From c3a6603be2cc031a8f2fa69e757e04a4ce647080 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Wed, 14 Aug 2024 17:46:34 +0200
Subject: executor: protect kcov/output regions with pkeys

Protect KCOV regions with pkeys if they are available.
Protect output region with pkeys in snapshot mode.
Snapshot mode is especially sensitive to output buffer corruption
since its location is not randomized.
---
 executor/common_linux.h | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'executor/common_linux.h')

diff --git a/executor/common_linux.h b/executor/common_linux.h
index 193afcdda..3669dee0f 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -5712,10 +5712,16 @@ static long syz_clone3(volatile long a0, volatile long a1)
 #endif
 
 #if SYZ_EXECUTOR || __NR_syz_pkey_set
+#include <errno.h>
+#define RESERVED_PKEY 15
 // syz_pkey_set(key pkey, val flags[pkey_flags])
 static long syz_pkey_set(volatile long pkey, volatile long val)
 {
 #if GOARCH_amd64 || GOARCH_386
+	if (pkey == RESERVED_PKEY) {
+		errno = EINVAL;
+		return -1;
+	}
 	uint32 eax = 0;
 	uint32 ecx = 0;
 	asm volatile("rdpkru"
-- 
cgit mrf-deployment