sys/linux: fix errors in dev_loop.txt

* sys/linux: fix errors in dev_loop.txt * docs: add research paper (ICSE 22) * sys/linux: fix errors in dev_loop.txt * sys/linux: fix errors in dev_loop.txt
google · May 5, 2022 · b3f0941 · b3f0941
1 parent dc9e525
commit b3f0941
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 1 deletion.
diff --git a/docs/research.md b/docs/research.md
@@ -1,6 +1,7 @@
 # Research work based on syzkaller
 
 _newer first_
+* [Demystifying the Dependency Challenge in Kernel Fuzzing](https://conf.researchr.org/details/icse-2022/icse-2022-papers/89/Demystifying-the-Dependency-Challenge-in-Kernel-Fuzzing)
 * [SyzVegas: Beating Kernel Fuzzing Odds with Reinforcement Learning](https://www.usenix.org/conference/usenixsecurity21/presentation/wang-daimeng)
 * [SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel](https://www.usenix.org/conference/usenixsecurity22/presentation/zou)
 * [Rtkaller: State-aware Task Generation for RTOS Fuzzing](http://www.wingtecher.com/themes/WingTecherResearch/assets/papers/emsoft21.pdf)

diff --git a/sys/linux/dev_loop.txt b/sys/linux/dev_loop.txt
@@ -8,6 +8,7 @@ resource fd_loop[fd_block]
 syz_open_dev$loop(dev ptr[in, string["/dev/loop#"]], id intptr, flags flags[open_flags]) fd_loop
 
 ioctl$LOOP_SET_FD(fd fd_loop, cmd const[LOOP_SET_FD], arg fd)
+ioctl$LOOP_CONFIGURE(fd fd_loop, cmd const[LOOP_CONFIGURE], arg ptr[in, loop_config])
 ioctl$LOOP_CHANGE_FD(fd fd_loop, cmd const[LOOP_CHANGE_FD], arg fd)
 ioctl$LOOP_CLR_FD(fd fd_loop, cmd const[LOOP_CLR_FD])
 ioctl$LOOP_SET_STATUS(fd fd_loop, cmd const[LOOP_SET_STATUS], arg ptr[in, loop_info])
@@ -22,12 +23,19 @@ resource fd_loop_ctrl[fd]
 resource fd_loop_num[intptr]: 0, 1, 2, 10, 11, 12
 openat$loop_ctrl(fd const[AT_FDCWD], file ptr[in, string["/dev/loop-control"]], flags flags[open_flags], mode const[0]) fd_loop_ctrl
 ioctl$LOOP_CTL_GET_FREE(fd fd_loop_ctrl, cmd const[LOOP_CTL_GET_FREE]) fd_loop_num
-ioctl$LOOP_CTL_ADD(fd fd_loop_ctrl, cmd const[LOOP_CTL_ADD], num fd_loop_num)
+ioctl$LOOP_CTL_ADD(fd fd_loop_ctrl, cmd const[LOOP_CTL_ADD], num fd_loop_num) fd_loop_num
 ioctl$LOOP_CTL_REMOVE(fd fd_loop_ctrl, cmd const[LOOP_CTL_REMOVE], num fd_loop_num)
 
 lo_encrypt_type = LO_CRYPT_NONE, LO_CRYPT_XOR, LO_CRYPT_DES, LO_CRYPT_FISH2, LO_CRYPT_BLOW, LO_CRYPT_CAST128, LO_CRYPT_IDEA, LO_CRYPT_DUMMY, LO_CRYPT_SKIPJACK, LO_CRYPT_CRYPTOAPI
 lo_flags = LO_FLAGS_READ_ONLY, LO_FLAGS_AUTOCLEAR, LO_FLAGS_PARTSCAN, LO_FLAGS_DIRECT_IO
 
+loop_config {
+	fd		fd_loop
+	block_size	int32
+	info		loop_info64
+	reserved	array[const[0, int64], 8]
+}
+
 loop_info {
 	lo_number	const[0, int32]
 # NEED: on amd64 lo_device/lo_rdevice (__kernel_old_dev_t) is long, on 386 it's short...

diff --git a/sys/linux/dev_loop.txt.const b/sys/linux/dev_loop.txt.const
@@ -3,6 +3,7 @@ arches = 386, amd64, arm, arm64, mips64le, ppc64le, riscv64, s390x
 AT_FDCWD = 18446744073709551516
 LOOP_CHANGE_FD = 19462
 LOOP_CLR_FD = 19457
+LOOP_CONFIGURE = 19466
 LOOP_CTL_ADD = 19584
 LOOP_CTL_GET_FREE = 19586
 LOOP_CTL_REMOVE = 19585