reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2024-11-27 05:10:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
37bccd4ed9
syzkaller/sys/linux/dev_floppy.txt
Denis Efremov a0626693a0 sys/linux: fix floppy description 
* sys/linux: fix floppy description

Fix typo in the FDGETPRM ioctl.

* sys/linux: extract && generate for floppy

Signed-off-by: Denis Efremov <efremov@linux.com>
2019-07-05 09:16:10 +02:00

176 lines
5.1 KiB
Plaintext
Raw Blame History

# Copyright 2018 syzkaller project authors. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
# Proper fuzzing of floppy device requires:
# 1) CONFIG_BLK_DEV_FD in your kernel configuration
# 2) "cmdline": " -fda FLOPPY.img " in syzkaller configuration
include <uapi/linux/fd.h>
resource fd_floppy[fd]
syz_open_dev$floppy(dev ptr[in, string["/dev/fd#"]], id intptr, flags flags[open_flags]) fd_floppy
ioctl$FLOPPY_FDEJECT(fd fd_floppy, cmd const[FDEJECT])
ioctl$FLOPPY_FDCLRPRM(fd fd_floppy, cmd const[FDCLRPRM])
ioctl$FLOPPY_FDSETPRM(fd fd_floppy, cmd const[FDSETPRM], arg ptr[in, floppy_struct])
ioctl$FLOPPY_FDDEFPRM(fd fd_floppy, cmd const[FDDEFPRM], arg ptr[in, floppy_struct])
ioctl$FLOPPY_FDGETPRM(fd fd_floppy, cmd const[FDGETPRM], arg ptr[out, floppy_struct])
ioctl$FLOPPY_FDMSGON(fd fd_floppy, cmd const[FDMSGON])
ioctl$FLOPPY_FDMSGOFF(fd fd_floppy, cmd const[FDMSGOFF])
ioctl$FLOPPY_FDFMTBEG(fd fd_floppy, cmd const[FDFMTBEG])
ioctl$FLOPPY_FDFMTTRK(fd fd_floppy, cmd const[FDFMTTRK], arg ptr[in, format_descr])
ioctl$FLOPPY_FDFMTEND(fd fd_floppy, cmd const[FDFMTEND])
ioctl$FLOPPY_FDFLUSH(fd fd_floppy, cmd const[FDFLUSH])
ioctl$FLOPPY_FDSETEMSGTRESH(fd fd_floppy, cmd const[FDSETEMSGTRESH], arg intptr[0:0xf])
ioctl$FLOPPY_FDGETMAXERRS(fd fd_floppy, cmd const[FDGETMAXERRS], arg ptr[out, floppy_max_errors])
ioctl$FLOPPY_FDSETMAXERRS(fd fd_floppy, cmd const[FDSETMAXERRS], arg ptr[in, floppy_max_errors])
ioctl$FLOPPY_FDGETDRVTYP(fd fd_floppy, cmd const[FDGETDRVTYP], arg ptr[out, floppy_drive_name])
ioctl$FLOPPY_FDSETDRVPRM(fd fd_floppy, cmd const[FDSETDRVPRM], arg ptr[in, floppy_drive_params])
ioctl$FLOPPY_FDGETDRVPRM(fd fd_floppy, cmd const[FDGETDRVPRM], arg ptr[out, floppy_drive_params])
ioctl$FLOPPY_FDPOLLDRVSTAT(fd fd_floppy, cmd const[FDPOLLDRVSTAT], arg ptr[out, floppy_drive_struct])
ioctl$FLOPPY_FDGETDRVSTAT(fd fd_floppy, cmd const[FDGETDRVSTAT], arg ptr[out, floppy_drive_struct])
ioctl$FLOPPY_FDRESET(fd fd_floppy, cmd const[FDRESET], arg flags[floppy_reset_mode])
ioctl$FLOPPY_FDGETFDCSTAT(fd fd_floppy, cmd const[FDGETFDCSTAT], arg ptr[out, floppy_fdc_state])
ioctl$FLOPPY_FDWERRORCLR(fd fd_floppy, cmd const[FDWERRORCLR])
ioctl$FLOPPY_FDWERRORGET(fd fd_floppy, cmd const[FDWERRORGET], arg ptr[out, floppy_write_errors])
ioctl$FLOPPY_FDRAWCMD(fd fd_floppy, cmd const[FDRAWCMD], arg ptr[inout, floppy_raw_cmd])
ioctl$FLOPPY_FDTWADDLE(fd fd_floppy, cmd const[FDTWADDLE])
floppy_struct {
size int32
sect int32
head int32
track int32
stretch int32
gap int8
rate int8
spec1 int8
fmt_gap int8
name ptr[inout, string]
}
format_descr {
device int32
head int32
track int32
}
floppy_max_errors {
abort int32
read_track int32
reset int32
recal int32
reporting int32
}
type floppy_drive_name array[int8, 16]
floppy_drive_params {
cmos int8
max_dtr intptr
hlt intptr
hut intptr
srt intptr
spinup intptr
spindown intptr
spindown_offset int8
select_delay int8
rps int8
tracks int8
timeout intptr
intreleave_sect int8
max_errors floppy_max_errors
flags flags[floppy_drive_params_flags, int8]
read_track int8
autodetect array[int16, 8]
checkfreq int32
native_format int32
}
floppy_drive_struct {
flags flags[floppy_drive_struct_flags, intptr]
spinup_date intptr
select_date intptr
first_read_date intptr
probed_format int16
track int16
maxblock int16
maxtrack int16
generation int32
keep_data int32
fd_ref int32
fd_device int32
last_checked intptr
dmabuf ptr[out, int8]
bufblocks len[dmabuf, int32]
}
floppy_fdc_state {
spec1 int32
spec2 int32
dtr int32
version int8
dor int8
address intptr
rawcmd int32:2
reset int32:1
need_configure int32:1
perp_mode int32:2
has_fifo int32:1
driver_version int32
track array[int8, 4]
}
floppy_write_errors {
write_errors int32
first_error_sector intptr
first_error_generation int32
last_error_sector intptr
lsat_error_generation int32
badness int32
}
floppy_raw_cmd {
flags flags[floppy_raw_cmd_flags, int32]
data buffer[inout]
# kernel only. zerroed after copy_from_user. Maybe need to use const[0, intptr]
kernel_data ptr[in, int8]
next const[0, intptr]
length len[data, intptr]
# output value
phys_length const[0, intptr]
# output value. kernel only
buffer_length const[0, int32]
rate int8
cmd_count int8
cmd array[int8, 16]
# output
reply_count const[0, int8]
reply array[const[0, int8], 16]
track int32
# output
resultcode const[0, int32]
reserved1 const[0, int32]
reserved2 const[0, int32]
}
floppy_reset_mode = FD_RESET_IF_NEEDED, FD_RESET_IF_RAWCMD, FD_RESET_ALWAYS
floppy_drive_struct_flags = FD_NEED_TWADDLE_BIT, FD_VERIFY_BIT, FD_DISK_NEWCHANGE_BIT, FD_UNUSED_BIT, FD_DISK_CHANGED_BIT, FD_DISK_WRITABLE_BIT, FD_OPEN_SHOULD_FAIL_BIT
floppy_drive_params_flags = FTD_MSG, FD_BROKEN_DCL, FD_DEBUG, FD_SILENT_DCL_CLEAR, FD_INVERTED_DCL
floppy_raw_cmd_flags = FD_RAW_READ, FD_RAW_WRITE, FD_RAW_NO_MOTOR, FD_RAW_DISK_CHANGE, FD_RAW_INTR, FD_RAW_SPIN, FD_RAW_NO_MOTOR_AFTER, FD_RAW_NEED_DISK, FD_RAW_NEED_SEEK, FD_RAW_MORE, FD_RAW_STOP_IF_FAILURE, FD_RAW_STOP_IF_SUCCESS, FD_RAW_SOFTFAILURE, FD_RAW_FAILURE, FD_RAW_HARDFAILURE
Reference in New Issue View Git Blame Copy Permalink