From 98f4a9612dd54429b3f92dccf631fdfa4f9018f3 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Mon, 17 Sep 2018 11:39:04 +0200
Subject: executor: make sandboxes more modular

Currently we have a global fixed set of sandboxes,
which makes it hard to add new OS-specific ones
(all OSes need to updated to say that they don't
support this sandbox).
Let it each OS say what sandboxes it supports instead.
---
 pkg/csource/generated.go | 39 +++------------------------------------
 1 file changed, 3 insertions(+), 36 deletions(-)

(limited to 'pkg/csource/generated.go')

diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go
index 475982ae5..fd6bcc862 100644
--- a/pkg/csource/generated.go
+++ b/pkg/csource/generated.go
@@ -390,12 +390,6 @@ void child()
 }
 #endif
 
-#if SYZ_EXECUTOR
-#define do_sandbox_setuid() 0
-#define do_sandbox_namespace() 0
-#define do_sandbox_android_untrusted_app() 0
-#endif
-
 #elif GOOS_freebsd || GOOS_netbsd || GOOS_openbsd
 
 #include <unistd.h>
@@ -409,12 +403,6 @@ static int do_sandbox_none(void)
 }
 #endif
 
-#if SYZ_EXECUTOR
-#define do_sandbox_setuid() 0
-#define do_sandbox_namespace() 0
-#define do_sandbox_android_untrusted_app() 0
-#endif
-
 #if GOOS_openbsd
 
 #define __syscall syscall
@@ -680,12 +668,6 @@ static int do_sandbox_none(void)
 	return 0;
 }
 #endif
-
-#if SYZ_EXECUTOR
-#define do_sandbox_setuid() 0
-#define do_sandbox_namespace() 0
-#define do_sandbox_android_untrusted_app() 0
-#endif
 #define CAST(f) ({void* p = (void*)f; p; })
 
 #elif GOOS_linux
@@ -3100,6 +3082,7 @@ static int do_sandbox_none(void)
 #include <sched.h>
 #include <sys/prctl.h>
 
+#define SYZ_HAVE_SANDBOX_SETUID 1
 static int do_sandbox_setuid(void)
 {
 	if (unshare(CLONE_NEWPID)) {
@@ -3242,6 +3225,7 @@ static int namespace_sandbox_proc(void* arg)
 	doexit(1);
 }
 
+#define SYZ_HAVE_SANDBOX_NAMESPACE 1
 static int do_sandbox_namespace(void)
 {
 	int pid;
@@ -3334,6 +3318,7 @@ static void syz_setfilecon(const char* path, const char* context)
 		fail("setfilecon: could not set context to %s, currently %s", context, new_context);
 }
 
+#define SYZ_HAVE_SANDBOX_ANDROID_UNTRUSTED_APP 1
 static int do_sandbox_android_untrusted_app(void)
 {
 	setup_common();
@@ -3728,12 +3713,6 @@ static int do_sandbox_none(void)
 }
 #endif
 
-#if SYZ_EXECUTOR
-#define do_sandbox_setuid() 0
-#define do_sandbox_namespace() 0
-#define do_sandbox_android_untrusted_app() 0
-#endif
-
 #elif GOOS_windows
 
 #include <windows.h>
@@ -3845,12 +3824,6 @@ static int do_sandbox_none(void)
 }
 #endif
 
-#if SYZ_EXECUTOR
-#define do_sandbox_setuid() 0
-#define do_sandbox_namespace() 0
-#define do_sandbox_android_untrusted_app() 0
-#endif
-
 #elif GOOS_test
 
 #include <stdlib.h>
@@ -3901,12 +3874,6 @@ static int do_sandbox_none(void)
 }
 #endif
 
-#if SYZ_EXECUTOR
-#define do_sandbox_setuid() 0
-#define do_sandbox_namespace() 0
-#define do_sandbox_android_untrusted_app() 0
-#endif
-
 #else
 #error "unknown OS"
 #endif
-- 
cgit mrf-deployment