aboutsummaryrefslogtreecommitdiffstats
path: root/executor/common_linux.h
Commit message (Collapse)AuthorAgeFilesLines
* executor: remove more code if ENABLE_NAPI_FRAGS is not setDmitry Vyukov2020-04-181-8/+11
| | | | | | In some configurations tun_frags_enabled ends up being unused with a compiler warning and failed build. Remove mode code if ENABLE_NAPI_FRAGS is not enabled.
* csource, executor: add usb emulation featureAndrey Konovalov2020-04-031-0/+8
| | | | | | | | | The feature gets enabled when /dev/raw-gadget is present and accessible. With this feature enabled, executor will do chmod 0666 /dev/raw-gadget on startup, which makes it possible to do USB fuzzing in setuid and namespace sandboxes. There should be no backwards compatibility issues with syz reproducers that don't explicitly enable this feature, as they currently only work in none sandbox.
* executor: fix data raceDmitry Vyukov2020-03-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ThreadSanitizer says: WARNING: ThreadSanitizer: data race (pid=3) Atomic read of size 4 at 0x56360e562f08 by main thread: #0 __tsan_atomic32_load <null> (libtsan.so.0+0x64249) #1 event_isset executor/common_linux.h:51 (syz-executor.0+0x2cf1f) #2 handle_completion executor/executor.cc:886 (syz-executor.0+0x2cf1f) #3 execute_one executor/executor.cc:732 (syz-executor.0+0x2da3b) #4 loop executor/common.h:581 (syz-executor.0+0x2f1aa) #5 do_sandbox_none executor/common_linux.h:2694 (syz-executor.0+0x189d6) #6 main executor/executor.cc:407 (syz-executor.0+0x189d6) Previous write of size 4 at 0x56360e562f08 by thread T1: #0 event_reset executor/common_linux.h:32 (syz-executor.0+0x1f5af) #1 worker_thread executor/executor.cc:1048 (syz-executor.0+0x1f5af) #2 <null> <null> (libtsan.so.0+0x2b0b6) Location is global 'threads' of size 2560 at 0x56360e562f00 (syz-executor.0+0x00000008bf08) Thread T1 (tid=6, running) created by main thread at: #0 pthread_create <null> (libtsan.so.0+0x2d55b) #1 thread_start executor/common.h:256 (syz-executor.0+0x2d707) #2 thread_create executor/executor.cc:1037 (syz-executor.0+0x2d707) #3 schedule_call executor/executor.cc:811 (syz-executor.0+0x2d707) #4 execute_one executor/executor.cc:719 (syz-executor.0+0x2d707) #5 loop executor/common.h:581 (syz-executor.0+0x2f1aa) #6 do_sandbox_none executor/common_linux.h:2694 (syz-executor.0+0x189d6) #7 main executor/executor.cc:407 (syz-executor.0+0x189d6)
* executor, sys/linux: add ath9k usb descriptionsAndrey Konovalov2020-03-131-3/+4
| | | | | | | Among other things this changes timeout for USB programs from 2 to 3 seconds. ath9k fuzzing also requires ath9k firmware to be present, so system images need to be regenerated with the updated script.
* executor: minor cleanup of android sandboxDmitry Vyukov2020-03-111-4/+8
| | | | Fix code formatting, clang-tidy warnings, minor style nits.
* executor: fix clang-tidy warningsDmitry Vyukov2020-03-111-2/+4
|
* executor: add seccomp support for Androidmspectorgoogle2020-03-111-20/+62
| | | | | | | | | | This adds support for the seccomp filters that are part of Android into the sandbox. A process running as untrusted_app in Android has a restricted set of syscalls that it is allow to run. This is accomplished by setting seccomp filters in the zygote process prior to forking into the application process. The seccomp filter list comes directly from the Android source, it cannot be dynamically loaded from an Android phone because libseccomp_policy.so does not exist as a library on the system partition.
* executor: don't exit if NETLINK_GENERIC isnt' supportedAndrei Vagin2020-02-271-2/+4
| | | | | | | NETLINK_GENERIC isn't supported in gVisor. Fixes: c5ed587f4af5 ("wireguard: setup some initial devices in a triangle") Signed-off-by: Andrei Vagin <avagin@google.com>
* executor: uncomment accidentially commented codeDmitry Vyukov2020-02-241-3/+3
| | | | | | | unshare(CLONE_NEWPID) was commented out in 4428511d10687cb446ad705148333478437d3f23 accidentially. Uncomment it. Spotted by @xairy: https://github.com/google/syzkaller/commit/4428511d10687cb446ad705148333478437d3f23#r37456572
* sys/linux: add NETLINK_RDMA descriptionsDmitry Vyukov2020-02-211-3/+3
|
* executor: disable IFF_NAPI_FRAGSDmitry Vyukov2020-02-181-1/+12
| | | | Update #1594
* wireguard: setup some initial devices in a triangleJason A. Donenfeld2020-02-131-0/+272
| | | | | | | | | | | | | | | | | | | | | | | * wireguard: setup some initial devices in a triangle The fuzzer will wind up undoing some of this, which is fine, but at least it now has the chance of hitting some other paths it wasn't before. Closes: #1599 * wireguard: make code ugly after `make generate` pass * wireguard: get rid of unused structs that are still interesting * wireguard: compile in C++ mode with gcc 7 Complex designated initializers are only supported in C++ mode from gcc 8, and for whatever reason syzkaller wants to be compiled in C++ mode. * wireguard: add braces around debug statements for checker * wireguard: regenerate go source
* wireguard: use wg0, wg1, wg2Jason A. Donenfeld2020-02-101-4/+6
| | | | | This matches more closely what people are used to dealing with. We also add one additional device for interesting multi-interface effects.
* sys/linux: add some wireguard descriptionsDmitry Vyukov2020-01-311-0/+4
| | | | Update #806
* sys/linux: add more device descriptions (geneve, lowpan, ipoib, cfhsi)Dmitry Vyukov2020-01-191-4/+33
|
* sys/linux: add some batadv descriptionsDmitry Vyukov2020-01-181-1/+5
|
* executor: create macvtap, macsec devicesDmitry Vyukov2020-01-181-6/+15
|
* executor: setns requires including sched.h on some setupsAndrey Konovalov2020-01-071-0/+1
|
* executor: fix IPVLAN_F_VEPA definition againDmitry Vyukov2020-01-031-2/+1
| | | | | | | | Now other machines failed with redefinition IPVLAN_F_VEPA. The #ifndef does not really work the way it should due to the way pkg/csource preprocesses sources. IPVLAN_F_VEPA is never defined during preprocessing. Let's try this.
* executor: define constants that are missing on some distrosDmitry Vyukov2020-01-031-0/+6
|
* executor: setup vlan/macvlan/ipvlan devicesDmitry Vyukov2020-01-031-3/+64
|
* executor: connect virt_wifi to vethDmitry Vyukov2020-01-031-1/+5
| | | | | | virt_wifi docs say that the enslaved device won't be usable on itself. It's probably not a good idea to make lo unusable. Enslave a dedicated veth instead.
* sys/linux: add virt_wifi and xfrm devicesDmitry Vyukov2019-12-301-0/+16
| | | | + some netlink descriptions
* Implement basic support for MIPS64LEJouni Hogander2019-12-171-0/+2
| | | | | | | | | Add basic stuff to enable MIPS64ELR2 target: - build - make extract - make generate - qemu execution - system call parsing from /proc/kallsyms
* executor: fix FUTEX_WAKE callDmitry Vyukov2019-12-161-1/+1
| | | | | | | | | Amusingly we never passed number of threads to wake for FUTEX_WAKE. It somehow worked reliably on linux (we just needed it to not be 0, so presumably garbage in registers did it). However, in gVisor every other syscall wasn't even started (first syscall on a thread started, but second on the same worker thread wasn't unable to start).
* executor: check pwrite return values againDmitry Vyukov2019-12-101-2/+10
| | | | | | | | | | | | | | | | | | | | | Build with some gcc's fails: In file included from executor/executor.cc:133:0: executor/common_linux.h: In function ‘long int syz_read_part_table(long unsigned int, long unsigned int, long int)’: executor/common.h:117:15: error: ignoring return value of ‘ssize_t pwrite(int, const void*, size_t, __off_t)’, declared with attribute warn_unused_result [-Werror=unused-result] __VA_ARGS__; \ ^ executor/common_linux.h:1279:3: note: in expansion of macro ‘NONFAILING’ NONFAILING(pwrite(memfd, segs[i].data, segs[i].size, segs[i].offset)); ^ executor/common_linux.h: In function ‘long int syz_mount_image(long int, long int, long unsigned int, long unsigned int, long int, long int, long int)’: executor/common.h:117:15: error: ignoring return value of ‘ssize_t pwrite(int, const void*, size_t, __off_t)’, declared with attribute warn_unused_result [-Werror=unused-result] __VA_ARGS__; \ ^ executor/common_linux.h:1364:3: note: in expansion of macro ‘NONFAILING’ NONFAILING(pwrite(memfd, segs[i].data, segs[i].size, segs[i].offset)); ^ cc1plus: all warnings being treated as errors
* executor: fix syz_mount_imageDmitry Vyukov2019-12-101-32/+23
| | | | | | | 1. It always crashed in cover_reset when coverage is disabled. 2. Use NONFAILING when accessing image segments. 3. Give it additional 100 ms as it may be slow. 4. Add a test for syz_mount_image.
* pkg/csource: detect common mistakes in the common executor headerDmitry Vyukov2019-11-281-2/+4
|
* executor: Add debug message in case devlink namespace move failsJiri Pirko2019-11-281-2/+6
| | | | Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* executor: Fix value of DEVLINK_ATTR_NETNS_FDJiri Pirko2019-11-281-1/+1
| | | | | | | During kernel -net and -next-next trees merge, the value got moved. Fix it. Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* Call initialize_devlink_ports only when a device has been createdAndrei Vagin2019-11-261-3/+4
| | | | | | | | | | | | | | | | | | | | gVisor doesn't support netdevsim and NETLINK_GENERIC and without this fix, sys-executor always fails: E openat(AT_FDCWD, /sys/bus/netdevsim/new_device, ...) X openat(AT_FDCWD, /sys/bus/netdevsim/new_device, ...) = 0x0 errno=2 E socket(AF_NETLINK, SOCK_RAW|0x0, NETLINK_GENERIC) X socket(AF_NETLINK, SOCK_RAW|0x0, NETLINK_GENERIC) = 0x0 errno=93 E write(0x2 host:[3], "socket(AF_NETLINK) failed\n", 0x1a) X write(0x2 host:[3], ..., 0x1a) = 0x1a (2.767µs) E write(0x2 host:[3], " (errno 93)\n", 0xc) X write(0x2 host:[3], ..., 0xc) = 0xc (2.729µs) E exit_group(0x43) X exit_group(0x43) = 0x0 (900ns) Cc: Jiri Pirko <jiri@mellanox.com> Fixes: f350e2dc1f59 ("executor: rename devlink port netdevices to defined names") Signed-off-by: Andrei Vagin <avagin@google.com>
* executor: extend USB debug messagesAndrey Konovalov2019-11-191-1/+1
| | | | | When USB_DEBUG is enabled, syzkaller crashes on unknown USB requests. This helps to find missing descriptions for particular USB classes.
* executor: add missing includesDenis Efremov2019-11-191-0/+3
| | | | | | | stdbool.h is required by initialize_devlink_ports(): true define. fcntl.h is required by initialize_devlink_pci(): O_RDONLY define. Signed-off-by: Denis Efremov <efremov@linux.com>
* executor: refactor sandbox flagsDmitry Vyukov2019-11-161-9/+5
| | | | In preparation for future changes.
* executor: rename some macrosDmitry Vyukov2019-11-161-58/+58
| | | | | Rename some macros in preparation for subsequent changes which will align names across the code base.
* pkg/csoruce: test that executor does not mis-spell any of the SYZ_* macrosDmitry Vyukov2019-11-161-13/+11
|
* executor: rename some flagsDmitry Vyukov2019-11-161-12/+12
| | | | | Rename some flags in preparation for subsequent changes which will align names across the code base.
* executor: consider NLMSG_DONE type in netlink_send_ext()Jiri Pirko2019-11-151-0/+4
| | | | | | | | | In case the dump is empty, NLMSG_DONE type message is received from kernel right away. Count with this and return 0. Set the reply_len to 0. Reported-by: Dmitry Vyukov <dvyukov@google.com> Fixes: f350e2dc1f59 ("executor: rename devlink port netdevices to defined names") Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* executor: rename devlink port netdevices to defined namesJiri Pirko2019-11-141-2/+85
| | | | | | | Devlink port netdevices stay in the form of eth%d. Rename then to defined names so they could be used for system calls. Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* executor: pass struct nlmsg to netlink_* helpersJiri Pirko2019-11-141-107/+119
| | | | | | | | Don't rely on global "nlmsg" struct and rather pass the structure to netlink_* helpers. That allows to possibly work with multiple netlink messages (sending while receiving for example) at the same time. Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* executor: extend netlink_device_change() to allow name changesJiri Pirko2019-11-141-10/+13
| | | | | | | Extend existing helper netlink_device_change() in order to allow to change netdevice names. Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* executor: identify netdev by ifindex in netlink_device_change()Jiri Pirko2019-11-141-1/+1
| | | | | | | IFLA_NAME is going to be used to set the name of the netdevice, so change the handle to be ifindex. Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* executor: push out devlink generic netlink id getter into a separate functionJiri Pirko2019-11-141-7/+22
| | | | Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* executor: fix setup of vxcanDmitry Vyukov2019-11-031-1/+2
| | | | Adding vxcan1 also adds vxcan0. Setup and use both.
* executor: move fixed pci devlink handle into network namespaceJiri Pirko2019-11-031-4/+102
| | | | | | | | In case there is a fixed pci devlink handle "pci/pci/0000:00:10.0" on the system (initial network namespace), it is moved to a working network namespace. Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* sys/linux: add support for basic devlink syscallsJiri Pirko2019-10-251-1/+1
| | | | | | Add support for basic set of devlink interface syscalls Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* executor: create netdevsim deviceJiri Pirko2019-10-251-0/+10
| | | | | | Create testing netdevsim instance with 4 ports. Signed-off-by: Jiri Pirko <jiri@mellanox.com>
* syz-fuzzer, executor: Add support for blacklisting data race framesMarco Elver2019-10-221-1/+25
| | | | | This adds support to add frames that have already been in data races, to the KCSAN report blacklist.
* executor/usb: enable endpoints on SET_INTERFACEAndrey Konovalov2019-10-211-1/+5
| | | | | This commit changes syz_usb_control_io to enable the relevant endpoints for the interface being set via a SET_INTERFACE request.
* Change KCSAN info file to debugfsMarco Elver2019-10-081-1/+1
|
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-12 01:30:54 +0000