aboutsummaryrefslogtreecommitdiffstats
path: root/executor
Commit message (Collapse)AuthorAgeFilesLines
...
* sys/linux: fix RTA_EXPIRES in rtm_ipv6_policyTobias Klauser2018-09-201-5/+5
|
* executor: fix buildDmitry Vyukov2018-09-202-12/+13
| | | | | | | | Move debug_dump_data back to executor.cc. debug_dump_data in common_linux.h does not play well with pkg/csource debug stripping logic. It strips a large random piece of code since it thinks debug_dump_data definition is actually debug_dump_data call site.
* executor: fix buildDmitry Vyukov2018-09-201-3/+3
| | | | | | Fix build after "executor: remove unused var flag_sandbox_privs". Some variables/functions can't be static as they are unused on some OSes, which produces unused warnings.
* executor: move debug_dump_data() into common_linux.hAnton Lindqvist2018-09-202-13/+12
| | | | | Compiling the executor on OpenBSD currently fails: executor/executor.cc:1316:6: error: unused function 'debug_dump_data'
* sys/linux: add MFD_HUGETLBTobias Klauser2018-09-191-5/+5
|
* sys/linux: add MCL_ONFAULTTobias Klauser2018-09-191-5/+5
|
* executor: remove unused var flag_sandbox_privsDmitry Vyukov2018-09-171-32/+31
| | | | | Remove unused var flag_sandbox_privs (which was used for what?). Decleare all variables as static to detect such cases in future.
* executor: make sandboxes more modularDmitry Vyukov2018-09-177-30/+9
| | | | | | | | Currently we have a global fixed set of sandboxes, which makes it hard to add new OS-specific ones (all OSes need to updated to say that they don't support this sandbox). Let it each OS say what sandboxes it supports instead.
* RFC: android: Add support for untrusted_app sandboxing (#697)Zach Riggle2018-09-178-8/+155
| | | | | | | | | | | | | | | | | | | | | executor: add support for android_untrusted_app sandbox This adds a new sandbox type, 'android_untrusted_app', which restricts syz-executor to the privileges which are available to third-party applications, e.g. those installed from the Google Play store. In particular, this uses the UID space reserved for applications (instead of the 'setuid' sandbox, which uses the traditional 'nobody' user / 65534) as well as a set of groups which the Android-specific kernels are aware of, and finally ensures that the SELinux context is set appropriately. Dependencies on libselinux are avoided by manually implementing the few functions that are needed to change the context of the current process, and arbitrary files. The underlying mechanisms are relatively simple. Fixes google/syzkaller#643 Test: make presubmit Bug: http://b/112900774
* sys/fuchsia: add description for fuchsia.net, .net-stack, .ldsvc servicesDokyung Song2018-09-142-12/+100
|
* sys/linux: prohibit EXT4_IOC_SHUTDOWNDmitry Vyukov2018-09-132-10/+5
| | | | EXT4_IOC_SHUTDOWN EXT4_IOC_SHUTDOWN on root fs effectively brings the machine down in weird ways.
* sys/fuchsia: generate descriptions for garnet servicesDokyung Song2018-09-122-36/+116
|
* sys/linux: add btf descriptionsDmitry Vyukov2018-09-112-5/+25
| | | | | Add some new bpf descriptions, most notably btf. Not perfect, but something.
* sys/fuchsia: regerenate filesDmitry Vyukov2018-09-112-16/+2
| | | | Regerenate files after the previous commit.
* sys/fuchsia: prune unused structs in syscall description generated by fidlgenDokyung Song2018-09-112-2/+98
| | | | | | | | After generating syscall description for fidl files using fidlgen, prune all unused structs using the exact same mechanism used by the compiler's check for unused structs. This allows the FIDL compiler to support modular compilation; it does not need to have global knowledge of whether each struct is used or not.
* executor: reset oom_score_adj for test processDmitry Vyukov2018-09-111-0/+4
| | | | oom_score_adj is inherited, so we need to reset it to 0.
* executor: sandbox with memory/pid cgroupsDmitry Vyukov2018-09-101-10/+42
| | | | | | | Set limit of 32 pids and 200MB per test process. This should prevent things like fork bombs and frequent OOMs. Fixes #589
* sys/linux: extend xattr descriptionsDmitry Vyukov2018-09-022-5/+95
| | | | Update #533
* executor: OpenBSD does not allow write and exec mappings by defaultAnton Lindqvist2018-08-311-1/+8
| | | | | | | | | | Since the OpenBSD target does not make use of syz_execute_func yet, just drop PROT_EXEC for now. Supporting write and exec would require one to edit /etc/fstab during installation. Regression introduced in commit a4718693 ("sys/linux: add syz_execute_func").
* sys/linux: add syz_execute_funcDmitry Vyukov2018-08-307-22/+47
| | | | | | The function executes random code. Update #310
* sys/linux: add nbd descriptionsDmitry Vyukov2018-08-302-5/+90
| | | | Update #533
* sys/linux: generate better block device names for mountDmitry Vyukov2018-08-301-5/+5
|
* sys/fuchsia: describe method response types & handles; add support for unionDokyung Song2018-08-292-36/+36
| | | | | | | | * create a response handle structure for each FIDL method * generate zx_channel_write for requests having no response * generate zx_channel_read for events (no request but just response) * translate FIDL union types to syzkaller union types (see fuchsia_io_ObjectInfoHandles)
* sys/linux: add ext4 ioctls and overlayfsDmitry Vyukov2018-08-292-10/+115
| | | | Update #533
* Add mandatory OpenBSD bits (#689)Anton Lindqvist2018-08-287-6/+312
| | | | | | | | | | | | | | | | | | all: add openbsd support squash of the following commits: * openbsd: add mandatory bits * report: add OpenBSD support * executor: skip building kvm on OpenBSD * executor: add OpenBSD support Linking against libutil is necessary due to usage of openpty(3). * executor: fix typo in fail() message * fixup! report: add OpenBSD support * fixup! openbsd: add mandatory bits * fixup! openbsd: add mandatory bits * fixup! openbsd: add mandatory bits * fixup! report: add OpenBSD support * gometalinter: skip sys/openbsd
* sys/fuchsia: description for fuchsia.io FIDL interfacesDokyung Song2018-08-272-2/+116
|
* sys/linux: fix kvm_ioeventfd layoutDmitry Vyukov2018-08-261-5/+5
|
* sys/linux: add few assorted new flags/ioctlsDmitry Vyukov2018-08-262-5/+9
|
* sys/linux: treat cuse as fuseDmitry Vyukov2018-08-262-5/+10
| | | | | | It's mostly fuse. Also regenerate consts on latest kernel.
* sys/linux: add IOCB_CMD_POLLDmitry Vyukov2018-08-261-5/+5
|
* sys/linux: add userio descriptionsDmitry Vyukov2018-08-262-5/+20
| | | | Update #533
* executor: update special fuchsia syscallsDmitry Vyukov2018-08-241-1/+3
| | | | | zx_clock_get_monotonic was added, zx_debuglog_read was renamed (or we forgot to add it earlier).
* sys/fuchsia: Remove read_status from zx_channel_call args, and reflect ↵Dokyung Song2018-08-241-2/+2
| | | | zx_time_t type change (unsigned -> signed)
* prog: don't add fallback signal after seccompDmitry Vyukov2018-08-192-1/+4
| | | | | seccomp filter can produce arbitrary errno values for subsequent syscalls. Don't trust anything afterwards.
* executor: fix gcc warnings in fuchsia generated codeDmitry Vyukov2018-08-192-20/+27
| | | | | | gcc complains about function declarations not being prototypes, signed/unsigned cast mismatch and casts between incompatible functions. Fix them.
* sys/fuchsia: semi-automatically generated FIDL launcher descriptionDokyung Song2018-08-172-2/+12
|
* sys/linux: add uinput supportDmitry Vyukov2018-08-152-5/+120
|
* sys/linux: add uhid supportDmitry Vyukov2018-08-152-5/+45
|
* sys/linux: fix invalid cdrom descriptionDmitry Vyukov2018-08-101-5/+5
|
* executor: fix FS_XFLAG_IMMUTABLE for 32-bit modeDmitry Vyukov2018-08-091-15/+5
| | | | FS_IOC_FSSETXATTR is not supported in compat mode, use FS_IOC_SETFLAGS instead.
* executor: fix cgroupsDmitry Vyukov2018-08-092-5/+4
| | | | | | | 1. Create per-proc cgroup in executor. 2. Setup cgroups after chdir into test dir (it assumes relative paths against test dir). 3. Add test.
* executor: mount binfmt_mistDmitry Vyukov2018-08-093-7/+11
| | | | | | We forgot to mount binfmt_misc. Mount it. Add a test. Increase per-call timeout, otherwise last execve timesout. Fix csource waiting for call completion at the end of program.
* executor: clean up immutable dirsDmitry Vyukov2018-08-091-0/+11
| | | | | | Turns out dirs can be immutable too. Update #650
* executor: remove unnecessary hooks on fuchsiaDmitry Vyukov2018-08-091-5/+0
| | | | These are not needed now.
* sys/fuchsia: add syscall description for binding channels to LauncherDokyung Song2018-08-083-2/+9
|
* executor: manually define struct fsxattrDmitry Vyukov2018-08-081-1/+13
| | | | | | | | | | | | | | | | | | It should be in <linux/fs.h> but is not there on some distros/arches as expected. Travis build fails with: <stdin>: In function ‘remove_dir’: <stdin>:152:13: error: variable ‘attr’ has initializer but incomplete type <stdin>:152:13: error: excess elements in struct initializer [-Werror] <stdin>:152:13: error: (near initialization for ‘attr’) [-Werror] <stdin>:152:21: error: storage size of ‘attr’ isn’t known <stdin>:153:20: error: ‘FS_IOC_FSSETXATTR’ undeclared (first use in this function) <stdin>:153:20: note: each undeclared identifier is reported only once for each function it appears in <stdin>:152:21: error: unused variable ‘attr’ [-Werror=unused-variable] cc1: all warnings being treated as errors https://travis-ci.org/google/syzkaller/jobs/413574080
* executor: clean up immutable filesDmitry Vyukov2018-08-081-0/+12
| | | | Fixes #650
* executor: remap cover fd's to higher valuesDmitry Vyukov2018-08-083-8/+18
| | | | | | Remap cover fd's to 24x range to prevent interference with fd's used during fuzzing and also to make fd number consistent with/without cover enabled.
* executor: don't checkpoint/reset net namespace with setuid sandboxDmitry Vyukov2018-08-081-0/+9
| | | | | | After setuid the process won't have rights to reset net namespace, but it should not be able to change it during fuzzing too. So just skip that part.
* executor: checkpoint net namespace in the right namespaceDan Austin2018-08-081-5/+4
| | | | | | | With checkpoint_net_namespace moved to setup_common, and Android fuzzing session terminates prematurely due to ipv4_tables not being initialized at this time. Moving the call back to loop fixes this behavior.
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-13 20:05:38 +0000