From 09ff5abc02a0e38bb275a91380fc03d6cd0d47a5 Mon Sep 17 00:00:00 2001 From: Andrey Konovalov Date: Wed, 1 Apr 2020 19:37:07 +0200 Subject: csource, executor: add usb emulation feature The feature gets enabled when /dev/raw-gadget is present and accessible. With this feature enabled, executor will do chmod 0666 /dev/raw-gadget on startup, which makes it possible to do USB fuzzing in setuid and namespace sandboxes. There should be no backwards compatibility issues with syz reproducers that don't explicitly enable this feature, as they currently only work in none sandbox. --- pkg/csource/options.go | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'pkg/csource/options.go') diff --git a/pkg/csource/options.go b/pkg/csource/options.go index 27529f429..01389240c 100644 --- a/pkg/csource/options.go +++ b/pkg/csource/options.go @@ -39,6 +39,7 @@ type Options struct { CloseFDs bool `json:"close_fds"` KCSAN bool `json:"kcsan,omitempty"` DevlinkPCI bool `json:"devlinkpci,omitempty"` + USB bool `json:"usb,omitempty"` UseTmpDir bool `json:"tmpdir,omitempty"` HandleSegv bool `json:"segv,omitempty"` @@ -131,6 +132,9 @@ func (opts Options) checkLinuxOnly(OS string) error { if opts.DevlinkPCI { return fmt.Errorf("option DevlinkPCI is not supported on %v", OS) } + if opts.USB { + return fmt.Errorf("option USB is not supported on %v", OS) + } if opts.Sandbox == sandboxNamespace || (opts.Sandbox == sandboxSetuid && !(OS == openbsd || OS == freebsd || OS == netbsd)) || opts.Sandbox == sandboxAndroid { @@ -171,6 +175,7 @@ func DefaultOpts(cfg *mgrconfig.Config) Options { opts.BinfmtMisc = false opts.CloseFDs = false opts.DevlinkPCI = false + opts.USB = false } if cfg.Sandbox == "" || cfg.Sandbox == "setuid" { opts.NetReset = false @@ -250,6 +255,7 @@ func defaultFeatures(value bool) Features { "binfmt_misc": {"setup binfmt_misc for testing", value}, "close_fds": {"close fds after each program", value}, "devlink_pci": {"setup devlink PCI device", value}, + "usb": {"setup and use /dev/raw-gadget for USB emulation", value}, } } -- cgit mrf-deployment