aboutsummaryrefslogtreecommitdiffstats
path: root/sys/linux/init_test.go
Commit message (Collapse)AuthorAgeFilesLines
* sys/linux: prohibit TIOCSSERIALDmitry Vyukov2019-12-191-8/+9
| | | | | | | | | | | | Replace TIOCSSERIAL with TIOCGSERIAL. TIOCSSERIAL can do nasty things under root, like causing writes to random memory pretty much like /dev/mem, but this is also working as intended. For details see: https://groups.google.com/g/syzkaller-bugs/c/1rVENJf9P4U/m/QtGpapRxAgAJ https://syzkaller.appspot.com/bug?extid=f4f1e871965064ae689e TODO: TIOCSSERIAL does some other things that are not dangerous and would be nice to test, if/when we can sanitize based on sandbox value we could prohibit it only under sandbox=none.
* sys/linux: enforce arguments of all syz_open_dev callsDmitry Vyukov2019-12-031-0/+13
| | | | | Opening random devices can lead to havoc. Enforce device major/minor.
* sys/linux: prohibit opening /proc/self/exeDmitry Vyukov2019-02-081-0/+16
| | | | | Fuzzer manages to open it and do bad things with it. Prevent it from doing so.
* sys/linux: move {i,fa}notify into own filesDmitry Vyukov2019-02-071-3/+3
|
* executor: remove ability to detect kernel bugsDmitry Vyukov2019-01-311-3/+3
| | | | | | | | This ability was never used but we maintain a bunch of code for it. syzkaller also recently learned to spoof this error code with some ptrace magic (probably intercepted control flow again and exploited executor binary). Drop all of it.
* prog: implement strict parsing modeDmitry Vyukov2018-12-101-2/+2
| | | | | | | Add bulk of checks for strict parsing mode. Probably not complete, but we can extend then in future as needed. Turns out we can't easily use it for serialized programs as they omit default args and during deserialization it looks like missing args.
* prog: introduce strict parsing modeDmitry Vyukov2018-12-101-1/+1
| | | | | | | | | | | Over time we relaxed parsing to handle all kinds of invalid programs (excessive/missing args, wrong types, etc). This is useful when reading old programs from corpus. But this is harmful for e.g. reading test inputs as they can become arbitrary outdated. For runtests which creates additional problem of executing not what is actually written in the test (or at least what author meant). Add strict parsing mode that does not tolerate any errors. For now it just checks excessive syscall arguments.
* sys/linux: update test for changed arch_prctl descriptionsDmitry Vyukov2018-11-191-4/+4
|
* sys/linux: prohibit FAN_OPEN_PERM and FAN_ACCESS_PERMDmitry Vyukov2018-10-151-0/+153
FAN_OPEN_PERM and FAN_ACCESS_PERM require the program to reply to open requests. If that does not happen, the program will hang in an unkillable state forever. See the following bug for details: https://groups.google.com/d/msg/syzkaller-bugs/pD-vbqJu6U0/kGH30p3lBgAJ
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-31 15:57:47 +0000