From dfd609eca1871f01757d6b04b19fc273c87c14e5 Mon Sep 17 00:00:00 2001 From: Andrey Konovalov Date: Tue, 5 Feb 2019 16:19:34 +0100 Subject: execprog, stress, prog2c: unify flags to enable additional features This change makes all syz-execprog, syz-prog2c and syz-stress accept -enable and -disable flags to enable or disable additional features (tun, net_dev, net_reset, cgroups and binfmt_misc) instead of having a separate flag for each of them. The default (without any flags) behavior isn't changed: syz-execprog and syz-stress enabled all the features (provided the runtime supports them) and syz-prog2c disables all of them. --- pkg/csource/generated.go | 188 +++++++++++++++++++++++++++++++---------------- 1 file changed, 124 insertions(+), 64 deletions(-) (limited to 'pkg/csource/generated.go') diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go index f58bf8e30..fbbd671bf 100644 --- a/pkg/csource/generated.go +++ b/pkg/csource/generated.go @@ -208,6 +208,7 @@ static int inject_fault(int nth) return 0; } #endif + #if SYZ_EXECUTOR static int fault_injected(int fail_fd) { @@ -1051,7 +1052,7 @@ static int event_timedwait(event_t* ev, uint64 timeout) } #endif -#if SYZ_EXECUTOR || SYZ_FAULT_INJECTION || SYZ_ENABLE_CGROUPS || SYZ_SANDBOX_NONE || \ +#if SYZ_EXECUTOR || SYZ_REPEAT || SYZ_TUN_ENABLE || SYZ_FAULT_INJECTION || SYZ_SANDBOX_NONE || \ SYZ_SANDBOX_SETUID || SYZ_SANDBOX_NAMESPACE || SYZ_SANDBOX_ANDROID_UNTRUSTED_APP #include #include @@ -3492,6 +3493,8 @@ static void reset_ebtables() static void checkpoint_net_namespace(void) { #if SYZ_EXECUTOR + if (!flag_enable_net_reset) + return; if (flag_sandbox == sandbox_setuid) return; #endif @@ -3504,6 +3507,8 @@ static void checkpoint_net_namespace(void) static void reset_net_namespace(void) { #if SYZ_EXECUTOR + if (!flag_enable_net_reset) + return; if (flag_sandbox == sandbox_setuid) return; #endif @@ -3514,7 +3519,7 @@ static void reset_net_namespace(void) } #endif -#if SYZ_EXECUTOR || SYZ_ENABLE_CGROUPS +#if SYZ_EXECUTOR || (SYZ_ENABLE_CGROUPS && (SYZ_SANDBOX_NONE || SYZ_SANDBOX_SETUID || SYZ_SANDBOX_NAMESPACE || SYZ_SANDBOX_ANDROID_UNTRUSTED_APP)) #include #include #include @@ -3522,6 +3527,10 @@ static void reset_net_namespace(void) static void setup_cgroups() { +#if SYZ_EXECUTOR + if (!flag_enable_cgroups) + return; +#endif if (mkdir("/syzcgroup", 0777)) { debug("mkdir(/syzcgroup) failed: %d\n", errno); } @@ -3555,8 +3564,108 @@ static void setup_cgroups() debug("chmod(/syzcgroup/net) failed: %d\n", errno); } } + +#if SYZ_EXECUTOR || SYZ_REPEAT +static void setup_cgroups_loop() +{ +#if SYZ_EXECUTOR + if (!flag_enable_cgroups) + return; +#endif + int pid = getpid(); + char file[128]; + char cgroupdir[64]; + snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/unified/syz%llu", procid); + if (mkdir(cgroupdir, 0777)) { + debug("mkdir(%s) failed: %d\n", cgroupdir, errno); + } + snprintf(file, sizeof(file), "%s/pids.max", cgroupdir); + write_file(file, "32"); + snprintf(file, sizeof(file), "%s/memory.low", cgroupdir); + write_file(file, "%d", 298 << 20); + snprintf(file, sizeof(file), "%s/memory.high", cgroupdir); + write_file(file, "%d", 299 << 20); + snprintf(file, sizeof(file), "%s/memory.max", cgroupdir); + write_file(file, "%d", 300 << 20); + snprintf(file, sizeof(file), "%s/cgroup.procs", cgroupdir); + write_file(file, "%d", pid); + snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/cpu/syz%llu", procid); + if (mkdir(cgroupdir, 0777)) { + debug("mkdir(%s) failed: %d\n", cgroupdir, errno); + } + snprintf(file, sizeof(file), "%s/cgroup.procs", cgroupdir); + write_file(file, "%d", pid); + snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/net/syz%llu", procid); + if (mkdir(cgroupdir, 0777)) { + debug("mkdir(%s) failed: %d\n", cgroupdir, errno); + } + snprintf(file, sizeof(file), "%s/cgroup.procs", cgroupdir); + write_file(file, "%d", pid); +} + +static void setup_cgroups_test() +{ +#if SYZ_EXECUTOR + if (!flag_enable_cgroups) + return; +#endif + char cgroupdir[64]; + snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/unified/syz%llu", procid); + if (symlink(cgroupdir, "./cgroup")) { + debug("symlink(%s, ./cgroup) failed: %d\n", cgroupdir, errno); + } + snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/cpu/syz%llu", procid); + if (symlink(cgroupdir, "./cgroup.cpu")) { + debug("symlink(%s, ./cgroup.cpu) failed: %d\n", cgroupdir, errno); + } + snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/net/syz%llu", procid); + if (symlink(cgroupdir, "./cgroup.net")) { + debug("symlink(%s, ./cgroup.net) failed: %d\n", cgroupdir, errno); + } +} +#endif + +#if SYZ_EXECUTOR || SYZ_SANDBOX_NAMESPACE +void initialize_cgroups() +{ +#if SYZ_EXECUTOR + if (!flag_enable_cgroups) + return; +#endif + if (mkdir("./syz-tmp/newroot/syzcgroup", 0700)) + fail("mkdir failed"); + if (mkdir("./syz-tmp/newroot/syzcgroup/unified", 0700)) + fail("mkdir failed"); + if (mkdir("./syz-tmp/newroot/syzcgroup/cpu", 0700)) + fail("mkdir failed"); + if (mkdir("./syz-tmp/newroot/syzcgroup/net", 0700)) + fail("mkdir failed"); + unsigned bind_mount_flags = MS_BIND | MS_REC | MS_PRIVATE; + if (mount("/syzcgroup/unified", "./syz-tmp/newroot/syzcgroup/unified", NULL, bind_mount_flags, NULL)) { + debug("mount(cgroup2, MS_BIND) failed: %d\n", errno); + } + if (mount("/syzcgroup/cpu", "./syz-tmp/newroot/syzcgroup/cpu", NULL, bind_mount_flags, NULL)) { + debug("mount(cgroup/cpu, MS_BIND) failed: %d\n", errno); + } + if (mount("/syzcgroup/net", "./syz-tmp/newroot/syzcgroup/net", NULL, bind_mount_flags, NULL)) { + debug("mount(cgroup/net, MS_BIND) failed: %d\n", errno); + } +} +#endif +#endif + +#if SYZ_EXECUTOR || (SYZ_ENABLE_BINFMT_MISC && (SYZ_SANDBOX_NONE || SYZ_SANDBOX_SETUID || SYZ_SANDBOX_NAMESPACE || SYZ_SANDBOX_ANDROID_UNTRUSTED_APP)) +#include +#include +#include +#include + static void setup_binfmt_misc() { +#if SYZ_EXECUTOR + if (!flag_enable_binfmt_misc) + return; +#endif if (mount(0, "/proc/sys/fs/binfmt_misc", "binfmt_misc", 0, 0)) { debug("mount(binfmt_misc) failed: %d\n", errno); } @@ -3576,6 +3685,8 @@ static void setup_common() } #if SYZ_EXECUTOR || SYZ_ENABLE_CGROUPS setup_cgroups(); +#endif +#if SYZ_EXECUTOR || SYZ_ENABLE_BINFMT_MISC setup_binfmt_misc(); #endif } @@ -3802,23 +3913,7 @@ static int namespace_sandbox_proc(void* arg) if (mount("/sys", "./syz-tmp/newroot/sys", 0, bind_mount_flags, NULL)) fail("mount(sysfs) failed"); #if SYZ_EXECUTOR || SYZ_ENABLE_CGROUPS - if (mkdir("./syz-tmp/newroot/syzcgroup", 0700)) - fail("mkdir failed"); - if (mkdir("./syz-tmp/newroot/syzcgroup/unified", 0700)) - fail("mkdir failed"); - if (mkdir("./syz-tmp/newroot/syzcgroup/cpu", 0700)) - fail("mkdir failed"); - if (mkdir("./syz-tmp/newroot/syzcgroup/net", 0700)) - fail("mkdir failed"); - if (mount("/syzcgroup/unified", "./syz-tmp/newroot/syzcgroup/unified", NULL, bind_mount_flags, NULL)) { - debug("mount(cgroup2, MS_BIND) failed: %d\n", errno); - } - if (mount("/syzcgroup/cpu", "./syz-tmp/newroot/syzcgroup/cpu", NULL, bind_mount_flags, NULL)) { - debug("mount(cgroup/cpu, MS_BIND) failed: %d\n", errno); - } - if (mount("/syzcgroup/net", "./syz-tmp/newroot/syzcgroup/net", NULL, bind_mount_flags, NULL)) { - debug("mount(cgroup/net, MS_BIND) failed: %d\n", errno); - } + initialize_cgroups(); #endif if (mkdir("./syz-tmp/pivot", 0777)) fail("mkdir failed"); @@ -4090,12 +4185,15 @@ retry: static int inject_fault(int nth) { +#if SYZ_EXECUTOR + if (!flag_enable_fault_injection) + return 0; +#endif int fd; - char buf[16]; - fd = open("/proc/thread-self/fail-nth", O_RDWR); if (fd == -1) exitf("failed to open /proc/thread-self/fail-nth"); + char buf[16]; sprintf(buf, "%d", nth + 1); if (write(fd, buf, strlen(buf)) != (ssize_t)strlen(buf)) exitf("failed to write /proc/thread-self/fail-nth"); @@ -4106,6 +4204,8 @@ static int inject_fault(int nth) #if SYZ_EXECUTOR static int fault_injected(int fail_fd) { + if (!flag_enable_fault_injection) + return 0; char buf[16]; int n = read(fail_fd, buf, sizeof(buf) - 1); if (n <= 0) @@ -4181,35 +4281,7 @@ static void kill_and_wait(int pid, int* status) static void setup_loop() { #if SYZ_EXECUTOR || SYZ_ENABLE_CGROUPS - int pid = getpid(); - char cgroupdir[64]; - char file[128]; - snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/unified/syz%llu", procid); - if (mkdir(cgroupdir, 0777)) { - debug("mkdir(%s) failed: %d\n", cgroupdir, errno); - } - snprintf(file, sizeof(file), "%s/pids.max", cgroupdir); - write_file(file, "32"); - snprintf(file, sizeof(file), "%s/memory.low", cgroupdir); - write_file(file, "%d", 298 << 20); - snprintf(file, sizeof(file), "%s/memory.high", cgroupdir); - write_file(file, "%d", 299 << 20); - snprintf(file, sizeof(file), "%s/memory.max", cgroupdir); - write_file(file, "%d", 300 << 20); - snprintf(file, sizeof(file), "%s/cgroup.procs", cgroupdir); - write_file(file, "%d", pid); - snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/cpu/syz%llu", procid); - if (mkdir(cgroupdir, 0777)) { - debug("mkdir(%s) failed: %d\n", cgroupdir, errno); - } - snprintf(file, sizeof(file), "%s/cgroup.procs", cgroupdir); - write_file(file, "%d", pid); - snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/net/syz%llu", procid); - if (mkdir(cgroupdir, 0777)) { - debug("mkdir(%s) failed: %d\n", cgroupdir, errno); - } - snprintf(file, sizeof(file), "%s/cgroup.procs", cgroupdir); - write_file(file, "%d", pid); + setup_cgroups_loop(); #endif #if SYZ_EXECUTOR || SYZ_RESET_NET_NAMESPACE checkpoint_net_namespace(); @@ -4245,21 +4317,9 @@ static void setup_test() prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); setpgrp(); #if SYZ_EXECUTOR || SYZ_ENABLE_CGROUPS - char cgroupdir[64]; - snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/unified/syz%llu", procid); - if (symlink(cgroupdir, "./cgroup")) { - debug("symlink(%s, ./cgroup) failed: %d\n", cgroupdir, errno); - } - snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/cpu/syz%llu", procid); - if (symlink(cgroupdir, "./cgroup.cpu")) { - debug("symlink(%s, ./cgroup.cpu) failed: %d\n", cgroupdir, errno); - } - snprintf(cgroupdir, sizeof(cgroupdir), "/syzcgroup/net/syz%llu", procid); - if (symlink(cgroupdir, "./cgroup.net")) { - debug("symlink(%s, ./cgroup.net) failed: %d\n", cgroupdir, errno); - } - write_file("/proc/self/oom_score_adj", "1000"); + setup_cgroups_test(); #endif + write_file("/proc/self/oom_score_adj", "1000"); #if SYZ_EXECUTOR || SYZ_TUN_ENABLE flush_tun(); #endif -- cgit mrf-deployment