From 690740b4a4e1ce9c661ca07fdd14cb2486f04e00 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Thu, 14 Nov 2019 18:56:34 +0100
Subject: executor: refactor sandbox flags

In preparation for future changes.
---
 pkg/csource/common.go       | 10 +++++-----
 pkg/csource/generated.go    | 12 ++++--------
 pkg/csource/options.go      |  4 ++--
 pkg/csource/options_test.go |  6 +++---
 4 files changed, 14 insertions(+), 18 deletions(-)

(limited to 'pkg/csource')

diff --git a/pkg/csource/common.go b/pkg/csource/common.go
index 2d3f35b52..d30a3c268 100644
--- a/pkg/csource/common.go
+++ b/pkg/csource/common.go
@@ -24,10 +24,10 @@ const (
 	openbsd = "openbsd"
 	netbsd  = "netbsd"
 
-	sandboxNone                = "none"
-	sandboxSetuid              = "setuid"
-	sandboxNamespace           = "namespace"
-	sandboxAndroidUntrustedApp = "android_untrusted_app"
+	sandboxNone      = "none"
+	sandboxSetuid    = "setuid"
+	sandboxNamespace = "namespace"
+	sandboxAndroid   = "android"
 )
 
 func createCommonHeader(p, mmapProg *prog.Prog, replacements map[string]string, opts Options) ([]byte, error) {
@@ -96,7 +96,7 @@ func commonDefines(p *prog.Prog, opts Options) map[string]bool {
 		"SYZ_SANDBOX_NONE":              opts.Sandbox == sandboxNone,
 		"SYZ_SANDBOX_SETUID":            opts.Sandbox == sandboxSetuid,
 		"SYZ_SANDBOX_NAMESPACE":         opts.Sandbox == sandboxNamespace,
-		"SYZ_SANDBOX_ANDROID":           opts.Sandbox == sandboxAndroidUntrustedApp,
+		"SYZ_SANDBOX_ANDROID":           opts.Sandbox == sandboxAndroid,
 		"SYZ_THREADED":                  opts.Threaded,
 		"SYZ_COLLIDE":                   opts.Collide,
 		"SYZ_REPEAT":                    opts.Repeat,
diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go
index 7d40c5615..cc75000d5 100644
--- a/pkg/csource/generated.go
+++ b/pkg/csource/generated.go
@@ -4595,9 +4595,7 @@ static void reset_ebtables()
 static void checkpoint_net_namespace(void)
 {
 #if SYZ_EXECUTOR
-	if (!flag_net_reset)
-		return;
-	if (flag_sandbox == sandbox_setuid)
+	if (!flag_net_reset || flag_sandbox_setuid)
 		return;
 #endif
 	checkpoint_ebtables();
@@ -4609,9 +4607,7 @@ static void checkpoint_net_namespace(void)
 static void reset_net_namespace(void)
 {
 #if SYZ_EXECUTOR
-	if (!flag_net_reset)
-		return;
-	if (flag_sandbox == sandbox_setuid)
+	if (!flag_net_reset || flag_sandbox_setuid)
 		return;
 #endif
 	reset_ebtables();
@@ -5139,8 +5135,8 @@ static void syz_setfilecon(const char* path, const char* context)
 		fail("setfilecon: could not set context to %s, currently %s", context, new_context);
 }
 
-#define SYZ_HAVE_SANDBOX_ANDROID_UNTRUSTED_APP 1
-static int do_sandbox_android_untrusted_app(void)
+#define SYZ_HAVE_SANDBOX_ANDROID 1
+static int do_sandbox_android(void)
 {
 	setup_common();
 	sandbox_common();
diff --git a/pkg/csource/options.go b/pkg/csource/options.go
index 57e9fc9dc..8e78d44e9 100644
--- a/pkg/csource/options.go
+++ b/pkg/csource/options.go
@@ -54,7 +54,7 @@ type Options struct {
 // Invalid combinations must not be passed to Write.
 func (opts Options) Check(OS string) error {
 	switch opts.Sandbox {
-	case "", sandboxNone, sandboxNamespace, sandboxSetuid, sandboxAndroidUntrustedApp:
+	case "", sandboxNone, sandboxNamespace, sandboxSetuid, sandboxAndroid:
 	default:
 		return fmt.Errorf("unknown sandbox %v", opts.Sandbox)
 	}
@@ -133,7 +133,7 @@ func (opts Options) checkLinuxOnly(OS string) error {
 	}
 	if opts.Sandbox == sandboxNamespace ||
 		(opts.Sandbox == sandboxSetuid && !(OS == openbsd || OS == freebsd || OS == netbsd)) ||
-		opts.Sandbox == sandboxAndroidUntrustedApp {
+		opts.Sandbox == sandboxAndroid {
 		return fmt.Errorf("option Sandbox=%v is not supported on %v", opts.Sandbox, OS)
 	}
 	if opts.Fault {
diff --git a/pkg/csource/options_test.go b/pkg/csource/options_test.go
index 8a38553fc..1834803ff 100644
--- a/pkg/csource/options_test.go
+++ b/pkg/csource/options_test.go
@@ -49,7 +49,7 @@ func TestParseOptionsCanned(t *testing.T) {
 			HandleSegv:       true,
 			Repro:            true,
 		},
-		`{"threaded":true,"collide":true,"repeat":true,"procs":10,"sandbox":"android_untrusted_app",
+		`{"threaded":true,"collide":true,"repeat":true,"procs":10,"sandbox":"android",
 		"fault":true,"fault_call":1,"fault_nth":2,"tun":true,"tmpdir":true,"cgroups":true,
 		"netdev":true,"resetnet":true,
 		"segv":true,"waitrepeat":true,"debug":true,"repro":true}`: {
@@ -57,7 +57,7 @@ func TestParseOptionsCanned(t *testing.T) {
 			Collide:          true,
 			Repeat:           true,
 			Procs:            10,
-			Sandbox:          "android_untrusted_app",
+			Sandbox:          "android",
 			Fault:            true,
 			FaultCall:        1,
 			FaultNth:         2,
@@ -170,7 +170,7 @@ func enumerateField(OS string, opt Options, field int) []Options {
 	fldName := s.Type().Field(field).Name
 	fld := s.Field(field)
 	if fldName == "Sandbox" {
-		for _, sandbox := range []string{"", "none", "setuid", "namespace", "android_untrusted_app"} {
+		for _, sandbox := range []string{"", "none", "setuid", "namespace", "android"} {
 			fld.SetString(sandbox)
 			opts = append(opts, opt)
 		}
-- 
cgit mrf-deployment