syz - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	pkg/vminfo: fix up _etext symbol parsing	Dmitry Vyukov	2024-12-05	1	-1/+4
\| \| \| \| \| \|	_etext symbol points to the _next_ section, so it has type of the next section. It can be at least T, D, or R in some cases: https://groups.google.com/g/syzkaller/c/LSx6YIK_Eeo
*	pkg/vminfo: refactor few things	Dmitry Vyukov	2024-11-25	1	-3/+10
\| \| \| \| \| \|	Use default nop implementation for most openbsd/netbsd methods. Move linux-specific vm type checks to linux code. Remove indirection for CheckFiles as we have for RequiredFiles.
*	pkg/vminfo: don't parse modules for gvisor or starnix	Laura Peskin	2024-07-26	1	-6/+0
\|
*	pkg/meminfo: move /proc/sentry-meminfo to the required files list	Andrei Vagin	2024-07-15	1	-1/+1
\| \| \| \| \| \| \| \|	/proc/sentry-meminfo is read in checker.MachineInfo which can be called when serv.checkDone is set. Reported-by: syzbot+d19f30cd6ec6da371b86@syzkaller.appspotmail.com Signed-off-by: Andrei Vagin <avagin@google.com>
*	all: move KernelModule into vminfo package	Joey Jiao	2024-07-10	1	-6/+4
\|
*	vm/gvisor: add gvisor presubmit test	Andrei Vagin	2024-07-08	1	-0/+6
\| \| \| \| \| \| \|	Download the latest gvisor release and run the syz-manager smoke-test suite. Signed-off-by: Andrei Vagin <avagin@google.com>
*	pkg/vminfo: add /proc/kallsyms to required files	Joey Jiao	2024-07-03	1	-0/+1
\|
*	all: fix larger module size in /proc/modules	Joey Jiao	2024-07-03	1	-1/+5
\| \| \| \|	Module size from /proc/modules is bigger than that from .text size in elf.
*	pkg/vminfo: parse linux core kernel to get Addr and .text Size	Joey Jiao	2024-07-03	1	-0/+36
\|
*	pkg/vminfo: properly check existence of /dev/raw-gadget	Dmitry Vyukov	2024-06-24	1	-1/+0
\| \| \| \| \| \| \| \| \| \|	We don't have limitation of executing only one test program per syscall check, so do it properly. This also avoids priting the following warning on start: failed to read the following files in the VM: /dev/raw-gadget : Invalid argument
*	all: always use KernelModule ptr to unify usage	Joey Jiao	2024-06-17	1	-3/+3
\|
*	pkg/cover: move KernelModule from pkg/host	Dmitry Vyukov	2024-05-03	1	-4/+4
\| \| \| \| \| \|	In preparation for pkg/host removal. Nothing in pkg/host uses KernelModule, and pkg/cover is effectively the only user of KernelModule.
*	pkg/vminfo: check enabled syscalls on the host	Dmitry Vyukov	2024-05-02	1	-0/+9
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Move the syscall checking logic to the host. Diffing sets of disabled syscalls before/after this change in different configurations (none/setuid sandboxes, amd64/386 arches, large/small kernel configs) shows only some improvements/bug fixes. 1. socket$inet[6]_icmp are now enabled. Previously they were disabled due to net.ipv4.ping_group_range sysctl in the init namespace which prevented creation of ping sockets. In the new net namespace the sysctl gets default value which allows creation. 2. get_thread_area and set_thread_area are now disabled on amd64. They are available only in 32-bit mode, but they are present in /proc/kallsyms, so we enabled them always. 3. socket$bt_{bnep, cmtp, hidp, rfcomm} are now disabled. They cannot be created in non init net namespace. bt_sock_create() checks init_net and returns EAFNOSUPPORT immediately. This is a bug in descriptions we need to fix. Now we see it due to more precise checks. 4. fstat64/fstatat64/lstat64/stat64 are now enabled in 32-bit mode. They are not present in /proc/kallsyms as syscalls, so we have not enabled them. But they are available in 32-bit mode. 5. 78 openat variants + 10 socket variants + mount are now disabled with setuid sandbox. They are not permitted w/o root permissions, but we ignored that. This additionally leads to 700 transitively disabled syscalls. In all cases checking in the actual executor context/sandbox looks very positive, esp. for more restrictive sandboxes. Android sandbox should benefit as well. The additional benefit is full testability of the new code. The change includes only a basic test that covers all checks, and ensures the code does not crash/hang, all generated programs parse successfully, etc. But it's possible to unit-test every condition now. The new version also parallelizes checking across VMs, checking on a slow emulated qemu drops from 210 seconds to 140 seconds.
*	pkg/vminfo: add package	Dmitry Vyukov	2024-04-24	1	-0/+148
	This moves significant part of logic from the target to host (#1541), eventually this will allow us to switch target code from Go to C++. Currnetly syz-fuzzer parses a number of system files (/proc/cpuinfo) in non-trivial ways and passes that info to the host. This is problematic to recreate in C++. So instead make the fuzzer part as simple as possible: now it merely reads the gives set of files and returns contents. The rest of the parsing happens on the host (the new vminfo package). Package vminfo extracts information about the target VM. The package itself runs on the host, which may be a different OS/arch. User of the package first requests set of files that needs to be fetched from the VM (Checker.RequiredFiles), then fetches these files, and calls Checker.MachineInfo to parse the files and extract information about the VM. The information includes information about kernel modules and OS-specific info (for Linux that includes things like parsed /proc/cpuinfo). This also requires changing RPC flow between fuzzer and manager. Currently, Check call is optional and happens only for first VMs. With this change Check is always done because we need to return contents of the requested files always. The plan is to switch the rest of the pkg/host package to this scheme later: instead of some complex custom logic, we need to express it as some simple operations on the target (checking file presence, etc), and the rest of the logic on the host.