[google/syzkaller] 6099a1: prog: add an attribute for syscalls which should n...

0 views
Skip to first unread message

Hrutvik Kanabar

unread,
Sep 22, 2022, 10:42:19 AMSep 22
to syzk...@googlegroups.com
Branch: refs/heads/master
Home: https://github.com/google/syzkaller
Commit: 6099a1719c3532818617a2616a3380b080c56554
https://github.com/google/syzkaller/commit/6099a1719c3532818617a2616a3380b080c56554
Author: Hrutvik Kanabar <hru...@google.com>
Date: 2022-09-22 (Thu, 22 Sep 2022)

Changed paths:
M docs/syscall_descriptions_syntax.md
M prog/any_test.go
M prog/prio.go
M prog/rand.go
M prog/rand_test.go
M prog/types.go

Log Message:
-----------
prog: add an attribute for syscalls which should not be generated

Create a `no_generate` attribute to be used with syscalls that
`syzkaller` should not try to generate from scratch. In other words,
`syzkaller` will only use seeds of this call. This will be useful for
syscalls which are unlikely to be correctly generated.

In particular, prevent these syscalls from being included in the choice
table or from being considered as possible resource constructors.
Also add a test which will attempt to generate programs with a bias
towards `no_generate` syscalls, and flag up any that make it into result
programs. Currently there are no `no_generate` syscalls, but the next
commit will add some.


Commit: c9dfe30e8bd19c371375c14d80a1e54cf88193ce
https://github.com/google/syzkaller/commit/c9dfe30e8bd19c371375c14d80a1e54cf88193ce
Author: Hrutvik Kanabar <hru...@google.com>
Date: 2022-09-22 (Thu, 22 Sep 2022)

Changed paths:
M sys/linux/filesystem.txt
M sys/linux/fs_fuse.txt

Log Message:
-----------
sys/linux: make `syz_mount_image` a `no_generate` syscall

It is quite unlikely that a valid image will be generated from scratch
for a `syz_mount_image` call. This commit marks the syscall as an
invalid target for generation, ensuring no time is wasted on this.


Commit: 800605ed4763b8457f8238c9168ff71ce82d6b7c
https://github.com/google/syzkaller/commit/800605ed4763b8457f8238c9168ff71ce82d6b7c
Author: Hrutvik Kanabar <hru...@google.com>
Date: 2022-09-22 (Thu, 22 Sep 2022)

Changed paths:
M docs/syscall_descriptions_syntax.md
M prog/minimization.go
M prog/types.go

Log Message:
-----------
prog: add an attribute for syscalls which should not be minimized

Create a `no_minimize` attribute to be used with syscalls that
`syzkaller` should not try to modify when minimizing a program that
produces a bug. The intention is to use this with syscalls that are
expensive to minimize, such as `syz_mount_image`.

Currently there are no `no_minimize` syscalls, but the next commit will
add some.


Commit: 5088f152247b1ec7659f72a05309254ca1b2b1d7
https://github.com/google/syzkaller/commit/5088f152247b1ec7659f72a05309254ca1b2b1d7
Author: Hrutvik Kanabar <hru...@google.com>
Date: 2022-09-22 (Thu, 22 Sep 2022)

Changed paths:
M prog/minimization_test.go
M sys/linux/filesystem.txt
M sys/linux/fs_fuse.txt

Log Message:
-----------
sys/linux: make `syz_mount_image` a `no_minimize` syscall

Minimizing of large images is time-consuming and unlikely to reproduce
any errors. This commit therefore marks the `syz_mount_image`
pseudo-syscall as ineligible for minimization.

A test has also been added to `prog/minimization_test.go`.


Commit: 3fddc7194573e00eabde07dbb8ff17b025eb5c75
https://github.com/google/syzkaller/commit/3fddc7194573e00eabde07dbb8ff17b025eb5c75
Author: Hrutvik Kanabar <hru...@google.com>
Date: 2022-09-22 (Thu, 22 Sep 2022)

Changed paths:
M pkg/mgrconfig/config.go
M pkg/mgrconfig/load.go
M pkg/rpctype/rpctype.go
M prog/checksum_test.go
M prog/mutation.go
M prog/mutation_test.go
M prog/prog_test.go
M prog/rand_test.go
M prog/size_test.go
M prog/test/fuzz.go
M syz-fuzzer/fuzzer.go
M syz-fuzzer/proc.go
M syz-manager/rpc.go
M tools/syz-mutate/mutate.go
M tools/syz-stress/stress.go

Log Message:
-----------
pkg/mgrconfig, prog, syz-fuzzer: manager-configurable syscall mutation

Allow manager configuration to specify that certain syscalls should not
be mutated. This is expected to be useful when mutating certain syscalls
is unlikely to produce interesting executions. For example, mutating a
`syz_mount_image` call will likely produce a corrupt image.

Some implementation details:
- Add a `no_mutate_syscalls` manager config entry, with the same format
as `enable_syscalls`. Ensure this is parsed and stored in the config
as a set of syscall IDs.
- Send this set to fuzzers when they connect to their managers via RPC.
Ensure each fuzzer stores a copy of the set.
- When mutating arguments of a syscall, check first whether it has been
specified as non-mutatable.
- For all mutations not managed by a `syz-manager`, retain previous
behaviour by ensuring that no syscalls are considered non-mutable.


Commit: 0042f2b4c00ce1ceeaa44a0147909fe3a6f86c5c
https://github.com/google/syzkaller/commit/0042f2b4c00ce1ceeaa44a0147909fe3a6f86c5c
Author: Hrutvik Kanabar <hru...@google.com>
Date: 2022-09-22 (Thu, 22 Sep 2022)

Changed paths:
M CONTRIBUTORS

Log Message:
-----------
CONTRIBUTORS: add myself

First commit: google/syzkaller@363c3551126ea6554d0020736dbf0d407843d22f


Compare: https://github.com/google/syzkaller/compare/60af50509316...0042f2b4c00c
Reply all
Reply to author
Forward
0 new messages