| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Add compiler flags to syz-extract to handle wide character constants and suppress implicit function declaration warnings
in kernel headers.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extract info about function scopes formed by switch'es on function arguments.
For example if we have:
void foo(..., int cmd, ...)
{
...
switch (cmd) {
case FOO:
... block 1 ...
case BAR:
... block 2 ...
}
...
}
We record that any data flow within block 1 is only relevant
when foo's arg cmd has value FOO, similarly for block 2 and BAR.
This allows to do 3 things:
1. Locate ioctl commands that are switched on within transitively
called functions.
2. Infer return value for each ioctl command.
3. Infer argument type when it's not specified in _IO macro.
This will also allow to infer other multiplexed syscalls.
Descriptions generated on Linux commit c4b9570cfb63501.
|
| |
|
|
|
|
|
| |
Add few more hacks to support few more cases.
In particular including kvm headers for arm.
It will be harder to avoid all these with auto-generated
descriptions that pull in lots of random headers.
|
| | |
|
| |
|
|
|
| |
This parameter defines the number of cores dedicated to the kernel build
process. By default, it's equal to the number of available CPUs.
|
| | |
|
| |
|
|
| |
Change-Id: Iffb23c0789bb7cff341b68274a8a2efcbdd7598d
|
| |
|
|
| |
It contributes to #4285 unblocking.
|
| | |
|
| |
|
|
|
| |
Add this as an option to syz-ci and syz-build tools.
Otherwise we cannot use clang + ld.lld for kernel builds.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have a bunch of hacks in syz-extract, syz-sysgen and syz-check
with respect to description files unsupported on some arches,
or that must not be part of make extract.
Add 2 meta attribtues to files:
meta noextract
Tells `make extract` to not extract constants for this file.
Though, `syz-extract` can still be invoked manually on this file.
meta arches["arch1", "arch2"]
Restricts this file only to the given set of architectures.
`make extract` and ``make generate` will not use it on other architectures.
Later we can potentially use meta attributes to specify git tree/commit
that must be used for extraction. Maybe something else.
Fixes #2754
|
| |
|
|
|
|
|
| |
syz-env make extract fails on upstream commit d1587f7bfe:
/usr/bin/env: 'python3': No such file or directory
make[3]: *** [Makefile:72: bpf/resolve_btfids] Error 2
|
| |
|
|
|
|
| |
Currently fails with:
<stdin>:7:10: fatal error: asm/msr.h: No such file or directory
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Change #2755 disabled KVM for arm64/ppc64, but KVM is supported on these arches
and has extensive support. It's pity to lose that support.
The real root cause of the problem with arm64/ppc64 is that some severe compilation
errors terminated compilation and did not let compiler spew all error messages.
As the result we did not parse all of them and did not disable all of them.
Re-try compilation multiple times instead of just 2 to fix this.
Update #2754
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is impossible to compile a number of definitions in
include/uapi/linux/kvm.h for other platforms, which leads
to syz-extract failing to update constants.
Skip processing of this file for all arches except i386 and
amd64.
This is a hacky and (hopefully) temporary solution until #2754
is implemented.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
We currently only support native build in pkg/build (does not even pass ARCH).
Move the existing cross-compilation logic from sys/syz-extract/linux.go
and reuse it in both places.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We use strings to identify OS/Arch.
These strings are duplicated throughout the code base massively.
golangci-lint points to possiblity of typos and duplication.
We already had to define these names in pkg/csource
and disable checking for prog package. A future change triggers
such warnings in another package.
Add OS/Arch name consts to sys/targets so that they can be used
to refer to OS/Arch. Use the consts everywhere.
|
| |
|
|
|
|
|
| |
The Linux RISC-V port in linux-next doesn't support KVM yet. Ignore it
for now until KVM support is added upstream.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Introduce the new target flag 'LittleEndian' which specifies
of which endianness the target is.
* Introduce the new requires flag 'littleendian' for tests to
selectively enable/disable tests on either little-endian architectures
or big-endian ones.
* Disable KD unit test on s390x architecture because the test
works only on little-endian architecture.
Signed-off-by: Alexander Egorenkov <Alexander.Egorenkov@ibm.com>
|
| |
|
|
|
| |
pkg/ast now uses full paths since 554f8f39c57d91c1be8724cf4054424c9fb5f151.
Fix syz-extract accordingly.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Allow targets.go use Clang instead of the default Linux compiler by
setting the SYZ_CLANG=1 env var. Doing so changes the compiler to
"clang" and the linker to "ld.ldd", assuming they are in $PATH, and adds
the --target and -ferror-limit CFLAGS.
Target also exports KernelCompiler and KernelLinker fields now, which allows
overriding the compiler and linker in the kernel make invocation.
Signed-off-by: Alexander Potapenko <glider@google.com>
|
| |
|
|
|
|
|
| |
This field will soon be used in Clang builds. Also, we'd better
encapsulate compiler name generation in targets.go
Signed-off-by: Alexander Potapenko <glider@google.com>
|
| |
|
|
|
|
|
|
|
| |
Renamed Target.BrokenCrossCompiler to Target.BrokenCompiler and
Target.CrossCFlags to Target.CFlags
"Everything in Target is about Cross now."
Signed-off-by: Alexander Potapenko <glider@google.com>
|
| |
|
|
| |
This makes the build completely hermetic.
|
| |
|
|
|
|
| |
We only run for the current arch, but it's not enough
to clean a build for another arch.
Run mrproper for all non-clean arches.
|
| |
|
|
|
|
|
|
|
|
|
| |
On the current linux-next:
f19bb13a0eaf0034a603e3b54a7c3a50faf6821e (next-20200414)
EXT4_EOFBLOCKS_FL was removed by 4337ecd1fe997d2b2135b4434caaccdb47c10c06
ARM does not support KVM anymore, removed by 541ad0150ca4 ("arm: Remove 32bit KVM host support").
Fixes #1676
|
| |
|
|
|
| |
Couple of include paths are needed for syz-extract to work for
mips64ler2.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add a second mode that extracts constant values from
ELF object, instead of running the executable.
This allows to not (1) link binaries, (2) use proper cross-compiler.
It finally fixes 386/arm extracts for my distro.
Hopefully not makes things worse for others,
should generally be safer/more reliable.
The current mode is left b/c I can't test all OSes,
windows binaries are not ELF, so we may need it anyway.
But later we may switch more OSes to this new mode
if they break (fuchsia?).
|
| |
|
|
|
|
|
| |
On my Debian gcc -m32 is hopelessly broken.
Using clang fixes at least arch 386.
Arch arm is still broken b/c clang does not like
some of kernel arm inline assemly constraints.
|
| |
|
|
|
|
|
|
| |
Regenerate consts on linux-next next-20191125.
DEVLINK_ATTR_NETNS_* consts were chifted by 1.
__BPF_FUNC_MAX_ID increased as usual.
CRYPTO_ALG_TYPE_BLKCIPHER, CRYPTO_ALG_TYPE_ABLKCIPHER were removed,
replace them with CRYPTO_ALG_TYPE_SKCIPHER.
|
| |
|
|
|
|
| |
Instead of defining the __GLIBC_USE macro on every OS, we are just
defining it based on a parameter. That parameter is set to false for all
OSs except for fuchsia.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
make extract recently broke for powerpc on linux-next with:
include/uapi/linux/byteorder/big_endian.h:6:2: error: #error "Unsupported endianness, check your toolchain"
#error "Unsupported endianness, check your toolchain"
Turns out we always built ppc64le headers as big-endian.
First, kernel was configured as BE.
Then, we used gcc to build an executable program for host
and on x86 gcc does not define __LITTLE_ENDIAN__ so kernel
thought that the toolchain is BE too.
Configure kernel as LE and define __LITTLE_ENDIAN__.
This actually changes values of some consts,
but fortunately just few of them.
|
| |
|
|
|
|
|
| |
1. Generate .const files for all arches.
2. Don't extract mptcp consts on android.
3. Remove mptcp includes from vnet.txt.
4. Enable CONFIG_MPTCP in syz-extract (mptcp is not like all other kernel headers).
|
| |
|
|
|
| |
CrossCFlags now contains some warning-related flags like -Wall.
Some of these break kernel build, don't add any warning-related flags.
|
| |
|
|
|
|
| |
Kernel modules are in different directories in some cases,
so to include the headers in the module dir or other directories
the includedirs flag is added.
ex: -includedirs path1/include,path2/include
|
| |
|
|
|
|
|
|
| |
The latest Linux kernel misses some arch-specific headers on some archs:
asm/a.out.h
asm/prctl.h
asm/mce.h
Support that.
|
| |
|
|
| |
Fix typos, non-canonical code, remove dead code, etc.
|
| | |
|
| |
|
|
| |
mrproper takes unreasonable amount of time.
|
| |
|
|
|
|
|
| |
__NR_mmap is missing on arm entirely,
so we disable mmap during generate.
Patch mmap to mmap2 right in syz-extract,
so that mmap is never missing.
|
| |
|
|
|
|
|
|
| |
Kernels are standalone implementations and can have their own
implementations of functions that have different prototypes than
the standard ones. In the NetBSD case the kernel printf returns
void, and it is declared in <sys/systm.h> so avoid re-declaring it.
Select if we are going to declare printf or not depending on the OS.
|
| |
|
|
|
|
|
| |
Each arch duplicates significant portion of logic
to compile the extract source file.
Factor this logic into a separate function and reuse
it across all OSes.
|
| | |
|
| |
|
