Andrey Konovalov
2cd76d2137
kcov: some fixes for extra coverage
...
Use PC tracing mode when detecting KCOV_REMOTE_ENABLE support in the kernel.
Also fix kcov_remote_handle_usb argument.
2019-01-17 16:06:59 +01:00
Anton Lindqvist
04aed72692
Revert "sys/openbsd: avoid /dev/fd node creation"
...
This reverts commit 77c702cf1a
.
A proper fix has instead been committed to OpenBSD[1].
[1] 650b9bc3ab
2019-01-17 10:41:04 +01:00
Andrey Konovalov
c2faf9b2d5
all: detect extra coverage support
...
Based on whether the kernel supports KCOV_REMOTE_ENABLE ioctl.
2019-01-16 19:19:53 +01:00
msvoelker
c0d4a12ee7
sys/freebsd: add SCTP syscalls
...
* sys/freebsd: Add SCTP syscalls
* sys/freebsd: SCTP syscalls updated
* sys/freebsd: SCTP syscalls fixed
2019-01-16 18:12:07 +01:00
Dmitry Vyukov
e9b3467100
sys/linux: add trusty support
...
Add support for trusty tipc devices and several trusty app ports.
Update #933
2019-01-14 18:23:43 +01:00
Zubin Mithra
b38a805a0c
sys/linux: Add syscalls to read from sockets for crypto operations
...
sockaddr_alg with salg_type as "skcipher", "aead", "hash" and "rng"
support for reading from these sockets. Add read descriptions to
socket_alg.txt.
2019-01-14 18:21:55 +01:00
Greg Steuck
77c702cf1a
sys/openbsd: avoid /dev/fd node creation
...
Prevents corpus explosion with corrupted coverage data.
The two parallel runs of:
`doas ./syz-execprog -cover -coverfile /tmp/{fixed,unfixed} r.syz`
show markedly different coverage pictures:
unfixed:
```
2019/01/12 13:55:38 parsed 1 programs
2019/01/12 13:55:38 executed programs: 0
2019/01/12 13:55:38 call #0 : signal 821, coverage 2438
2019/01/12 13:55:38 call #1 : signal 243, coverage 1363
2019/01/12 13:55:38 call #2 : signal 502, coverage 1993
2019/01/12 13:55:38 call #3 : signal 15, coverage 44
2019/01/12 13:55:38 call #4 : signal 335, coverage 8196
```
fixed:
```
2019/01/12 13:51:57 parsed 1 programs
2019/01/12 13:51:57 executed programs: 0
2019/01/12 13:51:57 call #0 : signal 837, coverage 2491
2019/01/12 13:51:57 call #1 : signal 241, coverage 1341
2019/01/12 13:51:57 call #2 : signal 27, coverage 61
2019/01/12 13:51:57 call #3 : signal 13, coverage 44
2019/01/12 13:51:57 call #4 : signal 39, coverage 299
```
The contents of `r.syz` is
```
mknod(&(0x7f0000000180)='./file0\x00', 0x2006, 0x10000016e8)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x10, r0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000002480)=[{&(0x7f0000001480)="<junk>", 0x573}], 0x1)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000))
```
So, it's the final lstat which was getting that extra coverage. In
particular, the end of unfixed.4 has some 4734 values
0xffffffff00000000.
2019-01-14 09:48:45 +01:00
Shankara Pailoor
db9b657915
tools/syz-trace2syz/proggen/proggen_test.go: test ipv6 address conversion
2019-01-10 12:34:28 +01:00
Shankara Pailoor
0108829095
sys/linux: add rand_addr option to ipv6_addr union
...
rand_addr option is the first option for the ipv6_addr union
and is just an array of 16 bytes. This option makes it easy
for trace2syz to convert ipv6 address as strace decodes
the ipv6 address as a hex string.
2019-01-10 12:34:28 +01:00
Andrey Konovalov
204b8f5906
sys/linux: chmod -x *.txt
...
For some reason some syscall description txt files are +x. Do chmod -x.
2019-01-09 05:46:47 +01:00
Dmitry Vyukov
ee332608e9
sys/linux: prohibit SNAPSHOT_FREEZE
...
SNAPSHOT_FREEZE freezes all processes and leaves the machine dead.
2019-01-06 17:39:32 +01:00
Dmitry Vyukov
6838bb9a0f
sys/linux: add /dev/ppp descriptions
2019-01-04 15:56:18 +01:00
Eric Biggers
f064b4365d
sys/linux/init_alg.go: update algorithms
...
- Add arm64 implementations of various algorithms
(these are usually named -arm64, -neon, or -ce)
- Add missing x86 SHA-NI algorithms (sha*-ni)
- Add adiantum (new in v4.20)
- Add streebog256 (new in v4.20)
- Add streebog512 (new in v4.20)
- Add vmac64 (new in v4.19)
- Add xchacha12 (new in v4.20)
- Add xchacha20 (new in v4.20)
- Remove speck128 (was removed soon after being added to kernel)
- Remove speck64 (likewise)
- Move sm4 from hash list to cipher list
2019-01-02 11:24:46 +01:00
Eric Biggers
b86667864d
sys/linux/init_alg.go: sort the algorithm names
...
Sort the lists of crypto algorithms lexicographically to make it easier
to see which algorithms are included and decide where to add new ones.
2019-01-02 11:24:46 +01:00
Michael Tuexen
97e0a43fa2
sys/tagets: use appropriate name for KernelObject on FreeBSD
2018-12-31 17:39:24 +01:00
Dmitry Vyukov
2b42fdc898
sys/linux: detail ifla_vf_policy/ifla_port_policy/ifla_xdp_policy
2018-12-30 17:36:38 +01:00
Dmitry Vyukov
f7d5ee2d34
sys/linux: add can routes
2018-12-30 16:24:31 +01:00
Dmitry Vyukov
5b565c8bdb
sys/linux: add AF_RXRPC descriptions
2018-12-30 15:49:07 +01:00
Dmitry Vyukov
9942de5fb0
sys/linux: add /dev/mISDNtimer
2018-12-30 12:25:05 +01:00
Dmitry Vyukov
6e86ffb020
sys/linux: open more of /dev/ files
...
/dev/vfio/vfio
/dev/btrfs-control
/dev/ubi_ctrl
/dev/cachefiles
2018-12-30 12:19:52 +01:00
Dmitry Vyukov
204cb1446f
sys/linux: add AF_ISDN descriptions
2018-12-29 20:40:32 +01:00
Dmitry Vyukov
f02201ce9a
sys/linux: describe /dev/vhci interface
2018-12-29 19:22:35 +01:00
Dmitry Vyukov
79059de177
sys/linux: misc assorted improvements
...
Add new bpf consts/commands.
Refine bluetooth descriptions.
Remove removed crypto consts.
2018-12-29 19:22:35 +01:00
Dmitry Vyukov
a40793d7a5
sys/linux: refine few types in NETLINK_ROUTE
2018-12-29 07:45:20 +01:00
Dmitry Vyukov
2b084c9886
pkg/csource: use 0 for missing syscall args
...
We don't specify trailing unused args for some syscalls
(e.g. ioctl that does not use its arg).
Executor always filled tailing unsed args with 0's
but pkg/csource didn't. Some such syscalls actually
check that the unsed arg is 0 and as the result failed with C repro.
We could statically check and eliminate all such cases,
but it turns out the warning fires in 1500+ cases:
a3ace5a63f/gistfile1.txt
So instead fill such args with 0's in pkg/csource too.
2018-12-27 13:11:57 +01:00
Dmitry Vyukov
586a19e7ec
executor: create more net devices on linux
2018-12-26 21:44:05 +01:00
Dmitry Vyukov
4f7962a7bb
executor: restrict ipc resource usage
...
For context see:
https://groups.google.com/d/msg/syzkaller-bugs/ZaBzAJbn6i8/Py9FVlAqDQAJ
2018-12-26 10:29:43 +01:00
Dmitry Vyukov
8a41a0ad8e
sys/linux: add network drop monitor support
2018-12-24 18:56:08 +01:00
Dmitry Vyukov
17c23ac162
sys/linux: add udmabuf descriptions
2018-12-24 18:56:08 +01:00
Dmitry Vyukov
a961943f02
sys/linux: add basic AF_CAIF descriptions
2018-12-24 18:56:07 +01:00
Dmitry Vyukov
57541e29d9
sys/linux: add basic X25 descriptions
2018-12-24 18:56:06 +01:00
Dmitry Vyukov
dd61e58d94
sys/linux: extend AX25/ROSE/NETROM descriptions
2018-12-24 18:56:06 +01:00
Dmitry Vyukov
9a4bb6b0b5
sys/linux: add CRYPTO_MSG_GETSTAT
2018-12-22 09:39:03 +01:00
Dmitry Vyukov
3e3b15df7e
sys/linux: add RTM_NEWNSID/RTM_GETNSID
2018-12-22 09:39:02 +01:00
Victor Hsieh
f4815544c1
sys/linux: add fs-verity ioctls
...
This adds 2 ioctls and an argument type:
- FS_IOC_ENABLE_VERITY
- FS_IOC_MEASURE_VERITY
- struct fsverity_digest
Note fs-verity on-disk structs are not yet added.
2018-12-18 10:34:52 +01:00
Dmitry Vyukov
def91db3fe
prog, pkg/csource: more readable serialization for strings
...
Always serialize strings in readable format (non-hex).
Serialize binary data in readable format in more cases.
Fixes #792
2018-12-15 15:17:13 +01:00
Dmitry Vyukov
02613a4124
sys/linux: add basic tipc test
2018-12-12 13:14:26 +01:00
Dmitry Vyukov
28bd3e371b
prog: support AUTO args in programs
...
AUTO arguments can be used for:
- consts
- lens
- pointers
For const's and len's AUTO is replaced with the natural value,
addresses for AUTO pointers are allocated linearly.
This greatly simplifies writing test programs by hand
as most of the time we want these natural values.
Update tests to use AUTO.
2018-12-10 16:37:02 +01:00
Dmitry Vyukov
083e78159d
sys: consistently mark all paddings as const[0]
2018-12-10 16:37:02 +01:00
Dmitry Vyukov
ba64d006de
prog: implement strict parsing mode
...
Add bulk of checks for strict parsing mode.
Probably not complete, but we can extend then in future as needed.
Turns out we can't easily use it for serialized programs
as they omit default args and during deserialization it looks like missing args.
2018-12-10 16:37:01 +01:00
Dmitry Vyukov
95fe19c19e
prog: introduce strict parsing mode
...
Over time we relaxed parsing to handle all kinds of invalid programs
(excessive/missing args, wrong types, etc).
This is useful when reading old programs from corpus.
But this is harmful for e.g. reading test inputs as they can become arbitrary outdated.
For runtests which creates additional problem of executing not
what is actually written in the test (or at least what author meant).
Add strict parsing mode that does not tolerate any errors.
For now it just checks excessive syscall arguments.
2018-12-10 16:37:01 +01:00
Michael Tuexen
96cc4c50c3
sys/openbsd: fix socketpair usage
2018-12-09 15:31:32 +01:00
Michael Tuexen
a320ef9292
sys/netbsd: fix socketpair usage
2018-12-09 15:31:32 +01:00
Michael Tuexen
99fd96656f
sys/freebsd: fix socketpair usage
2018-12-09 15:31:32 +01:00
Dmitry Vyukov
82f11ef0c5
sys/linux: add AF_TIPC netlink interface and packet formats
2018-12-09 13:02:13 +01:00
Dmitry Vyukov
a3f232631f
sys/linux: add AF_TIPC descriptions
2018-12-09 12:52:50 +01:00
Dmitry Vyukov
72a027681e
sys/linux: socketpair returns sockets not just fd's
2018-12-09 12:35:07 +01:00
Dmitry Vyukov
c791837863
executor: fix handling of big-endian bitfields
...
Currently we apply big-endian-ness and bitfield-ness in the wrong order in copyin.
This leads to totally bogus result. Fix this.
2018-12-08 19:08:08 +01:00
Michael Tuexen
579f36e1d8
sys/linux: improve recvmsg descriptions
2018-12-08 14:48:53 +01:00
Michael Tuexen
fabb98a11f
sys/openbsd: improve recvmsg() description
2018-12-08 14:48:53 +01:00