1 files changed, 54 insertions, 0 deletions

diff --git a/executor/common_linux.h b/executor/common_linux.h
index 31ce14dc3..76325ff6d 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -5852,3 +5852,57 @@ static long syz_pidfd_open(volatile long pid, volatile long flags)
 }
 
 #endif
+
+#if SYZ_EXECUTOR || __NR_syz_kfuzztest_run
+
+#include <fcntl.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+static long syz_kfuzztest_run(volatile long test_name_ptr, volatile long input_data,
+			      volatile long input_data_size)
+{
+	const char* test_name = (const char*)test_name_ptr;
+	if (!test_name) {
+		debug("syz_kfuzztest_run: test name was NULL\n");
+		return -1;
+	}
+	if (!input_data || input_data_size == 0) {
+		debug("syz_kfuzztest_run: input data was NULL\n");
+		return -1;
+	}
+
+	char buf[256];
+	int ret = snprintf(buf, sizeof(buf), "/sys/kernel/debug/kfuzztest/%s/input", test_name);
+	if (ret < 0 || (unsigned long)ret >= sizeof(buf)) {
+		debug("syz_kfuzztest_run: constructed path is too long or snprintf failed\n");
+		return -1;
+	}
+
+	int fd = openat(AT_FDCWD, buf, O_WRONLY, 0);
+	if (fd < 0) {
+		debug("syz_kfuzztest_run: failed to open %s\n", buf);
+		return -1;
+	}
+
+	ssize_t bytes_written = write(fd, (void*)input_data, (size_t)input_data_size);
+	if (bytes_written != input_data_size) {
+		debug("syz_kfuzztest_run: failed to write to %s, reason: %s\n", buf, strerror(errno));
+		close(fd);
+		return -1;
+	}
+
+	if (close(fd) != 0) {
+		debug("syz_kfuzztest_run: failed to close file\n");
+		return -1;
+	}
+
+	return 0;
+}
+
+#endif