From 3a5604637f3a205052b07863f7157900a8bd936e Mon Sep 17 00:00:00 2001 From: Aleksandr Nogikh Date: Wed, 3 May 2023 17:20:07 +0200 Subject: executor: resolve pseudo syscall compilation problems --- executor/common.h | 10 +-- executor/common_bsd.h | 2 +- executor/common_linux.h | 7 +- executor/common_usb.h | 27 +++++--- executor/common_usb_linux.h | 83 +++++++++++++---------- executor/common_usb_netbsd.h | 2 +- pkg/csource/generated.go | 157 +++++++++++++++++++++++++++---------------- 7 files changed, 181 insertions(+), 107 deletions(-) diff --git a/executor/common.h b/executor/common.h index 26d964b65..efdb4496f 100644 --- a/executor/common.h +++ b/executor/common.h @@ -66,9 +66,9 @@ NORETURN void doexit_thread(int status) #endif #endif -#if SYZ_EXECUTOR || SYZ_MULTI_PROC || SYZ_REPEAT && SYZ_CGROUPS || \ - SYZ_NET_DEVICES || __NR_syz_mount_image || __NR_syz_read_part_table || \ - __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || \ +#if SYZ_EXECUTOR || SYZ_MULTI_PROC || SYZ_REPEAT && SYZ_CGROUPS || \ + SYZ_NET_DEVICES || __NR_syz_mount_image || __NR_syz_read_part_table || \ + __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_usbip_server_init || \ (GOOS_freebsd || GOOS_darwin || GOOS_openbsd || GOOS_netbsd) && SYZ_NET_INJECTION static unsigned long long procid; #endif @@ -192,7 +192,9 @@ static void kill_and_wait(int pid, int* status) #if !GOOS_windows #if SYZ_EXECUTOR || SYZ_THREADED || SYZ_REPEAT && SYZ_EXECUTOR_USES_FORK_SERVER || \ - __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_sleep_ms + __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_sleep_ms || \ + __NR_syz_usb_control_io || __NR_syz_usb_ep_read || __NR_syz_usb_ep_write || \ + __NR_syz_usb_disconnect static void sleep_ms(uint64 ms) { usleep(ms * 1000); diff --git a/executor/common_bsd.h b/executor/common_bsd.h index ca8635d27..4ed45d0bd 100644 --- a/executor/common_bsd.h +++ b/executor/common_bsd.h @@ -13,7 +13,7 @@ #if GOOS_netbsd -#if SYZ_EXECUTOR || __NR_syz_usb_connect +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_disconnect #include "common_usb_netbsd.h" #endif #if SYZ_EXECUTOR || SYZ_USB diff --git a/executor/common_linux.h b/executor/common_linux.h index a2736624a..f9de21c0a 100644 --- a/executor/common_linux.h +++ b/executor/common_linux.h @@ -111,6 +111,7 @@ static bool write_file(const char* file, const char* what, ...) #if SYZ_EXECUTOR || SYZ_NET_DEVICES || SYZ_NET_INJECTION || SYZ_DEVLINK_PCI || SYZ_WIFI || SYZ_802154 || \ __NR_syz_genetlink_get_family_id || __NR_syz_80211_inject_frame || __NR_syz_80211_join_ibss || SYZ_NIC_VF #include +#include #include #include #include @@ -2364,7 +2365,9 @@ static long syz_extract_tcp_res(volatile long a0, volatile long a1, volatile lon #define MAX_FDS 30 #endif -#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || \ + __NR_syz_usb_ep_write || __NR_syz_usb_ep_read || __NR_syz_usb_control_io || \ + __NR_syz_usb_disconnect #include #include #include @@ -2889,6 +2892,7 @@ static long syz_genetlink_get_family_id(volatile long name, volatile long sock_a #include #include #include +#include #include #include #include @@ -5314,6 +5318,7 @@ static volatile long syz_fuse_handle_req(volatile long a0, // /dev/fuse fd. #endif #if SYZ_EXECUTOR || __NR_syz_80211_inject_frame +#include #include #include #include diff --git a/executor/common_usb.h b/executor/common_usb.h index 1cc4be980..fb3e4dce6 100644 --- a/executor/common_usb.h +++ b/executor/common_usb.h @@ -47,7 +47,21 @@ struct usb_info { struct usb_device_index index; }; +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || \ + __NR_syz_usb_control_io || __NR_syz_usb_ep_read || __NR_syz_usb_ep_write static struct usb_info usb_devices[USB_MAX_FDS]; + +static struct usb_device_index* lookup_usb_index(int fd) +{ + for (int i = 0; i < USB_MAX_FDS; i++) { + if (__atomic_load_n(&usb_devices[i].fd, __ATOMIC_ACQUIRE) == fd) + return &usb_devices[i].index; + } + return NULL; +} +#endif + +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k static int usb_devices_num; static bool parse_usb_descriptor(const char* buffer, size_t length, struct usb_device_index* index) @@ -114,14 +128,7 @@ static struct usb_device_index* add_usb_index(int fd, const char* dev, size_t de return &usb_devices[i].index; } -static struct usb_device_index* lookup_usb_index(int fd) -{ - for (int i = 0; i < USB_MAX_FDS; i++) { - if (__atomic_load_n(&usb_devices[i].fd, __ATOMIC_ACQUIRE) == fd) - return &usb_devices[i].index; - } - return NULL; -} +#endif // #if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k #if USB_DEBUG @@ -560,6 +567,8 @@ struct vusb_connect_descriptors { struct vusb_connect_string_descriptor strs[0]; } __attribute__((packed)); +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k + static const char default_string[] = { 8, USB_DT_STRING, 's', 0, 'y', 0, 'z', 0 // UTF16-encoded "syz" @@ -653,6 +662,8 @@ static bool lookup_connect_response_in(int fd, const struct vusb_connect_descrip return false; } +#endif // #if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k + // lookup_connect_response_out() functions process a USB OUT request and return in *done // whether this is the last request that must be handled by syz_usb_connect* pseudo-syscalls. diff --git a/executor/common_usb_linux.h b/executor/common_usb_linux.h index 82dcbade2..ed45426a1 100644 --- a/executor/common_usb_linux.h +++ b/executor/common_usb_linux.h @@ -81,6 +81,7 @@ struct usb_raw_eps_info { #define USB_RAW_IOCTL_EP_CLEAR_HALT _IOW('U', 14, __u32) #define USB_RAW_IOCTL_EP_SET_WEDGE _IOW('U', 15, __u32) +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k static int usb_raw_open() { return open("/dev/raw-gadget", O_RDWR); @@ -99,60 +100,67 @@ static int usb_raw_run(int fd) { return ioctl(fd, USB_RAW_IOCTL_RUN, 0); } +#endif // #if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k -static int usb_raw_event_fetch(int fd, struct usb_raw_event* event) +#if SYZ_EXECUTOR || __NR_syz_usb_ep_write +static int usb_raw_ep_write(int fd, struct usb_raw_ep_io* io) { - return ioctl(fd, USB_RAW_IOCTL_EVENT_FETCH, event); + return ioctl(fd, USB_RAW_IOCTL_EP_WRITE, io); } +#endif // SYZ_EXECUTOR || __NR_syz_usb_ep_write -static int usb_raw_ep0_write(int fd, struct usb_raw_ep_io* io) +#if SYZ_EXECUTOR || __NR_syz_usb_ep_read +static int usb_raw_ep_read(int fd, struct usb_raw_ep_io* io) { - return ioctl(fd, USB_RAW_IOCTL_EP0_WRITE, io); + return ioctl(fd, USB_RAW_IOCTL_EP_READ, io); } +#endif // SYZ_EXECUTOR || __NR_syz_usb_ep_read -static int usb_raw_ep0_read(int fd, struct usb_raw_ep_io* io) +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k + +static int usb_raw_configure(int fd) { - return ioctl(fd, USB_RAW_IOCTL_EP0_READ, io); + return ioctl(fd, USB_RAW_IOCTL_CONFIGURE, 0); } -#if SYZ_EXECUTOR || __NR_syz_usb_ep_write -static int usb_raw_ep_write(int fd, struct usb_raw_ep_io* io) +static int usb_raw_vbus_draw(int fd, uint32 power) { - return ioctl(fd, USB_RAW_IOCTL_EP_WRITE, io); + return ioctl(fd, USB_RAW_IOCTL_VBUS_DRAW, power); } -#endif // SYZ_EXECUTOR || __NR_syz_usb_ep_write -#if SYZ_EXECUTOR || __NR_syz_usb_ep_read -static int usb_raw_ep_read(int fd, struct usb_raw_ep_io* io) +#endif // #if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k + +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_usb_control_io +static int usb_raw_ep0_write(int fd, struct usb_raw_ep_io* io) { - return ioctl(fd, USB_RAW_IOCTL_EP_READ, io); + return ioctl(fd, USB_RAW_IOCTL_EP0_WRITE, io); } -#endif // SYZ_EXECUTOR || __NR_syz_usb_ep_read -static int usb_raw_ep_enable(int fd, struct usb_endpoint_descriptor* desc) +static int usb_raw_ep0_read(int fd, struct usb_raw_ep_io* io) { - return ioctl(fd, USB_RAW_IOCTL_EP_ENABLE, desc); + return ioctl(fd, USB_RAW_IOCTL_EP0_READ, io); } -static int usb_raw_ep_disable(int fd, int ep) +static int usb_raw_event_fetch(int fd, struct usb_raw_event* event) { - return ioctl(fd, USB_RAW_IOCTL_EP_DISABLE, ep); + return ioctl(fd, USB_RAW_IOCTL_EVENT_FETCH, event); } -static int usb_raw_configure(int fd) +static int usb_raw_ep_enable(int fd, struct usb_endpoint_descriptor* desc) { - return ioctl(fd, USB_RAW_IOCTL_CONFIGURE, 0); + return ioctl(fd, USB_RAW_IOCTL_EP_ENABLE, desc); } -static int usb_raw_vbus_draw(int fd, uint32 power) +static int usb_raw_ep_disable(int fd, int ep) { - return ioctl(fd, USB_RAW_IOCTL_VBUS_DRAW, power); + return ioctl(fd, USB_RAW_IOCTL_EP_DISABLE, ep); } static int usb_raw_ep0_stall(int fd) { return ioctl(fd, USB_RAW_IOCTL_EP0_STALL, 0); } +#endif // #if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_usb_control_io #if SYZ_EXECUTOR || __NR_syz_usb_control_io static int lookup_interface(int fd, uint8 bInterfaceNumber, uint8 bAlternateSetting) @@ -186,6 +194,20 @@ static int lookup_endpoint(int fd, uint8 bEndpointAddress) } #endif // SYZ_EXECUTOR || __NR_syz_usb_ep_write || __NR_syz_usb_ep_read +#define USB_MAX_PACKET_SIZE 4096 + +struct usb_raw_control_event { + struct usb_raw_event inner; + struct usb_ctrlrequest ctrl; + char data[USB_MAX_PACKET_SIZE]; +}; + +struct usb_raw_ep_io_data { + struct usb_raw_ep_io inner; + char data[USB_MAX_PACKET_SIZE]; +}; + +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_usb_control_io static void set_interface(int fd, int n) { struct usb_device_index* index = lookup_usb_index(fd); @@ -219,7 +241,9 @@ static void set_interface(int fd, int n) index->iface_cur = n; } } +#endif // #if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_usb_control_io +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k static int configure_device(int fd) { struct usb_device_index* index = lookup_usb_index(fd); @@ -241,19 +265,6 @@ static int configure_device(int fd) return 0; } -#define USB_MAX_PACKET_SIZE 4096 - -struct usb_raw_control_event { - struct usb_raw_event inner; - struct usb_ctrlrequest ctrl; - char data[USB_MAX_PACKET_SIZE]; -}; - -struct usb_raw_ep_io_data { - struct usb_raw_ep_io inner; - char data[USB_MAX_PACKET_SIZE]; -}; - static volatile long syz_usb_connect_impl(uint64 speed, uint64 dev_len, const char* dev, const struct vusb_connect_descriptors* descs, lookup_connect_out_response_t lookup_connect_response_out) @@ -392,6 +403,8 @@ static volatile long syz_usb_connect_impl(uint64 speed, uint64 dev_len, const ch return fd; } +#endif // #if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k + #if SYZ_EXECUTOR || __NR_syz_usb_connect static volatile long syz_usb_connect(volatile long a0, volatile long a1, volatile long a2, volatile long a3) { diff --git a/executor/common_usb_netbsd.h b/executor/common_usb_netbsd.h index 8705856d9..562d78278 100644 --- a/executor/common_usb_netbsd.h +++ b/executor/common_usb_netbsd.h @@ -149,6 +149,7 @@ struct usb_qualifier_descriptor { #define USB_REQ_GET_VDM 23 #define USB_REQ_SEND_VDM 24 +#if SYZ_EXECUTOR || __NR_syz_usb_connect #include "common_usb.h" static int vhci_open(void) @@ -307,7 +308,6 @@ static volatile long syz_usb_connect_impl(int fd, uint64 speed, uint64 dev_len, return fd; } -#if SYZ_EXECUTOR || __NR_syz_usb_connect static volatile long syz_usb_connect(volatile long a0, volatile long a1, volatile long a2, volatile long a3) { diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go index bb62ff41a..9f73f41e4 100644 --- a/pkg/csource/generated.go +++ b/pkg/csource/generated.go @@ -59,9 +59,9 @@ NORETURN void doexit_thread(int status) #endif #endif -#if SYZ_EXECUTOR || SYZ_MULTI_PROC || SYZ_REPEAT && SYZ_CGROUPS || \ - SYZ_NET_DEVICES || __NR_syz_mount_image || __NR_syz_read_part_table || \ - __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || \ +#if SYZ_EXECUTOR || SYZ_MULTI_PROC || SYZ_REPEAT && SYZ_CGROUPS || \ + SYZ_NET_DEVICES || __NR_syz_mount_image || __NR_syz_read_part_table || \ + __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_usbip_server_init || \ (GOOS_freebsd || GOOS_darwin || GOOS_openbsd || GOOS_netbsd) && SYZ_NET_INJECTION static unsigned long long procid; #endif @@ -165,7 +165,9 @@ static void kill_and_wait(int pid, int* status) #if !GOOS_windows #if SYZ_EXECUTOR || SYZ_THREADED || SYZ_REPEAT && SYZ_EXECUTOR_USES_FORK_SERVER || \ - __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_sleep_ms + __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_sleep_ms || \ + __NR_syz_usb_control_io || __NR_syz_usb_ep_read || __NR_syz_usb_ep_write || \ + __NR_syz_usb_disconnect static void sleep_ms(uint64 ms) { usleep(ms * 1000); @@ -492,7 +494,7 @@ void child() #if GOOS_netbsd -#if SYZ_EXECUTOR || __NR_syz_usb_connect +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_disconnect #include #include @@ -636,6 +638,8 @@ struct usb_qualifier_descriptor { #define USB_REQ_GET_VDM 23 #define USB_REQ_SEND_VDM 24 +#if SYZ_EXECUTOR || __NR_syz_usb_connect + #define USB_MAX_IFACE_NUM 4 #define USB_MAX_EP_NUM 32 #define USB_MAX_FDS 6 @@ -670,7 +674,21 @@ struct usb_info { struct usb_device_index index; }; +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || \ + __NR_syz_usb_control_io || __NR_syz_usb_ep_read || __NR_syz_usb_ep_write static struct usb_info usb_devices[USB_MAX_FDS]; + +static struct usb_device_index* lookup_usb_index(int fd) +{ + for (int i = 0; i < USB_MAX_FDS; i++) { + if (__atomic_load_n(&usb_devices[i].fd, __ATOMIC_ACQUIRE) == fd) + return &usb_devices[i].index; + } + return NULL; +} +#endif + +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k static int usb_devices_num; static bool parse_usb_descriptor(const char* buffer, size_t length, struct usb_device_index* index) @@ -734,14 +752,7 @@ static struct usb_device_index* add_usb_index(int fd, const char* dev, size_t de return &usb_devices[i].index; } -static struct usb_device_index* lookup_usb_index(int fd) -{ - for (int i = 0; i < USB_MAX_FDS; i++) { - if (__atomic_load_n(&usb_devices[i].fd, __ATOMIC_ACQUIRE) == fd) - return &usb_devices[i].index; - } - return NULL; -} +#endif #if USB_DEBUG @@ -1168,6 +1179,8 @@ struct vusb_connect_descriptors { struct vusb_connect_string_descriptor strs[0]; } __attribute__((packed)); +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k + static const char default_string[] = { 8, USB_DT_STRING, 's', 0, 'y', 0, 'z', 0 @@ -1255,6 +1268,8 @@ static bool lookup_connect_response_in(int fd, const struct vusb_connect_descrip return false; } +#endif + typedef bool (*lookup_connect_out_response_t)(int fd, const struct vusb_connect_descriptors* descs, const struct usb_ctrlrequest* ctrl, bool* done); @@ -1565,7 +1580,6 @@ static volatile long syz_usb_connect_impl(int fd, uint64 speed, uint64 dev_len, return fd; } -#if SYZ_EXECUTOR || __NR_syz_usb_connect static volatile long syz_usb_connect(volatile long a0, volatile long a1, volatile long a2, volatile long a3) { @@ -2748,6 +2762,7 @@ static bool write_file(const char* file, const char* what, ...) #if SYZ_EXECUTOR || SYZ_NET_DEVICES || SYZ_NET_INJECTION || SYZ_DEVLINK_PCI || SYZ_WIFI || SYZ_802154 || \ __NR_syz_genetlink_get_family_id || __NR_syz_80211_inject_frame || __NR_syz_80211_join_ibss || SYZ_NIC_VF #include +#include #include #include #include @@ -4788,7 +4803,9 @@ static long syz_extract_tcp_res(volatile long a0, volatile long a1, volatile lon #define MAX_FDS 30 #endif -#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || \ + __NR_syz_usb_ep_write || __NR_syz_usb_ep_read || __NR_syz_usb_control_io || \ + __NR_syz_usb_disconnect #include #include #include @@ -4834,7 +4851,21 @@ struct usb_info { struct usb_device_index index; }; +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || \ + __NR_syz_usb_control_io || __NR_syz_usb_ep_read || __NR_syz_usb_ep_write static struct usb_info usb_devices[USB_MAX_FDS]; + +static struct usb_device_index* lookup_usb_index(int fd) +{ + for (int i = 0; i < USB_MAX_FDS; i++) { + if (__atomic_load_n(&usb_devices[i].fd, __ATOMIC_ACQUIRE) == fd) + return &usb_devices[i].index; + } + return NULL; +} +#endif + +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k static int usb_devices_num; static bool parse_usb_descriptor(const char* buffer, size_t length, struct usb_device_index* index) @@ -4898,14 +4929,7 @@ static struct usb_device_index* add_usb_index(int fd, const char* dev, size_t de return &usb_devices[i].index; } -static struct usb_device_index* lookup_usb_index(int fd) -{ - for (int i = 0; i < USB_MAX_FDS; i++) { - if (__atomic_load_n(&usb_devices[i].fd, __ATOMIC_ACQUIRE) == fd) - return &usb_devices[i].index; - } - return NULL; -} +#endif #if USB_DEBUG @@ -5332,6 +5356,8 @@ struct vusb_connect_descriptors { struct vusb_connect_string_descriptor strs[0]; } __attribute__((packed)); +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k + static const char default_string[] = { 8, USB_DT_STRING, 's', 0, 'y', 0, 'z', 0 @@ -5419,6 +5445,8 @@ static bool lookup_connect_response_in(int fd, const struct vusb_connect_descrip return false; } +#endif + typedef bool (*lookup_connect_out_response_t)(int fd, const struct vusb_connect_descriptors* descs, const struct usb_ctrlrequest* ctrl, bool* done); @@ -5647,6 +5675,7 @@ struct usb_raw_eps_info { #define USB_RAW_IOCTL_EP_CLEAR_HALT _IOW('U', 14, __u32) #define USB_RAW_IOCTL_EP_SET_WEDGE _IOW('U', 15, __u32) +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k static int usb_raw_open() { return open("/dev/raw-gadget", O_RDWR); @@ -5665,60 +5694,67 @@ static int usb_raw_run(int fd) { return ioctl(fd, USB_RAW_IOCTL_RUN, 0); } +#endif -static int usb_raw_event_fetch(int fd, struct usb_raw_event* event) +#if SYZ_EXECUTOR || __NR_syz_usb_ep_write +static int usb_raw_ep_write(int fd, struct usb_raw_ep_io* io) { - return ioctl(fd, USB_RAW_IOCTL_EVENT_FETCH, event); + return ioctl(fd, USB_RAW_IOCTL_EP_WRITE, io); } +#endif -static int usb_raw_ep0_write(int fd, struct usb_raw_ep_io* io) +#if SYZ_EXECUTOR || __NR_syz_usb_ep_read +static int usb_raw_ep_read(int fd, struct usb_raw_ep_io* io) { - return ioctl(fd, USB_RAW_IOCTL_EP0_WRITE, io); + return ioctl(fd, USB_RAW_IOCTL_EP_READ, io); } +#endif -static int usb_raw_ep0_read(int fd, struct usb_raw_ep_io* io) +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k + +static int usb_raw_configure(int fd) { - return ioctl(fd, USB_RAW_IOCTL_EP0_READ, io); + return ioctl(fd, USB_RAW_IOCTL_CONFIGURE, 0); } -#if SYZ_EXECUTOR || __NR_syz_usb_ep_write -static int usb_raw_ep_write(int fd, struct usb_raw_ep_io* io) +static int usb_raw_vbus_draw(int fd, uint32 power) { - return ioctl(fd, USB_RAW_IOCTL_EP_WRITE, io); + return ioctl(fd, USB_RAW_IOCTL_VBUS_DRAW, power); } + #endif -#if SYZ_EXECUTOR || __NR_syz_usb_ep_read -static int usb_raw_ep_read(int fd, struct usb_raw_ep_io* io) +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_usb_control_io +static int usb_raw_ep0_write(int fd, struct usb_raw_ep_io* io) { - return ioctl(fd, USB_RAW_IOCTL_EP_READ, io); + return ioctl(fd, USB_RAW_IOCTL_EP0_WRITE, io); } -#endif -static int usb_raw_ep_enable(int fd, struct usb_endpoint_descriptor* desc) +static int usb_raw_ep0_read(int fd, struct usb_raw_ep_io* io) { - return ioctl(fd, USB_RAW_IOCTL_EP_ENABLE, desc); + return ioctl(fd, USB_RAW_IOCTL_EP0_READ, io); } -static int usb_raw_ep_disable(int fd, int ep) +static int usb_raw_event_fetch(int fd, struct usb_raw_event* event) { - return ioctl(fd, USB_RAW_IOCTL_EP_DISABLE, ep); + return ioctl(fd, USB_RAW_IOCTL_EVENT_FETCH, event); } -static int usb_raw_configure(int fd) +static int usb_raw_ep_enable(int fd, struct usb_endpoint_descriptor* desc) { - return ioctl(fd, USB_RAW_IOCTL_CONFIGURE, 0); + return ioctl(fd, USB_RAW_IOCTL_EP_ENABLE, desc); } -static int usb_raw_vbus_draw(int fd, uint32 power) +static int usb_raw_ep_disable(int fd, int ep) { - return ioctl(fd, USB_RAW_IOCTL_VBUS_DRAW, power); + return ioctl(fd, USB_RAW_IOCTL_EP_DISABLE, ep); } static int usb_raw_ep0_stall(int fd) { return ioctl(fd, USB_RAW_IOCTL_EP0_STALL, 0); } +#endif #if SYZ_EXECUTOR || __NR_syz_usb_control_io static int lookup_interface(int fd, uint8 bInterfaceNumber, uint8 bAlternateSetting) @@ -5752,6 +5788,20 @@ static int lookup_endpoint(int fd, uint8 bEndpointAddress) } #endif +#define USB_MAX_PACKET_SIZE 4096 + +struct usb_raw_control_event { + struct usb_raw_event inner; + struct usb_ctrlrequest ctrl; + char data[USB_MAX_PACKET_SIZE]; +}; + +struct usb_raw_ep_io_data { + struct usb_raw_ep_io inner; + char data[USB_MAX_PACKET_SIZE]; +}; + +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k || __NR_syz_usb_control_io static void set_interface(int fd, int n) { struct usb_device_index* index = lookup_usb_index(fd); @@ -5785,7 +5835,9 @@ static void set_interface(int fd, int n) index->iface_cur = n; } } +#endif +#if SYZ_EXECUTOR || __NR_syz_usb_connect || __NR_syz_usb_connect_ath9k static int configure_device(int fd) { struct usb_device_index* index = lookup_usb_index(fd); @@ -5807,19 +5859,6 @@ static int configure_device(int fd) return 0; } -#define USB_MAX_PACKET_SIZE 4096 - -struct usb_raw_control_event { - struct usb_raw_event inner; - struct usb_ctrlrequest ctrl; - char data[USB_MAX_PACKET_SIZE]; -}; - -struct usb_raw_ep_io_data { - struct usb_raw_ep_io inner; - char data[USB_MAX_PACKET_SIZE]; -}; - static volatile long syz_usb_connect_impl(uint64 speed, uint64 dev_len, const char* dev, const struct vusb_connect_descriptors* descs, lookup_connect_out_response_t lookup_connect_response_out) @@ -5955,6 +5994,8 @@ static volatile long syz_usb_connect_impl(uint64 speed, uint64 dev_len, const ch return fd; } +#endif + #if SYZ_EXECUTOR || __NR_syz_usb_connect static volatile long syz_usb_connect(volatile long a0, volatile long a1, volatile long a2, volatile long a3) { @@ -6990,6 +7031,7 @@ static int puff_zlib_to_file(const unsigned char* source, unsigned long sourcele #include #include #include +#include #include #include #include @@ -11498,6 +11540,7 @@ static volatile long syz_fuse_handle_req(volatile long a0, #endif #if SYZ_EXECUTOR || __NR_syz_80211_inject_frame +#include #include #include #include -- cgit mrf-deployment