1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
|
// Copyright 2024 syzkaller project authors. All rights reserved.
// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
// Package vminfo extracts information about the target VM.
// The package itself runs on the host, which may be a different OS/arch.
// User of the package first requests set of files that needs to be fetched from the VM
// and set of test programs that needs to be executed in the VM (Checker.RequiredThings),
// then fetches these files and executes test programs, and calls Checker.MachineInfo
// to parse the files and extract information about the VM, and optionally calls
// Checker.Check to obtain list of enabled/disabled syscalls.
// The information includes information about kernel modules and OS-specific info
// (for Linux that includes things like parsed /proc/cpuinfo).
package vminfo
import (
"bytes"
"context"
"errors"
"fmt"
"io"
"io/fs"
"os"
"strings"
"github.com/google/syzkaller/pkg/flatrpc"
"github.com/google/syzkaller/pkg/fuzzer/queue"
"github.com/google/syzkaller/prog"
"github.com/google/syzkaller/sys/targets"
)
type KernelModule struct {
Name string
Addr uint64
Size uint64
Path string
}
type Checker struct {
checker
cfg *Config
source queue.Source
executor queue.Executor
}
type Config struct {
Target *prog.Target
VMType string
// Set of features to check, missing features won't be checked/enabled after Run.
Features flatrpc.Feature
// Set of syscalls to check.
Syscalls []int
Debug bool
Cover bool
Sandbox flatrpc.ExecEnv
SandboxArg int64
}
func New(cfg *Config) *Checker {
var impl checker
switch cfg.Target.OS {
case targets.Linux:
impl = &linux{vmType: cfg.VMType}
case targets.NetBSD:
impl = new(netbsd)
case targets.OpenBSD:
impl = new(openbsd)
default:
impl = new(nopChecker)
}
executor := queue.Plain()
return &Checker{
cfg: cfg,
checker: impl,
executor: executor,
source: queue.Deduplicate(executor),
}
}
func (checker *Checker) MachineInfo(fileInfos []*flatrpc.FileInfo) ([]*KernelModule, []byte, error) {
files := createVirtualFilesystem(fileInfos)
modules, err := checker.parseModules(files)
if err != nil {
return nil, nil, err
}
info := new(bytes.Buffer)
tmp := new(bytes.Buffer)
for _, fn := range checker.machineInfos() {
tmp.Reset()
name, err := fn(files, tmp)
if err != nil {
if !os.IsNotExist(err) {
return nil, nil, err
}
continue
}
if tmp.Len() == 0 {
continue
}
fmt.Fprintf(info, "[%v]\n%s\n%v\n\n", name, tmp.Bytes(), strings.Repeat("-", 80))
}
return modules, info.Bytes(), nil
}
var ErrAborted = errors.New("aborted through the context")
func (checker *Checker) Run(ctx context.Context, files []*flatrpc.FileInfo, featureInfos []*flatrpc.FeatureInfo) (
map[*prog.Syscall]bool, map[*prog.Syscall]string, Features, error) {
cc := newCheckContext(ctx, checker.cfg, checker.checker, checker.executor)
enabled, disabled, features, err := cc.do(files, featureInfos)
if ctx.Err() != nil {
return nil, nil, nil, ErrAborted
}
return enabled, disabled, features, err
}
// Implementation of the queue.Source interface.
func (checker *Checker) Next() *queue.Request {
return checker.source.Next()
}
var _ queue.Source = &Checker{}
type machineInfoFunc func(files filesystem, w io.Writer) (string, error)
type checker interface {
RequiredFiles() []string
CheckFiles() []string
parseModules(files filesystem) ([]*KernelModule, error)
machineInfos() []machineInfoFunc
syscallCheck(*checkContext, *prog.Syscall) string
}
type filesystem map[string]*flatrpc.FileInfo
func createVirtualFilesystem(fileInfos []*flatrpc.FileInfo) filesystem {
files := make(filesystem)
for _, file := range fileInfos {
if file.Exists {
files[file.Name] = file
}
}
return files
}
func (files filesystem) ReadFile(name string) ([]byte, error) {
file, ok := files[name]
if !ok {
return nil, &fs.PathError{Op: "open", Path: name, Err: fs.ErrNotExist}
}
if file.Error != "" {
return nil, errors.New(file.Error)
}
return file.Data, nil
}
func (files filesystem) ReadDir(dir string) []string {
var res []string
dedup := make(map[string]bool)
for _, file := range files {
if len(file.Name) < len(dir)+2 ||
!strings.HasPrefix(file.Name, dir) ||
file.Name[len(dir)] != '/' {
continue
}
name := file.Name[len(dir)+1:]
if slash := strings.Index(name, "/"); slash != -1 {
name = name[:slash]
}
if dedup[name] {
continue
}
dedup[name] = true
res = append(res, name)
}
return res
}
type nopChecker int
func (nopChecker) RequiredFiles() []string {
return nil
}
func (nopChecker) CheckFiles() []string {
return nil
}
func (nopChecker) parseModules(files filesystem) ([]*KernelModule, error) {
return nil, nil
}
func (nopChecker) machineInfos() []machineInfoFunc {
return nil
}
func (nopChecker) syscallCheck(*checkContext, *prog.Syscall) string {
return ""
}
|
