Skip to content
Permalink
Tree: 8978109043
Commits on Oct 31, 2018
  1. Update found_bugs.md

    dvyukov committed Oct 31, 2018
Commits on Oct 30, 2018
  1. sys/linux: limit init_module size argument

    dvyukov committed Oct 30, 2018
    Kernel tries to vmalloc whatever we pass as size and it's not accounted against memcg.
    As the result it can lead to massive OOM kills of everything running on the machine.
    Strictly saying, the same applies to finit_module with a sparse file too,
    but there is no simple way to handle that.
  2. sys/linux: adding constants for trace2syz to sockets

    shankarapailoor authored and dvyukov committed Oct 30, 2018
  3. sys/linux: add perf, kvm, btrfs consts for trace2syz

    shankarapailoor authored and dvyukov committed Oct 30, 2018
  4. sys/linux: add additional constants for trace2syz to bpf

    shankarapailoor authored and dvyukov committed Oct 30, 2018
    Fixes #783
  5. sys/linux: fix up descriptions

    dvyukov committed Oct 30, 2018
    1. Extract consts on the latest linux tree.
    2. Don't manually define O_TMPFILE/O_ACCMODE/_LINUX_CAPABILITY_VERSION_N,
       they are defined in kernel headers.
    3. Don't use CLOCK_SGI_CYCLE as clock id, it's not implemented.
  6. sys/linux: add additional constants for trace2syz

    shankarapailoor authored and dvyukov committed Oct 30, 2018
Commits on Oct 29, 2018
  1. sys/openbsd: added minherit, extended/simplified mmap

    blackgnezdo authored and dvyukov committed Oct 29, 2018
    * sys/openbsd: added minherit, extended/simplified mmap.
    
    Added a script from anton_at_openbsd.org for regenerating syscalls.
    
    Generated by ksh ./sys/openbsd/extract-openbsd.sh
    
    * Undo whitespace change not passing on CI
    
    * No need for magic script.
  2. sys/linux: fix SIOCGIFCONF const

    dvyukov committed Oct 29, 2018
  3. sys/linux: fix IP6T_SO_GET_INFO const

    dvyukov committed Oct 29, 2018
    Fix copy-paste error.
  4. Conditionally enable test -race when supported on the OS.

    Greg Steuck authored and dvyukov committed Oct 29, 2018
Commits on Oct 28, 2018
  1. sys/linux: open /dev/media* files

    dvyukov committed Oct 28, 2018
    Also remove the second syscall for opening of /dev/fd*.
  2. dashboard/config: update kernel configs

    dvyukov committed Oct 28, 2018
    Enable:
    CONFIG_BLK_DEV_FD
    CONFIG_CRYPTO_OFB
    CONFIG_VIDEO_VIMC
    CONFIG_VIDEO_VIM2M
    CONFIG_VIDEO_VIVID
    CONFIG_VIDEO_VICODEC
  3. sys/linux: slightly refine perf descriptions

    dvyukov committed Oct 28, 2018
    CPU argument can be -1.
    It makes sense to mmap perf fd.
  4. sys/syz-extract: support missing arch headers

    dvyukov committed Oct 28, 2018
    The latest Linux kernel misses some arch-specific headers on some archs:
    	asm/a.out.h
    	asm/prctl.h
    	asm/mce.h
    Support that.
  5. vm/qemu: don't use e1000 on arm64

    dvyukov committed Oct 28, 2018
    arm64 uses virtio net by default and does not support e1000.
    So don't override the default and use e1000 only for 386/amd64.
  6. pkg/report: fix guilty file extraction

    dvyukov committed Oct 28, 2018
    reportPrefixLen can become wrong after symbolization
    if we symbolize any lines in the prefix.
    Adjust reportPrefixLen during symbolization.
    
    Automatic testing of this is problematic
    because we would need to symbolize which requires
    the object file with debug info.
    Tested manually with syz-symbolize.
  7. vm/qemu: use -cpu host,migratable=off

    dvyukov committed Oct 28, 2018
    This exposes the maximum amount of features to the guest.
    migratable=off exposes features that qemu does not know about too.
  8. sys/linux: floppy interface description

    evdenis authored and dvyukov committed Jun 7, 2018
    For floppy fuzzing you need to enable:
    
    1) CONFIG_BLK_DEV_FD in your kernel configuration
    2) "cmdline": " -fda FLOPPY.img " in syzkaller configuration
    
    Signed-off-by: Denis Efremov <efremov@linux.com>
    Signed-off-by: Alexander Popov <alex.popov@linux.com>
  9. tools/create-openbsd*sh: use cdn.openbsd.org not cloudflare, install …

    blackgnezdo authored and dvyukov committed Oct 28, 2018
    …vmm-firmware
    
    * Use cdn.openbsd.org not cloudflare. Install vmm-firmware explicitly.
    
    * Use cdn.openbsd.org not cloudflare. Install vmm-firmware explicitly.
    
    * set hw.smt=1: the underlying hw on VM is unknown so don't waste SMT.
  10. Update syscall_descriptions.md

    dvyukov committed Oct 28, 2018
    Clarify that running `make clean` each time is not necessary.
Commits on Oct 27, 2018
  1. Update research.md

    dvyukov committed Oct 27, 2018
  2. Update found_bugs.md

    dvyukov committed Oct 27, 2018
Commits on Oct 23, 2018
  1. gometalinter: ignore ALL_CAPS names in sys/openbsd/init.go

    dvyukov committed Oct 23, 2018
    As we do for other OSes as they use OS constant names
    which are usually ALL_CAPS.
  2. Update found_bugs.md

    dvyukov committed Oct 23, 2018
Commits on Oct 19, 2018
  1. sys: check that target consts are defined

    dvyukov committed Oct 19, 2018
    Currently when we get target consts with target.ConstMap["name"]
    during target initialization, we just get 0 for missing consts.
    This is error-prone as we can mis-type a const, or a const may
    be undefined only on some archs (as we have common unix code
    shared between several OSes).
    Check that all the consts are actually defined.
    The check detects several violations, to fix them:
    1. move mremap to linux as it's only defined on linux
    2. move S_IFMT to openbsd, as it's only defined and used on openbsd
    3. define missing MAP_ANONYMOUS for freebsd and netbsd
    4. fix extract for netbsd
Commits on Oct 18, 2018
  1. Added kernel config options for debian stretch

    balbassam authored and dvyukov committed Oct 18, 2018
Commits on Oct 17, 2018
  1. Pass -debug flag to runsc.

    nlacasse authored and dvyukov committed Oct 17, 2018
    As of commit 3f053259, gVisor sentry panics are no longer sent to the
    stderr for "runsc run" by default, as that stderr belongs exclusively to
    the application.
    
    As a result, syzbot never sees the gVisor panic stack trace, and is only
    reporting errors that occur when waiting for a dead sandbox.
    
    Passing the "-debug" flag to runsc will make the sentry panics visible
    to syzbot again.
  2. Update configuration.md

    mogrein authored and dvyukov committed Oct 17, 2018
    VM parameters are not defined in config.go, I've found them in qemu.go instead.
    Fix for the documentation to make it easier to find all supported parameters for qemu.
Commits on Oct 16, 2018
  1. all: fix code formatting

    dvyukov committed Oct 16, 2018
    Reformat, remove debug leftovers, fix comment style.
Commits on Oct 15, 2018
  1. tools/create-gce-image.sh: create ext4 image without journalling

    dvyukov committed Oct 15, 2018
    We don't need consistent image after reboot since we always reimage.
    We know of some use cases that don't use journalling, but don't know
    of any that use journalling.
  2. sys/linux: prohibit FAN_OPEN_PERM and FAN_ACCESS_PERM

    dvyukov committed Oct 15, 2018
    FAN_OPEN_PERM and FAN_ACCESS_PERM require the program to reply to open requests.
    If that does not happen, the program will hang in an unkillable state forever.
    See the following bug for details:
    https://groups.google.com/d/msg/syzkaller-bugs/pD-vbqJu6U0/kGH30p3lBgAJ
Commits on Oct 12, 2018
  1. Android: Add simple test harness for Sandbox

    zachriggle authored and dvyukov committed Oct 11, 2018
  2. Android: Fix sandbox implementation

    zachriggle authored and dvyukov committed Oct 11, 2018
    My test harness for this code performed some steps that are not
    performed when syz-executor is invoked directy.
    
    Specifcally, we need to operate from a directory under /data/data,
    and have the correct UID/GID set as the owner of the directory.
    
    My test harness now correctly sets these, all sandbox operations
    succeed, and loop() is invoked.
Older
You can’t perform that action at this time.