diff options
| author | Anton Lindqvist <anton@basename.se> | 2019-05-11 20:38:41 +0200 |
|---|---|---|
| committer | Anton Lindqvist <anton@basename.se> | 2019-05-12 14:03:04 +0200 |
| commit | 5f302c04a24235ce766a27ca21e993221fb09e30 (patch) | |
| tree | b3c85c3da6bfefaf79e1164efcb146a38ec45dfb /sys/openbsd | |
| parent | 45065351dd01e87059e4ed1cf025c2ef292994a4 (diff) | |
sys/openbsd: add missing padding arguments
Due to missing padding arguments, stack garbage could end up being used as
actual arguments. More reading for the curious[1].
While here, add missing descriptions for pread and pwrite.
[1] https://flak.tedunangst.com/post/syzkaller-found-a-bug
Diffstat (limited to 'sys/openbsd')
| -rw-r--r-- | sys/openbsd/fs.txt | 8 | ||||
| -rw-r--r-- | sys/openbsd/fs_amd64.const | 2 | ||||
| -rw-r--r-- | sys/openbsd/gen/amd64.go | 23 | ||||
| -rw-r--r-- | sys/openbsd/sys.txt | 4 |
4 files changed, 31 insertions, 6 deletions
diff --git a/sys/openbsd/fs.txt b/sys/openbsd/fs.txt index dd687dce4..18a6cf757 100644 --- a/sys/openbsd/fs.txt +++ b/sys/openbsd/fs.txt @@ -20,11 +20,13 @@ openat(fd fd_dir, file ptr[in, filename], flags flags[open_flags], mode flags[op close(fd fd) read(fd fd, buf buffer[out], count len[buf]) readv(fd fd, vec ptr[in, array[iovec_out]], vlen len[vec]) -preadv(fd fd, vec ptr[in, array[iovec_out]], vlen len[vec], off fileoff) +pread(fd fd, buf buffer[in], nbyte len[buf], pad const[0], off fileoff) +preadv(fd fd, vec ptr[in, array[iovec_out]], vlen len[vec], pad const[0], off fileoff) write(fd fd, buf buffer[in], count len[buf]) writev(fd fd, vec ptr[in, array[iovec_in]], vlen len[vec]) -pwritev(fd fd, vec ptr[in, array[iovec_in]], vlen len[vec], off fileoff) -lseek(fd fd, offset fileoff, whence flags[seek_whence]) +pwrite(fd fd, buf buffer[in], nbyte len[buf], pad const[0], off fileoff) +pwritev(fd fd, vec ptr[in, array[iovec_in]], vlen len[vec], pad const[0], off fileoff) +lseek(fd fd, pad const[0], offset fileoff, whence flags[seek_whence]) dup(oldfd fd) fd dup2(oldfd fd, newfd fd) fd pipe2(pipefd ptr[out, pipefd], flags flags[pipe_flags]) diff --git a/sys/openbsd/fs_amd64.const b/sys/openbsd/fs_amd64.const index 5f39ed6f8..a18c647f0 100644 --- a/sys/openbsd/fs_amd64.const +++ b/sys/openbsd/fs_amd64.const @@ -28,7 +28,9 @@ SYS_lseek = 199 SYS_open = 5 SYS_openat = 321 SYS_pipe2 = 101 +SYS_pread = 173 SYS_preadv = 267 +SYS_pwrite = 174 SYS_pwritev = 268 SYS_read = 3 SYS_readv = 120 diff --git a/sys/openbsd/gen/amd64.go b/sys/openbsd/gen/amd64.go index fb9797c9a..2ddd4c293 100644 --- a/sys/openbsd/gen/amd64.go +++ b/sys/openbsd/gen/amd64.go @@ -916,6 +916,7 @@ var syscalls_amd64 = []*Syscall{ }}, {NR: 201, Name: "ftruncate", CallName: "ftruncate", Args: []Type{ &ResourceType{TypeCommon: TypeCommon{TypeName: "fd", FldName: "fd", TypeSize: 4}}, + &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "pad", TypeSize: 8}}}, &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "intptr", FldName: "len", TypeSize: 8}}}, }}, {NR: 99, Name: "getdents", CallName: "getdents", Args: []Type{ @@ -1624,6 +1625,7 @@ var syscalls_amd64 = []*Syscall{ }}, {NR: 199, Name: "lseek", CallName: "lseek", Args: []Type{ &ResourceType{TypeCommon: TypeCommon{TypeName: "fd", FldName: "fd", TypeSize: 4}}, + &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "pad", TypeSize: 8}}}, &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "fileoff", FldName: "offset", TypeSize: 8}}, Kind: 1}, &FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seek_whence", FldName: "whence", TypeSize: 8}}, Vals: []uint64{0, 1, 2}, BitMask: true}, }}, @@ -1833,16 +1835,32 @@ var syscalls_amd64 = []*Syscall{ &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "nfds", TypeSize: 8}}, Buf: "fds"}, &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "timeout", TypeSize: 4}}}, }}, + {NR: 173, Name: "pread", CallName: "pread", Args: []Type{ + &ResourceType{TypeCommon: TypeCommon{TypeName: "fd", FldName: "fd", TypeSize: 4}}, + &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "buf", TypeSize: 8}, Type: &BufferType{TypeCommon: TypeCommon{TypeName: "array", IsVarlen: true}}}, + &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "nbyte", TypeSize: 8}}, Buf: "buf"}, + &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "pad", TypeSize: 8}}}, + &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "fileoff", FldName: "off", TypeSize: 8}}, Kind: 1}, + }}, {NR: 267, Name: "preadv", CallName: "preadv", Args: []Type{ &ResourceType{TypeCommon: TypeCommon{TypeName: "fd", FldName: "fd", TypeSize: 4}}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "vec", TypeSize: 8}, Type: &ArrayType{TypeCommon: TypeCommon{TypeName: "array", IsVarlen: true}, Type: &StructType{Key: StructKey{Name: "iovec_out"}}}}, &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "vlen", TypeSize: 8}}, Buf: "vec"}, + &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "pad", TypeSize: 8}}}, + &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "fileoff", FldName: "off", TypeSize: 8}}, Kind: 1}, + }}, + {NR: 174, Name: "pwrite", CallName: "pwrite", Args: []Type{ + &ResourceType{TypeCommon: TypeCommon{TypeName: "fd", FldName: "fd", TypeSize: 4}}, + &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "buf", TypeSize: 8}, Type: &BufferType{TypeCommon: TypeCommon{TypeName: "array", IsVarlen: true}}}, + &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "nbyte", TypeSize: 8}}, Buf: "buf"}, + &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "pad", TypeSize: 8}}}, &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "fileoff", FldName: "off", TypeSize: 8}}, Kind: 1}, }}, {NR: 268, Name: "pwritev", CallName: "pwritev", Args: []Type{ &ResourceType{TypeCommon: TypeCommon{TypeName: "fd", FldName: "fd", TypeSize: 4}}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "vec", TypeSize: 8}, Type: &ArrayType{TypeCommon: TypeCommon{TypeName: "array", IsVarlen: true}, Type: &StructType{Key: StructKey{Name: "iovec_in"}}}}, &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "vlen", TypeSize: 8}}, Buf: "vec"}, + &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "pad", TypeSize: 8}}}, &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "fileoff", FldName: "off", TypeSize: 8}}, Kind: 1}, }}, {NR: 3, Name: "read", CallName: "read", Args: []Type{ @@ -2251,6 +2269,7 @@ var syscalls_amd64 = []*Syscall{ {Name: "syz_open_pts", CallName: "syz_open_pts", Ret: &ResourceType{TypeCommon: TypeCommon{TypeName: "fd_tty", FldName: "ret", TypeSize: 4, ArgDir: 1}}}, {NR: 200, Name: "truncate", CallName: "truncate", Args: []Type{ &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "file", TypeSize: 8}, Type: &BufferType{TypeCommon: TypeCommon{TypeName: "filename", IsVarlen: true}, Kind: 3}}, + &ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "pad", TypeSize: 8}}}, &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "intptr", FldName: "len", TypeSize: 8}}}, }}, {NR: 10, Name: "unlink", CallName: "unlink", Args: []Type{ @@ -2626,7 +2645,9 @@ var consts_amd64 = []ConstValue{ {Name: "SYS_pipe2", Value: 101}, {Name: "SYS_pledge", Value: 108}, {Name: "SYS_poll", Value: 252}, + {Name: "SYS_pread", Value: 173}, {Name: "SYS_preadv", Value: 267}, + {Name: "SYS_pwrite", Value: 174}, {Name: "SYS_pwritev", Value: 268}, {Name: "SYS_read", Value: 3}, {Name: "SYS_readlink", Value: 58}, @@ -2853,4 +2874,4 @@ var consts_amd64 = []ConstValue{ {Name: "__MAP_NOREPLACE", Value: 2048}, } -const revision_amd64 = "216c98ad3498631ce9d36fbfa6fa8f98d1f2c5cb" +const revision_amd64 = "1b6671ad8d712ebbd04cdedcec2c7d0d224996b9" diff --git a/sys/openbsd/sys.txt b/sys/openbsd/sys.txt index b23b88429..d95198130 100644 --- a/sys/openbsd/sys.txt +++ b/sys/openbsd/sys.txt @@ -92,8 +92,8 @@ renameat(oldfd fd_dir, old ptr[in, filename], newfd fd_dir, new ptr[in, filename mkdir(path ptr[in, filename], mode flags[open_mode]) mkdirat(fd fd_dir, path ptr[in, filename], mode flags[open_mode]) rmdir(path ptr[in, filename]) -truncate(file ptr[in, filename], len intptr) -ftruncate(fd fd, len intptr) +truncate(file ptr[in, filename], pad const[0], len intptr) +ftruncate(fd fd, pad const[0], len intptr) flock(fd fd, op flags[flock_op]) fsync(fd fd) # fdatasync(fd fd) |