| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
1. mmap all memory always, without explicit mmap calls in the program.
This makes lots of things much easier and removes lots of code.
Makes mmap not a special syscall and allows to fuzz without mmap enabled.
2. Change address assignment algorithm.
Current algorithm allocates unmapped addresses too frequently
and allows collisions between arguments of a single syscall.
The new algorithm analyzes actual allocations in the program
and places new arguments at unused locations.
|
| |
|
|
| |
Older versions of linux require an additional header.
|
| | |
|
| |
|
|
|
| |
All netfilter subsystems use this unfortunately,
so demote this to a warning.
|
| |
|
|
|
|
|
| |
1. Fix connlimit netfilter match version.
2. Fix xt_time_info layout.
3. Introduce mac_addr_mask type.
4. Limit vlan id's for better matches between them.
|
| | |
|
| |
|
|
|
| |
We don't frequently debug it and it does some intensive computations
on coverage, so no reason to not compile with -O2.
|
| |
|
|
| |
debug calls are only properly stripped if they are on a single line.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Put the underflow entry at the end.
Entries must end on an unconditional, non-goto entry,
otherwise fallthrough from the last entry is invalid.
Add arp tables support.
Split unspec matches/targets to unspec and inet.
Reset ipv6 and arp tables in executor.
Fix number of counters in tables.
Plus a bunch of assorted fixes for matches/targets.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
We currently print unsupported consts to console during make extract.
But this is not very useful as there are too many output now.
This also does not allow to understand what's unsupported
in newly checked-in descriptions, or what's unsupported in all current
decriptions.
Save unsupported consts to the const files instead.
This solves all of the above problems.
|
| |
|
|
|
| |
ipt_get_entries.entrytable must be pointer aligned,
so in 32-bit build there is no padding before it.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Unions with only 1 field are not actually unions,
and can always be replaced with the option type.
However, they are still useful when there will be
more options in future but currently only 1 is described.
Alternatives are:
- not using union (but then all existing programs will be
broken when union is finally introduced)
- adding a fake field (ugly and reduces fuzzer efficiency)
Allow unions with only 1 field.
|
| |
|
|
|
|
| |
Since we use int64, it has 8-byte alignment.
It's wrong, it must have 1-byte alignment.
Use int8 instead.
|
| | |
|
| |
|
|
|
|
|
| |
It's possible that a struct can have 2+ parents,
which is the same template (differs only by arguments).
See the new test case.
Support such case.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Consider the following example:
type len_templ1[DATA1, DATA2] {
data DATA1
inner len_temp2[DATA2]
}
type len_temp2[DATA] {
data DATA
len len[len_templ1, int8]
}
Here len refers to a parent struct, but the struct is a template,
so it's actual name is something like "len_templ1[int8, int16]".
Currently this does not work as compiler barks at incorrect
len target.
Make this work.
|
| |
|
|
| |
Lots of TODOs and only ipv4, but some start.
|
| |
|
|
|
|
|
|
|
|
| |
Now we create tun in the _outer_ net namespace,
which is tied to init user namespace. Thus fuzzer
does not have CAP_ADMIN in it.
In the end it seems that there is no sandboxing sequence,
which would give us everything we need.
Reshuffle sequences so that we have corrent namespace
hierarchy, but don't have IFF_NAPI_FRAGS.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
For sandbox=namespace we first create network devices
and then do CLONE_NEWNS, which brings us into a new
namespace which actually does not have any of these devices.
Tun mostly worked, because we hold fd to the tun device.
However, even for tun we could not see the "syz0" device.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
1. Don't print copyin (there are too many of them).
2. Print copyout value (it's usually important).
|
| | |
|
| |
|
|
|
|
| |
We test in a new network namespace, which does not have any
devices set up (even lo). Create/up as many devices as possible.
Give them some addresses and use these addresses in descriptions.
|
| |
|
|
| |
They don't seem to be used today.
|
| |
|
|
| |
-350 lines of descriptions
|
| |
|
|
|
|
| |
"void": type with static size 0
mostly useful inside of templates and varlen unions
can't be syscall argument
|
| |
|
|
|
|
|
|
| |
Arm was broken on upstream kernel for some time
due to some assembler error. Now it seems to be fixed,
so regenerate consts.
Also fix small issues in new netlink descriptions.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
open is not present on arm64, only openat.
accept is not present on 386, only accept4.
Duplicate all open/accept specializations with
corresponding openat/accept4 specializations
to enable testing on 386/arm64.
|
| | |
|
