From 3ad490ea48468e50fe91f6f6b2ca4cbc74d924bf Mon Sep 17 00:00:00 2001
From: Aleksandr Nogikh <nogikh@google.com>
Date: Mon, 18 Dec 2023 11:58:39 +0100
Subject: executor: introduce syz_pidfd_open()

This kernel interface provides access to fds of other processes, which
is readily abused by the fuzzer to mangle parent syz-executor fds.

Pid=1 is the parent syz-executor process when PID namespace is created.
Sanitize it in the new syz_pidfd_open() pseudo-syscall.

We could not patch the argument in sys/linux/init.go because the first
argument is a resource.
---
 sys/targets/targets.go | 1 +
 1 file changed, 1 insertion(+)

(limited to 'sys/targets')

diff --git a/sys/targets/targets.go b/sys/targets/targets.go
index b81b0ce70..4c840119a 100644
--- a/sys/targets/targets.go
+++ b/sys/targets/targets.go
@@ -490,6 +490,7 @@ var oses = map[string]osCommon{
 			"syz_io_uring_setup":  {"io_uring_setup"},
 			"syz_clone3":          {"clone3", "exit"},
 			"syz_clone":           {"clone", "exit"},
+			"syz_pidfd_open":      {"pidfd_open"},
 		},
 		cflags: []string{"-static-pie"},
 	},
-- 
cgit mrf-deployment