// Copyright 2024 syzkaller project authors. All rights reserved.
// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.

package vminfo

import (
	"bytes"
	"fmt"
	"os"
	"regexp"
	"strconv"
	"strings"
	"syscall"

	"github.com/google/syzkaller/prog"
	"github.com/google/syzkaller/sys/targets"
)

func (linux) syscallCheck(ctx *checkContext, call *prog.Syscall) string {
	check := linuxSyscallChecks[call.CallName]
	if check == nil {
		check = func(ctx *checkContext, call *prog.Syscall) string {
			// Execute plain syscall (rather than a variation with $) to make test program
			// deduplication effective. However, if the plain syscall does not exist take
			// the first variant for this syscall, this still allows to dedup all variants.
			// This works b/c in syscall test we only check for ENOSYS result.
			name := call.CallName
			if ctx.target.SyscallMap[name] == nil {
				for _, call1 := range ctx.target.Syscalls {
					if name == call1.CallName {
						name = call1.Name
					}
				}
			}
			return ctx.supportedSyscalls([]string{name})
		}
	}
	if reason := check(ctx, call); reason != "" {
		return reason
	}
	return linuxSupportedLSM(ctx, call)
}

func linuxSupportedLSM(ctx *checkContext, call *prog.Syscall) string {
	for _, lsm := range []string{"selinux", "apparmor", "smack"} {
		if !strings.Contains(strings.ToLower(call.Name), lsm) {
			continue
		}
		data, err := ctx.readFile("/sys/kernel/security/lsm")
		if err != nil {
			// Securityfs may not be mounted, but it does not mean that no LSMs are enabled.
			if os.IsNotExist(err) {
				break
			}
			return err.Error()
		}
		if !bytes.Contains(data, []byte(lsm)) {
			return fmt.Sprintf("%v is not enabled", lsm)
		}
	}
	return ""
}

var linuxSyscallChecks = map[string]func(*checkContext, *prog.Syscall) string{
	"openat":                        supportedOpenat,
	"mount":                         linuxSupportedMount,
	"socket":                        linuxSupportedSocket,
	"socketpair":                    linuxSupportedSocket,
	"pkey_alloc":                    linuxPkeysSupported,
	"syz_open_dev":                  linuxSyzOpenDevSupported,
	"syz_open_procfs":               linuxSyzOpenProcfsSupported,
	"syz_open_pts":                  alwaysSupported,
	"syz_execute_func":              alwaysSupported,
	"syz_emit_ethernet":             linuxNetInjectionSupported,
	"syz_extract_tcp_res":           linuxNetInjectionSupported,
	"syz_usb_connect":               linuxCheckUSBEmulation,
	"syz_usb_connect_ath9k":         linuxCheckUSBEmulation,
	"syz_usb_disconnect":            linuxCheckUSBEmulation,
	"syz_usb_control_io":            linuxCheckUSBEmulation,
	"syz_usb_ep_write":              linuxCheckUSBEmulation,
	"syz_usb_ep_read":               linuxCheckUSBEmulation,
	"syz_kvm_setup_cpu":             linuxSyzKvmSupported,
	"syz_kvm_vgic_v3_setup":         linuxSyzSupportedOnArm64,
	"syz_kvm_setup_syzos_vm":        linuxSyzKvmSupported,
	"syz_kvm_add_vcpu":              linuxSyzKvmSupported,
	"syz_kvm_assert_syzos_uexit":    linuxSyzKvmSupported,
	"syz_kvm_assert_syzos_kvm_exit": linuxSyzKvmSupported,
	"syz_kvm_assert_reg":            linuxSyzSupportedOnArm64,
	"syz_emit_vhci":                 linuxVhciInjectionSupported,
	"syz_init_net_socket":           linuxSyzInitNetSocketSupported,
	"syz_genetlink_get_family_id":   linuxSyzGenetlinkGetFamilyIDSupported,
	"syz_mount_image":               linuxSyzMountImageSupported,
	"syz_read_part_table":           linuxSyzReadPartTableSupported,
	"syz_io_uring_setup":            alwaysSupported,
	"syz_io_uring_submit":           alwaysSupported,
	"syz_io_uring_complete":         alwaysSupported,
	"syz_memcpy_off":                alwaysSupported,
	"syz_btf_id_by_name":            linuxBtfVmlinuxSupported,
	"syz_fuse_handle_req":           alwaysSupported,
	"syz_80211_inject_frame":        linuxWifiEmulationSupported,
	"syz_80211_join_ibss":           linuxWifiEmulationSupported,
	"syz_usbip_server_init":         linuxSyzUsbIPSupported,
	"syz_clone":                     alwaysSupported,
	"syz_clone3":                    alwaysSupported,
	"syz_pkey_set":                  linuxPkeysSupported,
	"syz_socket_connect_nvme_tcp":   linuxSyzSocketConnectNvmeTCPSupported,
	"syz_pidfd_open":                alwaysSupported,
	"syz_create_resource":           alwaysSupported,
	"syz_kfuzztest_run":             alwaysSupported,
}

func linuxSyzOpenDevSupported(ctx *checkContext, call *prog.Syscall) string {
	if _, ok := call.Args[0].Type.(*prog.ConstType); ok || call.Attrs.Automatic {
		// This is for syz_open_dev$char/block.
		// second operand for when we have an automatically generated description
		return ""
	}
	fname, ok := extractStringConst(call.Args[0].Type, call.Attrs.Automatic)
	if !ok {
		panic("first open arg is not a pointer to string const")
	}
	hashCount := strings.Count(fname, "#")
	if hashCount == 0 {
		panic(fmt.Sprintf("%v does not contain # in the file name", call.Name))
	}
	if hashCount > 2 {
		// If this fails, the logic below needs an adjustment.
		panic(fmt.Sprintf("%v contains too many #", call.Name))
	}
	var ids []int
	if _, ok := call.Args[1].Type.(*prog.ProcType); ok {
		ids = []int{0}
	} else {
		for i := 0; i < 5; i++ {
			for j := 0; j < 5; j++ {
				if j == 0 || hashCount > 1 {
					ids = append(ids, i+j*10)
				}
			}
		}
	}
	modes := ctx.allOpenModes()
	var calls []string
	for _, id := range ids {
		for _, mode := range modes {
			call := fmt.Sprintf("%s(&AUTO='%v', 0x%x, 0x%x)", call.Name, fname, id, mode)
			calls = append(calls, call)
		}
	}
	reason := ctx.anyCallSucceeds(calls, fmt.Sprintf("failed to open %v", fname))
	if reason != "" {
		// These entries might not be available at boot time,
		// but will be created by connected USB devices.
		for _, prefix := range []string{"/dev/hidraw", "/dev/usb/hiddev", "/dev/input/"} {
			if strings.HasPrefix(fname, prefix) {
				if ctx.rootCanOpen("/dev/raw-gadget") == "" {
					reason = ""
				}
			}
		}
	}
	return reason
}

func linuxNetInjectionSupported(ctx *checkContext, call *prog.Syscall) string {
	return ctx.rootCanOpen("/dev/net/tun")
}

func linuxSyzOpenProcfsSupported(ctx *checkContext, call *prog.Syscall) string {
	return ctx.canOpen("/proc/cmdline")
}

func linuxCheckUSBEmulation(ctx *checkContext, call *prog.Syscall) string {
	return ctx.rootCanOpen("/dev/raw-gadget")
}

const unsupportedArch = "unsupported arch"

func linuxSyzKvmSupported(ctx *checkContext, call *prog.Syscall) string {
	switch call.Name {
	case "syz_kvm_setup_cpu$x86":
		if ctx.target.Arch == targets.AMD64 || ctx.target.Arch == targets.I386 {
			return ""
		}
	case "syz_kvm_setup_syzos_vm$x86", "syz_kvm_add_vcpu$x86", "syz_kvm_assert_syzos_uexit$x86",
		"syz_kvm_assert_syzos_kvm_exit$x86":
		if ctx.target.Arch == targets.AMD64 {
			return ""
		}
	case "syz_kvm_setup_cpu$arm64", "syz_kvm_setup_syzos_vm$arm64", "syz_kvm_add_vcpu$arm64",
		"syz_kvm_assert_syzos_uexit$arm64", "syz_kvm_assert_syzos_kvm_exit$arm64":
		if ctx.target.Arch == targets.ARM64 {
			return ""
		}
	case "syz_kvm_setup_cpu$riscv64":
		if ctx.target.Arch == targets.RiscV64 {
			return ""
		}
	case "syz_kvm_setup_cpu$ppc64":
		if ctx.target.Arch == targets.PPC64LE {
			return ""
		}
	}
	return unsupportedArch
}

func linuxSyzSupportedOnArm64(ctx *checkContext, call *prog.Syscall) string {
	if ctx.target.Arch == targets.ARM64 {
		return ""
	}
	return unsupportedArch
}

func linuxSupportedMount(ctx *checkContext, call *prog.Syscall) string {
	return linuxSupportedFilesystem(ctx, call, 2)
}

func linuxSyzMountImageSupported(ctx *checkContext, call *prog.Syscall) string {
	return linuxSupportedFilesystem(ctx, call, 0)
}

func linuxSupportedFilesystem(ctx *checkContext, call *prog.Syscall, fsarg int) string {
	if call.Attrs.Automatic {
		return ""
	}
	fstype, ok := extractStringConst(call.Args[fsarg].Type, call.Attrs.Automatic)
	if !ok {
		panic(fmt.Sprintf("%v: filesystem is not string const", call.Name))
	}
	switch fstype {
	case "fuse", "fuseblk":
		if reason := ctx.canOpen("/dev/fuse"); reason != "" {
			return reason
		}
		if reason := ctx.onlySandboxNoneOrNamespace(); reason != "" {
			return reason
		}
	default:
		if reason := ctx.onlySandboxNone(); reason != "" {
			return reason
		}
	}
	filesystems, err := ctx.readFile("/proc/filesystems")
	if err != nil {
		return err.Error()
	}
	if !bytes.Contains(filesystems, []byte("\t"+fstype+"\n")) {
		return fmt.Sprintf("/proc/filesystems does not contain %v", fstype)
	}
	return ""
}

func linuxSyzReadPartTableSupported(ctx *checkContext, call *prog.Syscall) string {
	return ctx.onlySandboxNone()
}

func linuxSupportedSocket(ctx *checkContext, call *prog.Syscall) string {
	if call.Name == "socket" || call.Name == "socketpair" || call.Attrs.Automatic {
		return "" // generic versions are always supported
	}
	af := uint64(0)
	if arg, ok := call.Args[0].Type.(*prog.ConstType); ok {
		af = arg.Val
	} else {
		panic(fmt.Sprintf("socket family is not const in %v", call.Name))
	}
	typ, hasType := uint64(0), false
	if arg, ok := call.Args[1].Type.(*prog.ConstType); ok {
		typ, hasType = arg.Val, true
	} else if arg, ok := call.Args[1].Type.(*prog.FlagsType); ok {
		typ, hasType = arg.Vals[0], true
	}
	proto, hasProto := uint64(0), false
	if arg, ok := call.Args[2].Type.(*prog.ConstType); ok {
		proto, hasProto = arg.Val, true
	}
	syscallName := call.Name
	if call.CallName == "socketpair" {
		syscallName = "socket"
	}
	callStr := fmt.Sprintf("%s(0x%x, 0x%x, 0x%x)", syscallName, af, typ, proto)
	errno := ctx.execCall(callStr)
	if errno == syscall.ENOSYS || errno == syscall.EAFNOSUPPORT || hasProto && hasType && errno != 0 {
		return fmt.Sprintf("%v failed: %v", callStr, errno)
	}
	return ""
}

func linuxSyzGenetlinkGetFamilyIDSupported(ctx *checkContext, call *prog.Syscall) string {
	// TODO: try to obtain actual family ID here. It will disable whole sets of sendmsg syscalls.
	return ctx.callSucceeds(fmt.Sprintf("socket(0x%x, 0x%x, 0x%x)",
		ctx.val("AF_NETLINK"), ctx.val("SOCK_RAW"), ctx.val("NETLINK_GENERIC")))
}

func linuxPkeysSupported(ctx *checkContext, call *prog.Syscall) string {
	return ctx.callSucceeds("pkey_alloc(0x0, 0x0)")
}

func linuxSyzSocketConnectNvmeTCPSupported(ctx *checkContext, call *prog.Syscall) string {
	return ctx.onlySandboxNone()
}

func linuxVhciInjectionSupported(ctx *checkContext, call *prog.Syscall) string {
	return ctx.rootCanOpen("/dev/vhci")
}

func linuxSyzInitNetSocketSupported(ctx *checkContext, call *prog.Syscall) string {
	if reason := ctx.onlySandboxNone(); reason != "" {
		return reason
	}
	return linuxSupportedSocket(ctx, call)
}

func linuxBtfVmlinuxSupported(ctx *checkContext, call *prog.Syscall) string {
	if reason := ctx.onlySandboxNone(); reason != "" {
		return reason
	}
	return ctx.canOpen("/sys/kernel/btf/vmlinux")
}

func linuxSyzUsbIPSupported(ctx *checkContext, call *prog.Syscall) string {
	return ctx.canWrite("/sys/devices/platform/vhci_hcd.0/attach")
}

func linuxWifiEmulationSupported(ctx *checkContext, call *prog.Syscall) string {
	if reason := ctx.rootCanOpen("/sys/class/mac80211_hwsim/"); reason != "" {
		return reason
	}
	// We use HWSIM_ATTR_PERM_ADDR which was added in 4.17.
	return linuxRequireKernel(ctx, 4, 17)
}

func linuxRequireKernel(ctx *checkContext, major, minor int) string {
	data, err := ctx.readFile("/proc/version")
	if err != nil {
		return err.Error()
	}
	if ok, bad := matchKernelVersion(string(data), major, minor); bad {
		return fmt.Sprintf("failed to parse kernel version: %s", data)
	} else if !ok {
		return fmt.Sprintf("kernel %v.%v required, have %s", major, minor, data)
	}
	return ""
}

var kernelVersionRe = regexp.MustCompile(` ([0-9]+)\.([0-9]+)\.`)

func matchKernelVersion(ver string, x, y int) (bool, bool) {
	match := kernelVersionRe.FindStringSubmatch(ver)
	if match == nil {
		return false, true
	}
	major, err := strconv.Atoi(match[1])
	if err != nil {
		return false, true
	}
	if major <= 0 || major > 999 {
		return false, true
	}
	minor, err := strconv.Atoi(match[2])
	if err != nil {
		return false, true
	}
	if minor <= 0 || minor > 999 {
		return false, true
	}
	return major*1000+minor >= x*1000+y, false
}