[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch introduces a new parameter to mask unimportant kernel taint 
flags.
Signed-off-by: Ildar Muslukhov <ildarm@xxxxxxxxxx>

---
 README            |  4 +++-
 include/params.h  |  3 +++
 include/trinity.h |  1 -
 main.c            | 10 +++++-----
 params.c          | 12 +++++++++++-
 trinity.c         | 10 +++++++---
 watchdog.c        | 10 +++++-----
 7 files changed, 34 insertions(+), 16 deletions(-)

diff --git a/README b/README
index 05a1ec3..34b3e1d 100644
--- a/README
+++ b/README
@@ -72,12 +72,14 @@ tmp directory. (Handy for cleaning up any garbage named files; just rm -rf tmp a
   Note: There are currently a few bugs that mean no two runs are necessary 100%
   identical with the same seed. See the TODO for details.
 
+ --kernel_taint/-t: controls which kernel taint flags should be considered (provide value as an int in dec format, will be used as a mask) 
+
  --list/-L: list known syscalls and their offsets
 
  --monochrome/-m: Don't output ANSI control codes
 
  --proto/-P: For network sockets, only use a specific packet family.
-
+		
  --victims/-V: Victim file/dirs.  By default, on startup trinity tree-walks /dev, /sys and /proc.
      Using this option you can specify a different path.
      (Currently limited to just one path)
diff --git a/include/params.h b/include/params.h
index 53776bd..ceec651 100644
--- a/include/params.h
+++ b/include/params.h
@@ -32,4 +32,7 @@ extern bool no_files;
 extern bool random_selection;
 extern unsigned int random_selection_num;
 
+extern int kernel_taint_initial;
+extern int kernel_taint_mask;
+
 #endif	/* _PARAMS_H */
diff --git a/include/trinity.h b/include/trinity.h
index 9367539..6118de7 100644
--- a/include/trinity.h
+++ b/include/trinity.h
@@ -18,7 +18,6 @@ void do_main_loop(void);
 
 extern bool biarch;
 
-extern bool ignore_tainted;
 int check_tainted(void);
 
 void init_watchdog(void);
diff --git a/main.c b/main.c
index fefc4bf..99ae03c 100644
--- a/main.c
+++ b/main.c
@@ -48,18 +48,18 @@ static void regenerate(void)
 	shm->regenerating = FALSE;
 }
 
-bool ignore_tainted;
-
 int check_tainted(void)
 {
 	int fd;
-	int ret;
-	char buffer[4];
+	unsigned int ret;
+	char buffer[11];
+
+	buffer[10] = 0; //make sure that we can fit the whole int.
 
 	fd = open("/proc/sys/kernel/tainted", O_RDONLY);
 	if (fd < 0)
 		return -1;
-	ret = read(fd, buffer, 3);
+	ret = read(fd, buffer, 10);
 	close(fd);
 
 	if (ret > 0)
diff --git a/params.c b/params.c
index e234cf8..63901dd 100644
--- a/params.c
+++ b/params.c
@@ -46,12 +46,16 @@ char *specific_proto_optarg;
 
 char *victim_path;
 
+int kernel_taint_initial = 0;
+int kernel_taint_mask = 0xFFFFFFFF;
+
 static void usage(void)
 {
 	fprintf(stderr, "%s\n", progname);
 	fprintf(stderr, " --children,-C: specify number of child processes\n");
 	fprintf(stderr, " --exclude,-x: don't call a specific syscall\n");
 	fprintf(stderr, " --group,-g: only run syscalls from a certain group (So far just 'vm').\n");
+	fprintf(stderr, " --kernel_taint, -t: controls which kernel taint flags should be considered (provide as int, will be used in &)\n");
 	fprintf(stderr, " --list,-L: list all syscalls known on this architecture.\n");
 	fprintf(stderr, " --ioctls,-I: list all ioctls.\n");
 	fprintf(stderr, " --logging,-l: (off=disable logging).\n");
@@ -78,6 +82,7 @@ static const struct option longopts[] = {
 	{ "debug", no_argument, NULL, 'D' },
 	{ "exclude", required_argument, NULL, 'x' },
 	{ "group", required_argument, NULL, 'g' },
+	{ "kernel_taint", required_argument, NULL, 't' },
 	{ "help", no_argument, NULL, 'h' },
 	{ "list", no_argument, NULL, 'L' },
 	{ "ioctls", no_argument, NULL, 'I' },
@@ -98,7 +103,7 @@ void parse_args(int argc, char *argv[])
 {
 	int opt;
 
-	while ((opt = getopt_long(argc, argv, "a:c:C:dDg:hIl:LN:mnP:pqr:s:SV:vx:", longopts, NULL)) != -1) {
+	while ((opt = getopt_long(argc, argv, "a:c:C:dDg:hIl:LN:mnP:pqr:s:t:SV:vx:", longopts, NULL)) != -1) {
 		switch (opt) {
 		default:
 			if (opt == '?')
@@ -148,6 +153,11 @@ void parse_args(int argc, char *argv[])
 				desired_group = GROUP_VFS;
 			break;
 
+		case 't':
+			//Load mask for kernel taint flags.
+			kernel_taint_mask = atoi(optarg);
+			break;
+
 		/* Show help */
 		case 'h':
 			usage();
diff --git a/trinity.c b/trinity.c
index f09b36a..84d86ca 100644
--- a/trinity.c
+++ b/trinity.c
@@ -196,6 +196,10 @@ int main(int argc, char* argv[])
 	parse_args(argc, argv);
 	printf("Done parsing arguments.\n");
 
+	if (kernel_taint_mask != (int)0xFFFFFFFF) {
+		printf("Custom kernel taint mask has been specified: 0x%08x\n", kernel_taint_mask);
+	}
+
 	setup_shm_postargs();
 
 	if (logging == TRUE)
@@ -246,9 +250,9 @@ int main(int argc, char* argv[])
 
 	setup_main_signals();
 
-	if (check_tainted() != 0) {
-		output(0, "Kernel was tainted on startup. Will keep running if trinity causes an oops.\n");
-		ignore_tainted = TRUE;
+	kernel_taint_initial = check_tainted();
+	if (kernel_taint_initial != 0) {
+		output(0, "Kernel was tainted on startup. Will ignore flags that are already set.\n");
 	}
 
 	change_tmp_dir();
diff --git a/watchdog.c b/watchdog.c
index 5c813db..c90d5a5 100644
--- a/watchdog.c
+++ b/watchdog.c
@@ -11,7 +11,7 @@
 #include <sys/wait.h>
 #include <sys/ptrace.h>
 
-#include "trinity.h"	// ignore_tainted
+#include "trinity.h" //check_taint and biarch
 #include "shm.h"
 #include "files.h"
 #include "syscall.h"
@@ -302,11 +302,11 @@ static void watchdog(void)
 			}
 		}
 
-		/* Only check taint if it was zero on startup */
-		if (ignore_tainted == FALSE) {
+		/* Only check taint if it mask allows it */
+		if (kernel_taint_mask != 0) {
 			ret = check_tainted();
-			if (ret != 0) {
-				output(0, "[watchdog] kernel became tainted! (%d) Last seed was %u\n", ret, shm->seed);
+			if (((ret & kernel_taint_mask) & (~kernel_taint_initial)) != 0) {
+				output(0, "[watchdog] kernel became tainted! (%d/%d) Last seed was %u\n", ret, kernel_taint_initial, shm->seed);
 				shm->exit_reason = EXIT_KERNEL_TAINTED;
 			}
 		}
-- 
1.8.4
--
To unsubscribe from this list: send the line "unsubscribe trinity" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux SCSI]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux