From 1b2a3c574905e3e59aa8e2f338bd6fbe2e7898d7 Mon Sep 17 00:00:00 2001 From: Alexander Potapenko Date: Wed, 23 Jul 2025 12:41:10 +0200 Subject: executor: sys/linux: use sparse IDs for SYZOS API Like we already do on ARM, use prime numbers multiplied by 10 for SYZOS API IDs to prevent the compiler from emitting a jump table in guest_main(). --- executor/common_kvm_amd64_syzos.h | 10 +++++++--- sys/linux/dev_kvm_amd64.txt | 4 ++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/executor/common_kvm_amd64_syzos.h b/executor/common_kvm_amd64_syzos.h index 706396d1a..787b982de 100644 --- a/executor/common_kvm_amd64_syzos.h +++ b/executor/common_kvm_amd64_syzos.h @@ -18,10 +18,14 @@ // Start/end of the guest section. extern char *__start_guest, *__stop_guest; +// Compilers will eagerly try to transform the switch statement in guest_main() +// into a jump table, unless the cases are sparse enough. +// We use prime numbers multiplied by 10 to prevent this behavior. +// Remember these constants must match those in sys/linux/dev_kvm_amd64.txt. typedef enum { - SYZOS_API_UEXIT, - SYZOS_API_CODE, - SYZOS_API_CPUID, + SYZOS_API_UEXIT = 0, + SYZOS_API_CODE = 10, + SYZOS_API_CPUID = 20, SYZOS_API_STOP, // Must be the last one } syzos_api_id; diff --git a/sys/linux/dev_kvm_amd64.txt b/sys/linux/dev_kvm_amd64.txt index f56ff63a6..a76e3be7f 100644 --- a/sys/linux/dev_kvm_amd64.txt +++ b/sys/linux/dev_kvm_amd64.txt @@ -52,8 +52,8 @@ syzos_api_cpuid { syzos_api_call$x86 [ uexit syzos_api$x86[0, intptr] - code syzos_api$x86[1, syzos_api_code$x86] - cpuid syzos_api$x86[2, syzos_api_cpuid] + code syzos_api$x86[10, syzos_api_code$x86] + cpuid syzos_api$x86[20, syzos_api_cpuid] ] [varlen] kvm_text_x86 [ -- cgit mrf-deployment