syzkaller/sys/openbsd/fs.txt
Anton Lindqvist 5f302c04a2 sys/openbsd: add missing padding arguments
Due to missing padding arguments, stack garbage could end up being used as
actual arguments. More reading for the curious[1].

While here, add missing descriptions for pread and pwrite.

[1] https://flak.tedunangst.com/post/syzkaller-found-a-bug
2019-05-12 14:03:04 +02:00

72 lines
2.1 KiB
Plaintext

# Copyright 2017 syzkaller project authors. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
include <sys/types.h>
include <sys/stat.h>
include <fcntl.h>
include <unistd.h>
resource fd[int32]: 0xffffffffffffffff, AT_FDCWD
resource fd_dir[fd]
resource pid[int32]: 0, 0xffffffffffffffff
resource uid[int32]: 0, 0xffffffffffffffff
resource gid[int32]: 0, 0xffffffffffffffff
open(file ptr[in, filename], flags flags[open_flags], mode flags[open_mode]) fd
# Just so that we have something that creates fd_dir resources.
open$dir(file ptr[in, filename], flags flags[open_flags], mode flags[open_mode]) fd_dir
openat(fd fd_dir, file ptr[in, filename], flags flags[open_flags], mode flags[open_mode]) fd
close(fd fd)
read(fd fd, buf buffer[out], count len[buf])
readv(fd fd, vec ptr[in, array[iovec_out]], vlen len[vec])
pread(fd fd, buf buffer[in], nbyte len[buf], pad const[0], off fileoff)
preadv(fd fd, vec ptr[in, array[iovec_out]], vlen len[vec], pad const[0], off fileoff)
write(fd fd, buf buffer[in], count len[buf])
writev(fd fd, vec ptr[in, array[iovec_in]], vlen len[vec])
pwrite(fd fd, buf buffer[in], nbyte len[buf], pad const[0], off fileoff)
pwritev(fd fd, vec ptr[in, array[iovec_in]], vlen len[vec], pad const[0], off fileoff)
lseek(fd fd, pad const[0], offset fileoff, whence flags[seek_whence])
dup(oldfd fd) fd
dup2(oldfd fd, newfd fd) fd
pipe2(pipefd ptr[out, pipefd], flags flags[pipe_flags])
pipefd {
rfd fd
wfd fd
}
iovec_in {
addr buffer[in]
len len[addr, intptr]
}
iovec_out {
addr buffer[out]
len len[addr, intptr]
}
stat {
dev int64
ino int64
mode int32
nlink int32
rdev int64
size int64
blksize int32
blocks int64
atime int64
ansec int64
mtime int64
mnsec int64
ctime int64
cnsec int64
pad1 const[0, int32]
pad2 const[0, int32]
}
open_flags = O_RDONLY, O_WRONLY, O_RDWR, O_APPEND, O_CREAT, O_TRUNC, O_EXCL, O_SHLOCK, O_EXLOCK, O_NOFOLLOW, O_CLOEXEC, O_DSYNC, O_SYNC, O_RSYNC, O_NOCTTY, O_DIRECTORY, O_ASYNC
open_mode = S_IRUSR, S_IWUSR, S_IXUSR, S_IRGRP, S_IWGRP, S_IXGRP, S_IROTH, S_IWOTH, S_IXOTH
seek_whence = SEEK_SET, SEEK_CUR, SEEK_END
pipe_flags = O_NONBLOCK, O_CLOEXEC