From d0668a0df3000ab5b3cc501ba66bf0ef7757accb Mon Sep 17 00:00:00 2001
From: Paul Chaignon <paul.chaignon@gmail.com>
Date: Sun, 19 Nov 2023 18:59:32 +0100
Subject: sys/linux: use nested flag definitions where sensible

All flags that are subset of other flags were identified with the
following Bash script [1]. Only a small set of flags identified by the
script were rewritten to use nested flag definitions, after manually
checking if it makes sense (based on syzkaller context and man pages).

For example, msgget_flags was rewritten as follows:

    -msgget_flags = IPC_CREAT, IPC_EXCL, S_IRUSR, S_IWUSR, S_IXUSR, S_IRGRP, S_IWGRP, S_IXGRP, S_IROTH, S_IWOTH, S_IXOTH
    +msgget_flags = IPC_CREAT, IPC_EXCL, open_mode

According to the msgget(2) man page:

    Upon creation, the least significant bits of the argument msgflg
    define the permissions of the message queue.  These permission bits
    have the same format and semantics as the permissions specified for
    the mode argument of open(2).

So it is correct to use open_mode directly in the definition of the
flags for msgget(2).

1 -

    #!/bin/bash

    regexp_flags="^(\w+)\s*=\s+([a-zA-Z\"][^=]*)$"

    is_subset() {
      local -n subset=$1
      local -n superset=$2
      for element in "${subset[@]}"; do
        if [[ ! " ${superset[@]} " =~ " $element " ]]; then
          return 1
        fi
      done
      return 0
    }

    declare -A parsed_lines

    while IFS= read -r line; do
      if [[ ! "$line" =~ $regexp_flags ]]; then
        continue
      fi
      list_name="${BASH_REMATCH[1]}"
      values="${BASH_REMATCH[2]}"
      IFS=',' read -r -a values_array <<< "$(echo "$values" | sed 's/ //g' | tr ',' '\n' | sort | tr '\n' ',')"

      # Skip flags with too few value.
      if [ "${#values_array[@]}" -lt 3 ]; then
        continue
      fi
      # Skip the syz0, syz1, etc. lists.
      if [ "${values_array[0]}" = "\"syz0\"" ]; then
        continue
      fi
      parsed_lines["${list_name}"]="${values_array[@]}"
    done

    for list_name in "${!parsed_lines[@]}"; do
      values_array=(${parsed_lines["$list_name"]})
      for other_list_name in "${!parsed_lines[@]}"; do
        other_values_array=(${parsed_lines["$other_list_name"]})
        if [ "$list_name" = "$other_list_name" ]; then
          continue
        fi

        if is_subset values_array other_values_array; then
          if [ "${#values_array[@]}" -eq "${#other_values_array[@]}" ]; then
            echo "$list_name EQUALS $other_list_name"
          else
            echo "$list_name is a SUBET of $other_list_name"
          fi
        fi
      done
    done

Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
---
 sys/linux/io_uring.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'sys/linux/io_uring.txt')

diff --git a/sys/linux/io_uring.txt b/sys/linux/io_uring.txt
index aca2a9a28..cf2a46d88 100644
--- a/sys/linux/io_uring.txt
+++ b/sys/linux/io_uring.txt
@@ -108,7 +108,7 @@ define CQ_RING_OVERFLOW_OFFSET	284
 define CQ_FLAGS_OFFSET	280
 
 # Notice all offsets are pointing to uint32 values. This is assumed for the
-io_uring_offsets = SQ_HEAD_OFFSET, SQ_TAIL_OFFSET, SQ_RING_MASK_OFFSET, SQ_RING_ENTRIES_OFFSET, SQ_FLAGS_OFFSET, SQ_DROPPED_OFFSET, CQ_HEAD_OFFSET, CQ_TAIL_OFFSET, CQ_RING_MASK_OFFSET, CQ_RING_ENTRIES_OFFSET, CQ_RING_OVERFLOW_OFFSET, CQ_FLAGS_OFFSET
+io_uring_offsets = SQ_HEAD_OFFSET, SQ_TAIL_OFFSET, SQ_RING_MASK_OFFSET, SQ_RING_ENTRIES_OFFSET, SQ_DROPPED_OFFSET, CQ_HEAD_OFFSET, CQ_TAIL_OFFSET, CQ_RING_MASK_OFFSET, CQ_RING_ENTRIES_OFFSET, CQ_RING_OVERFLOW_OFFSET, io_uring_flags_offsets
 
 # Also, all values are int32, thus, set nbytes to 4.
 syz_memcpy_off$IO_URING_METADATA_GENERIC(ring_ptr ring_ptr, off flags[io_uring_offsets], src ptr[in, int32], src_off const[0], nbytes const[4])
-- 
cgit mrf-deployment