From 91630fe39dd964945efdbdb67870a16958696a19 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Wed, 13 Jan 2016 15:20:09 +0100
Subject: sys: add support for /dev/snd/control

---
 executor/executor.cc | 18 +++++++++++++++++-
 executor/syscalls.h  | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+), 1 deletion(-)

(limited to 'executor')

diff --git a/executor/executor.cc b/executor/executor.cc
index 20beb728f..a3590cece 100644
--- a/executor/executor.cc
+++ b/executor/executor.cc
@@ -360,11 +360,18 @@ thread_t* schedule_call(int n, int call_index, int call_num, uint64_t num_args,
 	case __NR_umount2:
 	case __NR_syz_fuse_mount:
 	case __NR_syz_fuseblk_mount:
+	case __NR_syz_open_sndctrl:
 		root = true;
 	default:
 		if (strcmp(syscalls[call_num]
 			       .name,
-			   "open$sndseq") == 0)
+			   "open$kvm") == 0 ||
+		    strcmp(syscalls[call_num]
+			       .name,
+			   "open$sndseq") == 0 ||
+		    strcmp(syscalls[call_num]
+			       .name,
+			   "open$sndtimer") == 0)
 			root = true;
 	}
 
@@ -574,6 +581,15 @@ void execute_call(thread_t* th)
 		th->res = fd;
 		break;
 	}
+	case __NR_syz_open_sndctrl: {
+		// syz_open_sndctrl(id intptr, flags flags[open_flags]) fd[sndctrl]
+		uint64_t id = th->args[0];
+		uint64_t flags = th->args[1];
+		char buf[128];
+
+		sprintf(buf, "/dev/snd/controlC%d", (int)(id % 4));
+		th->res = open(buf, flags);
+	}
 	}
 	th->reserrno = errno;
 	th->cover_size = cover_read(th);
diff --git a/executor/syscalls.h b/executor/syscalls.h
index 48e913510..c24024cb3 100644
--- a/executor/syscalls.h
+++ b/executor/syscalls.h
@@ -3,6 +3,7 @@
 #define __NR_syz_dri_open	1000002
 #define __NR_syz_fuse_mount	1000003
 #define __NR_syz_fuseblk_mount	1000004
+#define __NR_syz_open_sndctrl	1000005
 #define __NR_syz_openpts	1000001
 
 
@@ -847,6 +848,31 @@ call_t syscalls[] = {
 	{"ioctl$SNDRV_TIMER_IOCTL_STOP", 16},
 	{"ioctl$SNDRV_TIMER_IOCTL_CONTINUE", 16},
 	{"ioctl$SNDRV_TIMER_IOCTL_PAUSE", 16},
+	{"syz_open_sndctrl", 1000005},
+	{"ioctl$SNDRV_CTL_IOCTL_PVERSION", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_CARD_INFO", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_POWER_STATE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_LIST", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_INFO", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_READ", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_ADD", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_TLV_READ", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_TLV_WRITE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_PCM_INFO", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO", 16},
+	{"ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE", 16},
 
 };
 #endif
@@ -1686,6 +1712,31 @@ call_t syscalls[] = {
 	{"ioctl$SNDRV_TIMER_IOCTL_STOP", 29},
 	{"ioctl$SNDRV_TIMER_IOCTL_CONTINUE", 29},
 	{"ioctl$SNDRV_TIMER_IOCTL_PAUSE", 29},
+	{"syz_open_sndctrl", 1000005},
+	{"ioctl$SNDRV_CTL_IOCTL_PVERSION", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_CARD_INFO", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_POWER_STATE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_LIST", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_INFO", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_READ", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_ADD", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_TLV_READ", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_TLV_WRITE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_PCM_INFO", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO", 29},
+	{"ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE", 29},
 
 };
 #endif
-- 
cgit mrf-deployment