HE_LTF = 7 NL80211_TXRATE_HT = 2 NL80211_TXRATE_LEGACY = 1 NL80211_TXRATE_VHT = 3 @@ -634,6 +650,7 @@ NL80211_WPA_VERSION_2 = 2 NL80211_WPA_VERSION_3 = 4 NUM_NL80211_PLINK_ACTIONS_1 = 2 NUM_NL80211_PLINK_STATES_1 = 6 +PMK_MAX_LEN = 64 SAE_PASSWORD_MAX_LEN = 128 SIOCGIFINDEX = 35123 VHT_MUMIMO_GROUPS_DATA_LEN = 24 diff --git a/sys/linux/socket_netlink_generic_80211.txt.warn b/sys/linux/socket_netlink_generic_80211.txt.warn index c3953223f..dd6186e11 100644 --- a/sys/linux/socket_netlink_generic_80211.txt.warn +++ b/sys/linux/socket_netlink_generic_80211.txt.warn @@ -2,21 +2,11 @@ no-such-struct: msg_nl80211_payload no-such-struct: nl80211_wdev bad-netlink-attr: nl80211_policy$cmd_key.NL80211_ATTR_KEY_DATA_WEP104: duplicate attribute bad-netlink-attr: nl80211_key_policy.NL80211_KEY_DATA_WEP104: duplicate attribute -bad-netlink-attr: he_obss_pd_policy: missing attributes: [3 4 5 6] no-such-netlink-policy: nl80211_tx_rates_policy no-such-struct: nl80211_ht_rate -bad-netlink-attr: nl80211_txattr_policy: missing attributes: [5 6 7] -bad-netlink-attr: nl80211_meshconf_params_policy: missing attributes: [30 31] no-such-netlink-policy: nl80211_rates_policy -bad-netlink-attr: nl80211_match_band_rssi_policy: missing attributes: [5] bad-netlink-attr: nl80211_policy$join_ibss.NL80211_ATTR_HIDDEN_SSID: bad size -1, expect 4 -bad-netlink-attr: nl80211_policy$crypto_settings.NL80211_ATTR_PMK: bad size 254, expect max 64 -bad-netlink-attr: nl80211_policy$connect.NL80211_ATTR_WIPHY_EDMG_CHANNELS: bad min value 0, expect 1 -bad-netlink-attr: nl80211_policy$connect.NL80211_ATTR_WIPHY_EDMG_BW_CONFIG: bad min value 0, expect 4 -bad-netlink-attr: nl80211_pmsr_ftm_req_attr_policy: missing attributes: [12] -no-such-netlink-policy: nl80211_psmr_peer_attr_policy bad-netlink-attr: nl80211_policy$setdel_pmksa.NL80211_ATTR_FILS_CACHE_ID: bad min value 0, expect 2 no-such-struct: nl80211_qos_map_dscp_exception -no-such-netlink-policy: nl80211_cqm bad-netlink-attr: nl80211_tid_config_attr_policy.NL80211_TID_CONFIG_ATTR_RETRY_SHORT: bad max value 255, expect 0 bad-netlink-attr: nl80211_tid_config_attr_policy.NL80211_TID_CONFIG_ATTR_RETRY_LONG: bad max value 255, expect 0 diff --git a/sys/linux/socket_netlink_generic_ethtool.txt b/sys/linux/socket_netlink_generic_ethtool.txt index 65a068f71..c265d2445 100644 --- a/sys/linux/socket_netlink_generic_ethtool.txt +++ b/sys/linux/socket_netlink_generic_ethtool.txt @@ -11,30 +11,30 @@ type msghdr_ethtool[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_ethtool_famil syz_genetlink_get_family_id$ethtool(name ptr[in, string["ethtool"]], fd sock_nl_generic) genl_ethtool_family_id -sendmsg$ETHTOOL_MSG_STRSET_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_STRSET_GET, strset_get_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_STRSET_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_STRSET_GET, ethnl_strset_get_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_LINKINFO_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_LINKINFO_GET, header_only_ethnl_policy[ETHTOOL_A_LINKINFO_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_LINKINFO_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_LINKINFO_SET, linkinfo_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_LINKINFO_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_LINKINFO_SET, ethnl_linkinfo_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_LINKMODES_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_LINKMODES_GET, header_only_ethnl_policy[ETHTOOL_A_LINKMODES_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_LINKMODES_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_LINKMODES_SET, linkmodes_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_LINKMODES_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_LINKMODES_SET, ethnl_linkmodes_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_LINKSTATE_GET, header_only_ethnl_policy[ETHTOOL_A_LINKSTATE_HEADER]]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_DEBUG_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_DEBUG_GET, header_only_ethnl_policy[ETHTOOL_A_DEBUG_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_DEBUG_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_DEBUG_SET, debug_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_DEBUG_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_DEBUG_SET, ethnl_debug_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_WOL_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_WOL_GET, header_only_ethnl_policy[ETHTOOL_A_WOL_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_WOL_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_WOL_SET, wol_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_WOL_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_WOL_SET, ethnl_wol_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_FEATURES_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_FEATURES_GET, header_only_ethnl_policy[ETHTOOL_A_FEATURES_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_FEATURES_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_FEATURES_SET, features_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_FEATURES_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_FEATURES_SET, ethnl_features_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_PRIVFLAGS_GET, header_only_ethnl_policy[ETHTOOL_A_PRIVFLAGS_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_PRIVFLAGS_SET, privflags_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_PRIVFLAGS_SET, ethnl_privflags_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_RINGS_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_RINGS_GET, header_only_ethnl_policy[ETHTOOL_A_RINGS_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_RINGS_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_RINGS_SET, rings_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_RINGS_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_RINGS_SET, ethnl_rings_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_CHANNELS_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_CHANNELS_GET, header_only_ethnl_policy[ETHTOOL_A_CHANNELS_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_CHANNELS_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_CHANNELS_SET, channels_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_CHANNELS_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_CHANNELS_SET, ethnl_channels_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_COALESCE_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_COALESCE_GET, header_only_ethnl_policy[ETHTOOL_A_COALESCE_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_COALESCE_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_COALESCE_SET, coalesce_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_COALESCE_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_COALESCE_SET, ethnl_coalesce_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_PAUSE_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_PAUSE_GET, header_only_ethnl_policy[ETHTOOL_A_PAUSE_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_PAUSE_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_PAUSE_SET, pause_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_PAUSE_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_PAUSE_SET, ethnl_pause_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_EEE_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_EEE_GET, header_only_ethnl_policy[ETHTOOL_A_EEE_HEADER]]], f flags[send_flags]) -sendmsg$ETHTOOL_MSG_EEE_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_EEE_SET, eee_set_policy]], f flags[send_flags]) +sendmsg$ETHTOOL_MSG_EEE_SET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_EEE_SET, ethnl_eee_set_policy]], f flags[send_flags]) sendmsg$ETHTOOL_MSG_TSINFO_GET(fd sock_nl_generic, msg ptr[in, msghdr_ethtool[ETHTOOL_MSG_TSINFO_GET, header_only_ethnl_policy[ETHTOOL_A_TSINFO_HEADER]]], f flags[send_flags]) ethnl_header_policy [ @@ -63,7 +63,7 @@ bit_policy [ ETHTOOL_A_BITSET_BIT_NAME nlattr[ETHTOOL_A_BITSET_BIT_NAME, string] ] [varlen] -strset_get_policy [ +ethnl_strset_get_policy [ ETHTOOL_A_STRSET_HEADER nlnest[ETHTOOL_A_STRSET_HEADER, array[ethnl_header_policy]] ETHTOOL_A_STRSET_STRINGSETS nlnest[ETHTOOL_A_STRSET_STRINGSETS, array[nlnest[ETHTOOL_A_STRINGSETS_STRINGSET, array[get_stringset_policy]]]] ETHTOOL_A_STRSET_COUNTS_ONLY nlattr[ETHTOOL_A_STRSET_COUNTS_ONLY, void] @@ -73,43 +73,48 @@ get_stringset_policy [ ETHTOOL_A_STRINGSET_ID nlattr[ETHTOOL_A_STRINGSET_ID, flags[ethtool_stringset, int32]] ] [varlen] -linkinfo_set_policy [ +ethnl_linkinfo_set_policy [ ETHTOOL_A_LINKINFO_HEADER nlnest[ETHTOOL_A_LINKINFO_HEADER, array[ethnl_header_policy]] ETHTOOL_A_LINKINFO_PORT nlattr[ETHTOOL_A_LINKINFO_PORT, int8] ETHTOOL_A_LINKINFO_PHYADDR nlattr[ETHTOOL_A_LINKINFO_PHYADDR, int8] ETHTOOL_A_LINKINFO_TP_MDIX_CTRL nlattr[ETHTOOL_A_LINKINFO_TP_MDIX_CTRL, int8] ] [varlen] -linkmodes_set_policy [ - ETHTOOL_A_LINKMODES_HEADER nlnest[ETHTOOL_A_LINKMODES_HEADER, array[ethnl_header_policy]] - ETHTOOL_A_LINKMODES_AUTONEG nlattr[ETHTOOL_A_LINKMODES_AUTONEG, int8] - ETHTOOL_A_LINKMODES_DUPLEX nlattr[ETHTOOL_A_LINKMODES_DUPLEX, int8] - ETHTOOL_A_LINKMODES_SPEED nlattr[ETHTOOL_A_LINKMODES_SPEED, int32] - ETHTOOL_A_LINKMODES_OURS nlnest[ETHTOOL_A_LINKMODES_OURS, array[bitset_policy]] +ethnl_linkmodes_set_policy [ + ETHTOOL_A_LINKMODES_HEADER nlnest[ETHTOOL_A_LINKMODES_HEADER, array[ethnl_header_policy]] + ETHTOOL_A_LINKMODES_AUTONEG nlattr[ETHTOOL_A_LINKMODES_AUTONEG, int8] + ETHTOOL_A_LINKMODES_DUPLEX nlattr[ETHTOOL_A_LINKMODES_DUPLEX, int8] + ETHTOOL_A_LINKMODES_SPEED nlattr[ETHTOOL_A_LINKMODES_SPEED, int32] + ETHTOOL_A_LINKMODES_OURS nlnest[ETHTOOL_A_LINKMODES_OURS, array[bitset_policy]] + ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG nlattr[ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG, flags[eth_master_slave_cfg, int8]] + ETHTOOL_A_LINKMODES_LANES nlattr[ETHTOOL_A_LINKMODES_LANES, flags[eth_link_lanes, int32]] ] [varlen] -debug_set_policy [ +eth_master_slave_cfg = MASTER_SLAVE_CFG_MASTER_PREFERRED, MASTER_SLAVE_CFG_SLAVE_PREFERRED, MASTER_SLAVE_CFG_MASTER_FORCE, MASTER_SLAVE_CFG_SLAVE_FORCE +eth_link_lanes = 1, 2, 4, 8 + +ethnl_debug_set_policy [ ETHTOOL_A_DEBUG_HEADER nlnest[ETHTOOL_A_DEBUG_HEADER, array[ethnl_header_policy]] ETHTOOL_A_DEBUG_MSGMASK nlnest[ETHTOOL_A_DEBUG_MSGMASK, array[bitset_policy]] ] [varlen] -wol_set_policy [ +ethnl_wol_set_policy [ ETHTOOL_A_WOL_HEADER nlnest[ETHTOOL_A_WOL_HEADER, array[ethnl_header_policy]] ETHTOOL_A_WOL_MODES nlnest[ETHTOOL_A_WOL_MODES, array[bitset_policy]] ETHTOOL_A_WOL_SOPASS nlattr[ETHTOOL_A_WOL_SOPASS, array[int8]] ] [varlen] -features_set_policy [ +ethnl_features_set_policy [ ETHTOOL_A_FEATURES_HEADER nlnest[ETHTOOL_A_FEATURES_HEADER, array[ethnl_header_policy]] ETHTOOL_A_FEATURES_WANTED nlnest[ETHTOOL_A_FEATURES_WANTED, array[bitset_policy]] ] [varlen] -privflags_set_policy [ +ethnl_privflags_set_policy [ ETHTOOL_A_PRIVFLAGS_HEADER nlnest[ETHTOOL_A_PRIVFLAGS_HEADER, array[ethnl_header_policy]] ETHTOOL_A_PRIVFLAGS_FLAGS nlnest[ETHTOOL_A_PRIVFLAGS_FLAGS, array[bitset_policy]] ] [varlen] -rings_set_policy [ +ethnl_rings_set_policy [ ETHTOOL_A_RINGS_HEADER nlnest[ETHTOOL_A_RINGS_HEADER, array[ethnl_header_policy]] ETHTOOL_A_RINGS_RX nlattr[ETHTOOL_A_RINGS_RX, int32] ETHTOOL_A_RINGS_RX_MINI nlattr[ETHTOOL_A_RINGS_RX_MINI, int32] @@ -117,7 +122,7 @@ rings_set_policy [ ETHTOOL_A_RINGS_TX nlattr[ETHTOOL_A_RINGS_TX, int32] ] [varlen] -channels_set_policy [ +ethnl_channels_set_policy [ ETHTOOL_A_CHANNELS_HEADER nlnest[ETHTOOL_A_CHANNELS_HEADER, array[ethnl_header_policy]] ETHTOOL_A_CHANNELS_RX_COUNT nlattr[ETHTOOL_A_CHANNELS_RX_COUNT, int32] ETHTOOL_A_CHANNELS_TX_COUNT nlattr[ETHTOOL_A_CHANNELS_TX_COUNT, int32] @@ -125,7 +130,7 @@ channels_set_policy [ ETHTOOL_A_CHANNELS_COMBINED_COUNT nlattr[ETHTOOL_A_CHANNELS_COMBINED_COUNT, int32] ] [varlen] -coalesce_set_policy [ +ethnl_coalesce_set_policy [ ETHTOOL_A_COALESCE_HEADER nlnest[ETHTOOL_A_COALESCE_HEADER, array[ethnl_header_policy]] ETHTOOL_A_COALESCE_RX_USECS nlattr[ETHTOOL_A_COALESCE_RX_USECS, int32] ETHTOOL_A_COALESCE_RX_MAX_FRAMES nlattr[ETHTOOL_A_COALESCE_RX_MAX_FRAMES, int32] @@ -149,16 +154,18 @@ coalesce_set_policy [ ETHTOOL_A_COALESCE_TX_USECS_HIGH nlattr[ETHTOOL_A_COALESCE_TX_USECS_HIGH, int32] ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH nlattr[ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH, int32] ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL nlattr[ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL, int32] + ETHTOOL_A_COALESCE_USE_CQE_MODE_TX nlattr[ETHTOOL_A_COALESCE_USE_CQE_MODE_TX, bool8] + ETHTOOL_A_COALESCE_USE_CQE_MODE_RX nlattr[ETHTOOL_A_COALESCE_USE_CQE_MODE_RX, bool8] ] [varlen] -pause_set_policy [ +ethnl_pause_set_policy [ ETHTOOL_A_PAUSE_HEADER nlnest[ETHTOOL_A_PAUSE_HEADER, array[ethnl_header_policy]] ETHTOOL_A_PAUSE_AUTONEG nlattr[ETHTOOL_A_PAUSE_AUTONEG, bool8] ETHTOOL_A_PAUSE_RX nlattr[ETHTOOL_A_PAUSE_RX, bool8] ETHTOOL_A_PAUSE_TX nlattr[ETHTOOL_A_PAUSE_TX, bool8] ] [varlen] -eee_set_policy [ +ethnl_eee_set_policy [ ETHTOOL_A_EEE_HEADER nlnest[ETHTOOL_A_EEE_HEADER, array[ethnl_header_policy]] ETHTOOL_A_EEE_MODES_OURS nlnest[ETHTOOL_A_EEE_MODES_OURS, array[bitset_policy]] ETHTOOL_A_EEE_ENABLED nlattr[ETHTOOL_A_EEE_ENABLED, bool8] diff --git a/sys/linux/socket_netlink_generic_ethtool.txt.const b/sys/linux/socket_netlink_generic_ethtool.txt.const index 230293b73..8d9a3936f 100644 --- a/sys/linux/socket_netlink_generic_ethtool.txt.const +++ b/sys/linux/socket_netlink_generic_ethtool.txt.const @@ -37,6 +37,8 @@ ETHTOOL_A_COALESCE_TX_USECS_IRQ = 8 ETHTOOL_A_COALESCE_TX_USECS_LOW = 16 ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX = 11 ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX = 12 +ETHTOOL_A_COALESCE_USE_CQE_MODE_RX = 25 +ETHTOOL_A_COALESCE_USE_CQE_MODE_TX = 24 ETHTOOL_A_DEBUG_HEADER = 1 ETHTOOL_A_DEBUG_MSGMASK = 2 ETHTOOL_A_EEE_ENABLED = 5 @@ -56,6 +58,8 @@ ETHTOOL_A_LINKINFO_TP_MDIX_CTRL = 5 ETHTOOL_A_LINKMODES_AUTONEG = 2 ETHTOOL_A_LINKMODES_DUPLEX = 6 ETHTOOL_A_LINKMODES_HEADER = 1 +ETHTOOL_A_LINKMODES_LANES = 9 +ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG = 7 ETHTOOL_A_LINKMODES_OURS = 3 ETHTOOL_A_LINKMODES_SPEED = 5 ETHTOOL_A_LINKSTATE_HEADER = 1 @@ -106,4 +110,8 @@ ETHTOOL_MSG_STRSET_GET = 1 ETHTOOL_MSG_TSINFO_GET = 25 ETHTOOL_MSG_WOL_GET = 9 ETHTOOL_MSG_WOL_SET = 10 +MASTER_SLAVE_CFG_MASTER_FORCE = 4 +MASTER_SLAVE_CFG_MASTER_PREFERRED = 2 +MASTER_SLAVE_CFG_SLAVE_FORCE = 5 +MASTER_SLAVE_CFG_SLAVE_PREFERRED = 3 __NR_sendmsg = 211, 386:s390x:370, amd64:46, arm:296, mips64le:5045, ppc64le:341 diff --git a/sys/linux/socket_netlink_generic_ethtool.txt.warn b/sys/linux/socket_netlink_generic_ethtool.txt.warn index 7863159dd..64ac7551a 100644 --- a/sys/linux/socket_netlink_generic_ethtool.txt.warn +++ b/sys/linux/socket_netlink_generic_ethtool.txt.warn @@ -1,13 +1,2 @@ no-such-netlink-policy: header_only_ethnl_policy -no-such-netlink-policy: strset_get_policy -no-such-netlink-policy: linkinfo_set_policy -no-such-netlink-policy: linkmodes_set_policy -no-such-netlink-policy: debug_set_policy -no-such-netlink-policy: wol_set_policy -no-such-netlink-policy: features_set_policy -no-such-netlink-policy: privflags_set_policy -no-such-netlink-policy: rings_set_policy -no-such-netlink-policy: channels_set_policy -no-such-netlink-policy: coalesce_set_policy -no-such-netlink-policy: pause_set_policy -no-such-netlink-policy: eee_set_policy +bad-netlink-attr: ethnl_rings_set_policy: missing attributes: [10] diff --git a/sys/linux/socket_netlink_netfilter_conntrack.txt b/sys/linux/socket_netlink_netfilter_conntrack.txt index 74c98d4f6..0bac26e59 100644 --- a/sys/linux/socket_netlink_netfilter_conntrack.txt +++ b/sys/linux/socket_netlink_netfilter_conntrack.txt @@ -7,6 +7,7 @@ include <uapi/linux/netfilter.h> include <uapi/linux/netfilter/nfnetlink.h> include <uapi/linux/netfilter/nfnetlink_conntrack.h> include <uapi/linux/netfilter/nf_conntrack_common.h> +include <net/netfilter/nf_internals.h> type msghdr_conntrack[CMD, POLICY] msghdr_netlink[netlink_msg_netfilter_t[NFNL_SUBSYS_CTNETLINK, CMD, POLICY]] @@ -43,6 +44,8 @@ ct_nla_policy [ CTA_SEQ_ADJ_ORIG nlnest[CTA_SEQ_ADJ_ORIG, array[seqadj_policy]] CTA_SEQ_ADJ_REPLY nlnest[CTA_SEQ_ADJ_REPLY, array[seqadj_policy]] CTA_SYNPROXY nlnest[CTA_SYNPROXY, array[synproxy_policy]] + CTA_FILTER nlnest[CTA_FILTER, array[cta_filter_nla_policy]] + CTA_STATUS_MASK nlnetw[CTA_STATUS_MASK, int32be] ] [varlen] seqadj_policy [ @@ -122,5 +125,11 @@ synproxy_policy [ CTA_SYNPROXY_TSOFF nlnetw[CTA_SYNPROXY_TSOFF, int32be] ] [varlen] +cta_filter_nla_policy [ + CTA_FILTER_ORIG_FLAGS nlattr[CTA_FILTER_ORIG_FLAGS, flags[cta_filter_flags, int32]] + CTA_FILTER_REPLY_FLAGS nlattr[CTA_FILTER_REPLY_FLAGS, flags[cta_filter_flags, int32]] +] [varlen] + conntrack_proto = IPPROTO_UDP, IPPROTO_TCP, IPPROTO_ICMP, IPPROTO_DCCP, IPPROTO_SCTP, IPPROTO_UDPLITE, IPPROTO_GRE, IPPROTO_ICMPV6 ip_conntrack_status = IPS_SEEN_REPLY, IPS_ASSURED, IPS_FIXED_TIMEOUT, IPS_UNTRACKED, IPS_HELPER +cta_filter_flags = CTA_FILTER_F_CTA_IP_SRC, CTA_FILTER_F_CTA_IP_DST, CTA_FILTER_F_CTA_TUPLE_ZONE, CTA_FILTER_F_CTA_PROTO_NUM, CTA_FILTER_F_CTA_PROTO_SRC_PORT, CTA_FILTER_F_CTA_PROTO_DST_PORT, CTA_FILTER_F_CTA_PROTO_ICMP_TYPE, CTA_FILTER_F_CTA_PROTO_ICMP_CODE, CTA_FILTER_F_CTA_PROTO_ICMP_ID, CTA_FILTER_F_CTA_PROTO_ICMPV6_TYPE, CTA_FILTER_F_CTA_PROTO_ICMPV6_CODE, CTA_FILTER_F_CTA_PROTO_ICMPV6_ID diff --git a/sys/linux/socket_netlink_netfilter_conntrack.txt.const b/sys/linux/socket_netlink_netfilter_conntrack.txt.const index 37335a017..ff3e91334 100644 --- a/sys/linux/socket_netlink_netfilter_conntrack.txt.const +++ b/sys/linux/socket_netlink_netfilter_conntrack.txt.const @@ -1,5 +1,20 @@ # Code generated by syz-sysgen. DO NOT EDIT. arches = 386, amd64, arm, arm64, mips64le, ppc64le, riscv64, s390x +CTA_FILTER = 25 +CTA_FILTER_F_CTA_IP_DST = 2 +CTA_FILTER_F_CTA_IP_SRC = 1 +CTA_FILTER_F_CTA_PROTO_DST_PORT = 32 +CTA_FILTER_F_CTA_PROTO_ICMPV6_CODE = 1024 +CTA_FILTER_F_CTA_PROTO_ICMPV6_ID = 2048 +CTA_FILTER_F_CTA_PROTO_ICMPV6_TYPE = 512 +CTA_FILTER_F_CTA_PROTO_ICMP_CODE = 128 +CTA_FILTER_F_CTA_PROTO_ICMP_ID = 256 +CTA_FILTER_F_CTA_PROTO_ICMP_TYPE = 64 +CTA_FILTER_F_CTA_PROTO_NUM = 8 +CTA_FILTER_F_CTA_PROTO_SRC_PORT = 16 +CTA_FILTER_F_CTA_TUPLE_ZONE = 4 +CTA_FILTER_ORIG_FLAGS = 1 +CTA_FILTER_REPLY_FLAGS = 2 CTA_HELP = 5 CTA_HELP_NAME = 1 CTA_ID = 12 @@ -42,6 +57,7 @@ CTA_SEQADJ_OFFSET_BEFORE = 2 CTA_SEQ_ADJ_ORIG = 15 CTA_SEQ_ADJ_REPLY = 16 CTA_STATUS = 3 +CTA_STATUS_MASK = 26 CTA_SYNPROXY = 24 CTA_SYNPROXY_ISN = 1 CTA_SYNPROXY_ITS = 2 diff --git a/sys/linux/socket_netlink_netfilter_conntrack.txt.warn b/sys/linux/socket_netlink_netfilter_conntrack.txt.warn deleted file mode 100644 index 7a12cf487..000000000 --- a/sys/linux/socket_netlink_netfilter_conntrack.txt.warn +++ /dev/null @@ -1 +0,0 @@ -bad-netlink-attr: ct_nla_policy: missing attributes: [25 26] diff --git a/sys/linux/socket_netlink_netfilter_nftables.txt b/sys/linux/socket_netlink_netfilter_nftables.txt index facb8bb4c..dc1495509 100644 --- a/sys/linux/socket_netlink_netfilter_nftables.txt +++ b/sys/linux/socket_netlink_netfilter_nftables.txt @@ -17,6 +17,9 @@ include <net/netfilter/nf_tables.h> include <net/xfrm.h> type msghdr_nf_tables[CMD, POLICY] msghdr_netlink[netlink_msg_netfilter_t[NFNL_SUBSYS_NFTABLES, CMD, POLICY]] +# TODO: we should obtain them from somewhere, probably from other netlink messages, +# but we can't extract output netlink attributes. +type nft_chain_id int32be sendmsg$NFT_MSG_GETTABLE(fd sock_nl_netfilter, msg ptr[in, msghdr_nf_tables[NFT_MSG_GETTABLE, nft_table_policy]], f flags[send_flags]) sendmsg$NFT_MSG_GETCHAIN(fd sock_nl_netfilter, msg ptr[in, msghdr_nf_tables[NFT_MSG_GETCHAIN, nft_chain_policy]], f flags[send_flags]) @@ -80,6 +83,7 @@ nft_table_policy [ NFTA_TABLE_NAME nlattr[NFTA_TABLE_NAME, string[nft_table_name]] NFTA_TABLE_FLAGS nlnetw[NFTA_TABLE_FLAGS, flags[nft_table_flags, int32be]] NFTA_TABLE_HANDLE nlnetw[NFTA_TABLE_HANDLE, nft_handle] + NFTA_TABLE_USERDATA nlattr[NFTA_TABLE_USERDATA, array[int8, 0:NFT_USERDATA_MAXLEN]] ] [varlen] nft_table_name = "syz0", "syz1" @@ -94,6 +98,8 @@ nft_chain_policy [ NFTA_CHAIN_TYPE nlattr[NFTA_CHAIN_TYPE, string[nft_chain_type]] NFTA_CHAIN_COUNTERS nlnest[NFTA_CHAIN_COUNTERS, array[nft_counter_policy]] NFTA_CHAIN_FLAGS nlnetw[NFTA_CHAIN_FLAGS, flags[nft_chain_flags, int32be]] + NFTA_CHAIN_ID nlnetw[NFTA_CHAIN_ID, nft_chain_id] + NFTA_CHAIN_USERDATA nlattr[NFTA_CHAIN_USERDATA, array[int8, 0:NFT_USERDATA_MAXLEN]] ] [varlen] nft_chain_name = "syz0", "syz1", "syz2" @@ -115,12 +121,13 @@ nft_rule_policy [ NFTA_RULE_TABLE nlattr[NFTA_RULE_TABLE, string[nft_table_name]] NFTA_RULE_CHAIN nlattr[NFTA_RULE_CHAIN, string[nft_chain_name]] NFTA_RULE_HANDLE nlnetw[NFTA_RULE_HANDLE, nft_handle] - NFTA_RULE_EXPRESSIONS nlnest[NFTA_RULE_EXPRESSIONS, array[nlnest[NFTA_LIST_ELEM, array[nft_expr_policy]]]] + NFTA_RULE_EXPRESSIONS nlnest[NFTA_RULE_EXPRESSIONS, array[nlnest[NFTA_LIST_ELEM, nft_expr_policy]]] NFTA_RULE_COMPAT nlnest[NFTA_RULE_COMPAT, array[nft_rule_compat_policy]] NFTA_RULE_POSITION nlnetw[NFTA_RULE_POSITION, nft_handle] NFTA_RULE_USERDATA nlnetw[NFTA_RULE_USERDATA, array[int8]] NFTA_RULE_ID nlnetw[NFTA_RULE_ID, nft_rule_id] NFTA_RULE_POSITION_ID nlnetw[NFTA_RULE_POSITION_ID, nft_rule_id] + NFTA_RULE_CHAIN_ID nlnetw[NFTA_RULE_CHAIN_ID, nft_chain_id] ] [varlen] type nft_rule_id int32be[0:3] @@ -151,6 +158,7 @@ nft_set_policy [ NFTA_SET_OBJ_TYPE nlnetw[NFTA_SET_OBJ_TYPE, flags[nft_obj_type, int32be]] NFTA_SET_HANDLE nlnetw[NFTA_SET_HANDLE, nft_handle] NFTA_SET_EXPR nlnest[NFTA_SET_EXPR, nft_expr_policy] + NFTA_SET_EXPRESSIONS nlnest[NFTA_SET_EXPRESSIONS, array[nlnest[NFTA_LIST_ELEM, nft_expr_policy]]] ] [varlen] type nft_set_id int32be[0:3] @@ -189,6 +197,7 @@ nft_set_elem_policy [ NFTA_SET_ELEM_EXPR nlnest[NFTA_SET_ELEM_EXPR, void] NFTA_SET_ELEM_OBJREF nlattr[NFTA_SET_ELEM_OBJREF, string[nft_obj_name]] NFTA_SET_ELEM_KEY_END nlnest[NFTA_SET_ELEM_KEY_END, array[nft_data_policy]] + NFTA_SET_ELEM_EXPRESSIONS nlnest[NFTA_SET_ELEM_EXPRESSIONS, array[nlnest[NFTA_LIST_ELEM, nft_expr_policy]]] ] [varlen] nft_set_elem_flags = NFT_SET_ELEM_INTERVAL_END @@ -201,15 +210,17 @@ nft_data_policy [ nft_verdict_policy [ NFTA_VERDICT_CODE nlnest[NFTA_VERDICT_CODE, flags[nft_verdicts, int32be]] NFTA_VERDICT_CHAIN nlattr[NFTA_VERDICT_CHAIN, string[nft_chain_name]] + NFTA_VERDICT_CHAIN_ID nlnetw[NFTA_VERDICT_CHAIN_ID, nft_chain_id] ] [varlen] nft_verdicts = 0, NF_DROP_VERDICT, NF_ACCEPT_VERDICT, NF_STOLEN_VERDICT, NF_QUEUE_VERDICT, NF_REPEAT_VERDICT, NFT_CONTINUE, NFT_BREAK, NFT_JUMP, NFT_GOTO, NFT_RETURN nft_obj_policy [ - NFTA_OBJ_TABLE nlattr[NFTA_OBJ_TABLE, string[nft_table_name]] - NFTA_OBJ_NAME nlattr[NFTA_OBJ_NAME, string[nft_obj_name]] - NFTA_OBJ_TYPE nlnetw[NFTA_OBJ_TYPE, flags[nft_obj_type, int32be]] - NFTA_OBJ_HANDLE nlnetw[NFTA_OBJ_HANDLE, nft_handle] + NFTA_OBJ_TABLE nlattr[NFTA_OBJ_TABLE, string[nft_table_name]] + NFTA_OBJ_NAME nlattr[NFTA_OBJ_NAME, string[nft_obj_name]] + NFTA_OBJ_TYPE nlnetw[NFTA_OBJ_TYPE, flags[nft_obj_type, int32be]] + NFTA_OBJ_HANDLE nlnetw[NFTA_OBJ_HANDLE, nft_handle] + NFTA_OBJ_USERDATA nlattr[NFTA_OBJ_USERDATA, array[int8, 0:NFT_USERDATA_MAXLEN]] ] [varlen] type nft_obj_policy$new_t[TYPE, POLICY] [ @@ -446,8 +457,12 @@ nft_bitwise_policy [ NFTA_BITWISE_LEN nlnetw[NFTA_BITWISE_LEN, int32be] NFTA_BITWISE_MASK nlnest[NFTA_BITWISE_MASK, array[nft_data_policy]] NFTA_BITWISE_XOR nlnest[NFTA_BITWISE_XOR, array[nft_data_policy]] + NFTA_BITWISE_OP nlnetw[NFTA_BITWISE_OP, flags[nft_bitwise_ops, int32be]] + NFTA_BITWISE_DATA nlnest[NFTA_BITWISE_DATA, array[nft_data_policy]] ] [varlen] +nft_bitwise_ops = NFT_BITWISE_BOOL, NFT_BITWISE_LSHIFT, NFT_BITWISE_RSHIFT + nft_byteorder_policy [ NFTA_BYTEORDER_SREG nlnetw[NFTA_BYTEORDER_SREG, flags[nft_registers, int32be]] NFTA_BYTEORDER_DREG nlnetw[NFTA_BYTEORDER_DREG, flags[nft_registers, int32be]] @@ -473,9 +488,10 @@ nft_dynset_policy [ NFTA_DYNSET_SREG_KEY nlnetw[NFTA_DYNSET_SREG_KEY, flags[nft_registers, int32be]] NFTA_DYNSET_SREG_DATA nlnetw[NFTA_DYNSET_SREG_DATA, flags[nft_registers, int32be]] NFTA_DYNSET_TIMEOUT nlnetw[NFTA_DYNSET_TIMEOUT, int64be] -# TODO: we need whole nft_expr_policy here instead of just lookup, but it will lead to recursion. +# TODO: we need whole nft_expr_policy here and in NFTA_DYNSET_EXPRESSIONS instead of just lookup, but it will lead to recursion. NFTA_DYNSET_EXPR nlnest[NFTA_DYNSET_EXPR, nft_expr_policy_t["lookup", nft_lookup_policy]] NFTA_DYNSET_FLAGS nlnetw[NFTA_DYNSET_FLAGS, flags[nft_dynset_flags, int32be]] + NFTA_DYNSET_EXPRESSIONS nlnest[NFTA_DYNSET_EXPRESSIONS, array[nlnest[NFTA_LIST_ELEM, nft_lookup_policy]]] ] [varlen] nft_dynset_ops = NFT_DYNSET_OP_ADD, NFT_DYNSET_OP_UPDATE, NFT_DYNSET_OP_DELETE @@ -662,6 +678,7 @@ nft_redir_policy [ nft_socket_policy [ NFTA_SOCKET_KEY nlnetw[NFTA_SOCKET_KEY, flags[nft_socket_keys, int32be]] NFTA_SOCKET_DREG nlnetw[NFTA_SOCKET_DREG, flags[nft_registers, int32be]] + NFTA_SOCKET_LEVEL nlattr[NFTA_SOCKET_LEVEL, int32be[0:255]] ] [varlen] nft_socket_keys = NFT_SOCKET_TRANSPARENT, NFT_SOCKET_MARK diff --git a/sys/linux/socket_netlink_netfilter_nftables.txt.const b/sys/linux/socket_netlink_netfilter_nftables.txt.const index d51c7b1d8..ebc843431 100644 --- a/sys/linux/socket_netlink_netfilter_nftables.txt.const +++ b/sys/linux/socket_netlink_netfilter_nftables.txt.const @@ -13,9 +13,11 @@ NFNL_SUBSYS_NFTABLES = 10 NFPROTO_INET = 1 NFPROTO_IPV4 = 2 NFPROTO_IPV6 = 10 +NFTA_BITWISE_DATA = 7 NFTA_BITWISE_DREG = 2 NFTA_BITWISE_LEN = 3 NFTA_BITWISE_MASK = 4 +NFTA_BITWISE_OP = 6 NFTA_BITWISE_SREG = 1 NFTA_BITWISE_XOR = 5 NFTA_BYTEORDER_DREG = 2 @@ -27,10 +29,12 @@ NFTA_CHAIN_COUNTERS = 8 NFTA_CHAIN_FLAGS = 10 NFTA_CHAIN_HANDLE = 2 NFTA_CHAIN_HOOK = 4 +NFTA_CHAIN_ID = 11 NFTA_CHAIN_NAME = 3 NFTA_CHAIN_POLICY = 5 NFTA_CHAIN_TABLE = 1 NFTA_CHAIN_TYPE = 7 +NFTA_CHAIN_USERDATA = 12 NFTA_CMP_DATA = 3 NFTA_CMP_OP = 2 NFTA_CMP_SREG = 1 @@ -59,6 +63,7 @@ NFTA_DEVICE_NAME = 1 NFTA_DUP_SREG_ADDR = 1 NFTA_DUP_SREG_DEV = 2 NFTA_DYNSET_EXPR = 7 +NFTA_DYNSET_EXPRESSIONS = 10 NFTA_DYNSET_FLAGS = 9 NFTA_DYNSET_OP = 3 NFTA_DYNSET_SET_ID = 2 @@ -155,6 +160,7 @@ NFTA_OBJ_HANDLE = 6 NFTA_OBJ_NAME = 2 NFTA_OBJ_TABLE = 1 NFTA_OBJ_TYPE = 3 +NFTA_OBJ_USERDATA = 8 NFTA_OSF_DREG = 1 NFTA_OSF_FLAGS = 3 NFTA_OSF_TTL = 2 @@ -185,6 +191,7 @@ NFTA_REJECT_TYPE = 1 NFTA_RT_DREG = 1 NFTA_RT_KEY = 2 NFTA_RULE_CHAIN = 2 +NFTA_RULE_CHAIN_ID = 11 NFTA_RULE_COMPAT = 5 NFTA_RULE_COMPAT_FLAGS = 2 NFTA_RULE_COMPAT_PROTO = 1 @@ -204,6 +211,7 @@ NFTA_SET_DESC_SIZE = 1 NFTA_SET_ELEM_DATA = 2 NFTA_SET_ELEM_EXPIRATION = 5 NFTA_SET_ELEM_EXPR = 7 +NFTA_SET_ELEM_EXPRESSIONS = 11 NFTA_SET_ELEM_FLAGS = 3 NFTA_SET_ELEM_KEY = 1 NFTA_SET_ELEM_KEY_END = 10 @@ -215,6 +223,7 @@ NFTA_SET_ELEM_OBJREF = 9 NFTA_SET_ELEM_TIMEOUT = 4 NFTA_SET_ELEM_USERDATA = 6 NFTA_SET_EXPR = 17 +NFTA_SET_EXPRESSIONS = 18 NFTA_SET_FIELD_LEN = 1 NFTA_SET_FLAGS = 3 NFTA_SET_GC_INTERVAL = 12 @@ -230,12 +239,14 @@ NFTA_SET_TIMEOUT = 11 NFTA_SET_USERDATA = 13 NFTA_SOCKET_DREG = 2 NFTA_SOCKET_KEY = 1 +NFTA_SOCKET_LEVEL = 3 NFTA_SYNPROXY_FLAGS = 3 NFTA_SYNPROXY_MSS = 1 NFTA_SYNPROXY_WSCALE = 2 NFTA_TABLE_FLAGS = 2 NFTA_TABLE_HANDLE = 4 NFTA_TABLE_NAME = 1 +NFTA_TABLE_USERDATA = 6 NFTA_TARGET_INFO = 3 NFTA_TARGET_NAME = 1 NFTA_TARGET_REV = 2 @@ -271,11 +282,15 @@ NFTA_TUNNEL_KEY_TTL = 6 NFTA_TUNNEL_KEY_VXLAN_GBP = 1 NFTA_TUNNEL_MODE = 3 NFTA_VERDICT_CHAIN = 2 +NFTA_VERDICT_CHAIN_ID = 3 NFTA_VERDICT_CODE = 1 NFTA_XFRM_DIR = 3 NFTA_XFRM_DREG = 1 NFTA_XFRM_KEY = 2 NFTA_XFRM_SPNUM = 4 +NFT_BITWISE_BOOL = 0 +NFT_BITWISE_LSHIFT = 1 +NFT_BITWISE_RSHIFT = 2 NFT_BREAK = 18446744073709551614 NFT_BYTEORDER_HTON = 1 NFT_BYTEORDER_NTOH = 0 @@ -440,6 +455,7 @@ NFT_TUNNEL_MODE_NONE = 0 NFT_TUNNEL_MODE_RX = 1 NFT_TUNNEL_MODE_TX = 2 NFT_TUNNEL_PATH = 0 +NFT_USERDATA_MAXLEN = 256 NFT_XFRM_KEY_DADDR_IP4 = 1 NFT_XFRM_KEY_DADDR_IP6 = 2 NFT_XFRM_KEY_REQID = 5 diff --git a/sys/linux/socket_netlink_netfilter_nftables.txt.warn b/sys/linux/socket_netlink_netfilter_nftables.txt.warn index ba58f9b22..00bd8fed9 100644 --- a/sys/linux/socket_netlink_netfilter_nftables.txt.warn +++ b/sys/linux/socket_netlink_netfilter_nftables.txt.warn @@ -1,14 +1,4 @@ no-such-struct: nft_nlmsghdr no-such-struct: nfgenmsg_nft -bad-netlink-attr: nft_table_policy: missing attributes: [6] -bad-netlink-attr: nft_chain_policy: missing attributes: [11 12] -bad-netlink-attr: nft_rule_policy: missing attributes: [11] bad-netlink-attr: nft_rule_compat_policy.NFTA_RULE_COMPAT_PROTO_IPV6: duplicate attribute bad-netlink-attr: nft_rule_compat_policy.NFTA_RULE_COMPAT_PROTO_BRIDGE: duplicate attribute -bad-netlink-attr: nft_set_policy: missing attributes: [18] -bad-netlink-attr: nft_set_elem_policy: missing attributes: [11] -bad-netlink-attr: nft_verdict_policy: missing attributes: [3] -bad-netlink-attr: nft_obj_policy: missing attributes: [8] -bad-netlink-attr: nft_bitwise_policy: missing attributes: [6 7] -bad-netlink-attr: nft_dynset_policy: missing attributes: [10] -bad-netlink-attr: nft_socket_policy: missing attributes: [3] diff --git a/sys/linux/socket_netlink_route.txt b/sys/linux/socket_netlink_route.txt index 07a2fe225..6d2ad5c8b 100644 --- a/sys/linux/socket_netlink_route.txt +++ b/sys/linux/socket_netlink_route.txt @@ -375,6 +375,7 @@ macvlan_policy [ IFLA_MACVLAN_MACADDR_MODE nlattr[IFLA_MACVLAN_MACADDR_MODE, flags[macvlan_macaddr_mode, int32]] IFLA_MACVLAN_MACADDR nlattr[IFLA_MACVLAN_MACADDR, mac_addr] IFLA_MACVLAN_MACADDR_DATA nlnest[IFLA_MACVLAN_MACADDR_DATA, array[nlattr[IFLA_MACVLAN_MACADDR, mac_addr]]] + IFLA_MACVLAN_BC_QUEUE_LEN nlattr[IFLA_MACVLAN_BC_QUEUE_LEN, int32] ] [varlen] macvlan_mode = MACVLAN_MODE_PRIVATE, MACVLAN_MODE_VEPA, MACVLAN_MODE_BRIDGE, MACVLAN_MODE_PASSTHRU, MACVLAN_MODE_SOURCE @@ -416,6 +417,7 @@ hsr_policy [ IFLA_HSR_VERSION nlattr[IFLA_HSR_VERSION, int8] IFLA_HSR_SUPERVISION_ADDR nlattr[IFLA_HSR_SUPERVISION_ADDR, mac_addr] IFLA_HSR_SEQ_NR nlattr[IFLA_HSR_SEQ_NR, int16] + IFLA_HSR_PROTOCOL nlattr[IFLA_HSR_PROTOCOL, int8[0:HSR_PROTOCOL_MAX]] ] [varlen] bond_policy [ @@ -445,6 +447,8 @@ bond_policy [ IFLA_BOND_AD_USER_PORT_KEY nlattr[IFLA_BOND_AD_USER_PORT_KEY, int16] IFLA_BOND_AD_ACTOR_SYSTEM nlattr[IFLA_BOND_AD_ACTOR_SYSTEM, ipv4_addr] IFLA_BOND_TLB_DYNAMIC_LB nlattr[IFLA_BOND_TLB_DYNAMIC_LB, int8] + IFLA_BOND_PEER_NOTIF_DELAY nlattr[IFLA_BOND_PEER_NOTIF_DELAY, int32] + IFLA_BOND_AD_LACP_ACTIVE nlattr[IFLA_BOND_AD_LACP_ACTIVE, int8] ] [varlen] bond_slave_policy [ @@ -484,29 +488,40 @@ br_policy [ IFLA_BR_MCAST_STATS_ENABLED nlattr[IFLA_BR_MCAST_STATS_ENABLED, bool8] IFLA_BR_MCAST_IGMP_VERSION nlattr[IFLA_BR_MCAST_IGMP_VERSION, int8] IFLA_BR_MCAST_MLD_VERSION nlattr[IFLA_BR_MCAST_MLD_VERSION, int8] + IFLA_BR_VLAN_STATS_PER_PORT nlattr[IFLA_BR_VLAN_STATS_PER_PORT, bool8] + IFLA_BR_MULTI_BOOLOPT nlattr[IFLA_BR_MULTI_BOOLOPT, br_boolopt_multi] ] [varlen] +br_boolopt_multi { + optval flags[br_boolopt_id, int32] + optmask flags[br_boolopt_id, int32] +} + +br_boolopt_id = BR_BOOLOPT_NO_LL_LEARN, BR_BOOLOPT_MCAST_VLAN_SNOOPING + br_port_policy [ - IFLA_BRPORT_STATE nlattr[IFLA_BRPORT_STATE, int8[0:4]] - IFLA_BRPORT_COST nlattr[IFLA_BRPORT_COST, int32] - IFLA_BRPORT_PRIORITY nlattr[IFLA_BRPORT_PRIORITY, int16] - IFLA_BRPORT_MODE nlattr[IFLA_BRPORT_MODE, int8[0:1]] - IFLA_BRPORT_GUARD nlattr[IFLA_BRPORT_GUARD, int8[0:1]] - IFLA_BRPORT_PROTECT nlattr[IFLA_BRPORT_PROTECT, int8[0:1]] - IFLA_BRPORT_FAST_LEAVE nlattr[IFLA_BRPORT_FAST_LEAVE, int8[0:1]] - IFLA_BRPORT_LEARNING nlattr[IFLA_BRPORT_LEARNING, int8[0:1]] - IFLA_BRPORT_UNICAST_FLOOD nlattr[IFLA_BRPORT_UNICAST_FLOOD, int8[0:1]] - IFLA_BRPORT_PROXYARP nlattr[IFLA_BRPORT_PROXYARP, int8[0:1]] - IFLA_BRPORT_PROXYARP_WIFI nlattr[IFLA_BRPORT_PROXYARP_WIFI, int8[0:1]] - IFLA_BRPORT_MULTICAST_ROUTER nlattr[IFLA_BRPORT_MULTICAST_ROUTER, int8[0:3]] - IFLA_BRPORT_MCAST_TO_UCAST nlattr[IFLA_BRPORT_MCAST_TO_UCAST, int8[0:1]] - IFLA_BRPORT_MCAST_FLOOD nlattr[IFLA_BRPORT_MCAST_FLOOD, int8[0:1]] - IFLA_BRPORT_BCAST_FLOOD nlattr[IFLA_BRPORT_BCAST_FLOOD, int8[0:1]] - IFLA_BRPORT_VLAN_TUNNEL nlattr[IFLA_BRPORT_VLAN_TUNNEL, int8[0:1]] - IFLA_BRPORT_GROUP_FWD_MASK nlattr[IFLA_BRPORT_GROUP_FWD_MASK, int16] - IFLA_BRPORT_NEIGH_SUPPRESS nlattr[IFLA_BRPORT_NEIGH_SUPPRESS, int8[0:1]] - IFLA_BRPORT_ISOLATED nlattr[IFLA_BRPORT_ISOLATED, int8[0:1]] - IFLA_BRPORT_FLUSH nlattr[IFLA_BRPORT_FLUSH, void] + IFLA_BRPORT_STATE nlattr[IFLA_BRPORT_STATE, int8[0:4]] + IFLA_BRPORT_COST nlattr[IFLA_BRPORT_COST, int32] + IFLA_BRPORT_PRIORITY nlattr[IFLA_BRPORT_PRIORITY, int16] + IFLA_BRPORT_MODE nlattr[IFLA_BRPORT_MODE, int8[0:1]] + IFLA_BRPORT_GUARD nlattr[IFLA_BRPORT_GUARD, int8[0:1]] + IFLA_BRPORT_PROTECT nlattr[IFLA_BRPORT_PROTECT, int8[0:1]] + IFLA_BRPORT_FAST_LEAVE nlattr[IFLA_BRPORT_FAST_LEAVE, int8[0:1]] + IFLA_BRPORT_LEARNING nlattr[IFLA_BRPORT_LEARNING, int8[0:1]] + IFLA_BRPORT_UNICAST_FLOOD nlattr[IFLA_BRPORT_UNICAST_FLOOD, int8[0:1]] + IFLA_BRPORT_PROXYARP nlattr[IFLA_BRPORT_PROXYARP, int8[0:1]] + IFLA_BRPORT_PROXYARP_WIFI nlattr[IFLA_BRPORT_PROXYARP_WIFI, int8[0:1]] + IFLA_BRPORT_MULTICAST_ROUTER nlattr[IFLA_BRPORT_MULTICAST_ROUTER, int8[0:3]] + IFLA_BRPORT_MCAST_TO_UCAST nlattr[IFLA_BRPORT_MCAST_TO_UCAST, int8[0:1]] + IFLA_BRPORT_MCAST_FLOOD nlattr[IFLA_BRPORT_MCAST_FLOOD, int8[0:1]] + IFLA_BRPORT_BCAST_FLOOD nlattr[IFLA_BRPORT_BCAST_FLOOD, int8[0:1]] + IFLA_BRPORT_VLAN_TUNNEL nlattr[IFLA_BRPORT_VLAN_TUNNEL, int8[0:1]] + IFLA_BRPORT_GROUP_FWD_MASK nlattr[IFLA_BRPORT_GROUP_FWD_MASK, int16] + IFLA_BRPORT_NEIGH_SUPPRESS nlattr[IFLA_BRPORT_NEIGH_SUPPRESS, int8[0:1]] + IFLA_BRPORT_ISOLATED nlattr[IFLA_BRPORT_ISOLATED, int8[0:1]] + IFLA_BRPORT_FLUSH nlattr[IFLA_BRPORT_FLUSH, void] + IFLA_BRPORT_BACKUP_PORT nlattr[IFLA_BRPORT_BACKUP_PORT, ifindex] + IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT nlattr[IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT, int32] ] [varlen] ipgre_policy [ @@ -642,19 +657,23 @@ ip6_tnl_policy [ ipip6_ip_proto = IPPROTO_IPV6, IPPROTO_IPIP, IPPROTO_MPLS ifa_ipv4_policy [ - IFA_LOCAL nlattr[IFA_LOCAL, ipv4_addr] - IFA_ADDRESS nlattr[IFA_ADDRESS, ipv4_addr] - IFA_BROADCAST nlattr[IFA_BROADCAST, ipv4_addr] - IFA_LABEL nlattr[IFA_LABEL, devname] - IFA_CACHEINFO nlattr[IFA_CACHEINFO, ifa_cacheinfo] - IFA_FLAGS nlattr[IFA_FLAGS, flags[ifa_flags, int32]] + IFA_LOCAL nlattr[IFA_LOCAL, ipv4_addr] + IFA_ADDRESS nlattr[IFA_ADDRESS, ipv4_addr] + IFA_BROADCAST nlattr[IFA_BROADCAST, ipv4_addr] + IFA_LABEL nlattr[IFA_LABEL, devname] + IFA_CACHEINFO nlattr[IFA_CACHEINFO, ifa_cacheinfo] + IFA_FLAGS nlattr[IFA_FLAGS, flags[ifa_flags, int32]] + IFA_RT_PRIORITY nlattr[IFA_RT_PRIORITY, int32] + IFA_TARGET_NETNSID nlattr[IFA_TARGET_NETNSID, netns_id] ] [varlen] ifa_ipv6_policy [ - IFA_ADDRESS nlattr[IFA_ADDRESS, ipv6_addr] - IFA_LOCAL nlattr[IFA_LOCAL, ipv6_addr] - IFA_CACHEINFO nlattr[IFA_CACHEINFO, ifa_cacheinfo] - IFA_FLAGS nlattr[IFA_FLAGS, flags[ifa_flags, int32]] + IFA_ADDRESS nlattr[IFA_ADDRESS, ipv6_addr] + IFA_LOCAL nlattr[IFA_LOCAL, ipv6_addr] + IFA_CACHEINFO nlattr[IFA_CACHEINFO, ifa_cacheinfo] + IFA_FLAGS nlattr[IFA_FLAGS, flags[ifa_flags, int32]] + IFA_RT_PRIORITY nlattr[IFA_RT_PRIORITY, int32] + IFA_TARGET_NETNSID nlattr[IFA_TARGET_NETNSID, netns_id] ] [varlen] rtm_ipv4_policy [ @@ -673,8 +692,15 @@ rtm_ipv4_policy [ RTA_ENCAP nlnest[RTA_ENCAP, lwtunnel_policy] RTA_UID nlattr[RTA_UID, uid] RTA_MARK nlattr[RTA_MARK, int32] + RTA_TABLE nlattr[RTA_TABLE, int32] + RTA_IP_PROTO nlattr[RTA_IP_PROTO, flags[rta_ip_protos, int8]] + RTA_SPORT nlattr[RTA_SPORT, sock_port] + RTA_DPORT nlattr[RTA_DPORT, sock_port] + RTA_NH_ID nlattr[RTA_NH_ID, int32] ] [varlen] +rta_ip_protos = IPPROTO_TCP, IPPROTO_UDP, IPPROTO_ICMP, IPPROTO_ICMPV6 + rtm_ipv6_policy [ RTA_GATEWAY nlattr[RTA_GATEWAY, ipv6_addr] RTA_IIF nlattr[RTA_IIF, ifindex] @@ -797,6 +823,14 @@ nda_policy [ NDA_LINK_NETNSID nlattr[NDA_LINK_NETNSID, int32] NDA_SRC_VNI nlattr[NDA_SRC_VNI, int32] NDA_FLAGS_EXT nlattr[NDA_FLAGS_EXT, flags[ndm_ext_flags, int32]] + NDA_PROTOCOL nlattr[NDA_PROTOCOL, int8] + NDA_NH_ID nlattr[NDA_NH_ID, int32] + NDA_FDB_EXT_ATTRS nlnest[NDA_FDB_EXT_ATTRS, array[br_nda_fdb_pol]] +] [varlen] + +br_nda_fdb_pol [ + NFEA_ACTIVITY_NOTIFY nlattr[NFEA_ACTIVITY_NOTIFY, int8] + NFEA_DONT_REFRESH nlattr[NFEA_DONT_REFRESH, void] ] [varlen] nda_cacheinfo { @@ -829,10 +863,11 @@ br_vlan_db_policy$container [ ] [varlen] br_vlan_db_policy [ - BRIDGE_VLANDB_ENTRY_INFO nlattr[BRIDGE_VLANDB_ENTRY_INFO, bridge_vlan_info] - BRIDGE_VLANDB_ENTRY_RANGE nlattr[BRIDGE_VLANDB_ENTRY_RANGE, int16[BRIDGE_VLAN_INFO_RANGE_BEGIN:BRIDGE_VLAN_INFO_RANGE_END]] - BRIDGE_VLANDB_ENTRY_STATE nlattr[BRIDGE_VLANDB_ENTRY_STATE, flags[br_vlan_state_options, int8]] - BRIDGE_VLANDB_ENTRY_TUNNEL_INFO nlnest[BRIDGE_VLANDB_ENTRY_TUNNEL_INFO, br_vlandb_tinfo_pol] + BRIDGE_VLANDB_ENTRY_INFO nlattr[BRIDGE_VLANDB_ENTRY_INFO, bridge_vlan_info] + BRIDGE_VLANDB_ENTRY_RANGE nlattr[BRIDGE_VLANDB_ENTRY_RANGE, int16[BRIDGE_VLAN_INFO_RANGE_BEGIN:BRIDGE_VLAN_INFO_RANGE_END]] + BRIDGE_VLANDB_ENTRY_STATE nlattr[BRIDGE_VLANDB_ENTRY_STATE, flags[br_vlan_state_options, int8]] + BRIDGE_VLANDB_ENTRY_TUNNEL_INFO nlnest[BRIDGE_VLANDB_ENTRY_TUNNEL_INFO, br_vlandb_tinfo_pol] + BRIDGE_VLANDB_ENTRY_MCAST_ROUTER nlattr[BRIDGE_VLANDB_ENTRY_MCAST_ROUTER, int8] ] [varlen] bridge_vlan_info { @@ -887,10 +922,17 @@ rtm_nh_policy_new [ NHA_ENCAP_TYPE nlattr[NHA_ENCAP_TYPE, flags[lwtunnel_encap_types, int16]] NHA_ENCAP nlnest[NHA_ENCAP, lwtunnel_policy] NHA_FDB nlattr[NHA_FDB, void] + NHA_RES_GROUP nlnest[NHA_RES_GROUP, array[rtm_nh_res_policy_new]] ] [varlen] type rtm_nh_policy_del nlattr[NHA_ID, rtm_nh_id] +rtm_nh_res_policy_new [ + NHA_RES_GROUP_BUCKETS nlattr[NHA_RES_GROUP_BUCKETS, int16] + NHA_RES_GROUP_IDLE_TIMER nlattr[NHA_RES_GROUP_IDLE_TIMER, int32] + NHA_RES_GROUP_UNBALANCED_TIMER nlattr[NHA_RES_GROUP_UNBALANCED_TIMER, int32] +] [varlen] + nexthop_grp { id int32[0:2] weight int8 @@ -1125,9 +1167,9 @@ seg6_tuninfo { } [packed] seg6_iptunnel_encap { - mode flags[seg6_iptun_mode, int8] + mode flags[seg6_iptun_mode, int32] srh ipv6_sr_hdr -} [packed] +} seg6_iptun_mode = SEG6_IPTUN_MODE_INLINE, SEG6_IPTUN_MODE_ENCAP, SEG6_IPTUN_MODE_L2ENCAP @@ -1200,4 +1242,4 @@ br_mdb_entry_state = MDB_TEMPORARY, MDB_PERMANENT br_mdb_entry_flags = MDB_FLAGS_OFFLOAD, MDB_FLAGS_FAST_LEAVE br_mdb_entry_sub_proto = ETH_P_IP, ETH_P_IPV6 rtnh_flags = RTNH_F_DEAD, RTNH_F_PERVASIVE, RTNH_F_ONLINK, RTNH_F_OFFLOAD, RTNH_F_LINKDOWN, RTNH_F_UNRESOLVED -nha_group_types = NEXTHOP_GRP_TYPE_MPATH +nha_group_types = NEXTHOP_GRP_TYPE_MPATH, NEXTHOP_GRP_TYPE_RES diff --git a/sys/linux/socket_netlink_route.txt.const b/sys/linux/socket_netlink_route.txt.const index fd11cc867..41711e8d1 100644 --- a/sys/linux/socket_netlink_route.txt.const +++ b/sys/linux/socket_netlink_route.txt.const @@ -11,6 +11,7 @@ BRIDGE_VLANDB_DUMPF_STATS = 1 BRIDGE_VLANDB_DUMP_FLAGS = 1 BRIDGE_VLANDB_ENTRY = 1 BRIDGE_VLANDB_ENTRY_INFO = 1 +BRIDGE_VLANDB_ENTRY_MCAST_ROUTER = 6 BRIDGE_VLANDB_ENTRY_RANGE = 2 BRIDGE_VLANDB_ENTRY_STATE = 3 BRIDGE_VLANDB_ENTRY_TUNNEL_INFO = 4 @@ -23,6 +24,8 @@ BRIDGE_VLAN_INFO_PVID = 2 BRIDGE_VLAN_INFO_RANGE_BEGIN = 8 BRIDGE_VLAN_INFO_RANGE_END = 16 BRIDGE_VLAN_INFO_UNTAGGED = 4 +BR_BOOLOPT_MCAST_VLAN_SNOOPING = 1 +BR_BOOLOPT_NO_LL_LEARN = 0 BR_STATE_BLOCKING = 4 BR_STATE_DISABLED = 0 BR_STATE_FORWARDING = 3 @@ -86,6 +89,7 @@ FR_ACT_UNREACHABLE = 7 FR_ACT_UNSPEC = 0 GSO_MAX_SEGS = 65535 GSO_MAX_SIZE = 65536 +HSR_PROTOCOL_MAX = 2 IFAL_ADDRESS = 1 IFAL_LABEL = 2 IFA_ADDRESS = 1 @@ -105,6 +109,8 @@ IFA_F_SECONDARY = 1 IFA_F_TENTATIVE = 64 IFA_LABEL = 3 IFA_LOCAL = 2 +IFA_RT_PRIORITY = 9 +IFA_TARGET_NETNSID = 10 IFF_ALLMULTI = 512 IFF_AUTOMEDIA = 16384 IFF_BROADCAST = 2 @@ -131,6 +137,7 @@ IFLA_BATADV_ALGO_NAME = 1 IFLA_BOND_ACTIVE_SLAVE = 2 IFLA_BOND_AD_ACTOR_SYSTEM = 26 IFLA_BOND_AD_ACTOR_SYS_PRIO = 24 +IFLA_BOND_AD_LACP_ACTIVE = 29 IFLA_BOND_AD_LACP_RATE = 21 IFLA_BOND_AD_SELECT = 22 IFLA_BOND_AD_USER_PORT_KEY = 25 @@ -147,6 +154,7 @@ IFLA_BOND_MIN_LINKS = 18 IFLA_BOND_MODE = 1 IFLA_BOND_NUM_PEER_NOTIF = 16 IFLA_BOND_PACKETS_PER_SLAVE = 20 +IFLA_BOND_PEER_NOTIF_DELAY = 28 IFLA_BOND_PRIMARY = 11 IFLA_BOND_PRIMARY_RESELECT = 12 IFLA_BOND_RESEND_IGMP = 15 @@ -156,6 +164,7 @@ IFLA_BOND_UPDELAY = 4 IFLA_BOND_USE_CARRIER = 6 IFLA_BOND_XMIT_HASH_POLICY = 14 IFLA_BROADCAST = 2 +IFLA_BRPORT_BACKUP_PORT = 34 IFLA_BRPORT_BCAST_FLOOD = 30 IFLA_BRPORT_COST = 3 IFLA_BRPORT_FAST_LEAVE = 7 @@ -164,6 +173,7 @@ IFLA_BRPORT_GROUP_FWD_MASK = 31 IFLA_BRPORT_GUARD = 5 IFLA_BRPORT_ISOLATED = 33 IFLA_BRPORT_LEARNING = 8 +IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT = 37 IFLA_BRPORT_MCAST_FLOOD = 27 IFLA_BRPORT_MCAST_TO_UCAST = 28 IFLA_BRPORT_MODE = 4 @@ -199,6 +209,7 @@ IFLA_BR_MCAST_SNOOPING = 23 IFLA_BR_MCAST_STARTUP_QUERY_CNT = 29 IFLA_BR_MCAST_STARTUP_QUERY_INTVL = 35 IFLA_BR_MCAST_STATS_ENABLED = 42 +IFLA_BR_MULTI_BOOLOPT = 46 IFLA_BR_NF_CALL_ARPTABLES = 38 IFLA_BR_NF_CALL_IP6TABLES = 37 IFLA_BR_NF_CALL_IPTABLES = 36 @@ -208,6 +219,7 @@ IFLA_BR_VLAN_DEFAULT_PVID = 39 IFLA_BR_VLAN_FILTERING = 7 IFLA_BR_VLAN_PROTOCOL = 8 IFLA_BR_VLAN_STATS_ENABLED = 41 +IFLA_BR_VLAN_STATS_PER_PORT = 45 IFLA_CARRIER = 33 IFLA_CARRIER_CHANGES = 35 IFLA_EVENT = 44 @@ -253,6 +265,7 @@ IFLA_GROUP = 27 IFLA_GSO_MAX_SEGS = 40 IFLA_GSO_MAX_SIZE = 41 IFLA_HSR_MULTICAST_SPEC = 3 +IFLA_HSR_PROTOCOL = 7 IFLA_HSR_SEQ_NR = 5 IFLA_HSR_SLAVE1 = 1 IFLA_HSR_SLAVE2 = 2 @@ -308,6 +321,7 @@ IFLA_MACSEC_SCB = 11 IFLA_MACSEC_SCI = 1 IFLA_MACSEC_VALIDATION = 13 IFLA_MACSEC_WINDOW = 5 +IFLA_MACVLAN_BC_QUEUE_LEN = 7 IFLA_MACVLAN_FLAGS = 2 IFLA_MACVLAN_MACADDR = 4 IFLA_MACVLAN_MACADDR_DATA = 5 @@ -389,9 +403,13 @@ ILA_CSUM_NEUTRAL_MAP_AUTO = 3 ILA_CSUM_NO_ACTION = 2 ILA_HOOK_ROUTE_INPUT = 1 ILA_HOOK_ROUTE_OUTPUT = 0 +IPPROTO_ICMP = 1 +IPPROTO_ICMPV6 = 58 IPPROTO_IPIP = 4 IPPROTO_IPV6 = 41 IPPROTO_MPLS = 137 +IPPROTO_TCP = 6 +IPPROTO_UDP = 17 IPV4_DEVCONF_MAX = 33 IPVLAN_F_PRIVATE = 1 IPVLAN_F_VEPA = 2 @@ -458,13 +476,16 @@ MPLS_IPTUNNEL_DST = 1 MPLS_IPTUNNEL_TTL = 2 NDA_CACHEINFO = 3 NDA_DST = 1 +NDA_FDB_EXT_ATTRS = 14 NDA_FLAGS_EXT = 15 NDA_IFINDEX = 8 NDA_LINK_NETNSID = 10 NDA_LLADDR = 2 NDA_MASTER = 9 +NDA_NH_ID = 13 NDA_PORT = 6 NDA_PROBES = 4 +NDA_PROTOCOL = 12 NDA_SRC_VNI = 11 NDA_VLAN = 5 NDA_VNI = 7 @@ -498,6 +519,9 @@ NETNSA_FD = 3 NETNSA_NSID = 1 NETNSA_PID = 2 NEXTHOP_GRP_TYPE_MPATH = 0 +NEXTHOP_GRP_TYPE_RES = 1 +NFEA_ACTIVITY_NOTIFY = 1 +NFEA_DONT_REFRESH = 2 NHA_BLACKHOLE = 4 NHA_ENCAP = 8 NHA_ENCAP_TYPE = 7 @@ -509,6 +533,10 @@ NHA_GROUP_TYPE = 3 NHA_ID = 1 NHA_MASTER = 10 NHA_OIF = 5 +NHA_RES_GROUP = 12 +NHA_RES_GROUP_BUCKETS = 1 +NHA_RES_GROUP_IDLE_TIMER = 2 +NHA_RES_GROUP_UNBALANCED_TIMER = 3 NTF_EXT_LEARNED = 16 NTF_EXT_MANAGED = 1 NTF_MASTER = 4 @@ -528,6 +556,7 @@ NUD_PROBE = 16 NUD_REACHABLE = 2 NUD_STALE = 4 RPL_IPTUNNEL_SRH = 1 +RTA_DPORT = 29 RTA_DST = 1 RTA_ENCAP = 22 RTA_ENCAP_TYPE = 21 @@ -535,15 +564,19 @@ RTA_EXPIRES = 23 RTA_FLOW = 11 RTA_GATEWAY = 5 RTA_IIF = 3 +RTA_IP_PROTO = 27 RTA_MARK = 16 RTA_METRICS = 8 RTA_MULTIPATH = 9 RTA_NEWDST = 19 +RTA_NH_ID = 30 RTA_OIF = 4 RTA_PREF = 20 RTA_PREFSRC = 7 RTA_PRIORITY = 6 +RTA_SPORT = 28 RTA_SRC = 2 +RTA_TABLE = 15 RTA_TTL_PROPAGATE = 26 RTA_UID = 25 RTA_VIA = 18 diff --git a/sys/linux/socket_netlink_route.txt.warn b/sys/linux/socket_netlink_route.txt.warn index fd66ec004..0f5947fa6 100644 --- a/sys/linux/socket_netlink_route.txt.warn +++ b/sys/linux/socket_netlink_route.txt.warn @@ -2,23 +2,15 @@ bad-netlink-attr: ifla_policy.IFLA_IFALIASn: duplicate attribute no-such-netlink-policy: ifla_af_spec_policy bad-netlink-attr: ifla_info_policy$t: missing attributes: [4] no-such-netlink-policy: batadv_policy -bad-netlink-attr: macvlan_policy: missing attributes: [6 7] -bad-netlink-attr: hsr_policy: missing attributes: [7] -bad-netlink-attr: bond_policy: missing attributes: [23 28 29 30] -bad-netlink-attr: br_policy: missing attributes: [45 46] -bad-netlink-attr: br_port_policy: missing attributes: [34 37] +bad-netlink-attr: macvlan_policy: missing attributes: [6] +bad-netlink-attr: bond_policy: missing attributes: [23 30] no-such-struct: peer_info bad-netlink-attr: vti6_policy: missing attributes: [1 2 3 6] -bad-netlink-attr: ifa_ipv4_policy: missing attributes: [9 10] -bad-netlink-attr: ifa_ipv6_policy: missing attributes: [9 10] -bad-netlink-attr: rtm_ipv4_policy: missing attributes: [15 27 28 29 30] no-such-netlink-policy: fib4_rule_policy_generic no-such-netlink-policy: fib4_rule_policy no-such-netlink-policy: fib6_rule_policy -bad-netlink-attr: nda_policy: missing attributes: [12 13 14] bad-netlink-attr: nda_policy.NDA_DST_IPV6: duplicate attribute bad-netlink-attr: nda_policy.NDA_DST_MAC: duplicate attribute -bad-netlink-attr: br_vlan_db_policy: missing attributes: [6] no-such-netlink-policy: br_mdb_policy no-such-struct: br_mdb_entry_sub no-such-struct: br_mdb_entry_sub_u @@ -26,7 +18,6 @@ bad-netlink-attr-type: rtm_nh_policy_get.NHA_OIF: type 5, kernel policy size 2 bad-netlink-attr-type: rtm_nh_policy_get.NHA_GROUPS: type 9, kernel policy size 2 bad-netlink-attr-type: rtm_nh_policy_get.NHA_MASTER: type 10, kernel policy size 2 bad-netlink-attr-type: rtm_nh_policy_get.NHA_FDB: type 11, kernel policy size 2 -bad-netlink-attr: rtm_nh_policy_new: missing attributes: [12] no-such-struct: nha_gateway bad-netlink-attr: ifla_vf_policy: missing attributes: [8] bad-field-number: ifla_vf_mac: syz=3 kernel=2 @@ -36,5 +27,4 @@ bad-netlink-attr: ifla_xdp_policy: missing attributes: [2 4] bad-netlink-attr: rtnl_net_policy: missing attributes: [4] no-such-netlink-policy: lwtunnel_policy bad-bitfield: ipv6_rpl_sr_hdr.control/cmpre: size/offset: syz=0/0 kernel=4/0 -bad-field-size: seg6_iptunnel_encap.mode: syz=1 kernel=4 bad-netlink-attr: cgw_policy: missing attributes: [15 16 17 18] diff --git a/sys/linux/socket_netlink_route_sched.txt b/sys/linux/socket_netlink_route_sched.txt index fc67781b4..bab2630be 100644 --- a/sys/linux/socket_netlink_route_sched.txt +++ b/sys/linux/socket_netlink_route_sched.txt @@ -221,15 +221,17 @@ fq_policy [ ] [varlen] fq_codel_policy [ - TCA_FQ_CODEL_TARGET nlattr[TCA_FQ_CODEL_TARGET, int32] - TCA_FQ_CODEL_LIMIT nlattr[TCA_FQ_CODEL_LIMIT, int32] - TCA_FQ_CODEL_INTERVAL nlattr[TCA_FQ_CODEL_INTERVAL, int32] - TCA_FQ_CODEL_ECN nlattr[TCA_FQ_CODEL_ECN, int32[0:1]] - TCA_FQ_CODEL_FLOWS nlattr[TCA_FQ_CODEL_FLOWS, int32] - TCA_FQ_CODEL_QUANTUM nlattr[TCA_FQ_CODEL_QUANTUM, int32] - TCA_FQ_CODEL_CE_THRESHOLD nlattr[TCA_FQ_CODEL_CE_THRESHOLD, int32] - TCA_FQ_CODEL_DROP_BATCH_SIZE nlattr[TCA_FQ_CODEL_DROP_BATCH_SIZE, int32] - TCA_FQ_CODEL_MEMORY_LIMIT nlattr[TCA_FQ_CODEL_MEMORY_LIMIT, int32] + TCA_FQ_CODEL_TARGET nlattr[TCA_FQ_CODEL_TARGET, int32] + TCA_FQ_CODEL_LIMIT nlattr[TCA_FQ_CODEL_LIMIT, int32] + TCA_FQ_CODEL_INTERVAL nlattr[TCA_FQ_CODEL_INTERVAL, int32] + TCA_FQ_CODEL_ECN nlattr[TCA_FQ_CODEL_ECN, int32[0:1]] + TCA_FQ_CODEL_FLOWS nlattr[TCA_FQ_CODEL_FLOWS, int32] + TCA_FQ_CODEL_QUANTUM nlattr[TCA_FQ_CODEL_QUANTUM, int32] + TCA_FQ_CODEL_CE_THRESHOLD nlattr[TCA_FQ_CODEL_CE_THRESHOLD, int32] + TCA_FQ_CODEL_DROP_BATCH_SIZE nlattr[TCA_FQ_CODEL_DROP_BATCH_SIZE, int32] + TCA_FQ_CODEL_MEMORY_LIMIT nlattr[TCA_FQ_CODEL_MEMORY_LIMIT, int32] + TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR nlattr[TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR, int8] + TCA_FQ_CODEL_CE_THRESHOLD_MASK nlattr[TCA_FQ_CODEL_CE_THRESHOLD_MASK, int8] ] [varlen] fq_pie_policy [ @@ -330,10 +332,12 @@ pie_policy [ ] [varlen] red_policy [ - TCA_RED_PARMS nlattr[TCA_RED_PARMS, tc_red_qopt] - TCA_RED_STAB nlattr[TCA_RED_STAB, array[int8, 256]] - TCA_RED_MAX_P nlattr[TCA_RED_MAX_P, int32] - TCA_RED_FLAGS nlattr[TCA_RED_FLAGS, nla_bitfield32[red_supported_flags]] + TCA_RED_PARMS nlattr[TCA_RED_PARMS, tc_red_qopt] + TCA_RED_STAB nlattr[TCA_RED_STAB, array[int8, 256]] + TCA_RED_MAX_P nlattr[TCA_RED_MAX_P, int32] + TCA_RED_FLAGS nlattr[TCA_RED_FLAGS, nla_bitfield32[red_supported_flags]] + TCA_RED_EARLY_DROP_BLOCK nlattr[TCA_RED_EARLY_DROP_BLOCK, int32] + TCA_RED_MARK_BLOCK nlattr[TCA_RED_MARK_BLOCK, int32] ] [varlen] red_supported_flags = TC_RED_HISTORIC_FLAGS, TC_RED_NODROP @@ -633,6 +637,7 @@ htb_policy$class [ TCA_HTB_RTAB nlattr[TCA_HTB_RTAB, array[int32, 256]] TCA_HTB_RATE64 nlattr[TCA_HTB_RATE64, int64] TCA_HTB_CEIL64 nlattr[TCA_HTB_CEIL64, int64] + TCA_HTB_OFFLOAD nlattr[TCA_HTB_OFFLOAD, void] ] [varlen] qfq_policy [ @@ -835,10 +840,10 @@ erspan_opt_policy [ ] [varlen] mpls_opts [ - TCA_FLOWER_KEY_MPLS_OPTS_LSE nlattr[TCA_FLOWER_KEY_MPLS_OPTS_LSE, mpls_opts_lse] + TCA_FLOWER_KEY_MPLS_OPTS_LSE nlnest[TCA_FLOWER_KEY_MPLS_OPTS_LSE, array[mpls_stack_entry_policy]] ] [varlen] -mpls_opts_lse [ +mpls_stack_entry_policy [ TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH nlattr[TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH, int8[1:FLOW_DIS_MPLS_MAX]] TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL nlattr[TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL, int8] TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS nlattr[TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS, int8[0:MPLS_BOS_MASK]] @@ -1323,7 +1328,7 @@ tcf_em_cmp { } tcf_em_nbyte { - off int32 + off int16 len bytesize[payload, int16:12] layer flags[tcf_layers, int8:4] payload array[int8, 0:10] diff --git a/sys/linux/socket_netlink_route_sched.txt.const b/sys/linux/socket_netlink_route_sched.txt.const index 2bfdb642f..bd2e531b4 100644 --- a/sys/linux/socket_netlink_route_sched.txt.const +++ b/sys/linux/socket_netlink_route_sched.txt.const @@ -319,6 +319,8 @@ TCA_FLOW_XOR = 7 TCA_FQ_BUCKETS_LOG = 8 TCA_FQ_CE_THRESHOLD = 12 TCA_FQ_CODEL_CE_THRESHOLD = 7 +TCA_FQ_CODEL_CE_THRESHOLD_MASK = 11 +TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR = 10 TCA_FQ_CODEL_DROP_BATCH_SIZE = 8 TCA_FQ_CODEL_ECN = 4 TCA_FQ_CODEL_FLOWS = 5 @@ -376,6 +378,7 @@ TCA_HTB_CEIL64 = 7 TCA_HTB_CTAB = 3 TCA_HTB_DIRECT_QLEN = 5 TCA_HTB_INIT = 2 +TCA_HTB_OFFLOAD = 9 TCA_HTB_PARMS = 1 TCA_HTB_RATE64 = 6 TCA_HTB_RTAB = 4 @@ -454,7 +457,9 @@ TCA_POLICE_TBF = 1 TCA_QFQ_LMAX = 2 TCA_QFQ_WEIGHT = 1 TCA_RATE = 5 +TCA_RED_EARLY_DROP_BLOCK = 5 TCA_RED_FLAGS = 4 +TCA_RED_MARK_BLOCK = 6 TCA_RED_MAX_P = 3 TCA_RED_PARMS = 1 TCA_RED_STAB = 2 diff --git a/sys/linux/socket_netlink_route_sched.txt.warn b/sys/linux/socket_netlink_route_sched.txt.warn index 1cdd94b5d..9a1562ff3 100644 --- a/sys/linux/socket_netlink_route_sched.txt.warn +++ b/sys/linux/socket_netlink_route_sched.txt.warn @@ -4,18 +4,14 @@ no-such-netlink-policy: tca_kind_options_t no-such-netlink-policy: qdisc_kind_options bad-netlink-attr: cbq_policy: missing attributes: [4 7] bad-netlink-attr: fq_policy: missing attributes: [14 15] -bad-netlink-attr: fq_codel_policy: missing attributes: [10 11] bad-netlink-attr: gred_policy: missing attributes: [6] -bad-netlink-attr: htb_policy: missing attributes: [9] no-such-netlink-policy: netem_loss_policy bad-netlink-attr: pie_policy: missing attributes: [8] -bad-netlink-attr: red_policy: missing attributes: [5 6] bad-netlink-attr: entry_policy$taprio: missing attributes: [1] bad-netlink-attr: taprio_policy: missing attributes: [4] no-such-netlink-policy: tclass_kind_options bad-netlink-attr: fl_policy: missing attributes: [100 101] no-such-netlink-policy: mpls_opts -no-such-netlink-policy: mpls_opts_lse no-such-netlink-policy: tca_actions no-such-netlink-policy: tca_ife_meta_policy bad-field-size: xt_entry_target.u_target_size/u: syz=2 kernel=32 @@ -69,6 +65,3 @@ bad-field-offset: tc_vlan.v_action/capab: syz=20 kernel=4 bad-netlink-attr: police_policy: missing attributes: [10 11] no-such-netlink-policy: tca_ematch_tree_list no-such-struct: tcf_ematch_hdr_t -bad-field-size: tcf_em_nbyte.off: syz=4 kernel=2 -bad-field-offset: tcf_em_nbyte.len: syz=4 kernel=2 -bad-field-offset: tcf_em_nbyte.layer: syz=5 kernel=3 diff --git a/sys/linux/socket_tipc_netlink.txt b/sys/linux/socket_tipc_netlink.txt index 8093dea9e..75ee11761 100644 --- a/sys/linux/socket_tipc_netlink.txt +++ b/sys/linux/socket_tipc_netlink.txt @@ -178,10 +178,12 @@ tipc_nl_media_policy [ ] [varlen] tipc_nl_node_policy [ - TIPC_NLA_NODE_ADDR nlattr[TIPC_NLA_NODE_ADDR, int32] - TIPC_NLA_NODE_UP nlattr[TIPC_NLA_NODE_UP, void] - TIPC_NLA_NODE_ID nlattr[TIPC_NLA_NODE_ID, array[int8]] - TIPC_NLA_NODE_KEY nlattr[TIPC_NLA_NODE_KEY, tipc_aead_key] + TIPC_NLA_NODE_ADDR nlattr[TIPC_NLA_NODE_ADDR, int32] + TIPC_NLA_NODE_UP nlattr[TIPC_NLA_NODE_UP, void] + TIPC_NLA_NODE_ID nlattr[TIPC_NLA_NODE_ID, array[int8]] + TIPC_NLA_NODE_KEY nlattr[TIPC_NLA_NODE_KEY, tipc_aead_key] + TIPC_NLA_NODE_KEY_MASTER nlattr[TIPC_NLA_NODE_KEY_MASTER, void] + TIPC_NLA_NODE_REKEYING nlattr[TIPC_NLA_NODE_REKEYING, int32] ] [varlen] tipc_nl_net_policy [ diff --git a/sys/linux/socket_tipc_netlink.txt.const b/sys/linux/socket_tipc_netlink.txt.const index b7ceb7812..3e2bca60a 100644 --- a/sys/linux/socket_tipc_netlink.txt.const +++ b/sys/linux/socket_tipc_netlink.txt.const @@ -50,6 +50,8 @@ TIPC_NLA_NODE = 6 TIPC_NLA_NODE_ADDR = 1 TIPC_NLA_NODE_ID = 3 TIPC_NLA_NODE_KEY = 4 +TIPC_NLA_NODE_KEY_MASTER = 5 +TIPC_NLA_NODE_REKEYING = 6 TIPC_NLA_NODE_UP = 2 TIPC_NLA_PROP_MTU = 4 TIPC_NLA_PROP_PRIO = 1 diff --git a/sys/linux/socket_tipc_netlink.txt.warn b/sys/linux/socket_tipc_netlink.txt.warn index 12ffc1f1f..ad6836b3f 100644 --- a/sys/linux/socket_tipc_netlink.txt.warn +++ b/sys/linux/socket_tipc_netlink.txt.warn @@ -4,6 +4,5 @@ bad-netlink-attr: tipc_nl_policy: missing attributes: [8] no-such-netlink-policy: tipc_nl_publ_policy bad-netlink-attr: tipc_nl_bearer_policy.TIPC_NLA_BEARER_NAME: expect string no-such-netlink-policy: tipc_nl_sock_con_policy -bad-netlink-attr: tipc_nl_node_policy: missing attributes: [5 6] bad-netlink-attr: tipc_nl_net_policy: missing attributes: [5] bad-netlink-attr: tipc_nl_prop_policy: missing attributes: [5 6] diff --git a/sys/linux/sys.txt b/sys/linux/sys.txt index 8664e09a8..2ccb38ab1 100644 --- a/sys/linux/sys.txt +++ b/sys/linux/sys.txt @@ -59,7 +59,7 @@ include <uapi/linux/close_range.h> resource fd[int32]: -1 resource fd_dir[fd]: AT_FDCWD -# alignptr/align32/align64 can be used when ABI uses int64/intptr to hold a smaller tqype. +# alignptr/align32/align64/padto64 can be used when ABI uses int64/intptr to hold a smaller type. # E.g. pid/uid stored as intptr/int64. type alignptr[T] { v T @@ -73,6 +73,14 @@ type align64[T] { v T } [align[8]] +type padto32[T] { + v T +} [size[4]] + +type padto64[T] { + v T +} [size[8]] + type signalno int32[0:65] type signalnoptr intptr[0:65] diff --git a/sys/linux/sys.txt.warn b/sys/linux/sys.txt.warn index 84706da1e..55a4ef58b 100644 --- a/sys/linux/sys.txt.warn +++ b/sys/linux/sys.txt.warn @@ -1,6 +1,8 @@ no-such-struct: alignptr no-such-struct: align32 no-such-struct: align64 +no-such-struct: padto32 +no-such-struct: padto64 compiler: unsupported syscall: open due to missing const __NR_open [arm64] compiler: unsupported syscall: creat due to missing const __NR_creat [arm64] compiler: unsupported syscall: dup2 due to missing const __NR_dup2 [arm64] diff --git a/sys/linux/vmw_vmci.txt b/sys/linux/vmw_vmci.txt index 44ba2de03..fb2eb6d28 100644 --- a/sys/linux/vmw_vmci.txt +++ b/sys/linux/vmw_vmci.txt @@ -46,7 +46,7 @@ vmci_datagram { } vmci_datagram_snd_rcv_info { - addr ptr[in, vmci_datagram] + addr ptr64[in, vmci_datagram] len len[addr, int32] result int32 } @@ -95,11 +95,11 @@ vmci_ctx_info { } vmci_ctx_chkpt_buf_info { - cpt_buf ptr[in, array[int32, 1024]] + cpt_buf ptr64[in, array[int32, 1024]] cpt_type flags[vmci_cpt_state, int32] buf_size len[cpt_buf, int32] result int32 - _pad int32 + _pad const[0, int32] } vmci_set_notify_info { diff --git a/sys/linux/vmw_vmci.txt.warn b/sys/linux/vmw_vmci.txt.warn index 51806da8e..8ccfa31b4 100644 --- a/sys/linux/vmw_vmci.txt.warn +++ b/sys/linux/vmw_vmci.txt.warn @@ -3,23 +3,13 @@ no-such-struct: vmci_handle [arm,arm64] bad-field-number: vmci_datagram: syz=4 kernel=3 [386,amd64] bad-struct-size: vmci_datagram: syz=1048 kernel=24 [386,amd64] no-such-struct: vmci_datagram [arm,arm64] -bad-struct-size: vmci_datagram_snd_rcv_info: syz=12 kernel=16 [386] no-such-struct: vmci_datagram_snd_rcv_info [arm,arm64] -bad-field-size: vmci_datagram_snd_rcv_info.addr: syz=4 kernel=8 [386] -bad-field-offset: vmci_datagram_snd_rcv_info.len: syz=4 kernel=8 [386] -bad-field-offset: vmci_datagram_snd_rcv_info.result: syz=8 kernel=12 [386] no-such-struct: vmci_qp_alloc_info [arm,arm64] no-such-struct: vmci_qp_set_va_info [arm,arm64] no-such-struct: vmci_qp_page_file_info [arm,arm64] no-such-struct: vmci_qp_dtch_info [arm,arm64] no-such-struct: vmci_ctx_info [arm,arm64] -bad-struct-size: vmci_ctx_chkpt_buf_info: syz=20 kernel=24 [386] no-such-struct: vmci_ctx_chkpt_buf_info [arm,arm64] -bad-field-size: vmci_ctx_chkpt_buf_info.cpt_buf: syz=4 kernel=8 [386] -bad-field-offset: vmci_ctx_chkpt_buf_info.cpt_type: syz=4 kernel=8 [386] -bad-field-offset: vmci_ctx_chkpt_buf_info.buf_size: syz=8 kernel=12 [386] -bad-field-offset: vmci_ctx_chkpt_buf_info.result: syz=12 kernel=16 [386] -bad-field-offset: vmci_ctx_chkpt_buf_info._pad: syz=16 kernel=20 [386] no-such-struct: vmci_set_notify_info [arm,arm64] no-such-struct: vmci_dbell_notify_resource_info [arm,arm64] no-such-struct: vmci_ctx_notify_recv_info [arm,arm64] |