From d04ac3a54895a36998e3f1da27c2ce33f7a80c5a Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Mon, 3 Apr 2023 07:45:09 +0200
Subject: sys/linux: add syz_pkey_set syscalls

The syscall sets PKRU register which is part of protection keys (pkey).
---
 sys/linux/sys.txt   |  2 ++
 sys/linux/test/pkey | 10 ++++++++++
 2 files changed, 12 insertions(+)
 create mode 100644 sys/linux/test/pkey

(limited to 'sys')

diff --git a/sys/linux/sys.txt b/sys/linux/sys.txt
index 80ece3188..4b403ddd9 100644
--- a/sys/linux/sys.txt
+++ b/sys/linux/sys.txt
@@ -212,6 +212,8 @@ resource pkey[int32]: -1
 pkey_alloc(flags const[0], val flags[pkey_flags]) pkey
 pkey_free(key pkey)
 pkey_mprotect(addr vma, len len[addr], prot flags[mmap_prot], key pkey)
+syz_pkey_set(key pkey, val flags[pkey_flags])
+
 pkey_flags = PKEY_DISABLE_ACCESS, PKEY_DISABLE_WRITE
 
 restart_syscall()
diff --git a/sys/linux/test/pkey b/sys/linux/test/pkey
new file mode 100644
index 000000000..063e878cc
--- /dev/null
+++ b/sys/linux/test/pkey
@@ -0,0 +1,10 @@
+# requires: arch=amd64
+
+r0 = pkey_alloc(0x0, 0x0)
+mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
+pkey_mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, r0)
+syz_pkey_set(r0, 0x3)
+pipe(&(0x7f0000000000)={0x0, 0x0})  # EFAULT
+syz_pkey_set(r0, 0x0)
+pipe(&(0x7f0000000000)={0x0, 0x0})
+pkey_free(r0)
-- 
cgit mrf-deployment