all: integrate with mac80211_hwsim

Two virtual wireless devices are instantiated during network devices
initialization.

A new flag (-wifi) is added that controls whether these virtual wifi
devices are instantiated and configured during proc initialization.

Also, two new pseudo syscalls are added:
1. syz_80211_inject_frame(mac_addr, packet, packet_len) -- injects an
arbitrary packet into the wireless stack. It is injected as if it
originated from the device identitied by mac_addr.
2. syz_80211_join_ibss(interface_name, ssid, ssid_len, mode) --
puts a specific network interface into IBSS state and joins an IBSS
network.

Arguments of syz_80211_join_ibss:
1) interface_name -- null-terminated string that identifies
a wireless interface
2) ssid, ssid_len -- SSID of an IBSS network to join to
3) mode -- mode of syz_80211_join_ibss operation (see below)

Modes of operation:
JOIN_IBSS_NO_SCAN (0x0) -- channel scan is not performed and
syz_80211_join_ibss waits until the interface reaches IF_OPER_UP.
JOIN_IBSS_BG_SCAN (0x1) -- channel scan is performed (takes ~ 9
seconds), syz_80211_join_ibss does not await IF_OPER_UP.
JOIN_IBSS_BG_NO_SCAN (0x2) -- channel scan is not performed,
syz_80211_join_ibss does not await IF_OPER_UP.

Local testing ensured that these syscalls are indeed able to set up an
operating network and inject packets into mac80211.

4 files changed, 13 insertions, 0 deletions

diff --git a/tools/syz-execprog/execprog.go b/tools/syz-execprog/execprog.go
index a5ef8fbc4..23fd881cd 100644
--- a/tools/syz-execprog/execprog.go
+++ b/tools/syz-execprog/execprog.go
@@ -332,5 +332,8 @@ func createConfig(target *prog.Target,
 	if featuresFlags["vhci"].Enabled && features[host.FeatureVhciInjection].Enabled {
 		config.Flags |= ipc.FlagEnableVhciInjection
 	}
+	if featuresFlags["wifi"].Enabled && features[host.FeatureWifiEmulation].Enabled {
+		config.Flags |= ipc.FlagEnableWifi
+	}
 	return config, execOpts
 }
diff --git a/tools/syz-prog2c/prog2c.go b/tools/syz-prog2c/prog2c.go
index 4c04487ff..2f8c6c62a 100644
--- a/tools/syz-prog2c/prog2c.go
+++ b/tools/syz-prog2c/prog2c.go
@@ -92,6 +92,7 @@ func main() {
 		DevlinkPCI:    features["devlink_pci"].Enabled,
 		USB:           features["usb"].Enabled,
 		VhciInjection: features["vhci"].Enabled,
+		Wifi:          features["wifi"].Enabled,
 		UseTmpDir:     *flagUseTmpDir,
 		HandleSegv:    *flagHandleSegv,
 		Repro:         *flagRepro,
diff --git a/tools/syz-reprolist/reprolist.go b/tools/syz-reprolist/reprolist.go
index e4c26011f..95c099ba9 100644
--- a/tools/syz-reprolist/reprolist.go
+++ b/tools/syz-reprolist/reprolist.go
@@ -153,6 +153,8 @@ func createCRepro(bug *dashapi.LoadBugResp) error {
 	return err
 }
 
+// Although liter complains about this function, it does not seem complex.
+// nolint: gocyclo
 func createProg2CArgs(bug *dashapi.LoadBugResp, opts csource.Options, file string) []string {
 	haveEnableFlag := containsCommit("dfd609eca1871f01757d6b04b19fc273c87c14e5")
 	haveRepeatFlag := containsCommit("b25fc7b83119e8dca728a199fd92e24dd4c33fa4")
@@ -232,6 +234,10 @@ func createProg2CArgs(bug *dashapi.LoadBugResp, opts csource.Options, file strin
 		enable = append(enable, "vhci")
 		flags = append(flags, "-vhci")
 	}
+	if opts.Wifi {
+		enable = append(enable, "wifi")
+		flags = append(flags, "-wifi")
+	}
 	if !haveEnableFlag {
 		args = append(args, flags...)
 	} else if len(enable) != 0 {
diff --git a/tools/syz-stress/stress.go b/tools/syz-stress/stress.go
index 9ec0229f4..21926fe89 100644
--- a/tools/syz-stress/stress.go
+++ b/tools/syz-stress/stress.go
@@ -165,6 +165,9 @@ func createIPCConfig(target *prog.Target, features *host.Features, featuresFlags
 	if featuresFlags["vhci"].Enabled && features[host.FeatureVhciInjection].Enabled {
 		config.Flags |= ipc.FlagEnableVhciInjection
 	}
+	if featuresFlags["wifi"].Enabled && features[host.FeatureWifiEmulation].Enabled {
+		config.Flags |= ipc.FlagEnableWifi
+	}
 	return config, execOpts, nil
 }