prog: don't try to execute ioctl(FIFREEZE) and mknod

ioctl(FIFREEZE) renders machine dead. FIFREEZE is an interesting thing, and we could test it in namespace (?) or on manually mounted file systems (?). But that will require more complex handling. Disable it until we have that logic. mknod of char/block devices can do all kinds of nasty stuff (read/write to IO ports, kernel memory, etc). Disable it for now.
2024-11-24 03:49:45 +00:00 · 2016-08-21 18:07:55 -07:00 · 2016-08-21 18:07:55 -07:00 · e7021ac638
commit e7021ac638
parent a949600ee5
1 changed files with 18 additions and 22 deletions
--- a/prog/analysis.go
+++ b/prog/analysis.go
@ -247,34 +247,30 @@ func sanitizeCall(c *Call) {
 		if flags.Val&MREMAP_MAYMOVE != 0 {
 			flags.Val |= MREMAP_FIXED
 		}
-		// not required if executor drops privileges
-		/*
 	case "mknod":
 		mode := c.Args[1]
 		if mode.Kind != ArgConst {
 			panic("mknod mode is not const")
 		}
 		// Char and block devices read/write io ports, kernel memory and do other nasty things.
+		// TODO: not required if executor drops privileges.
 		if mode.Val != S_IFREG && mode.Val != S_IFIFO && mode.Val != S_IFSOCK {
 			mode.Val = S_IFIFO
 		}
-		*/
 	case "syslog":
 		cmd := c.Args[0]
 		// These disable console output, but we need it.
 		if cmd.Val == SYSLOG_ACTION_CONSOLE_OFF || cmd.Val == SYSLOG_ACTION_CONSOLE_ON {
 			cmd.Val = SYSLOG_ACTION_SIZE_UNREAD
 		}
-		// not required if executor drops privileges
-		/*
 	case "ioctl":
 		cmd := c.Args[1]
 		// Freeze kills machine. Though, it is an interesting functions,
-				// so we need to test it somehow (TODO).
+		// so we need to test it somehow.
+		// TODO: not required if executor drops privileges.
 		if uint32(cmd.Val) == uint32(FIFREEZE) {
 			cmd.Val = FITHAW
 		}
-		*/
 	case "ptrace":
 		// PTRACE_TRACEME leads to unkillable processes, see:
 		// https://groups.google.com/forum/#!topic/syzkaller/uGzwvhlCXAw