Add functions to protect and unprotect the coverage buffer. The buffer is
protected from being written to while tracing. When the trace data is
sorted we need to make it read/write, but can return it to read only after
this has completed.
Leave the first page as read/write as we need to clear the length field.
Right now syzkaller only supports coverage collected from the threads that
execute syscalls. However some useful things happen in background threads,
and it would be nice to collect coverage from those threads as well.
This change adds extra coverage support to syzkaller. This coverage is not
associated with a particular syscall, but rather with the whole program.
Executor passes extra coverage over the same ipc mechanism to syz-fuzzer
with syscall number set to -1. syz-fuzzer then passes this coverage to
syz-manager with the call name "extra".
This change requires the following kcov patch:
https://github.com/xairy/linux/pull/2
Initialize syz data segment with protection allowed by PaX MPROTECT.
PROT_MPROTECT() registers future potential protection that is allowed
to be enabled in future.
FreeBSD sets the kcov buffer as number of bytes instead of number
of entries. This also fixes the mmap() call, which was failing
due to inconsistent sizes. The failing was hidden due to wrong
error handling.
* Revert "Revert "executor: add setuid sandbox for openbsd""
The problem is the low file descriptor limit.
This reverts commit 4093e33b13.
* executor/executor make sure the file descriptor limit is sufficient
Since the OpenBSD target does not make use of syz_execute_func yet, just drop
PROT_EXEC for now.
Supporting write and exec would require one to edit /etc/fstab during
installation.
Regression introduced in commit a4718693 ("sys/linux: add syz_execute_func").
Make as much code as possible shared between all OSes.
In particular main is now common across all OSes.
Make more code shared between executor and csource
(in particular, loop function and threaded execution logic).
Also make loop and threaded logic shared across all OSes.
Make more posix/unix code shared across OSes
(e.g. signal handling, pthread creation, etc).
Plus other changes along similar lines.
Also support test OS in executor (based on portable posix)
and add 4 arches that cover all execution modes
(fork server/no fork server, shmem/no shmem).
This change paves way for testing of executor code
and allows to preserve consistency across OSes and executor/csource.