* [PATCH blktests] src/sg/syzkaller1.c: fix portability problem for syscall(__NR_mmap, ...)
@ 2019-01-07 21:13 Theodore Ts'o
2019-01-09 2:46 ` Bart Van Assche
0 siblings, 1 reply; 2+ messages in thread
From: Theodore Ts'o @ 2019-01-07 21:13 UTC (permalink / raw)
To: linux-block; +Cc: Theodore Ts'o
How mmap is mapped to a raw system call varies across different
archiecture. On some architectures (such as 32-bit ARM), __NR_mmap
may not exist at all; glibc will use __NR_mmap2 to implement mmap(2).
Syzkaller is using mmap() as a non-portable version of malloc(3), so
it should be safe to use the glibc's mmap wrapper instead of trying to
directly call the system call.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
src/sg/syzkaller1.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/sg/syzkaller1.c b/src/sg/syzkaller1.c
index 743859a..e254d4a 100644
--- a/src/sg/syzkaller1.c
+++ b/src/sg/syzkaller1.c
@@ -401,8 +401,10 @@ long r[15];
void test()
{
memset(r, -1, sizeof(r));
- r[0] = execute_syscall(__NR_mmap, 0x20000000ul, 0x5000ul, 0x3ul,
- 0x32ul, (uintptr_t)(-1ul), 0x0ul, 0, 0, 0);
+//r[0] = execute_syscall(__NR_mmap, 0x20000000ul, 0x5000ul, 0x3ul,
+// 0x32ul, (uintptr_t)(-1ul), 0x0ul, 0, 0, 0);
+ r[0] = (long) mmap((void *) 0x20000000, (size_t) 0x5000,
+ PROT_READ | PROT_WRITE, MAP_FIXED | MAP_ANONYMOUS, -1, 0);
NONFAILING(memcpy((void*)0x20000000,
dev_sg, strlen(dev_sg)));
r[2] = execute_syscall(__NR_syz_open_dev, 0x20000000ul, 0x0ul, 0x2ul,
--
2.19.1
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH blktests] src/sg/syzkaller1.c: fix portability problem for syscall(__NR_mmap, ...)
2019-01-07 21:13 [PATCH blktests] src/sg/syzkaller1.c: fix portability problem for syscall(__NR_mmap, ...) Theodore Ts'o
@ 2019-01-09 2:46 ` Bart Van Assche
0 siblings, 0 replies; 2+ messages in thread
From: Bart Van Assche @ 2019-01-09 2:46 UTC (permalink / raw)
To: Theodore Ts'o, linux-block
On 1/7/19 1:13 PM, Theodore Ts'o wrote:
> How mmap is mapped to a raw system call varies across different
> archiecture. On some architectures (such as 32-bit ARM), __NR_mmap
^^^^^^^^^^^
architectures?
> may not exist at all; glibc will use __NR_mmap2 to implement mmap(2).
> Syzkaller is using mmap() as a non-portable version of malloc(3), so
> it should be safe to use the glibc's mmap wrapper instead of trying to
> directly call the system call.
>
> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
> ---
> src/sg/syzkaller1.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/src/sg/syzkaller1.c b/src/sg/syzkaller1.c
> index 743859a..e254d4a 100644
> --- a/src/sg/syzkaller1.c
> +++ b/src/sg/syzkaller1.c
> @@ -401,8 +401,10 @@ long r[15];
> void test()
> {
> memset(r, -1, sizeof(r));
> - r[0] = execute_syscall(__NR_mmap, 0x20000000ul, 0x5000ul, 0x3ul,
> - 0x32ul, (uintptr_t)(-1ul), 0x0ul, 0, 0, 0);
> +//r[0] = execute_syscall(__NR_mmap, 0x20000000ul, 0x5000ul, 0x3ul,
> +// 0x32ul, (uintptr_t)(-1ul), 0x0ul, 0, 0, 0);
> + r[0] = (long) mmap((void *) 0x20000000, (size_t) 0x5000,
> + PROT_READ | PROT_WRITE, MAP_FIXED | MAP_ANONYMOUS, -1, 0);
> NONFAILING(memcpy((void*)0x20000000,
> dev_sg, strlen(dev_sg)));
> r[2] = execute_syscall(__NR_syz_open_dev, 0x20000000ul, 0x0ul, 0x2ul,
Anyway:
Reviewed-by: Bart Van Assche <bvanassche@acm.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-01-09 2:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-07 21:13 [PATCH blktests] src/sg/syzkaller1.c: fix portability problem for syscall(__NR_mmap, ...) Theodore Ts'o
2019-01-09 2:46 ` Bart Van Assche
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).