From ee332608e9ebc1d77675662fd8511ff94fd49acd Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Sun, 6 Jan 2019 17:39:32 +0100 Subject: sys/linux: prohibit SNAPSHOT_FREEZE SNAPSHOT_FREEZE freezes all processes and leaves the machine dead. --- sys/linux/sys.txt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'sys/linux/sys.txt') diff --git a/sys/linux/sys.txt b/sys/linux/sys.txt index 8b675517b..2deeedae6 100644 --- a/sys/linux/sys.txt +++ b/sys/linux/sys.txt @@ -53,6 +53,7 @@ include include include include +include resource fd[int32]: -1, AT_FDCWD resource fd_dir[fd] @@ -472,7 +473,6 @@ syz_open_dev$media(dev ptr[in, string["/dev/media#"]], id intptr, flags flags[op openat$null(fd const[AT_FDCWD], file ptr[in, string["/dev/null"]], flags flags[open_flags], mode const[0]) fd openat$zero(fd const[AT_FDCWD], file ptr[in, string["/dev/zero"]], flags flags[open_flags], mode const[0]) fd openat$full(fd const[AT_FDCWD], file ptr[in, string["/dev/full"]], flags flags[open_flags], mode const[0]) fd -openat$snapshot(fd const[AT_FDCWD], file ptr[in, string["/dev/snapshot"]], flags flags[open_flags], mode const[0]) fd openat$vga_arbiter(fd const[AT_FDCWD], file ptr[in, string["/dev/vga_arbiter"]], flags flags[open_flags], mode const[0]) fd openat$rtc(fd const[AT_FDCWD], file ptr[in, string["/dev/rtc0"]], flags flags[open_flags], mode const[0]) fd openat$rfkill(fd const[AT_FDCWD], file ptr[in, string["/dev/rfkill"]], flags flags[open_flags], mode const[0]) fd @@ -503,6 +503,9 @@ openat$btrfs_control(fd const[AT_FDCWD], file ptr[in, string["/dev/btrfs-control openat$ubi_ctrl(fd const[AT_FDCWD], file ptr[in, string["/dev/ubi_ctrl"]], flags flags[open_flags], mode const[0]) fd openat$cachefiles(fd const[AT_FDCWD], file ptr[in, string["/dev/cachefiles"]], flags flags[open_flags], mode const[0]) fd +openat$snapshot(fd const[AT_FDCWD], file ptr[in, string["/dev/snapshot"]], flags flags[open_flags], mode const[0]) fd +_ = SNAPSHOT_FREEZE, SNAPSHOT_UNFREEZE + pipefd { rfd fd wfd fd -- cgit mrf-deployment