From 88e3a1226bc591d81c1fb98e83cb63cd4f341c6e Mon Sep 17 00:00:00 2001
From: Andrey Artemiev <artemiev@google.com>
Date: Sat, 6 Aug 2022 05:17:33 -0700
Subject: pkg/csource, pkg/instance, pkg/ipc, pkg/mgrconfig, tools/syz-prog2c,
 syz-manager: introduce a new setting 'sandbox_arg' (#3263)

---
 executor/common_linux.h | 11 ++++++-----
 executor/executor.cc    |  6 +++++-
 2 files changed, 11 insertions(+), 6 deletions(-)

(limited to 'executor')

diff --git a/executor/common_linux.h b/executor/common_linux.h
index 24f553848..21bde3bb6 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -4163,7 +4163,7 @@ static void setfilecon(const char* path, const char* context)
 
 #define SYZ_HAVE_SANDBOX_ANDROID 1
 
-static int do_sandbox_android(int sandbox_arg)
+static int do_sandbox_android(uint64 sandbox_arg)
 {
 	setup_common();
 #if SYZ_EXECUTOR || SYZ_VHCI_INJECTION
@@ -4192,6 +4192,7 @@ static int do_sandbox_android(int sandbox_arg)
 	size_t num_groups = UNTRUSTED_APP_NUM_GROUPS;
 	const gid_t* groups = UNTRUSTED_APP_GROUPS;
 	gid_t gid = UNTRUSTED_APP_GID;
+	debug("executor received sandbox_arg=%llu\n", sandbox_arg);
 	if (sandbox_arg == 1) {
 		uid = SYSTEM_UID;
 		num_groups = SYSTEM_NUM_GROUPS;
@@ -4201,13 +4202,13 @@ static int do_sandbox_android(int sandbox_arg)
 		debug("fuzzing under SYSTEM account\n");
 	}
 	if (chown(".", uid, uid) != 0)
-		failmsg("do_sandbox_android: chmod failed", "sandbox_arg=%d", sandbox_arg);
+		failmsg("do_sandbox_android: chmod failed", "sandbox_arg=%llu", sandbox_arg);
 
 	if (setgroups(num_groups, groups) != 0)
-		failmsg("do_sandbox_android: setgroups failed", "sandbox_arg=%d", sandbox_arg);
+		failmsg("do_sandbox_android: setgroups failed", "sandbox_arg=%llu", sandbox_arg);
 
 	if (setresgid(gid, gid, gid) != 0)
-		failmsg("do_sandbox_android: setresgid failed", "sandbox_arg=%d", sandbox_arg);
+		failmsg("do_sandbox_android: setresgid failed", "sandbox_arg=%llu", sandbox_arg);
 
 	setup_binderfs();
 
@@ -4222,7 +4223,7 @@ static int do_sandbox_android(int sandbox_arg)
 #endif
 
 	if (setresuid(uid, uid, uid) != 0)
-		failmsg("do_sandbox_android: setresuid failed", "sandbox_arg=%d", sandbox_arg);
+		failmsg("do_sandbox_android: setresuid failed", "sandbox_arg=%llu", sandbox_arg);
 
 	// setresuid and setresgid clear the parent-death signal.
 	prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0);
diff --git a/executor/executor.cc b/executor/executor.cc
index 392c63a32..3c76738d2 100644
--- a/executor/executor.cc
+++ b/executor/executor.cc
@@ -300,6 +300,7 @@ struct handshake_req {
 	uint64 magic;
 	uint64 flags; // env flags
 	uint64 pid;
+	uint64 sandbox_arg;
 };
 
 struct handshake_reply {
@@ -415,7 +416,7 @@ static void setup_features(char** enable, int n);
 #include "test.h"
 
 #if SYZ_HAVE_SANDBOX_ANDROID
-static int sandbox_arg = 0;
+static uint64 sandbox_arg = 0;
 #endif
 
 int main(int argc, char** argv)
@@ -631,6 +632,9 @@ void receive_handshake()
 		failmsg("handshake read failed", "read=%d", n);
 	if (req.magic != kInMagic)
 		failmsg("bad handshake magic", "magic=0x%llx", req.magic);
+#if SYZ_HAVE_SANDBOX_ANDROID
+	sandbox_arg = req.sandbox_arg;
+#endif
 	parse_env_flags(req.flags);
 	procid = req.pid;
 }
-- 
cgit mrf-deployment