reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2024-11-23 11:29:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

csource: use sandbox only when required

Browse Source
This commit is contained in:
Andrey Konovalov 2017-05-18 17:03:02 +02:00
parent 1bdb387c18
commit 73a895df61
6 changed files with 49 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
csource/common.go
View File

@ -1556,6 +1556,7 @@ static uintptr_t execute_syscall(int nr, uintptr_t a0, uintptr_t a1, uintptr_t a
}
}
#if defined(SYZ_EXECUTOR) || defined(SYZ_SANDBOX_NONE) || defined(SYZ_SANDBOX_SETUID) || defined(SYZ_SANDBOX_NAMESPACE)
static void loop();
static void sandbox_common()
@ -1578,6 +1579,7 @@ static void sandbox_common()
unshare(CLONE_NEWIPC);
unshare(CLONE_IO);
}
#endif
#if defined(SYZ_EXECUTOR) || defined(SYZ_SANDBOX_NONE)
static int do_sandbox_none(int executor_pid, bool enable_tun)

41
csource/csource.go
View File

@ -86,9 +86,16 @@ func Write(p *prog.Prog, opts Options) ([]byte, error) {
if opts.UseTmpDir {
fmt.Fprintf(w, "\tuse_temporary_dir();\n")
}
fmt.Fprintf(w, "\tint pid = do_sandbox_%v(0, %v);\n", opts.Sandbox, opts.EnableTun)
fmt.Fprint(w, "\tint status = 0;\n")
fmt.Fprint(w, "\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
if opts.Sandbox != "" {
fmt.Fprintf(w, "\tint pid = do_sandbox_%v(0, %v);\n", opts.Sandbox, opts.EnableTun)
fmt.Fprint(w, "\tint status = 0;\n")
fmt.Fprint(w, "\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
} else {
if opts.EnableTun {
fmt.Fprintf(w, "\tsetup_tun(0, %v);\n", opts.EnableTun)
}
fmt.Fprint(w, "\tloop();\n")
}
fmt.Fprint(w, "\treturn 0;\n}\n")
} else {
generateTestFunc(w, opts, calls, "test")
@ -100,9 +107,16 @@ func Write(p *prog.Prog, opts Options) ([]byte, error) {
if opts.UseTmpDir {
fmt.Fprintf(w, "\tuse_temporary_dir();\n")
}
fmt.Fprintf(w, "\tint pid = do_sandbox_%v(0, %v);\n", opts.Sandbox, opts.EnableTun)
fmt.Fprint(w, "\tint status = 0;\n")
fmt.Fprint(w, "\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
if opts.Sandbox != "" {
fmt.Fprintf(w, "\tint pid = do_sandbox_%v(0, %v);\n", opts.Sandbox, opts.EnableTun)
fmt.Fprint(w, "\tint status = 0;\n")
fmt.Fprint(w, "\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
} else {
if opts.EnableTun {
fmt.Fprintf(w, "\tsetup_tun(0, %v);\n", opts.EnableTun)
}
fmt.Fprint(w, "\tloop();\n")
}
fmt.Fprint(w, "\treturn 0;\n}\n")
} else {
fmt.Fprint(w, "int main()\n{\n")
@ -115,9 +129,16 @@ func Write(p *prog.Prog, opts Options) ([]byte, error) {
if opts.UseTmpDir {
fmt.Fprintf(w, "\t\t\tuse_temporary_dir();\n")
}
fmt.Fprintf(w, "\t\t\tint pid = do_sandbox_%v(i, %v);\n", opts.Sandbox, opts.EnableTun)
fmt.Fprint(w, "\t\t\tint status = 0;\n")
fmt.Fprint(w, "\t\t\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
if opts.Sandbox != "" {
fmt.Fprintf(w, "\t\t\tint pid = do_sandbox_%v(i, %v);\n", opts.Sandbox, opts.EnableTun)
fmt.Fprint(w, "\t\t\tint status = 0;\n")
fmt.Fprint(w, "\t\t\twhile (waitpid(pid, &status, __WALL) != pid) {}\n")
} else {
if opts.EnableTun {
fmt.Fprintf(w, "\t\t\tsetup_tun(i, %v);\n", opts.EnableTun)
}
fmt.Fprint(w, "\t\t\tloop();\n")
}
fmt.Fprint(w, "\t\t\treturn 0;\n")
fmt.Fprint(w, "\t\t}\n")
fmt.Fprint(w, "\t}\n")
@ -334,6 +355,8 @@ func preprocessCommonHeader(opts Options, handled map[string]int, useBitmasks bo
defines = append(defines, "SYZ_USE_BITMASKS")
}
switch opts.Sandbox {
case "":
// No sandbox, do nothing.
case "none":
defines = append(defines, "SYZ_SANDBOX_NONE")
case "setuid":

2
csource/csource_test.go
View File

@ -33,7 +33,7 @@ func allOptionsPermutations() []Options {
for _, opt.Collide = range []bool{false, true} {
for _, opt.Repeat = range []bool{false, true} {
for _, opt.Procs = range []int{1, 4} {
for _, opt.Sandbox = range []string{"none", "setuid", "namespace"} {
for _, opt.Sandbox = range []string{"", "none", "setuid", "namespace"} {
for _, opt.Repro = range []bool{false, true} {
for _, opt.Fault = range []bool{false, true} {
for _, opt.EnableTun = range []bool{false, true} {

2
executor/common.h
View File

@ -644,6 +644,7 @@ static uintptr_t execute_syscall(int nr, uintptr_t a0, uintptr_t a1, uintptr_t a
}
}
#if defined(SYZ_EXECUTOR) || defined(SYZ_SANDBOX_NONE) || defined(SYZ_SANDBOX_SETUID) || defined(SYZ_SANDBOX_NAMESPACE)
static void loop();
static void sandbox_common()
@ -667,6 +668,7 @@ static void sandbox_common()
unshare(CLONE_NEWIPC);
unshare(CLONE_IO);
}
#endif
#if defined(SYZ_EXECUTOR) || defined(SYZ_SANDBOX_NONE)
static int do_sandbox_none(int executor_pid, bool enable_tun)

11
repro/repro.go
View File

@ -289,6 +289,17 @@ func (ctx *context) repro(entries []*prog.LogEntry, crashStart int) (*Result, er
res.Opts = opts
}
}
if res.Opts.Sandbox != "" {
opts = res.Opts
opts.Sandbox = ""
crashed, err := ctx.testCProg(res.Prog, duration, opts)
if err != nil {
return res, err
}
if crashed {
res.Opts = opts
}
}
if res.Opts.UseTmpDir {
opts = res.Opts
opts.UseTmpDir = false

2
tools/syz-prog2c/prog2c.go
View File

@ -18,7 +18,7 @@ var (
flagCollide = flag.Bool("collide", false, "create collide program")
flagRepeat = flag.Bool("repeat", false, "repeat program infinitely or not")
flagProcs = flag.Int("procs", 4, "number of parallel processes")
flagSandbox = flag.String("sandbox", "none", "sandbox to use (none, setuid, namespace)")
flagSandbox = flag.String("sandbox", "", "sandbox to use (none, setuid, namespace)")
flagProg = flag.String("prog", "", "file with program to convert (required)")
flagFaultCall = flag.Int("fault_call", -1, "inject fault into this call (0-based)")
flagFaultNth = flag.Int("fault_nth", 0, "inject fault on n-th operation (0-based)")