From cda1fcb742f957d6396e32c75f95575d81543fd4 Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Sun, 6 May 2018 16:58:38 +0200 Subject: sys: dedup mmap code across OSes Update #538 --- sys/akaros/init.go | 43 ++------------------------------------ sys/freebsd/init.go | 58 +++++++++++++-------------------------------------- sys/fuchsia/init.go | 23 ++------------------ sys/linux/init.go | 34 ++---------------------------- sys/netbsd/init.go | 39 ++++------------------------------ sys/targets/common.go | 44 ++++++++++++++++++++++++++++++++++++++ sys/test/gen/32.go | 10 ++++----- sys/test/gen/64.go | 10 ++++----- sys/test/init.go | 23 ++------------------ sys/test/test.txt | 2 +- 10 files changed, 81 insertions(+), 205 deletions(-) create mode 100644 sys/targets/common.go (limited to 'sys') diff --git a/sys/akaros/init.go b/sys/akaros/init.go index 83bb1723c..58d0d1f5f 100644 --- a/sys/akaros/init.go +++ b/sys/akaros/init.go @@ -6,6 +6,7 @@ package akaros import ( "github.com/google/syzkaller/prog" "github.com/google/syzkaller/sys/akaros/gen" + "github.com/google/syzkaller/sys/targets" ) func init() { @@ -13,45 +14,5 @@ func init() { } func initTarget(target *prog.Target) { - arch := &arch{ - mmapSyscall: target.SyscallMap["mmap"], - PROT_READ: target.ConstMap["PROT_READ"], - PROT_WRITE: target.ConstMap["PROT_WRITE"], - MAP_ANONYMOUS: target.ConstMap["MAP_ANONYMOUS"], - MAP_PRIVATE: target.ConstMap["MAP_PRIVATE"], - MAP_FIXED: target.ConstMap["MAP_FIXED"], - } - - target.MakeMmap = arch.makeMmap -} - -const ( - invalidFD = ^uint64(0) -) - -type arch struct { - mmapSyscall *prog.Syscall - - PROT_READ uint64 - PROT_WRITE uint64 - MAP_ANONYMOUS uint64 - MAP_PRIVATE uint64 - MAP_FIXED uint64 -} - -// createMmapCall creates a "normal" mmap call that maps [start, start+npages) page range. -func (arch *arch) makeMmap(addr, size uint64) *prog.Call { - meta := arch.mmapSyscall - return &prog.Call{ - Meta: meta, - Args: []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), - prog.MakeConstArg(meta.Args[1], size), - prog.MakeConstArg(meta.Args[2], arch.PROT_READ|arch.PROT_WRITE), - prog.MakeConstArg(meta.Args[3], arch.MAP_ANONYMOUS|arch.MAP_PRIVATE|arch.MAP_FIXED), - prog.MakeResultArg(meta.Args[4], nil, invalidFD), - prog.MakeConstArg(meta.Args[5], 0), - }, - Ret: prog.MakeReturnArg(meta.Ret), - } + target.MakeMmap = targets.MakePosixMmap(target) } diff --git a/sys/freebsd/init.go b/sys/freebsd/init.go index 769b18df8..db9db5b4d 100644 --- a/sys/freebsd/init.go +++ b/sys/freebsd/init.go @@ -6,6 +6,7 @@ package freebsd import ( "github.com/google/syzkaller/prog" "github.com/google/syzkaller/sys/freebsd/gen" + "github.com/google/syzkaller/sys/targets" ) func init() { @@ -14,56 +15,25 @@ func init() { func initTarget(target *prog.Target) { arch := &arch{ - mmapSyscall: target.SyscallMap["mmap"], - PROT_READ: target.ConstMap["PROT_READ"], - PROT_WRITE: target.ConstMap["PROT_WRITE"], - MAP_ANON: target.ConstMap["MAP_ANON"], - MAP_PRIVATE: target.ConstMap["MAP_PRIVATE"], - MAP_FIXED: target.ConstMap["MAP_FIXED"], - S_IFREG: target.ConstMap["S_IFREG"], - S_IFCHR: target.ConstMap["S_IFCHR"], - S_IFBLK: target.ConstMap["S_IFBLK"], - S_IFIFO: target.ConstMap["S_IFIFO"], - S_IFSOCK: target.ConstMap["S_IFSOCK"], + MAP_FIXED: target.ConstMap["MAP_FIXED"], + S_IFREG: target.ConstMap["S_IFREG"], + S_IFCHR: target.ConstMap["S_IFCHR"], + S_IFBLK: target.ConstMap["S_IFBLK"], + S_IFIFO: target.ConstMap["S_IFIFO"], + S_IFSOCK: target.ConstMap["S_IFSOCK"], } - target.MakeMmap = arch.makeMmap + target.MakeMmap = targets.MakePosixMmap(target) target.SanitizeCall = arch.sanitizeCall } -const ( - invalidFD = ^uint64(0) -) - type arch struct { - mmapSyscall *prog.Syscall - - PROT_READ uint64 - PROT_WRITE uint64 - MAP_ANON uint64 - MAP_PRIVATE uint64 - MAP_FIXED uint64 - S_IFREG uint64 - S_IFCHR uint64 - S_IFBLK uint64 - S_IFIFO uint64 - S_IFSOCK uint64 -} - -func (arch *arch) makeMmap(addr, size uint64) *prog.Call { - meta := arch.mmapSyscall - return &prog.Call{ - Meta: meta, - Args: []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), - prog.MakeConstArg(meta.Args[1], size), - prog.MakeConstArg(meta.Args[2], arch.PROT_READ|arch.PROT_WRITE), - prog.MakeConstArg(meta.Args[3], arch.MAP_ANON|arch.MAP_PRIVATE|arch.MAP_FIXED), - prog.MakeResultArg(meta.Args[4], nil, invalidFD), - prog.MakeConstArg(meta.Args[5], 0), - }, - Ret: prog.MakeReturnArg(meta.Ret), - } + MAP_FIXED uint64 + S_IFREG uint64 + S_IFCHR uint64 + S_IFBLK uint64 + S_IFIFO uint64 + S_IFSOCK uint64 } func (arch *arch) sanitizeCall(c *prog.Call) { diff --git a/sys/fuchsia/init.go b/sys/fuchsia/init.go index 2f7d96d60..3f02e151d 100644 --- a/sys/fuchsia/init.go +++ b/sys/fuchsia/init.go @@ -6,6 +6,7 @@ package fuchsia import ( "github.com/google/syzkaller/prog" "github.com/google/syzkaller/sys/fuchsia/gen" + "github.com/google/syzkaller/sys/targets" ) func init() { @@ -14,25 +15,5 @@ func init() { } func initTarget(target *prog.Target) { - arch := &arch{ - mmapSyscall: target.SyscallMap["syz_mmap"], - } - - target.MakeMmap = arch.makeMmap -} - -type arch struct { - mmapSyscall *prog.Syscall -} - -func (arch *arch) makeMmap(addr, size uint64) *prog.Call { - meta := arch.mmapSyscall - return &prog.Call{ - Meta: meta, - Args: []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), - prog.MakeConstArg(meta.Args[1], size), - }, - Ret: prog.MakeReturnArg(meta.Ret), - } + target.MakeMmap = targets.MakeSyzMmap(target) } diff --git a/sys/linux/init.go b/sys/linux/init.go index 86bdb8bde..31d295709 100644 --- a/sys/linux/init.go +++ b/sys/linux/init.go @@ -8,6 +8,7 @@ import ( "github.com/google/syzkaller/prog" "github.com/google/syzkaller/sys/linux/gen" + "github.com/google/syzkaller/sys/targets" ) func init() { @@ -20,12 +21,7 @@ func init() { func initTarget(target *prog.Target) { arch := &arch{ - mmapSyscall: target.SyscallMap["mmap"], clockGettimeSyscall: target.SyscallMap["clock_gettime"], - PROT_READ: target.ConstMap["PROT_READ"], - PROT_WRITE: target.ConstMap["PROT_WRITE"], - MAP_ANONYMOUS: target.ConstMap["MAP_ANONYMOUS"], - MAP_PRIVATE: target.ConstMap["MAP_PRIVATE"], MAP_FIXED: target.ConstMap["MAP_FIXED"], MREMAP_MAYMOVE: target.ConstMap["MREMAP_MAYMOVE"], MREMAP_FIXED: target.ConstMap["MREMAP_FIXED"], @@ -48,7 +44,7 @@ func initTarget(target *prog.Target) { AF_BLUETOOTH: target.ConstMap["AF_BLUETOOTH"], } - target.MakeMmap = arch.makeMmap + target.MakeMmap = targets.MakePosixMmap(target) target.SanitizeCall = arch.sanitizeCall target.SpecialTypes = map[string]func(g *prog.Gen, typ prog.Type, old prog.Arg) ( prog.Arg, []*prog.Call){ @@ -74,10 +70,6 @@ func initTarget(target *prog.Target) { } } -const ( - invalidFD = ^uint64(0) -) - var ( // This should not be here, but for now we expose this for syz-fuzzer. KCOV_INIT_TRACE uintptr @@ -94,13 +86,8 @@ var ( ) type arch struct { - mmapSyscall *prog.Syscall clockGettimeSyscall *prog.Syscall - PROT_READ uint64 - PROT_WRITE uint64 - MAP_ANONYMOUS uint64 - MAP_PRIVATE uint64 MAP_FIXED uint64 MREMAP_MAYMOVE uint64 MREMAP_FIXED uint64 @@ -123,23 +110,6 @@ type arch struct { AF_BLUETOOTH uint64 } -// createMmapCall creates a "normal" mmap call that maps [addr, addr+size) memory range. -func (arch *arch) makeMmap(addr, size uint64) *prog.Call { - meta := arch.mmapSyscall - return &prog.Call{ - Meta: meta, - Args: []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), - prog.MakeConstArg(meta.Args[1], size), - prog.MakeConstArg(meta.Args[2], arch.PROT_READ|arch.PROT_WRITE), - prog.MakeConstArg(meta.Args[3], arch.MAP_ANONYMOUS|arch.MAP_PRIVATE|arch.MAP_FIXED), - prog.MakeResultArg(meta.Args[4], nil, invalidFD), - prog.MakeConstArg(meta.Args[5], 0), - }, - Ret: prog.MakeReturnArg(meta.Ret), - } -} - func (arch *arch) sanitizeCall(c *prog.Call) { switch c.Meta.CallName { case "mmap": diff --git a/sys/netbsd/init.go b/sys/netbsd/init.go index de92caf05..908cbe655 100644 --- a/sys/netbsd/init.go +++ b/sys/netbsd/init.go @@ -6,6 +6,7 @@ package netbsd import ( "github.com/google/syzkaller/prog" "github.com/google/syzkaller/sys/netbsd/gen" + "github.com/google/syzkaller/sys/targets" ) func init() { @@ -14,47 +15,15 @@ func init() { func initTarget(target *prog.Target) { arch := &arch{ - mmapSyscall: target.SyscallMap["mmap"], - PROT_READ: target.ConstMap["PROT_READ"], - PROT_WRITE: target.ConstMap["PROT_WRITE"], - MAP_ANONYMOUS: target.ConstMap["MAP_ANON"], - MAP_PRIVATE: target.ConstMap["MAP_PRIVATE"], - MAP_FIXED: target.ConstMap["MAP_FIXED"], + MAP_FIXED: target.ConstMap["MAP_FIXED"], } - target.MakeMmap = arch.makeMmap + target.MakeMmap = targets.MakePosixMmap(target) target.SanitizeCall = arch.sanitizeCall } -const ( - invalidFD = ^uint64(0) -) - type arch struct { - mmapSyscall *prog.Syscall - - PROT_READ uint64 - PROT_WRITE uint64 - MAP_ANONYMOUS uint64 - MAP_PRIVATE uint64 - MAP_FIXED uint64 -} - -func (arch *arch) makeMmap(addr, size uint64) *prog.Call { - meta := arch.mmapSyscall - return &prog.Call{ - Meta: meta, - Args: []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), - prog.MakeConstArg(meta.Args[1], size), - prog.MakeConstArg(meta.Args[2], arch.PROT_READ|arch.PROT_WRITE), - prog.MakeConstArg(meta.Args[3], arch.MAP_ANONYMOUS|arch.MAP_PRIVATE|arch.MAP_FIXED), - prog.MakeResultArg(meta.Args[4], nil, invalidFD), - prog.MakeConstArg(meta.Args[5], 0), - prog.MakeConstArg(meta.Args[6], 0), - }, - Ret: prog.MakeReturnArg(meta.Ret), - } + MAP_FIXED uint64 } func (arch *arch) sanitizeCall(c *prog.Call) { diff --git a/sys/targets/common.go b/sys/targets/common.go new file mode 100644 index 000000000..5d033c14d --- /dev/null +++ b/sys/targets/common.go @@ -0,0 +1,44 @@ +// Copyright 2018 syzkaller project authors. All rights reserved. +// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. + +package targets + +import ( + "github.com/google/syzkaller/prog" +) + +// MakePosixMmap creates a "normal" posix mmap call that maps [addr, addr+size) range. +func MakePosixMmap(target *prog.Target) func(addr, size uint64) *prog.Call { + meta := target.SyscallMap["mmap"] + prot := target.ConstMap["PROT_READ"] | target.ConstMap["PROT_WRITE"] + flags := target.ConstMap["MAP_ANONYMOUS"] | target.ConstMap["MAP_PRIVATE"] | target.ConstMap["MAP_FIXED"] + const invalidFD = ^uint64(0) + return func(addr, size uint64) *prog.Call { + return &prog.Call{ + Meta: meta, + Args: []prog.Arg{ + prog.MakeVmaPointerArg(meta.Args[0], addr, size), + prog.MakeConstArg(meta.Args[1], size), + prog.MakeConstArg(meta.Args[2], prot), + prog.MakeConstArg(meta.Args[3], flags), + prog.MakeResultArg(meta.Args[4], nil, invalidFD), + prog.MakeConstArg(meta.Args[5], 0), + }, + Ret: prog.MakeReturnArg(meta.Ret), + } + } +} + +func MakeSyzMmap(target *prog.Target) func(addr, size uint64) *prog.Call { + meta := target.SyscallMap["syz_mmap"] + return func(addr, size uint64) *prog.Call { + return &prog.Call{ + Meta: meta, + Args: []prog.Arg{ + prog.MakeVmaPointerArg(meta.Args[0], addr, size), + prog.MakeConstArg(meta.Args[1], size), + }, + Ret: prog.MakeReturnArg(meta.Ret), + } + } +} diff --git a/sys/test/gen/32.go b/sys/test/gen/32.go index 28a8fd380..7f5595363 100644 --- a/sys/test/gen/32.go +++ b/sys/test/gen/32.go @@ -506,10 +506,6 @@ var syscalls_32 = []*Syscall{ &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "a0", TypeSize: 4}, Type: &ResourceType{TypeCommon: TypeCommon{TypeName: "anyres32", TypeSize: 4, ArgDir: 1}}}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "a1", TypeSize: 4}, Type: &ResourceType{TypeCommon: TypeCommon{TypeName: "anyres64", TypeSize: 8, ArgDir: 1}}}, }}, - {Name: "mmap", CallName: "mmap", Args: []Type{ - &VmaType{TypeCommon: TypeCommon{TypeName: "vma", FldName: "addr", TypeSize: 4}}, - &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "len", TypeSize: 4}}, Buf: "addr"}, - }}, {Name: "mutate0", CallName: "mutate0"}, {Name: "mutate1", CallName: "mutate1"}, {Name: "mutate2", CallName: "mutate2"}, @@ -544,6 +540,10 @@ var syscalls_32 = []*Syscall{ &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "a", TypeSize: 4}, Type: &BufferType{TypeCommon: TypeCommon{TypeName: "array", ArgDir: 1, IsVarlen: true}}}, &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "b", TypeSize: 4}}, Buf: "a"}, }}, + {Name: "syz_mmap", CallName: "syz_mmap", Args: []Type{ + &VmaType{TypeCommon: TypeCommon{TypeName: "vma", FldName: "addr", TypeSize: 4}}, + &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "len", TypeSize: 4}}, Buf: "addr"}, + }}, {Name: "syz_test", CallName: "syz_test"}, {Name: "syz_test$align0", CallName: "syz_test", Args: []Type{ &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "a0", TypeSize: 4}, Type: &StructType{Key: StructKey{Name: "syz_align0"}}}, @@ -822,4 +822,4 @@ var consts_32 = []ConstValue{ {Name: "ONLY_32BITS_CONST", Value: 1}, } -const revision_32 = "e64e7aa2b83bf3882517a64e4d760868ce7e378f" +const revision_32 = "03eb61c17cd6775babc6992bed09fd510eec1467" diff --git a/sys/test/gen/64.go b/sys/test/gen/64.go index 232927c6d..528be76fc 100644 --- a/sys/test/gen/64.go +++ b/sys/test/gen/64.go @@ -505,10 +505,6 @@ var syscalls_64 = []*Syscall{ &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "a0", TypeSize: 8}, Type: &ResourceType{TypeCommon: TypeCommon{TypeName: "anyres32", TypeSize: 4, ArgDir: 1}}}, &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "a1", TypeSize: 8}, Type: &ResourceType{TypeCommon: TypeCommon{TypeName: "anyres64", TypeSize: 8, ArgDir: 1}}}, }}, - {Name: "mmap", CallName: "mmap", Args: []Type{ - &VmaType{TypeCommon: TypeCommon{TypeName: "vma", FldName: "addr", TypeSize: 8}}, - &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "len", TypeSize: 8}}, Buf: "addr"}, - }}, {Name: "mutate0", CallName: "mutate0"}, {Name: "mutate1", CallName: "mutate1"}, {Name: "mutate2", CallName: "mutate2"}, @@ -543,6 +539,10 @@ var syscalls_64 = []*Syscall{ &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "a", TypeSize: 8}, Type: &BufferType{TypeCommon: TypeCommon{TypeName: "array", ArgDir: 1, IsVarlen: true}}}, &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "b", TypeSize: 8}}, Buf: "a"}, }}, + {Name: "syz_mmap", CallName: "syz_mmap", Args: []Type{ + &VmaType{TypeCommon: TypeCommon{TypeName: "vma", FldName: "addr", TypeSize: 8}}, + &LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "len", TypeSize: 8}}, Buf: "addr"}, + }}, {Name: "syz_test", CallName: "syz_test"}, {Name: "syz_test$align0", CallName: "syz_test", Args: []Type{ &PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "a0", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "syz_align0"}}}, @@ -820,4 +820,4 @@ var consts_64 = []ConstValue{ {Name: "IPPROTO_UDP", Value: 17}, } -const revision_64 = "d9251ec1f9c31ffae40648c5410d8d7624136f72" +const revision_64 = "d00f8c6b2c92c5a3d3155c34bcafacc4ee1efce3" diff --git a/sys/test/init.go b/sys/test/init.go index 3bc7cd2e0..ae8849028 100644 --- a/sys/test/init.go +++ b/sys/test/init.go @@ -5,6 +5,7 @@ package test import ( "github.com/google/syzkaller/prog" + "github.com/google/syzkaller/sys/targets" "github.com/google/syzkaller/sys/test/gen" ) @@ -14,25 +15,5 @@ func init() { } func initTarget(target *prog.Target) { - arch := &arch{ - mmapSyscall: target.SyscallMap["mmap"], - } - - target.MakeMmap = arch.makeMmap -} - -type arch struct { - mmapSyscall *prog.Syscall -} - -func (arch *arch) makeMmap(addr, size uint64) *prog.Call { - meta := arch.mmapSyscall - return &prog.Call{ - Meta: meta, - Args: []prog.Arg{ - prog.MakeVmaPointerArg(meta.Args[0], addr, size), - prog.MakeConstArg(meta.Args[1], size), - }, - Ret: prog.MakeReturnArg(meta.Ret), - } + target.MakeMmap = targets.MakeSyzMmap(target) } diff --git a/sys/test/test.txt b/sys/test/test.txt index 729b44247..eb4b76388 100644 --- a/sys/test/test.txt +++ b/sys/test/test.txt @@ -3,7 +3,7 @@ # Syscalls used in syzkaller tests. -mmap(addr vma, len len[addr]) +syz_mmap(addr vma, len len[addr]) syz_test() # Integer types. -- cgit mrf-deployment