From 09ff5abc02a0e38bb275a91380fc03d6cd0d47a5 Mon Sep 17 00:00:00 2001 From: Andrey Konovalov Date: Wed, 1 Apr 2020 19:37:07 +0200 Subject: csource, executor: add usb emulation feature The feature gets enabled when /dev/raw-gadget is present and accessible. With this feature enabled, executor will do chmod 0666 /dev/raw-gadget on startup, which makes it possible to do USB fuzzing in setuid and namespace sandboxes. There should be no backwards compatibility issues with syz reproducers that don't explicitly enable this feature, as they currently only work in none sandbox. --- executor/common.h | 3 +++ executor/common_linux.h | 8 ++++++++ executor/executor_linux.h | 1 + 3 files changed, 12 insertions(+) (limited to 'executor') diff --git a/executor/common.h b/executor/common.h index 8591110be..04e51cd2a 100644 --- a/executor/common.h +++ b/executor/common.h @@ -708,6 +708,9 @@ int main(void) #if SYZ_KCSAN setup_kcsan(); #endif +#if SYZ_USB + setup_usb(); +#endif #if SYZ_HANDLE_SEGV install_segv_handler(); diff --git a/executor/common_linux.h b/executor/common_linux.h index 30b6309c9..772d98c03 100644 --- a/executor/common_linux.h +++ b/executor/common_linux.h @@ -3514,3 +3514,11 @@ static void setup_kcsan_filterlist(char** frames, int nframes, bool blacklist) #define SYZ_HAVE_KCSAN 1 #endif #endif + +#if SYZ_EXECUTOR || SYZ_USB +static void setup_usb() +{ + if (chmod("/dev/raw-gadget", 0666)) + fail("failed to chmod /dev/raw-gadget"); +} +#endif diff --git a/executor/executor_linux.h b/executor/executor_linux.h index d4220c23f..33f4e377a 100644 --- a/executor/executor_linux.h +++ b/executor/executor_linux.h @@ -224,6 +224,7 @@ static feature_t features[] = { {"fault", setup_fault}, {"binfmt_misc", setup_binfmt_misc}, {"kcsan", setup_kcsan}, + {"usb", setup_usb}, }; static void setup_machine() -- cgit mrf-deployment