From 95e7a88b9746c73e727b94d85a626cf6dd612f16 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Tue, 10 Jul 2018 16:18:45 +0200
Subject: sys/linux: implement fuse as normal syscalls

Remove syz_fuse* and implement them as normal syscalls.
We not have enough expressive power to form mount options.
---
 pkg/host/host_linux.go | 50 +++++++++++++++++++++++++++++++++-----------------
 1 file changed, 33 insertions(+), 17 deletions(-)

(limited to 'pkg/host/host_linux.go')

diff --git a/pkg/host/host_linux.go b/pkg/host/host_linux.go
index 2a72ec5f0..1dfa3c978 100644
--- a/pkg/host/host_linux.go
+++ b/pkg/host/host_linux.go
@@ -32,6 +32,9 @@ func isSupported(c *prog.Syscall, sandbox string) (bool, string) {
 	if strings.HasPrefix(c.Name, "openat$") {
 		return isSupportedOpenAt(c)
 	}
+	if strings.HasPrefix(c.Name, "mount$") {
+		return isSupportedMount(c, sandbox)
+	}
 	// There are 3 possible strategies for detecting supported syscalls:
 	// 1. Executes all syscalls with presumably invalid arguments and check for ENOprog.
 	//    But not all syscalls are safe to execute. For example, pause will hang,
@@ -151,16 +154,6 @@ func isSupportedSyzkall(sandbox string, c *prog.Syscall) (bool, string) {
 		return true, ""
 	case "syz_open_pts":
 		return true, ""
-	case "syz_fuse_mount":
-		if err := osutil.IsAccessible("/dev/fuse"); err != nil {
-			return false, err.Error()
-		}
-		return onlySandboxNoneOrNamespace(sandbox)
-	case "syz_fuseblk_mount":
-		if err := osutil.IsAccessible("/dev/fuse"); err != nil {
-			return false, err.Error()
-		}
-		return onlySandboxNoneOrNamespace(sandbox)
 	case "syz_emit_ethernet", "syz_extract_tcp_res":
 		reason := checkNetworkInjection()
 		return reason == "", reason
@@ -200,13 +193,7 @@ func isSupportedSyzkall(sandbox string, c *prog.Syscall) (bool, string) {
 		if !ok {
 			panic("syz_mount_image arg is not string")
 		}
-		filesystemsOnce.Do(func() {
-			filesystems, _ = ioutil.ReadFile("/proc/filesystems")
-		})
-		if !bytes.Contains(filesystems, []byte("\t"+fstype+"\n")) {
-			return false, "/proc/filesystems does not contain this fs"
-		}
-		return true, ""
+		return isSupportedFilesystem(fstype)
 	case "syz_read_part_table":
 		return onlySandboxNone(sandbox)
 	}
@@ -277,6 +264,35 @@ func isSupportedOpenAt(c *prog.Syscall) (bool, string) {
 	return true, ""
 }
 
+func isSupportedMount(c *prog.Syscall, sandbox string) (bool, string) {
+	fstype, ok := extractStringConst(c.Args[2])
+	if !ok {
+		panic(fmt.Sprintf("%v: filesystem is not string const", c.Name))
+	}
+	if ok, reason := isSupportedFilesystem(fstype); !ok {
+		return ok, reason
+	}
+	switch fstype {
+	case "fuse", "fuseblk":
+		if err := osutil.IsAccessible("/dev/fuse"); err != nil {
+			return false, err.Error()
+		}
+		return onlySandboxNoneOrNamespace(sandbox)
+	default:
+		return onlySandboxNone(sandbox)
+	}
+}
+
+func isSupportedFilesystem(fstype string) (bool, string) {
+	filesystemsOnce.Do(func() {
+		filesystems, _ = ioutil.ReadFile("/proc/filesystems")
+	})
+	if !bytes.Contains(filesystems, []byte("\t"+fstype+"\n")) {
+		return false, fmt.Sprintf("/proc/filesystems does not contain %v", fstype)
+	}
+	return true, ""
+}
+
 func extractStringConst(typ prog.Type) (string, bool) {
 	ptr, ok := typ.(*prog.PtrType)
 	if !ok {
-- 
cgit mrf-deployment