executor: simplify initialize_tun

Remove executor_pid, enable_tun and setup_tun.
2025-02-21 12:01:00 +00:00 · 2018-02-26 17:43:13 +01:00 · 2018-02-26 17:43:13 +01:00 · 1d19aa5799
commit 1d19aa5799
parent b37b65b0e6
4 changed files with 63 additions and 55 deletions
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@ -274,8 +274,6 @@ static int tun_frags_enabled;
 // Rest of the packet (if any) will be silently truncated which is fine.
 #define SYZ_TUN_MAX_PACKET_SIZE 1000

-// sysgen knowns about this constant (maxPids)
-#define MAX_PIDS 32
 #define TUN_IFACE "syz_tun"

 #define LOCAL_MAC "aa:aa:aa:aa:aa:aa"
@ -294,11 +292,16 @@ static int tun_frags_enabled;
 #define IFF_NAPI_FRAGS 0x0020
 #endif

-static void initialize_tun(int id)
-{
-	if (id >= MAX_PIDS)
-		fail("tun: no more than %d executors", MAX_PIDS);
+#ifdef SYZ_EXECUTOR
+extern bool flag_enable_tun;
+#endif

+static void initialize_tun(void)
+{
+#ifdef SYZ_EXECUTOR
+	if (!flag_enable_tun)
+		return;
+#endif
 	tunfd = open("/dev/net/tun", O_RDWR | O_NONBLOCK);
 	if (tunfd == -1) {
 #ifdef SYZ_EXECUTOR
@ -358,7 +361,7 @@ static void initialize_tun(int id)

 // We test in a separate namespace, which does not have any network devices initially (even lo).
 // Create/up as many as we can.
-static void initialize_netdevices(int id)
+static void initialize_netdevices(void)
 {
 	unsigned i;
 	const char* devtypes[] = {"ip6gretap", "bridge", "vcan", "bond", "veth"};
@ -367,6 +370,10 @@ static void initialize_netdevices(int id)
 				  "ip6tnl0", "ip6gre0", "ip6gretap0",
 				  "erspan0", "bond0", "veth0", "veth1"};

+#ifdef SYZ_EXECUTOR
+	if (!flag_enable_tun)
+		return;
+#endif
 	for (i = 0; i < sizeof(devtypes) / (sizeof(devtypes[0])); i++)
 		execute_command(0, "ip link add dev %s0 type %s", devtypes[i], devtypes[i]);
 	execute_command(0, "ip link add dev veth1 type veth");
@ -384,15 +391,6 @@ static void initialize_netdevices(int id)
 		execute_command(0, "ip link set dev %s up", devnames[i]);
 	}
 }
-
-static void setup_tun(uint64 pid, bool enable_tun)
-{
-	if (enable_tun) {
-		initialize_tun(pid);
-		// TODO(dvyukov): this should be separated from tun and minimized by csource separately.
-		initialize_netdevices(pid);
-	}
-}
 #endif

 #if defined(SYZ_EXECUTOR) || (defined(SYZ_TUN_ENABLE) && (defined(__NR_syz_extract_tcp_res) || defined(SYZ_REPEAT) && defined(SYZ_WAIT_REPEAT)))
@ -749,7 +747,7 @@ static void sandbox_common()
 #endif

 #if defined(SYZ_EXECUTOR) || defined(SYZ_SANDBOX_NONE)
-static int do_sandbox_none(int executor_pid, bool enable_tun)
+static int do_sandbox_none(void)
 {
 	// CLONE_NEWPID takes effect for the first child of the current process,
 	// so we do it before fork to make the loop "init" process of the namespace.
@ -771,7 +769,9 @@ static int do_sandbox_none(int executor_pid, bool enable_tun)
 		debug("unshare(CLONE_NEWNET): %d\n", errno);
 	}
 #if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
-	setup_tun(executor_pid, enable_tun);
+	initialize_tun();
+	// TODO(dvyukov): this should be separated from tun and minimized by csource separately.
+	initialize_netdevices();
 #endif

 	loop();
@ -780,7 +780,7 @@ static int do_sandbox_none(int executor_pid, bool enable_tun)
 #endif

 #if defined(SYZ_EXECUTOR) || defined(SYZ_SANDBOX_SETUID)
-static int do_sandbox_setuid(int executor_pid, bool enable_tun)
+static int do_sandbox_setuid(void)
 {
 	if (unshare(CLONE_NEWPID))
 		fail("unshare(CLONE_NEWPID)");
@ -794,7 +794,9 @@ static int do_sandbox_setuid(int executor_pid, bool enable_tun)
 	if (unshare(CLONE_NEWNET))
 		fail("unshare(CLONE_NEWNET)");
 #if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
-	setup_tun(executor_pid, enable_tun);
+	initialize_tun();
+	// TODO(dvyukov): this should be separated from tun and minimized by csource separately.
+	initialize_netdevices();
 #endif

 	const int nobody = 65534;
@ -863,7 +865,9 @@ static int namespace_sandbox_proc(void* arg)
 	// which in turn needs to be in the test user namespace.
 	// However, IFF_NAPI_FRAGS will fail as we are not root already.
 	// There does not seem to be a call sequence that would satisfy all of that.
-	setup_tun((long)arg >> 1, (long)arg & 1);
+	initialize_tun();
+	// TODO(dvyukov): this should be separated from tun and minimized by csource separately.
+	initialize_netdevices();
 #endif

 	if (mkdir("./syz-tmp", 0777))
@ -929,16 +933,15 @@ static int namespace_sandbox_proc(void* arg)
 	doexit(1);
 }

-static int do_sandbox_namespace(int executor_pid, bool enable_tun)
+static int do_sandbox_namespace(void)
 {
 	int pid;

 	real_uid = getuid();
 	real_gid = getgid();
 	mprotect(sandbox_stack, 4096, PROT_NONE); // to catch stack underflows
-	void* arg = (void*)(long)((executor_pid << 1) | enable_tun);
 	pid = clone(namespace_sandbox_proc, &sandbox_stack[sizeof(sandbox_stack) - 64],
-		    CLONE_NEWUSER | CLONE_NEWPID, arg);
+		    CLONE_NEWUSER | CLONE_NEWPID, 0);
 	if (pid < 0)
 		fail("sandbox clone failed");
 	return pid;
--- a/executor/executor_linux.cc
+++ b/executor/executor_linux.cc
@ -79,13 +79,13 @@ int main(int argc, char** argv)
 	int pid = -1;
 	switch (flag_sandbox) {
 	case sandbox_none:
-		pid = do_sandbox_none(flag_pid, flag_enable_tun);
+		pid = do_sandbox_none();
 		break;
 	case sandbox_setuid:
-		pid = do_sandbox_setuid(flag_pid, flag_enable_tun);
+		pid = do_sandbox_setuid();
 		break;
 	case sandbox_namespace:
-		pid = do_sandbox_namespace(flag_pid, flag_enable_tun);
+		pid = do_sandbox_namespace();
 		break;
 	default:
 		fail("unknown sandbox type");
--- a/pkg/csource/csource.go
+++ b/pkg/csource/csource.go
@ -81,12 +81,13 @@ func Write(p *prog.Prog, opts Options) ([]byte, error) {
 			ctx.printf("\tuse_temporary_dir();\n")
 		}
 		if opts.Sandbox != "" {
-			ctx.printf("\tint pid = do_sandbox_%v(0, %v);\n", opts.Sandbox, opts.EnableTun)
+			ctx.printf("\tint pid = do_sandbox_%v();\n", opts.Sandbox)
 			ctx.print("\tint status = 0;\n")
 			ctx.print("\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
 		} else {
 			if opts.EnableTun {
-				ctx.printf("\tsetup_tun(0, %v);\n", opts.EnableTun)
+				ctx.printf("\tinitialize_tun();\n")
+				ctx.printf("\tinitialize_netdevices();\n")
 			}
 			ctx.print("\tloop();\n")
 		}
@ -111,12 +112,13 @@ func Write(p *prog.Prog, opts Options) ([]byte, error) {
 				ctx.print("\t\tuse_temporary_dir();\n")
 			}
 			if opts.Sandbox != "" {
-				ctx.printf("\t\tint pid = do_sandbox_%v(0, %v);\n", opts.Sandbox, opts.EnableTun)
+				ctx.printf("\t\tint pid = do_sandbox_%v();\n", opts.Sandbox)
 				ctx.print("\t\tint status = 0;\n")
 				ctx.print("\t\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
 			} else {
 				if opts.EnableTun {
-					ctx.printf("\t\tsetup_tun(0, %v);\n", opts.EnableTun)
+					ctx.printf("\t\tinitialize_tun();\n")
+					ctx.printf("\t\tinitialize_netdevices();\n")
 				}
 				ctx.print("\t\tloop();\n")
 			}
@ -141,12 +143,13 @@ func Write(p *prog.Prog, opts Options) ([]byte, error) {
 				ctx.print("\t\t\t\tuse_temporary_dir();\n")
 			}
 			if opts.Sandbox != "" {
-				ctx.printf("\t\t\t\tint pid = do_sandbox_%v(procid, %v);\n", opts.Sandbox, opts.EnableTun)
+				ctx.printf("\t\t\t\tint pid = do_sandbox_%v();\n", opts.Sandbox)
 				ctx.print("\t\t\t\tint status = 0;\n")
 				ctx.print("\t\t\t\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
 			} else {
 				if opts.EnableTun {
-					ctx.printf("\t\t\t\tsetup_tun(procid, %v);\n", opts.EnableTun)
+					ctx.printf("\t\t\t\tinitialize_tun();\n")
+					ctx.printf("\t\t\t\tinitialize_netdevices();\n")
 				}
 				ctx.print("\t\t\t\tloop();\n")
 			}
--- a/pkg/csource/linux_common.go
+++ b/pkg/csource/linux_common.go
@ -417,7 +417,6 @@ static int tun_frags_enabled;

 #define SYZ_TUN_MAX_PACKET_SIZE 1000

-#define MAX_PIDS 32
 #define TUN_IFACE "syz_tun"

 #define LOCAL_MAC "aa:aa:aa:aa:aa:aa"
@ -436,11 +435,16 @@ static int tun_frags_enabled;
 #define IFF_NAPI_FRAGS 0x0020
 #endif

-static void initialize_tun(int id)
-{
-	if (id >= MAX_PIDS)
-		fail("tun: no more than %d executors", MAX_PIDS);
+#ifdef SYZ_EXECUTOR
+extern bool flag_enable_tun;
+#endif

+static void initialize_tun(void)
+{
+#ifdef SYZ_EXECUTOR
+	if (!flag_enable_tun)
+		return;
+#endif
 	tunfd = open("/dev/net/tun", O_RDWR | O_NONBLOCK);
 	if (tunfd == -1) {
 #ifdef SYZ_EXECUTOR
@ -489,7 +493,7 @@ static void initialize_tun(int id)
 #define DEV_IPV6 "fe80::%02hx"
 #define DEV_MAC "aa:aa:aa:aa:aa:%02hx"

-static void initialize_netdevices(int id)
+static void initialize_netdevices(void)
 {
 	unsigned i;
 	const char* devtypes[] = {"ip6gretap", "bridge", "vcan", "bond", "veth"};
@ -498,6 +502,10 @@ static void initialize_netdevices(int id)
 				  "ip6tnl0", "ip6gre0", "ip6gretap0",
 				  "erspan0", "bond0", "veth0", "veth1"};

+#ifdef SYZ_EXECUTOR
+	if (!flag_enable_tun)
+		return;
+#endif
 	for (i = 0; i < sizeof(devtypes) / (sizeof(devtypes[0])); i++)
 		execute_command(0, "ip link add dev %s0 type %s", devtypes[i], devtypes[i]);
 	execute_command(0, "ip link add dev veth1 type veth");
@ -512,14 +520,6 @@ static void initialize_netdevices(int id)
 		execute_command(0, "ip link set dev %s up", devnames[i]);
 	}
 }
-
-static void setup_tun(uint64 pid, bool enable_tun)
-{
-	if (enable_tun) {
-		initialize_tun(pid);
-		initialize_netdevices(pid);
-	}
-}
 #endif

 #if defined(SYZ_EXECUTOR) || (defined(SYZ_TUN_ENABLE) && (defined(__NR_syz_extract_tcp_res) || defined(SYZ_REPEAT) && defined(SYZ_WAIT_REPEAT)))
@ -1806,7 +1806,7 @@ static void sandbox_common()
 #endif

 #if defined(SYZ_EXECUTOR) || defined(SYZ_SANDBOX_NONE)
-static int do_sandbox_none(int executor_pid, bool enable_tun)
+static int do_sandbox_none(void)
 {
 	if (unshare(CLONE_NEWPID)) {
 		debug("unshare(CLONE_NEWPID): %d\n", errno);
@ -1822,7 +1822,8 @@ static int do_sandbox_none(int executor_pid, bool enable_tun)
 		debug("unshare(CLONE_NEWNET): %d\n", errno);
 	}
 #if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
-	setup_tun(executor_pid, enable_tun);
+	initialize_tun();
+	initialize_netdevices();
 #endif

 	loop();
@ -1831,7 +1832,7 @@ static int do_sandbox_none(int executor_pid, bool enable_tun)
 #endif

 #if defined(SYZ_EXECUTOR) || defined(SYZ_SANDBOX_SETUID)
-static int do_sandbox_setuid(int executor_pid, bool enable_tun)
+static int do_sandbox_setuid(void)
 {
 	if (unshare(CLONE_NEWPID))
 		fail("unshare(CLONE_NEWPID)");
@ -1845,7 +1846,8 @@ static int do_sandbox_setuid(int executor_pid, bool enable_tun)
 	if (unshare(CLONE_NEWNET))
 		fail("unshare(CLONE_NEWNET)");
 #if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
-	setup_tun(executor_pid, enable_tun);
+	initialize_tun();
+	initialize_netdevices();
 #endif

 	const int nobody = 65534;
@ -1904,7 +1906,8 @@ static int namespace_sandbox_proc(void* arg)
 	if (unshare(CLONE_NEWNET))
 		fail("unshare(CLONE_NEWNET)");
 #if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
-	setup_tun((long)arg >> 1, (long)arg & 1);
+	initialize_tun();
+	initialize_netdevices();
 #endif

 	if (mkdir("./syz-tmp", 0777))
@ -1965,16 +1968,15 @@ static int namespace_sandbox_proc(void* arg)
 	doexit(1);
 }

-static int do_sandbox_namespace(int executor_pid, bool enable_tun)
+static int do_sandbox_namespace(void)
 {
 	int pid;

 	real_uid = getuid();
 	real_gid = getgid();
 	mprotect(sandbox_stack, 4096, PROT_NONE);
-	void* arg = (void*)(long)((executor_pid << 1) | enable_tun);
 	pid = clone(namespace_sandbox_proc, &sandbox_stack[sizeof(sandbox_stack) - 64],
-		    CLONE_NEWUSER | CLONE_NEWPID, arg);
+		    CLONE_NEWUSER | CLONE_NEWPID, 0);
 	if (pid < 0)
 		fail("sandbox clone failed");
 	return pid;