# Copyright 2017 syzkaller project authors. All rights reserved. # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. include <ros/syscall.h> include <ros/mman.h> include <ros/fs.h> include <ros/procinfo.h> include <ros/resource.h> include <ros/event.h> include <ros/vmm.h> include <ros/trapframe.h> include <ros/fdtap.h> include <ros/bits/posix_signum.h> include <termios.h> resource fd[int32]: 0xffffffffffffffff, AT_FDCWD resource pid[int32]: 0, 0xffffffffffffffff openat(fromfd fd[opt], path ptr[in, filename], path_l len[path], oflag flags[open_flags], mode flags[open_mode]) fd read(fd fd, buf buffer[out], count len[buf]) write(fd fd, buf buffer[in], count len[buf]) close(fd fd) abort_sysc_fd(fd fd) stat(path ptr[in, filename], path_l len[path], statbuf ptr[out, array[int8, KSTAT_SIZE]]) fstat(fd fd, statbuf ptr[out, array[int8, KSTAT_SIZE]]) lstat(path ptr[in, filename], path_l len[path], statbuf ptr[out, array[int8, KSTAT_SIZE]]) llseek(fd fd, offset_hi intptr, offset_lo intptr, result ptr[out, int64], whence flags[seek_whence]) link(old ptr[in, filename], old_l len[old], new ptr[in, filename], new_l len[new]) unlink(path ptr[in, filename], path_l len[path]) symlink(old ptr[in, filename], old_l len[old], new ptr[in, filename], new_l len[new]) readlink(path ptr[in, filename], path_l len[path], buf buffer[out], siz len[buf]) chdir(pid pid[opt], path ptr[in, filename], path_l len[path]) fchdir(pid pid[opt], fd fd) getcwd(buf buffer[out], size len[buf]) rename(old_path ptr[in, filename], old_path_l len[old_path], new_path ptr[in, filename], new_path_l len[new_path]) mkdir(path ptr[in, filename], path_l len[path], mode flags[open_mode]) rmdir(path ptr[in, filename], path_l len[path]) fcntl$F_DUPFD(fd fd, cmd const[F_DUPFD], arg fd, must_use_low boolptr) fd fcntl$F_GETFD(fd fd, cmd const[F_GETFD]) fcntl$F_GETFL(fd fd, cmd const[F_GETFL]) fcntl$F_SETFD(fd fd, cmd const[F_SETFD], flags flags[fcntl_flags]) fcntl$F_SETFL(fd fd, cmd const[F_SETFL], flags flags[fcntl_status]) fcntl$F_SYNC(fd fd, cmd const[F_SYNC]) mmap(addr vma, len len[addr], prot flags[mmap_prot], flags flags[mmap_flags], fd fd[opt], offset intptr) munmap(addr vma, len len[addr]) mprotect(addr vma, len len[addr], prot flags[mmap_prot]) fork() waitpid(pid pid, status ptr[out, int32], options flags[wait_options]) nanosleep(req ptr[in, timespec], rem ptr[out, timespec, opt]) open_flags = O_RDONLY, O_WRONLY, O_RDWR, O_APPEND, O_CLOEXEC, O_CREAT, O_DIRECTORY, O_EXCL, O_NOCTTY, O_NOFOLLOW, O_NONBLOCK, O_SYNC, O_TRUNC, O_REMCLO, O_PATH open_mode = S_IRUSR, S_IWUSR, S_IXUSR, S_IRGRP, S_IWGRP, S_IXGRP, S_IROTH, S_IWOTH, S_IXOTH mmap_prot = PROT_EXEC, PROT_READ, PROT_WRITE, PROT_GROWSDOWN, PROT_GROWSUP mmap_flags = MAP_SHARED, MAP_PRIVATE, MAP_ANONYMOUS, MAP_DENYWRITE, MAP_EXECUTABLE, MAP_FIXED, MAP_GROWSDOWN, MAP_LOCKED, MAP_NONBLOCK, MAP_NORESERVE, MAP_POPULATE, MAP_STACK wait_options = WNOHANG, WUNTRACED fcntl_flags = FD_CLOEXEC fcntl_status = O_APPEND, O_NONBLOCK, O_CLOEXEC, O_REMCLO, O_PATH seek_whence = SEEK_SET, SEEK_CUR, SEEK_END timespec { sec intptr nsec intptr } block(usec intptr) cache_invalidate() getpcoreid() getvcoreid() proc_create(path ptr[in, filename], path_l len[path], argenv ptr[in, string], argenv_l len[argenv], flags boolptr) pid proc_run(pid pid[opt]) proc_destroy(pid pid[opt], exitcode int32) proc_yield(being_nice bool32) change_vcore(vcoreid int32, enable_my_notif bool32) exec(path ptr[in, filename], path_l len[path], argenv ptr[in, string], argenv_l len[argenv]) provision(target_pid pid[opt], res_type const[RES_CORES], res_val intptr) notify(target_pid pid[opt], ev_type flags[event_type], u_msg ptr[in, event_msg]) self_notify(vcoreid int32, ev_type flags[event_type], u_msg ptr[in, event_msg], priv bool32) halt_core(usec intptr) change_to_m() poke_ksched(target_pid pid[opt], res_type const[0]) abort_sysc(syscall intptr) populate_va(va vma, nr_pgs intptr) vmm_add_gpcs(nr_more_gpcs intptr, gpcis ptr[in, vmm_gpcore_init]) vc_entry() pop_ctx(ctx ptr[in, user_context]) vmm_poke_guest(guest_pcoreid int32) send_event(ev_q ptr[in, event_queue], u_msg ptr[in, event_msg], vcoreid int32) access(path ptr[in, filename], path_l len[path], mode flags[open_mode]) umask(mask int32) wstat(path ptr[in, filename], path_l len[path], stat_m ptr[out, array[int8]], stat_sz bytesize[stat_m], flags const[0]) fwstat(fd fd, stat_m ptr[out, array[int8]], stat_sz bytesize[stat_m], flags const[0]) dup_fds_to(pid pid[opt], map ptr[in, array[childfdmap]], nentries len[map]) tap_fds(tap_reqs ptr[in, array[fd_tap_req]], nr_reqs len[tap_reqs]) tcgetattr(fd fd, termios_p ptr[out, array[int8, TERMIOS_SIZE]]) nbind(src_path ptr[in, filename], src_l len[src_path], onto_path ptr[in, filename], onto_l len[onto_path], flag flags[bind_flags]) nmount(fd fd, onto_path ptr[in, filename], onto_l len[onto_path], lag flags[bind_flags]) nunmount(src_path ptr[in, filename], src_l len[src_path], onto_path ptr[in, filename], onto_l len[onto_path]) fd2path(fd fd, u_buf ptr[out, array[int8]], len len[u_buf]) # Depends on deprecated CONFIG_ARSC_SERVER. #init_arsc() vmm_ctl$VMM_CTL_GET_EXITS(cmd const[VMM_CTL_GET_EXITS]) vmm_ctl$VMM_CTL_SET_EXITS(cmd const[VMM_CTL_SET_EXITS], arg flags[vmm_exits]) vmm_ctl$VMM_CTL_GET_FLAGS(cmd const[VMM_CTL_GET_FLAGS]) vmm_ctl$VMM_CTL_SET_FLAGS(cmd const[VMM_CTL_SET_FLAGS], arg flags[vmm_flags]) vmm_exits = VMM_CTL_FL_KERN_PRINTC vmm_flags = VMM_CTL_EXIT_HALT, VMM_CTL_EXIT_PAUSE, VMM_CTL_EXIT_MWAIT bind_flags = MREPL, MBEFORE, MAFTER, MCREATE, MCACHE event_msg { ev_type flags[event_type, int16] ev_arg1 int16 ev_arg2 int32 ev_arg3 ptr[in, array[int8]] ev_arg4 int64 } event_queue { ev_mbox ptr[in, event_mbox] ev_flags int32 ev_alert_pending bool8 ev_vcore int32 # TODO: this is a function pointer, is it called by kernel? ev_handler intptr ev_udata intptr } # TODO: do we need more precise description? type event_mbox array[int8, EVENT_MBOX_SIZE] vmm_gpcore_init { posted_irq_desc ptr[in, array[int8]] vapic_addr ptr[in, array[int8]] apic_addr ptr[in, array[int8]] fsbase ptr[in, array[int8]] gsbase ptr[in, array[int8]] } childfdmap { parentfd fd childfd const[0, int32] ok const[0, int32] } fd_tap_req { fd fd cmd flags[fdtap_commands, int32] filter flags[fdtap_filters, int32] ev_id int32 ev_q ptr[in, event_queue] data const[0, intptr] } fdtap_commands = FDTAP_CMD_ADD, FDTAP_CMD_REM, FDTAP_CMD_MOD fdtap_filters = FDTAP_FILT_READABLE, FDTAP_FILT_WRITABLE, FDTAP_FILT_WRITTEN, FDTAP_FILT_DELETED, FDTAP_FILT_ERROR, FDTAP_FILT_RENAME, FDTAP_FILT_TRUNCATE, FDTAP_FILT_ATTRIB, FDTAP_FILT_PRIORITY, FDTAP_FILT_HANGUP, FDTAP_FILT_RDHUP # TODO: do we need more precise description? type user_context array[int8, USER_CONTEXT_SIZE] define USER_CONTEXT_SIZE sizeof(struct user_context) define TERMIOS_SIZE sizeof(struct termios) define EVENT_MBOX_SIZE sizeof(struct event_mbox) define KSTAT_SIZE sizeof(struct kstat) event_type = EV_NONE, EV_PREEMPT_PENDING, EV_GANG_PREMPT_PENDING, EV_VCORE_PREEMPT, EV_GANG_RETURN, EV_USER_IPI, EV_PAGE_FAULT, EV_ALARM, EV_EVENT, EV_FREE_APPLE_PIE, EV_SYSCALL, EV_CHECK_MSGS, EV_POSIX_SIGNAL, NR_EVENT_TYPES, MAX_NR_EVENT # Akaros does not bother to define these in headers. define SEEK_SET 0 define SEEK_CUR 1 define SEEK_END 2 # Can't include <ns.h> because it conflicts with other header files (how it is supposed to be used?). define MREPL 0x0000 define MBEFORE 0x0001 define MAFTER 0x0002 define MCREATE 0x0004 define MCACHE 0x0010