| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sys/fuchsia: update vmar syscalls.
In a previous zircon commit[0], the vmar related syscalls (like
`zx_vmar_map`, `zx_vmar_protect` and `zx_vmar_allocate`) changed the
order of their parameters, making putting the flags parameter as the
second parameter, and renaming it to "options".
This commit modifies vmars.txt so that it reflects the latest state of
the syscalls in zircon. I also modified the usage in
`executor/common_fuchsia.h`
I ran make extract, make generate and compiled syzkaller to test this
change.
[0]: https://fuchsia-review.googlesource.com/c/zircon/+/168060
* sys/fuchsia run make generate
This commit is just the result of running make generate after its
parent. This regenerates the definitions for the modified VMAR syscalls.
|
| |
|
|
|
| |
zx_task_resume() is deprecated; switch to using
zx_task_resume_from_exception() instead.
|
| |
|
|
|
|
|
|
| |
Currently we have a global fixed set of sandboxes,
which makes it hard to add new OS-specific ones
(all OSes need to updated to say that they don't
support this sandbox).
Let it each OS say what sandboxes it supports instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
executor: add support for android_untrusted_app sandbox
This adds a new sandbox type, 'android_untrusted_app', which restricts
syz-executor to the privileges which are available to third-party applications,
e.g. those installed from the Google Play store.
In particular, this uses the UID space reserved for applications (instead of
the 'setuid' sandbox, which uses the traditional 'nobody' user / 65534)
as well as a set of groups which the Android-specific kernels are aware of,
and finally ensures that the SELinux context is set appropriately.
Dependencies on libselinux are avoided by manually implementing the few
functions that are needed to change the context of the current process,
and arbitrary files. The underlying mechanisms are relatively simple.
Fixes google/syzkaller#643
Test: make presubmit
Bug: http://b/112900774
|
| |
|
|
|
|
| |
gcc complains about function declarations not being prototypes,
signed/unsigned cast mismatch and casts between incompatible functions.
Fix them.
|
| |
|
|
| |
These are not needed now.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
1. Remove unnecessary includes.
2. Remove thunk function in threaded mode.
3. Inline syscalls into main for the simplest case.
4. Define main in common.h rather than form with printfs.
5. Fix generation for repeat mode
(we had 2 infinite loops: in main and in loop).
6. Remove unused functions (setup/reset_loop, setup/reset_test,
sandbox_namespace, etc).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make as much code as possible shared between all OSes.
In particular main is now common across all OSes.
Make more code shared between executor and csource
(in particular, loop function and threaded execution logic).
Also make loop and threaded logic shared across all OSes.
Make more posix/unix code shared across OSes
(e.g. signal handling, pthread creation, etc).
Plus other changes along similar lines.
Also support test OS in executor (based on portable posix)
and add 4 arches that cover all execution modes
(fork server/no fork server, shmem/no shmem).
This change paves way for testing of executor code
and allows to preserve consistency across OSes and executor/csource.
|
| | |
|
| | |
|
| |
|
|
|
| |
Since we are taking address of functions in syscall table,
we need all headers even if we don't use them directly.
|
| |
|
|
| |
We removed it in executor, do the same in csource.
|
| | |
|
| |
|
|
| |
Lots of assorted heavylifting to support csource on fuchsia.
|
| |
|
|
| |
The call signature has changed in zircon.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fuchsia: Fix the `extractor` tool.
The include path in Zircon has changed; updated syz-extract/fuchsia.go
to include this, and re-ran extract to get updated *.const files.
* fuchsia: Update syzkaller to build with current Fuchsia API.
Fuchsia doesn't have a stable API right now, so alas, this will probably
continue to change until that's nailed down.
But, useful to get this up-to-date at least.
Relevant notes:
* zx_channel_call_finish and _retry aren't technically public; leave
them out until we have a less-cludgy way to expose them
* musl supports setjmp/longjmp but not _setjmp/_longjump
* remove some unsupported syscalls
* update the build invocation
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "define uint64_t unsigned long long" were too good to work.
With a different toolchain I am getting:
cstdint:69:11: error: expected unqualified-id
using ::uint64_t;
^
executor/common.h:34:18: note: expanded from macro 'uint64_t'
Do it the proper way: introduce uint64/32/16/8 types and use them.
pkg/csource then does s/uint64/uint64_t/ to not clutter code with
additional typedefs.
|
| |
|
|
|
| |
Some standard libraries contain "using ::exit;",
which breaks with the current redefinition of exit.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We currently use more complex and functional protocol on linux,
and a simple ad-hoc protocol on other OSes.
This leads to code duplication in both ipc and executor.
Linux supports coverage, shared memory communication and fork server,
which would also be useful for most other OSes.
Unify communication protocol and parametrize it by
(1) use of shmem or only pipes, (2) use of fork server.
This reduces duplication in ipc and executor and will
allow to support the useful features for other OSes easily.
Finally, this fixes akaros support as it currently uses
syz-stress running on host (linux) and executor running on akaros.
|
| | |
|
| | |
|
| | |
|
| |
|
