| # Copyright 2015 syzkaller project authors. All rights reserved. |
| # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. |
| |
| # Description of syscall arguments. See README.md for details. |
| |
| include <linux/socket.h> |
| include <linux/ptrace.h> |
| include <linux/resource.h> |
| include <linux/stat.h> |
| include <linux/mman.h> |
| include <linux/time.h> |
| include <linux/mount.h> |
| include <linux/fs.h> |
| include <linux/eventpoll.h> |
| include <linux/signalfd.h> |
| include <linux/eventfd.h> |
| include <linux/timerfd.h> |
| include <linux/personality.h> |
| include <linux/wait.h> |
| include <linux/user.h> |
| include <linux/un.h> |
| include <linux/ioctl.h> |
| include <linux/fadvise.h> |
| include <linux/falloc.h> |
| include <linux/futex.h> |
| include <linux/kexec.h> |
| include <linux/seccomp.h> |
| include <linux/elf.h> |
| include <linux/fiemap.h> |
| include <linux/kd.h> |
| include <linux/vt.h> |
| include <linux/if_alg.h> |
| include <linux/nfc.h> |
| include <linux/sockios.h> |
| include <linux/net_tstamp.h> |
| include <linux/termios.h> |
| include <linux/fcntl.h> |
| include <linux/sched.h> |
| include <linux/mqueue.h> |
| include <linux/mempolicy.h> |
| include <linux/in.h> |
| include <linux/ip.h> |
| include <linux/tcp.h> |
| include <linux/udp.h> |
| include <linux/kcmp.h> |
| include <linux/syslog.h> |
| include <uapi/linux/memfd.h> |
| include <uapi/linux/module.h> |
| include <linux/ioprio.h> |
| include <linux/membarrier.h> |
| include <uapi/linux/kcov.h> |
| include <uapi/linux/membarrier.h> |
| include <uapi/linux/capability.h> |
| include <uapi/linux/suspend_ioctls.h> |
| |
| resource fd[int32]: -1 |
| resource fd_dir[fd]: AT_FDCWD |
| |
| type signalno int32[0:65] |
| |
| syz_execute_func(text ptr[in, text[target]]) |
| |
| open(file ptr[in, filename], flags flags[open_flags], mode flags[open_mode]) fd |
| # Just so that we have something that creates fd_dir resources. |
| open$dir(file ptr[in, filename], flags flags[open_flags], mode flags[open_mode]) fd_dir |
| openat$dir(fd const[AT_FDCWD], file ptr[in, filename], flags flags[open_flags], mode flags[open_mode]) fd_dir |
| openat(fd fd_dir[opt], file ptr[in, filename], flags flags[open_flags], mode flags[open_mode]) fd |
| creat(file ptr[in, filename], mode flags[open_mode]) fd |
| close(fd fd) |
| read(fd fd, buf buffer[out], count len[buf]) |
| pread64(fd fd, buf buffer[out], count len[buf], pos fileoff) |
| readv(fd fd, vec ptr[in, array[iovec_out]], vlen len[vec]) |
| preadv(fd fd, vec ptr[in, array[iovec_out]], vlen len[vec], off fileoff) |
| write(fd fd, buf buffer[in], count len[buf]) |
| pwrite64(fd fd, buf buffer[in], count len[buf], pos fileoff) |
| writev(fd fd, vec ptr[in, array[iovec_in]], vlen len[vec]) |
| pwritev(fd fd, vec ptr[in, array[iovec_in]], vlen len[vec], off fileoff) |
| lseek(fd fd, offset fileoff, whence flags[seek_whence]) |
| |
| dup(oldfd fd) fd |
| dup2(oldfd fd, newfd fd) fd |
| dup3(oldfd fd, newfd fd, flags flags[dup_flags]) fd |
| |
| pipe(pipefd ptr[out, pipefd]) |
| pipe2(pipefd ptr[out, pipefd], flags flags[pipe_flags]) |
| |
| tee(fdin fd, fdout fd, len intptr, f flags[splice_flags]) |
| splice(fdin fd, offin ptr[in, fileoff[int64]], fdout fd, offout ptr[in, fileoff[int64]], len intptr, f flags[splice_flags]) |
| vmsplice(fd fd, vec ptr[in, array[iovec_in]], vlen len[vec], f flags[splice_flags]) |
| sendfile(fdout fd, fdin fd, off ptr[inout, fileoff[intptr], opt], count intptr) |
| sendfile64(fdout fd, fdin fd, off ptr[inout, fileoff[int64], opt], count intptr) |
| |
| stat(file ptr[in, filename], statbuf ptr[out, stat]) |
| statx(fd fd_dir, file ptr[in, filename], flags flags[statx_flags], mask flags[statx_mask], statxbuf ptr[out, statx]) |
| lstat(file ptr[in, filename], statbuf ptr[out, stat]) |
| fstat(fd fd, statbuf ptr[out, stat]) |
| |
| poll(fds ptr[in, array[pollfd]], nfds len[fds], timeout int32) |
| ppoll(fds ptr[in, array[pollfd]], nfds len[fds], tsp ptr[in, timespec], sigmask ptr[in, sigset], size len[sigmask]) |
| select(n len[inp], inp ptr[inout, fd_set], outp ptr[inout, fd_set], exp ptr[inout, fd_set], tvp ptr[inout, timeval]) |
| pselect6(n len[inp], inp ptr[inout, fd_set], outp ptr[inout, fd_set], exp ptr[inout, fd_set], tvp ptr[inout, timespec], sig ptr[in, sigset_size]) |
| |
| resource fd_epoll[fd] |
| epoll_create(size int32) fd_epoll |
| epoll_create1(flags flags[epoll_flags]) fd_epoll |
| epoll_ctl$EPOLL_CTL_ADD(epfd fd_epoll, op const[EPOLL_CTL_ADD], fd fd, ev ptr[in, epoll_event]) |
| epoll_ctl$EPOLL_CTL_MOD(epfd fd_epoll, op const[EPOLL_CTL_MOD], fd fd, ev ptr[in, epoll_event]) |
| epoll_ctl$EPOLL_CTL_DEL(epfd fd_epoll, op const[EPOLL_CTL_DEL], fd fd) |
| epoll_wait(epfd fd_epoll, events ptr[out, array[epoll_event]], maxevents len[events], timeout int32) |
| epoll_pwait(epfd fd_epoll, events ptr[out, array[epoll_event]], maxevents len[events], timeout int32, sigmask ptr[in, sigset], size len[sigmask]) |
| |
| resource fd_signal[fd] |
| resource fd_timer[fd] |
| signalfd(fd fd, mask ptr[in, sigset], size len[mask]) fd_signal |
| signalfd4(fd fd, mask ptr[in, sigset], size len[mask], flags flags[signalfd_flags]) fd_signal |
| timerfd_create(clockid flags[clock_type], flags flags[timerfd_create_flags]) fd_timer |
| timerfd_settime(fd fd_timer, flags flags[timerfd_settime_flags], new ptr[in, itimerspec], old ptr[out, itimerspec]) |
| timerfd_gettime(fd fd_timer, cur ptr[out, itimerspec]) |
| |
| resource fd_event[fd] |
| eventfd(initval int32) fd_event |
| eventfd2(initval int32, flags flags[eventfd_flags]) fd_event |
| read$eventfd(fd fd_event, val ptr[out, int64], len len[val]) |
| write$eventfd(fd fd_event, val ptr[in, int64], len len[val]) |
| |
| # NEED: offset must be page-aligned. Or does the syscall even accept offset in pages? |
| mmap(addr vma, len len[addr], prot flags[mmap_prot], flags flags[mmap_flags], fd fd, offset fileoff) |
| munmap(addr vma, len len[addr]) |
| mremap(addr vma, len len[addr], newlen len[newaddr], flags flags[mremap_flags], newaddr vma) |
| remap_file_pages(addr vma, size len[addr], prot flags[mmap_prot], pgoff intptr, flags flags[mmap_flags]) |
| mprotect(addr vma, len len[addr], prot flags[mmap_prot]) |
| msync(addr vma, len len[addr], f flags[msync_flags]) |
| madvise(addr vma, len len[addr], advice flags[madvise_flags]) |
| fadvise64(fd fd, offset fileoff, len intptr, advice flags[fadvise_flags]) |
| readahead(fd fd, off intptr, count intptr) |
| mbind(addr vma, len len[addr], mode flags[mbind_mode], nodemask ptr[in, int64], maxnode intptr, flags flags[mbind_flags]) |
| move_pages(pid pid, nr len[pages], pages ptr[in, array[vma]], nodes ptr[in, array[int32], opt], status ptr[out, array[int32]], flags flags[move_pages_flags]) |
| migrate_pages(pid pid, maxnode intptr, old ptr[in, int64], new ptr[in, int64]) |
| set_mempolicy(mode flags[mbind_mode], nodemask ptr[in, int64], maxnode intptr) |
| get_mempolicy(mode ptr[out, int32], nodemask ptr[out, int64], maxnode intptr, addr vma, flags flags[mempolicy_flags]) |
| mincore(addr vma, size len[addr], vec buffer[out]) |
| mlock(addr vma, size len[addr]) |
| mlock2(addr vma, size len[addr], flags flags[mlock_flags]) |
| munlock(addr vma, size len[addr]) |
| mlockall(flags flags[mlockall_flags]) |
| munlockall() |
| kcmp(pid1 pid, pid2 pid, type flags[kcmp_flags], fd1 fd, fd2 fd) |
| kcmp$KCMP_EPOLL_TFD(pid1 pid, pid2 pid, type const[KCMP_EPOLL_TFD], fd1 fd, idx2 ptr[in, kcmp_epoll_slot]) |
| |
| resource fd_memfd[fd] |
| memfd_create(name ptr[in, string], flags flags[memfd_flags]) fd_memfd |
| memfd_flags = MFD_CLOEXEC, MFD_ALLOW_SEALING, MFD_HUGETLB |
| _ = MFD_HUGE_SHIFT, MFD_HUGE_MASK, MFD_HUGE_64KB, MFD_HUGE_512KB, MFD_HUGE_1MB, MFD_HUGE_2MB, MFD_HUGE_8MB, MFD_HUGE_16MB |
| |
| resource pkey[int32]: -1 |
| pkey_alloc(flags const[0], val flags[pkey_flags]) pkey |
| pkey_free(key pkey) |
| pkey_mprotect(addr vma, len len[addr], prot flags[mmap_prot], key pkey) |
| pkey_flags = PKEY_DISABLE_ACCESS, PKEY_DISABLE_WRITE |
| |
| futex(addr ptr[in, int32[0:2]], op flags[futex_op], val int32[0:2], timeout ptr[in, timespec], addr2 ptr[in, int32[0:2]], val3 int32[0:2]) |
| set_robust_list(head ptr[in, robust_list_head], len len[head]) |
| get_robust_list(pid pid, head ptr[in, ptr[out, robust_list_head]], len ptr[inout, len[head, intptr]]) |
| restart_syscall() |
| |
| # Almighty! |
| ioctl(fd fd, cmd intptr, arg buffer[in]) |
| |
| ioctl$void(fd fd, cmd flags[ioctl_void]) |
| ioctl$int_in(fd fd, cmd flags[ioctl_int_in], v ptr[in, int64]) |
| ioctl$int_out(fd fd, cmd flags[ioctl_int_out], v ptr[out, intptr]) |
| |
| fcntl$dupfd(fd fd, cmd flags[fcntl_dupfd], arg fd) fd |
| fcntl$getflags(fd fd, cmd flags[fcntl_getflags]) |
| fcntl$setflags(fd fd, cmd const[F_SETFD], flags flags[fcntl_flags]) |
| fcntl$setstatus(fd fd, cmd const[F_SETFL], flags flags[fcntl_status]) |
| fcntl$lock(fd fd, cmd flags[fcntl_lock], lock ptr[in, flock]) |
| fcntl$getown(fd fd, cmd const[F_GETOWN]) pid |
| fcntl$setown(fd fd, cmd const[F_SETOWN], pid pid) |
| fcntl$getownex(fd fd, cmd const[F_GETOWN_EX], arg ptr[out, f_owner_ex]) |
| fcntl$setownex(fd fd, cmd const[F_SETOWN_EX], arg ptr[in, f_owner_ex]) |
| fcntl$setsig(fd fd, cmd const[F_SETSIG], sig signalno) |
| fcntl$setlease(fd fd, cmd const[F_SETLEASE], typ flags[flock_type]) |
| fcntl$notify(fd fd, cmd const[F_NOTIFY], typ flags[fcntl_notify]) |
| fcntl$setpipe(fd fd, cmd const[F_SETPIPE_SZ], sz intptr) |
| fcntl$addseals(fd fd, cmd const[F_ADD_SEALS], seals flags[seal_types]) |
| fcntl$F_GET_RW_HINT(fd fd, cmd const[F_GET_RW_HINT], hint ptr[out, int64]) |
| fcntl$F_GET_FILE_RW_HINT(fd fd, cmd const[F_GET_FILE_RW_HINT], hint ptr[out, int64]) |
| fcntl$F_SET_RW_HINT(fd fd, cmd const[F_SET_RW_HINT], hint ptr[in, flags[fcntl_rw_hint, int64]]) |
| fcntl$F_SET_FILE_RW_HINT(fd fd, cmd const[F_SET_FILE_RW_HINT], hint ptr[in, flags[fcntl_rw_hint, int64]]) |
| |
| ptrace(req flags[ptrace_req], pid pid) |
| ptrace$peek(req flags[ptrace_req_peek], pid pid, addr ptr[out, intptr]) |
| ptrace$poke(req flags[ptrace_req_poke], pid pid, addr ptr[out, intptr], data intptr) |
| ptrace$peekuser(req const[PTRACE_PEEKUSR], pid pid, addr intptr) |
| ptrace$pokeuser(req const[PTRACE_POKEUSR], pid pid, addr intptr, data intptr) |
| ptrace$getregs(req flags[ptrace_req_getregs], pid pid, ignored intptr, data buffer[out]) |
| ptrace$getregset(req const[PTRACE_GETREGSET], pid pid, what flags[pthread_regset], data ptr[in, iovec_out]) |
| ptrace$setregs(req flags[ptrace_req_setregs], pid pid, ignored intptr, data buffer[in]) |
| ptrace$setregset(req const[PTRACE_SETREGSET], pid pid, what flags[pthread_regset], data ptr[in, iovec_in]) |
| ptrace$getsig(req const[PTRACE_GETSIGINFO], pid pid, ignored intptr, data ptr[out, siginfo]) |
| ptrace$setsig(req const[PTRACE_SETSIGINFO], pid pid, ignored intptr, data ptr[in, siginfo]) |
| ptrace$setopts(req flags[ptrace_req_setopts], pid pid, ignored intptr, flags flags[ptrace_options]) |
| ptrace$getenv(req const[PTRACE_GETEVENTMSG], pid pid, ignored intptr, data ptr[out, intptr]) |
| ptrace$cont(req flags[ptrace_req_cont], pid pid, ignored intptr, data intptr) |
| ptrace$PTRACE_SECCOMP_GET_FILTER(req const[PTRACE_SECCOMP_GET_FILTER], pid pid, addr intptr, data ptr[out, array[int8]]) |
| ptrace$PTRACE_SECCOMP_GET_METADATA(req const[PTRACE_SECCOMP_GET_METADATA], pid pid, addr len[data], data ptr[in, seccomp_metadata]) |
| |
| seccomp_metadata { |
| filter_off intptr |
| flags const[0, int32] |
| } |
| |
| capget(hdr ptr[in, cap_header], data ptr[in, cap_data]) |
| capset(hdr ptr[in, cap_header], data ptr[in, cap_data]) |
| seccomp(op flags[seccomp_op], flags flags[seccomp_flags], prog ptr[in, sock_fprog]) |
| |
| resource fd_mq[fd] |
| mq_open(name ptr[in, string], flags flags[mq_open_flags], mode flags[open_mode], attr ptr[in, mq_attr]) fd_mq |
| mq_timedsend(mqd fd_mq, msg buffer[in], msglen len[msg], prio intptr, timeout ptr[in, timespec, opt]) |
| mq_timedreceive(mqd fd_mq, msg buffer[out], msglen len[msg], prio intptr, timeout ptr[in, timespec, opt]) |
| mq_notify(mqd fd_mq, notif ptr[in, sigevent]) |
| mq_getsetattr(mqd fd_mq, attr ptr[in, mq_attr], oldattr ptr[out, mq_attr, opt]) |
| mq_unlink(name ptr[in, string]) |
| |
| mknod(file ptr[in, filename], mode flags[mknod_mode], dev int32) |
| mknod$loop(file ptr[in, filename], mode flags[mknod_mode], dev proc[1792, 2]) |
| mknodat(dirfd fd_dir, file ptr[in, filename], mode flags[mknod_mode], dev int32) |
| chmod(file ptr[in, filename], mode flags[open_mode]) |
| fchmod(fd fd, mode flags[open_mode]) |
| fchmodat(dirfd fd_dir, file ptr[in, filename], mode flags[open_mode]) |
| chown(file ptr[in, filename], uid uid, gid gid) |
| lchown(file ptr[in, filename], uid uid, gid gid) |
| fchown(fd fd, uid uid, gid gid) |
| fchownat(dirfd fd_dir, file ptr[in, filename], uid uid, gid gid, flags flags[at_flags]) |
| fallocate(fd fd, mode flags[fallocate_mode], off intptr, len intptr) |
| faccessat(dirfd fd_dir, pathname ptr[in, filename], mode flags[open_mode], flags flags[faccessat_flags]) |
| utime(filename ptr[in, filename], times ptr[in, utimbuf]) |
| utimes(filename ptr[in, filename], times ptr[in, itimerval]) |
| futimesat(dir fd_dir, pathname ptr[in, filename], times ptr[in, itimerval]) |
| utimensat(dir fd_dir, pathname ptr[in, filename], times ptr[in, itimerval], flags flags[utimensat_flags]) |
| |
| clone(flags flags[clone_flags], sp buffer[in], parentid ptr[out, int32], childtid ptr[out, int32], tls buffer[in]) |
| clone3(args ptr[in, clone_args], size bytesize[args]) pid |
| |
| clone_args { |
| flags flags[clone_flags, int64] |
| pidfd ptr64[out, fd_pidfd] |
| child_tid ptr64[out, pid] |
| parent_tid ptr64[out, pid] |
| exit_signal signalno |
| exit_signal_pad const[0, int32] |
| stack ptr64[out, array[int8]] |
| stack_size bytesize[stack, int64] |
| tls ptr64[out, array[int8]] |
| } |
| |
| resource pid[int32]: 0, -1 |
| resource uid[int32]: 0, -1, 0xee00, 0xee01 |
| resource gid[int32]: 0, -1, 0xee00, 0xee01 |
| |
| getgid() gid |
| getegid() gid |
| setuid(uid uid) |
| setgid(gid gid) |
| getuid() uid |
| geteuid() uid |
| setpgid(pid pid, pgid pid) |
| getpgid(pid pid) pid |
| getpgrp(pid pid) pid |
| getpid() pid |
| gettid() pid |
| setreuid(ruid uid, euid uid) |
| setregid(rgid gid, egid gid) |
| setresuid(ruid uid, euid uid, suid uid) |
| setresgid(rgid gid, egid gid, sgid gid) |
| getresuid(ruid ptr[out, uid], euid ptr[out, uid], suid ptr[out, uid]) |
| getresgid(rgid ptr[out, gid], egid ptr[out, gid], sgid ptr[out, gid]) |
| setfsuid(fsuid uid) |
| setfsgid(fsgid gid) |
| getgroups(size len[list], list ptr[inout, array[gid]]) |
| setgroups(size len[list], list ptr[in, array[gid]]) |
| personality(persona flags[personality_flags]) |
| # Don't mess with parent (fuzzer). If we ptrace attach to it, it will hang. |
| # If we setrlimit for parent, it will misbehave. Killing - the same. Nothing good. |
| #getppid() pid |
| #getsid(pid pid) pid |
| #setsid() pid |
| |
| link(old ptr[in, filename], new ptr[in, filename]) |
| linkat(oldfd fd_dir, old ptr[in, filename], newfd fd_dir, new ptr[in, filename], flags flags[linkat_flags]) |
| symlinkat(old ptr[in, filename], newfd fd_dir, new ptr[in, filename]) |
| symlink(old ptr[in, filename], new ptr[in, filename]) |
| unlink(path ptr[in, filename]) |
| unlinkat(fd fd_dir, path ptr[in, filename], flags flags[unlinkat_flags]) |
| readlink(path ptr[in, filename], buf buffer[out], siz len[buf]) |
| readlinkat(fd fd_dir, path ptr[in, filename], buf buffer[out], siz len[buf]) |
| rename(old ptr[in, filename], new ptr[in, filename]) |
| renameat(oldfd fd_dir, old ptr[in, filename], newfd fd_dir, new ptr[in, filename]) |
| renameat2(oldfd fd_dir, old ptr[in, filename], newfd fd_dir, new ptr[in, filename], flags flags[renameat2_flags]) |
| mkdir(path ptr[in, filename], mode flags[open_mode]) |
| mkdirat(fd fd_dir, path ptr[in, filename], mode flags[open_mode]) |
| rmdir(path ptr[in, filename]) |
| truncate(file ptr[in, filename], len intptr) |
| ftruncate(fd fd, len intptr) |
| flock(fd fd, op flags[flock_op]) |
| fsync(fd fd) |
| fdatasync(fd fd) |
| sync() |
| syncfs(fd fd) |
| sync_file_range(fd fd, off intptr, nbytes intptr, flags flags[sync_file_flags]) |
| lookup_dcookie(cookie int64, buf buffer[out], len len[buf]) |
| getdents(fd fd_dir, ent buffer[out], count len[ent]) |
| getdents64(fd fd_dir, ent buffer[out], count len[ent]) |
| name_to_handle_at(fd fd_dir, file ptr[in, filename], handle ptr[in, file_handle], mnt ptr[out, int32], flags flags[name_to_handle_at_flags]) |
| open_by_handle_at(mountdirfd fd, handle ptr[in, file_handle], flags flags[open_flags]) |
| chroot(dir ptr[in, filename]) |
| getcwd(buf buffer[out], size len[buf]) |
| chdir(dir ptr[in, filename]) |
| fchdir(fd fd) |
| quotactl(cmd intptr, special ptr[in, filename], id uid, addr ptr[in, array[int8]]) |
| pivot_root(new_root ptr[in, filename], put_old ptr[in, filename]) |
| |
| sysfs$1(option const[1], fsname ptr[in, string]) |
| sysfs$2(option const[2], fsindex intptr, fsname buffer[out]) |
| sysfs$3(option const[3]) |
| statfs(path ptr[in, filename], buf buffer[out]) |
| fstatfs(fd fd, buf buffer[out]) |
| |
| uselib(lib ptr[in, filename]) |
| init_module(mod ptr[in, string], len len[mod], args ptr[in, string]) |
| finit_module(fd fd, args ptr[in, string], flags flags[finit_module_flags]) |
| delete_module(name ptr[in, string], flags flags[delete_module_flags]) |
| kexec_load(entry intptr, nr_segments len[segments], segments ptr[in, array[kexec_segment]], flags flags[kexec_load_flags]) |
| syslog(cmd flags[syslog_cmd], buf ptr[out, array[int8], opt], len len[buf]) |
| uname(buf buffer[out]) |
| sysinfo(info buffer[out]) |
| ustat(dev intptr, buf ptr[out, ustat]) |
| acct(filename ptr[in, filename, opt]) |
| |
| getrusage(who flags[rusage_who], usage ptr[out, rusage]) |
| getrlimit(res flags[rlimit_type], rlim ptr[out, rlimit]) |
| setrlimit(res flags[rlimit_type], rlim ptr[in, rlimit]) |
| prlimit64(pid pid, res flags[rlimit_type], new ptr[in, rlimit, opt], old ptr[out, rlimit, opt]) |
| |
| iopl(level int8) |
| ioperm(from intptr, num intptr, on intptr) |
| ioprio_get$pid(which flags[ioprio_which_pid], who pid) |
| ioprio_get$uid(which flags[ioprio_which_uid], who uid) |
| ioprio_set$pid(which flags[ioprio_which_pid], who pid, prio intptr) |
| ioprio_set$uid(which flags[ioprio_which_uid], who uid, prio intptr) |
| |
| resource timerid[int32] |
| timer_create(id flags[clock_id], ev ptr[in, sigevent], timerid ptr[out, timerid]) |
| timer_gettime(timerid timerid, setting ptr[out, itimerspec]) |
| timer_getoverrun(timerid timerid) |
| timer_settime(timerid timerid, flags flags[timer_flags], new ptr[in, itimerspec], old ptr[out, itimerspec, opt]) |
| timer_delete(timerid timerid) |
| |
| time(t ptr[out, intptr]) |
| clock_gettime(id flags[clock_id], tp ptr[out, timespec]) |
| clock_settime(id flags[clock_id], tp ptr[in, timespec]) |
| clock_adjtime(id flags[clock_id], tx ptr[in, timex]) |
| clock_getres(id flags[clock_id], tp ptr[out, timespec]) |
| clock_nanosleep(id flags[clock_id], flags flags[timer_flags], rqtp ptr[in, timespec], rmtp ptr[out, timespec, opt]) |
| rt_sigaction(sig signalno, act ptr[in, sigaction], oact ptr[out, sigaction, opt], sigsetsize len[fake], fake ptr[out, sigset]) |
| rt_sigprocmask(how flags[sigprocmask_how], nset ptr[in, sigset], oset ptr[out, sigset, opt], sigsetsize len[nset]) |
| rt_sigreturn() |
| rt_sigpending(set ptr[out, sigset], sigsetsize len[set]) |
| rt_sigtimedwait(these ptr[in, sigset], info ptr[out, siginfo, opt], ts ptr[in, timespec], sigsetsize len[these]) |
| rt_sigsuspend(new ptr[in, sigset], sigsetsize len[new]) |
| rt_sigqueueinfo(pid pid, sig signalno, info ptr[in, siginfo]) |
| rt_tgsigqueueinfo(gid pid, tid pid, sig signalno, info ptr[in, siginfo]) |
| sigaltstack(ss vma, oss ptr[out, intptr, opt]) |
| tgkill(gid pid, tid pid, sig signalno) |
| tkill(tid pid, sig signalno) |
| pause() |
| alarm(seconds intptr) |
| nanosleep(req ptr[in, timespec], rem ptr[out, timespec, opt]) |
| getitimer(which flags[getitimer_which], cur ptr[out, itimerval]) |
| setitimer(which flags[getitimer_which], new ptr[in, itimerval], old ptr[out, itimerval, opt]) |
| exit(code intptr) |
| exit_group(code intptr) |
| waitid(which flags[waitid_which], pid pid, infop ptr[out, siginfo, opt], options flags[wait_options], ru ptr[out, rusage, opt]) |
| waitid$P_PIDFD(which const[P_PIDFD], pidfd fd_pidfd, infop ptr[out, siginfo, opt], options flags[wait_options], ru ptr[out, rusage, opt]) |
| wait4(pid pid, status ptr[out, int32, opt], options flags[wait_options], ru ptr[out, rusage, opt]) |
| times(buf ptr[out, tms]) |
| # Can send signals to all processes (pid=-1). |
| #kill(pid pid, sig signalno) |
| |
| set_thread_area(info ptr[in, user_desc]) |
| get_thread_area(info ptr[in, user_desc]) |
| modify_ldt$read(func const[0], buf buffer[out], len len[buf]) |
| modify_ldt$write(func const[1], buf ptr[in, user_desc], len len[buf]) |
| modify_ldt$read_default(func const[2], buf buffer[out], len len[buf]) |
| modify_ldt$write2(func const[17], buf ptr[in, user_desc], len len[buf]) |
| process_vm_readv(pid pid, loc_vec ptr[in, array[iovec_out]], loc_vlen len[loc_vec], rem_vec ptr[in, array[iovec_out]], rem_vlen len[rem_vec], flags const[0]) |
| process_vm_writev(pid pid, loc_vec ptr[in, array[iovec_out]], loc_vlen len[loc_vec], rem_vec ptr[in, array[iovec_out]], rem_vlen len[rem_vec], flags const[0]) |
| set_tid_address(tidptr ptr[out, int32]) |
| getpriority(which flags[priority_which], who pid) |
| setpriority(which flags[priority_which], who pid, prio intptr) |
| sched_getscheduler(pid pid) |
| sched_setscheduler(pid pid, policy flags[sched_policy], prio ptr[in, int32]) |
| sched_rr_get_interval(pid pid, tp ptr[out, timespec]) |
| sched_getparam(pid pid, prio ptr[out, int32]) |
| sched_setparam(pid pid, prio ptr[in, int32]) |
| sched_getaffinity(pid pid, cpusetsize len[mask], mask ptr[out, int64]) |
| sched_setaffinity(pid pid, cpusetsize len[mask], mask ptr[in, int64]) |
| sched_getattr(pid pid, attr ptr[out, sched_attr], size len[attr], flags flags[sched_attr_flags]) |
| sched_setattr(pid pid, attr ptr[in, sched_attr], flags flags[sched_attr_flags]) |
| sched_yield() |
| getrandom(buf buffer[out], len len[buf], flags flags[getrandom_flags]) |
| |
| membarrier(cmd flags[membarrier_cmd], flags const[0]) |
| |
| membarrier_cmd = MEMBARRIER_CMD_GLOBAL, MEMBARRIER_CMD_GLOBAL_EXPEDITED, MEMBARRIER_CMD_PRIVATE_EXPEDITED, MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED, MEMBARRIER_CMD_PRIVATE_EXPEDITED_SYNC_CORE, MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_SYNC_CORE, MEMBARRIER_CMD_QUERY, MEMBARRIER_CMD_REGISTER_GLOBAL_EXPEDITED, MEMBARRIER_CMD_SHARED |
| |
| rseq(rseq ptr[in, rseq], rseq_len bytesize[rseq], flags boolptr, sig const[0]) |
| |
| rseq { |
| cpu_id_start const[0, int32] |
| cpu_id const[0, int32] |
| rseq_cs ptr[in, rseq_cs, opt] |
| flags flags[rseq_cs_flags, int32] |
| } [align_32] |
| |
| rseq_cs { |
| version const[0, int32] |
| flags flags[rseq_cs_flags, int32] |
| start_ip intptr |
| post_commit_offset intptr |
| abort_ip intptr |
| } [align_32] |
| |
| rseq_cs_flags = RSEQ_CS_FLAG_NO_RESTART_ON_PREEMPT, RSEQ_CS_FLAG_NO_RESTART_ON_SIGNAL, RSEQ_CS_FLAG_NO_RESTART_ON_MIGRATE |
| |
| syz_open_procfs(pid pid, file ptr[in, string[procfs_file]]) fd |
| |
| # TODO: some of net files are only available in the init namespace (e.g. bluetooth bnep and hci). |
| # We could find some way to open these files in the init namespace |
| # esp. taking into account that we create bluetooth sockets in init namespace. |
| procfs_file = "auxv", "cmdline", "environ", "autogroup", "cgroup", "clear_refs", "comm", "coredump_filter", "cpuset", "gid_map", "io", "limits", "loginuid", "maps", "mountinfo", "mounts", "mountstats", "numa_maps", "oom_adj", "oom_score", "oom_score_adj", "pagemap", "personality", "projid_map", "sched", "schedstat", "sessionid", "setgroups", "smaps", "smaps_rollup", "stack", "stat", "statm", "status", "syscall", "timers", "uid_map", "wchan", "map_files", "attr", "attr/current", "attr/exec", "attr/fscreate", "attr/keycreate", "attr/prev", "attr/sockcreate", "ns", "children", "task", "fd", "fd/3", "fd/4", "fdinfo", "fdinfo/3", "fdinfo/4", "net", "net/anycast6", "net/arp", "net/bnep", "net/connector", "net/dev", "net/dev_mcast", "net/dev_snmp6", "net/fib_trie", "net/fib_triestat", "net/hci", "net/icmp", "net/icmp6", "net/if_inet6", "net/igmp", "net/igmp6", "net/ip6_flowlabel", "net/ip6_mr_cache", "net/ip6_mr_vif", "net/ip6_tables_matches", "net/ip6_tables_names", "net/ip6_tables_targets", "net/ip_mr_cache", "net/ip_mr_vif", "net/ip_tables_matches", "net/ip_tables_names", "net/ip_tables_targets", "net/ipv6_route", "net/ipx", "net/l2cap", "net/llc", "net/mcfilter", "net/mcfilter6", "net/netfilter", "net/netlink", "net/netstat", "net/nfsfs", "net/packet", "net/protocols", "net/psched", "net/ptype", "net/raw", "net/raw6", "net/rfcomm", "net/route", "net/rpc", "net/rt6_stats", "net/rt_acct", "net/rt_cache", "net/sco", "net/sctp", "net/snmp", "net/snmp6", "net/sockstat", "net/sockstat6", "net/softnet_stat", "net/stat", "net/tcp", "net/tcp6", "net/udp", "net/udp6", "net/udplite", "net/udplite6", "net/unix", "net/wireless", "net/xfrm_stat", "net/ip_vs", "net/ip_vs_stats", "net/ip_vs_stats_percpu" |
| |
| resource fd_pidfd[fd] |
| |
| openat$pidfd(fd const[AT_FDCWD], file ptr[in, string["/proc/self"]], flags flags[open_flags], mode const[0]) fd_pidfd |
| pidfd_send_signal(fd fd_pidfd, sig signalno, info ptr[in, siginfo], flags const[0]) |
| pidfd_open(pid pid, flags const[0]) fd_pidfd |
| |
| # Uncomment on your own account. |
| #syz_open_dev$char(dev const[0xc], major intptr, minor intptr) fd |
| #syz_open_dev$block(dev const[0xb], major intptr, minor intptr) fd |
| |
| # /dev/console known to cause problems on at least two different kernels. |
| # It can turn off all output or produce massive amounts of garbage on console. |
| # Disable it for now. |
| #syz_open_dev$console(dev ptr[in, string["/dev/console"]], id const[0], flags flags[open_flags]) fd |
| |
| # These devices are relatively safe (don't reboot and don't corrupt kernel memory). |
| # They need a more comprehensive support. But let at least open them for now, |
| # maybe fuzzer will be able to skrew them in a useful way. |
| # TODO: all these devices returning just fd need proper interface descriptions. |
| syz_open_dev$vcsn(dev ptr[in, string["/dev/vcs#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$vcsa(dev ptr[in, string["/dev/vcsa#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$midi(dev ptr[in, string["/dev/midi#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$ircomm(dev ptr[in, string["/dev/ircomm#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$dspn(dev ptr[in, string["/dev/dsp#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$dmmidi(dev ptr[in, string["/dev/dmmidi#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$admmidi(dev ptr[in, string["/dev/admmidi#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$adsp(dev ptr[in, string["/dev/adsp#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$amidi(dev ptr[in, string["/dev/amidi#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$audion(dev ptr[in, string["/dev/audio#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$sndhw(dev ptr[in, string["/dev/snd/hwC#D#"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$sndpcmc(dev ptr[in, string["/dev/snd/pcmC#D#c"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$sndpcmp(dev ptr[in, string["/dev/snd/pcmC#D#p"]], id intptr, flags flags[open_flags]) fd |
| syz_open_dev$media(dev ptr[in, string["/dev/media#"]], id intptr, flags flags[open_flags]) fd |
| |
| openat$null(fd const[AT_FDCWD], file ptr[in, string["/dev/null"]], flags flags[open_flags], mode const[0]) fd |
| openat$zero(fd const[AT_FDCWD], file ptr[in, string["/dev/zero"]], flags flags[open_flags], mode const[0]) fd |
| openat$full(fd const[AT_FDCWD], file ptr[in, string["/dev/full"]], flags flags[open_flags], mode const[0]) fd |
| openat$vga_arbiter(fd const[AT_FDCWD], file ptr[in, string["/dev/vga_arbiter"]], flags flags[open_flags], mode const[0]) fd |
| openat$qat_adf_ctl(fd const[AT_FDCWD], file ptr[in, string["/dev/qat_adf_ctl"]], flags flags[open_flags], mode const[0]) fd |
| openat$mixer(fd const[AT_FDCWD], file ptr[in, string["/dev/mixer"]], flags flags[open_flags], mode const[0]) fd |
| openat$irnet(fd const[AT_FDCWD], file ptr[in, string["/dev/irnet"]], flags flags[open_flags], mode const[0]) fd |
| openat$hwrng(fd const[AT_FDCWD], file ptr[in, string["/dev/hwrng"]], flags flags[open_flags], mode const[0]) fd |
| openat$hpet(fd const[AT_FDCWD], file ptr[in, string["/dev/hpet"]], flags flags[open_flags], mode const[0]) fd |
| openat$fb0(fd const[AT_FDCWD], file ptr[in, string["/dev/fb0"]], flags flags[open_flags], mode const[0]) fd |
| openat$autofs(fd const[AT_FDCWD], file ptr[in, string["/dev/autofs"]], flags flags[open_flags], mode const[0]) fd |
| openat$keychord(fd const[AT_FDCWD], file ptr[in, string["/dev/keychord"]], flags flags[open_flags], mode const[0]) fd |
| openat$zygote(fd const[AT_FDCWD], file ptr[in, string["/dev/socket/zygote"]], flags flags[open_flags], mode const[0]) fd |
| openat$sw_sync(fd const[AT_FDCWD], file ptr[in, string["/dev/sw_sync"]], flags flags[open_flags], mode const[0]) fd |
| openat$pktcdvd(fd const[AT_FDCWD], file ptr[in, string["/dev/pktcdvd/control"]], flags flags[open_flags], mode const[0]) fd |
| openat$lightnvm(fd const[AT_FDCWD], file ptr[in, string["/dev/lightnvm/control"]], flags flags[open_flags], mode const[0]) fd |
| openat$vcs(fd const[AT_FDCWD], file ptr[in, string["/dev/vcs"]], flags flags[open_flags], mode const[0]) fd |
| openat$sequencer(fd const[AT_FDCWD], file ptr[in, string["/dev/sequencer"]], flags flags[open_flags], mode const[0]) fd |
| openat$sequencer2(fd const[AT_FDCWD], file ptr[in, string["/dev/sequencer2"]], flags flags[open_flags], mode const[0]) fd |
| openat$dsp(fd const[AT_FDCWD], file ptr[in, string["/dev/dsp"]], flags flags[open_flags], mode const[0]) fd |
| openat$audio(fd const[AT_FDCWD], file ptr[in, string["/dev/audio"]], flags flags[open_flags], mode const[0]) fd |
| openat$xenevtchn(fd const[AT_FDCWD], file ptr[in, string["/dev/xen/evtchn"]], flags flags[open_flags], mode const[0]) fd |
| openat$dlm_control(fd const[AT_FDCWD], file ptr[in, string["/dev/dlm-control"]], flags flags[open_flags], mode const[0]) fd |
| openat$dlm_monitor(fd const[AT_FDCWD], file ptr[in, string["/dev/dlm-monitor"]], flags flags[open_flags], mode const[0]) fd |
| openat$dlm_plock(fd const[AT_FDCWD], file ptr[in, string["/dev/dlm_plock"]], flags flags[open_flags], mode const[0]) fd |
| openat$btrfs_control(fd const[AT_FDCWD], file ptr[in, string["/dev/btrfs-control"]], flags flags[open_flags], mode const[0]) fd |
| openat$ubi_ctrl(fd const[AT_FDCWD], file ptr[in, string["/dev/ubi_ctrl"]], flags flags[open_flags], mode const[0]) fd |
| openat$cachefiles(fd const[AT_FDCWD], file ptr[in, string["/dev/cachefiles"]], flags flags[open_flags], mode const[0]) fd |
| |
| openat$snapshot(fd const[AT_FDCWD], file ptr[in, string["/dev/snapshot"]], flags flags[open_flags], mode const[0]) fd |
| _ = SNAPSHOT_FREEZE, SNAPSHOT_UNFREEZE |
| |
| pipefd { |
| rfd fd |
| wfd fd |
| } |
| |
| type iovec[DIR, T] { |
| addr ptr[DIR, T] |
| len len[addr, intptr] |
| } |
| type iovec_in iovec[in, array[int8]] |
| type iovec_out iovec[out, array[int8]] |
| |
| stat { |
| dev int16 |
| ino int32 |
| mode int16 |
| nlink int16 |
| uid uid |
| gid gid |
| rdev int16 |
| size int32 |
| blksize int32 |
| blocks int32 |
| atime int32 |
| ansec int32 |
| mtime int32 |
| mnsec int32 |
| ctime int32 |
| cnsec int32 |
| pad1 const[0, int32] |
| pad2 const[0, int32] |
| } |
| |
| statx { |
| mask int32 |
| blksize int32 |
| attributes int64 |
| nlink int32 |
| uid int32 |
| gid int32 |
| mode int16 |
| __spare0 int16 |
| ino int64 |
| size int64 |
| blocks int64 |
| __spare1 int64 |
| atime statx_timestamp |
| btime statx_timestamp |
| ctime statx_timestamp |
| mtime statx_timestamp |
| rdev_major int32 |
| rdev_minor int32 |
| dev_major int32 |
| dev_minor int32 |
| __spare2 array[int64, 14] |
| } |
| |
| pollfd { |
| fd fd |
| events flags[pollfd_events, int16] |
| revents const[0, int16] |
| } |
| |
| sigset { |
| mask int64 |
| } |
| |
| sigset_size { |
| ss ptr[inout, sigset] |
| len len[ss, intptr] |
| } |
| |
| resource time_sec[intptr] |
| resource time_nsec[intptr] |
| resource time_usec[intptr] |
| |
| # prog knowns about this struct type |
| timespec { |
| sec time_sec |
| nsec time_nsec |
| } |
| |
| # prog knowns about this struct type |
| timeval { |
| sec time_sec |
| usec time_usec |
| } |
| |
| statx_timestamp { |
| sec int64 |
| nsec int32 |
| __reserved int32 |
| } |
| |
| itimerspec { |
| interv timespec |
| value timespec |
| } |
| |
| itimerval { |
| interv timeval |
| value timeval |
| } |
| |
| utimbuf { |
| actime intptr |
| modtime intptr |
| } |
| |
| sigevent { |
| val const[0, intptr] |
| signo signalno |
| notify flags[sigev_notify, int32] |
| u sigevent_u |
| } [size[SIGEVENT_SIZE]] |
| |
| sigevent_u [ |
| tid pid |
| thr sigevent_thread |
| ] |
| |
| define SIGEVENT_SIZE sizeof(struct sigevent) |
| |
| sigevent_thread { |
| # NEED: this is function pointer and pthread_attr_t (?) |
| func buffer[in] |
| attr buffer[in] |
| } |
| |
| cap_header { |
| var flags[cap_version, int32] |
| pid pid |
| } |
| |
| cap_data { |
| eff0 int32 |
| perm0 int32 |
| inher0 int32 |
| eff1 int32 |
| perm1 int32 |
| inher1 int32 |
| } |
| |
| epoll_event { |
| ev flags[epoll_ev, int32] |
| data const[0, int64] |
| } [packed] |
| |
| # TODO: fd_set needs to be a separate type |
| fd_set { |
| mask0 int64 |
| mask1 int64 |
| mask2 int64 |
| mask3 int64 |
| mask4 int64 |
| mask5 int64 |
| mask6 int64 |
| mask7 int64 |
| } |
| |
| sock_fprog { |
| len len[filter, int16] |
| filter ptr[in, array[sock_filter]] |
| } |
| |
| sock_filter { |
| code int16 |
| jt int8 |
| jf int8 |
| k int32 |
| } |
| |
| file_handle { |
| bytes len[parent, int32] |
| type int32 |
| handle array[int8] |
| } |
| |
| mq_attr { |
| flags intptr |
| maxmsg intptr |
| msgsize intptr |
| curmsg intptr |
| res0 intptr |
| res1 intptr |
| res2 intptr |
| res3 intptr |
| } |
| |
| kexec_segment { |
| buf buffer[in] |
| sz len[buf, intptr] |
| # TODO: this is address in kernel |
| mem intptr |
| memsz intptr |
| } |
| |
| robust_list_head { |
| list ptr[in, robust_list, opt] |
| futex_offset intptr |
| list_op_pending ptr[in, robust_list, opt] |
| } |
| |
| robust_list { |
| next ptr[in, robust_list, opt] |
| } |
| |
| rusage { |
| utime timeval |
| stime timeval |
| maxrss intptr |
| ixrss intptr |
| idrss intptr |
| isrss intptr |
| minflt intptr |
| majflt intptr |
| nswap intptr |
| inblock intptr |
| oublock intptr |
| msgsnd intptr |
| msgrcv intptr |
| signals intptr |
| nvcsw intptr |
| nivcsw intptr |
| } |
| |
| rlimit { |
| soft intptr |
| hard intptr |
| } |
| |
| sigaction { |
| handler ptr[in, text[target]] |
| mask sigset |
| flags flags[sigaction_flags, intptr] |
| restor ptr[in, text[target]] |
| } |
| |
| tms { |
| utime intptr |
| stime intptr |
| cutime intptr |
| cstime intptr |
| } |
| |
| siginfo { |
| signo signalno |
| errno int32 |
| code int32 |
| } [size[SIGINFO_SIZE]] |
| |
| define SIGINFO_SIZE sizeof(struct siginfo) |
| |
| timex { |
| stuff0 intptr |
| stuff1 intptr |
| stuff2 intptr |
| stuff3 intptr |
| stuff4 intptr |
| stuff5 intptr |
| stuff6 intptr |
| stuff7 intptr |
| stuff8 intptr |
| stuff9 intptr |
| stuff10 intptr |
| stuff11 intptr |
| stuff12 intptr |
| stuff13 intptr |
| stuff14 intptr |
| stuff15 intptr |
| stuff16 intptr |
| stuff17 intptr |
| stuff18 intptr |
| stuff19 intptr |
| stuff20 intptr |
| stuff21 intptr |
| stuff22 intptr |
| stuff23 intptr |
| stuff24 intptr |
| stuff25 intptr |
| } |
| |
| ustat { |
| free int32 |
| inode intptr |
| nampac0 int32 |
| nampac1 int32 |
| nampac2 int32 |
| } |
| |
| user_desc { |
| entry_number int32 |
| # Base should be vma and limit should be len[base] |
| # But these fields are int32, so we can't use vma. |
| base_addr flags[user_desc_bases, int32] |
| limit flags[user_desc_limits, int32] |
| seg_32bit int32:1 |
| contents int32:2 |
| read_exec_only int32:1 |
| limit_in_pages int32:1 |
| seg_not_present int32:1 |
| useable int32:1 |
| lm int32:1 |
| } |
| |
| user_desc_bases = 0, 4096, 1048576, 536870912, 536872960, 536875008, -1 |
| user_desc_limits = 0, 1024, 4096, 8192, 16384, -1 |
| |
| sched_attr { |
| size bytesize[parent, int32] |
| policy flags[sched_policy, int32] |
| flags flags[sched_attr_flags2, int64] |
| nice int32 |
| prio int32 |
| runtime int64 |
| deadlin int64 |
| period int64 |
| } |
| |
| flock { |
| type flags[flock_type, int16] |
| whence flags[seek_whence, int16] |
| start intptr |
| len intptr |
| pid pid |
| } |
| |
| f_owner_ex { |
| type flags[f_owner_type, int32] |
| pid pid |
| } |
| |
| ucred { |
| pid pid |
| uid uid |
| gid gid |
| } |
| |
| kcmp_epoll_slot { |
| efd fd_epoll |
| tfd fd |
| toff int32 |
| } |
| |
| open_flags = O_RDONLY, O_WRONLY, O_RDWR, O_APPEND, FASYNC, O_CLOEXEC, O_CREAT, O_DIRECT, O_DIRECTORY, O_EXCL, O_LARGEFILE, O_NOATIME, O_NOCTTY, O_NOFOLLOW, O_NONBLOCK, O_PATH, O_SYNC, O_TRUNC, __O_TMPFILE |
| open_mode = S_IRUSR, S_IWUSR, S_IXUSR, S_IRGRP, S_IWGRP, S_IXGRP, S_IROTH, S_IWOTH, S_IXOTH |
| madvise_flags = MADV_NORMAL, MADV_RANDOM, MADV_SEQUENTIAL, MADV_WILLNEED, MADV_DONTNEED, MADV_REMOVE, MADV_DONTFORK, MADV_DOFORK, MADV_HWPOISON, MADV_SOFT_OFFLINE, MADV_MERGEABLE, MADV_UNMERGEABLE, MADV_HUGEPAGE, MADV_NOHUGEPAGE, MADV_DONTDUMP, MADV_DODUMP, MADV_WIPEONFORK, MADV_KEEPONFORK, MADV_COLD, MADV_PAGEOUT |
| fadvise_flags = POSIX_FADV_NORMAL, POSIX_FADV_SEQUENTIAL, POSIX_FADV_RANDOM, POSIX_FADV_NOREUSE, POSIX_FADV_WILLNEED, POSIX_FADV_DONTNEED |
| move_pages_flags = MPOL_MF_MOVE, MPOL_MF_MOVE_ALL |
| msync_flags = MS_ASYNC, MS_SYNC, MS_INVALIDATE |
| mmap_prot = PROT_NONE, PROT_EXEC, PROT_READ, PROT_WRITE, PROT_SEM, PROT_GROWSDOWN, PROT_GROWSUP |
| mmap_flags = MAP_SHARED, MAP_PRIVATE, MAP_32BIT, MAP_ANONYMOUS, MAP_DENYWRITE, MAP_EXECUTABLE, MAP_FILE, MAP_FIXED, MAP_GROWSDOWN, MAP_HUGETLB, MAP_LOCKED, MAP_NONBLOCK, MAP_NORESERVE, MAP_POPULATE, MAP_STACK, MAP_UNINITIALIZED, MAP_SHARED_VALIDATE, MAP_SYNC, MAP_FIXED_NOREPLACE |
| mremap_flags = MREMAP_MAYMOVE, MREMAP_FIXED |
| mbind_mode = MPOL_DEFAULT, MPOL_BIND, MPOL_INTERLEAVE, MPOL_PREFERRED, MPOL_F_STATIC_NODES, MPOL_F_RELATIVE_NODES |
| mbind_flags = MPOL_MF_STRICT, MPOL_MF_MOVE, MPOL_MF_MOVE_ALL |
| pipe_flags = O_NONBLOCK, O_CLOEXEC, O_DIRECT |
| mlock_flags = MLOCK_ONFAULT |
| mlockall_flags = MCL_CURRENT, MCL_FUTURE, MCL_ONFAULT |
| dup_flags = O_CLOEXEC |
| splice_flags = SPLICE_F_MOVE, SPLICE_F_NONBLOCK, SPLICE_F_MORE, SPLICE_F_GIFT |
| seek_whence = SEEK_SET, SEEK_CUR, SEEK_END, SEEK_DATA, SEEK_HOLE |
| signalfd_flags = SFD_NONBLOCK, SFD_CLOEXEC |
| eventfd_flags = EFD_CLOEXEC, EFD_NONBLOCK, EFD_SEMAPHORE |
| timerfd_create_flags = TFD_NONBLOCK, TFD_CLOEXEC |
| timerfd_settime_flags = TFD_TIMER_ABSTIME |
| clock_type = CLOCK_REALTIME, CLOCK_REALTIME_COARSE, CLOCK_MONOTONIC, CLOCK_MONOTONIC_COARSE, CLOCK_MONOTONIC_RAW, CLOCK_BOOTTIME, CLOCK_PROCESS_CPUTIME_ID, CLOCK_THREAD_CPUTIME_ID, CLOCK_REALTIME_ALARM, CLOCK_BOOTTIME_ALARM |
| sigev_notify = SIGEV_NONE, SIGEV_SIGNAL, SIGEV_THREAD, SIGEV_THREAD_ID |
| cap_version = _LINUX_CAPABILITY_VERSION_1, _LINUX_CAPABILITY_VERSION_2, _LINUX_CAPABILITY_VERSION_3 |
| epoll_flags = EPOLL_CLOEXEC |
| epoll_ev = POLLIN, POLLOUT, POLLRDHUP, POLLPRI, POLLERR, POLLHUP, EPOLLET, EPOLLONESHOT, EPOLLEXCLUSIVE, EPOLLWAKEUP |
| pollfd_events = POLLIN, POLLPRI, POLLOUT, POLLERR, POLLHUP, POLLNVAL, POLLRDNORM, POLLRDBAND, POLLWRNORM, POLLWRBAND, POLLMSG, POLLREMOVE, POLLRDHUP, POLLFREE, POLL_BUSY_LOOP |
| mknod_mode = S_IFREG, S_IFCHR, S_IFBLK, S_IFIFO, S_IFSOCK, S_IRUSR, S_IWUSR, S_IXUSR, S_IRGRP, S_IWGRP, S_IXGRP, S_IROTH, S_IWOTH, S_IXOTH, S_ISUID, S_ISGID, S_ISVTX |
| at_flags = AT_EMPTY_PATH, AT_SYMLINK_NOFOLLOW, AT_SYMLINK_FOLLOW, AT_NO_AUTOMOUNT, AT_EMPTY_PATH |
| fallocate_mode = 0, FALLOC_FL_KEEP_SIZE, FALLOC_FL_PUNCH_HOLE, FALLOC_FL_COLLAPSE_RANGE, FALLOC_FL_ZERO_RANGE, FALLOC_FL_INSERT_RANGE, FALLOC_FL_UNSHARE_RANGE, FALLOC_FL_NO_HIDE_STALE |
| linkat_flags = AT_EMPTY_PATH, AT_SYMLINK_FOLLOW |
| unlinkat_flags = 0, AT_REMOVEDIR |
| renameat2_flags = RENAME_EXCHANGE, RENAME_NOREPLACE, RENAME_WHITEOUT |
| flock_op = LOCK_SH, LOCK_EX, LOCK_UN, LOCK_NB |
| seccomp_op = SECCOMP_SET_MODE_STRICT, SECCOMP_SET_MODE_FILTER |
| seccomp_flags = 0, SECCOMP_FILTER_FLAG_TSYNC |
| statx_flags = AT_SYMLINK_NOFOLLOW, AT_SYMLINK_FOLLOW, AT_NO_AUTOMOUNT, AT_EMPTY_PATH, AT_STATX_SYNC_TYPE, AT_STATX_SYNC_AS_STAT, AT_STATX_FORCE_SYNC, AT_STATX_DONT_SYNC |
| statx_mask = STATX_TYPE, STATX_MODE, STATX_NLINK, STATX_UID, STATX_GID, STATX_ATIME, STATX_MTIME, STATX_CTIME, STATX_INO, STATX_SIZE, STATX_BLOCKS, STATX_BASIC_STATS, STATX_BTIME, STATX_ALL |
| name_to_handle_at_flags = AT_EMPTY_PATH, AT_SYMLINK_FOLLOW |
| mq_open_flags = O_RDONLY, O_WRONLY, O_RDWR, O_NONBLOCK, O_CREAT, O_EXCL, O_CREAT |
| finit_module_flags = MODULE_INIT_IGNORE_MODVERSIONS, MODULE_INIT_IGNORE_VERMAGIC |
| delete_module_flags = O_NONBLOCK, O_TRUNC |
| kexec_load_flags = KEXEC_ON_CRASH, KEXEC_PRESERVE_CONTEXT, KEXEC_ARCH_386, KEXEC_ARCH_X86_64, KEXEC_ARCH_PPC, KEXEC_ARCH_PPC64, KEXEC_ARCH_IA_64, KEXEC_ARCH_ARM, KEXEC_ARCH_S390, KEXEC_ARCH_SH, KEXEC_ARCH_MIPS, KEXEC_ARCH_MIPS_LE, KEXEC_ARCH_DEFAULT |
| faccessat_flags = 0x100, 0x200, 0x400, 0x800, 0x1000 |
| futex_op = FUTEX_WAIT, FUTEX_WAIT_BITSET, FUTEX_WAKE, FUTEX_REQUEUE, FUTEX_CMP_REQUEUE, FUTEX_WAIT_PRIVATE, FUTEX_WAKE_PRIVATE, FUTEX_WAIT_REQUEUE_PI_PRIVATE, FUTEX_CMP_REQUEUE_PI_PRIVATE |
| sync_file_flags = SYNC_FILE_RANGE_WAIT_BEFORE, SYNC_FILE_RANGE_WRITE, SYNC_FILE_RANGE_WAIT_AFTER |
| kcmp_flags = KCMP_FILE, KCMP_FILES, KCMP_FS, KCMP_IO, KCMP_SIGHAND, KCMP_SYSVSEM, KCMP_VM |
| rusage_who = RUSAGE_SELF, RUSAGE_CHILDREN, RUSAGE_THREAD |
| rlimit_type = RLIMIT_AS, RLIMIT_CORE, RLIMIT_CPU, RLIMIT_DATA, RLIMIT_FSIZE, RLIMIT_LOCKS, RLIMIT_MEMLOCK, RLIMIT_MSGQUEUE, RLIMIT_NICE, RLIMIT_NOFILE, RLIMIT_NPROC, RLIMIT_RSS, RLIMIT_RTPRIO, RLIMIT_RTTIME, RLIMIT_SIGPENDING, RLIMIT_STACK |
| # The ones that disable console output are intentionally omitted. |
| syslog_cmd = SYSLOG_ACTION_CLOSE, SYSLOG_ACTION_OPEN, SYSLOG_ACTION_READ, SYSLOG_ACTION_READ_ALL, SYSLOG_ACTION_READ_CLEAR, SYSLOG_ACTION_SIZE_UNREAD, SYSLOG_ACTION_SIZE_BUFFER |
| ioprio_which_pid = IOPRIO_WHO_PROCESS, IOPRIO_WHO_PGRP |
| ioprio_which_uid = IOPRIO_WHO_USER |
| personality_flags = PER_LINUX, PER_SVR4, PER_SVR3, PER_OSR5, PER_WYSEV386, PER_ISCR4, PER_BSD, PER_XENIX, PER_LINUX32, PER_IRIX32, PER_IRIXN32, PER_IRIX64, PER_RISCOS, PER_SOLARIS, PER_UW7, PER_OSF4, PER_HPUX, ADDR_NO_RANDOMIZE, MMAP_PAGE_ZERO, ADDR_COMPAT_LAYOUT, READ_IMPLIES_EXEC, ADDR_LIMIT_32BIT, SHORT_INODE, WHOLE_SECONDS, STICKY_TIMEOUTS, ADDR_LIMIT_3GB |
| clock_id = CLOCK_REALTIME, CLOCK_REALTIME_COARSE, CLOCK_MONOTONIC, CLOCK_MONOTONIC_COARSE, CLOCK_MONOTONIC_RAW, CLOCK_BOOTTIME, CLOCK_PROCESS_CPUTIME_ID, CLOCK_THREAD_CPUTIME_ID |
| sigprocmask_how = SIG_BLOCK, SIG_UNBLOCK, SIG_SETMASK |
| getitimer_which = ITIMER_REAL, ITIMER_VIRTUAL, ITIMER_PROF |
| wait_options = WNOHANG, WUNTRACED, WCONTINUED, WEXITED, WSTOPPED, WCONTINUED, WNOHANG, WNOWAIT, __WCLONE, __WALL, __WNOTHREAD |
| waitid_which = P_PID, P_PGID, P_ALL |
| sigaction_flags = SA_NOCLDSTOP, SA_NOCLDWAIT, SA_NODEFER, SA_ONSTACK, SA_RESETHAND, SA_RESTART, SA_SIGINFO |
| timer_flags = 0, TIMER_ABSTIME |
| utimensat_flags = 0, AT_SYMLINK_NOFOLLOW |
| priority_which = PRIO_PROCESS, PRIO_PGRP, PRIO_USER |
| sched_policy = SCHED_NORMAL, SCHED_BATCH, SCHED_IDLE, SCHED_FIFO, SCHED_RR, SCHED_DEADLINE |
| sched_attr_flags = 0 |
| sched_attr_flags2 = 0, SCHED_FLAG_RESET_ON_FORK |
| mempolicy_flags = 0, MPOL_F_MEMS_ALLOWED, MPOL_F_ADDR, MPOL_F_NODE |
| ptrace_req = PTRACE_LISTEN, PTRACE_KILL, PTRACE_INTERRUPT, PTRACE_ATTACH, PTRACE_DETACH |
| ptrace_req_peek = PTRACE_PEEKTEXT, PTRACE_PEEKDATA |
| ptrace_req_poke = PTRACE_POKETEXT, PTRACE_POKEDATA |
| ptrace_req_getregs = PTRACE_GETREGS, PTRACE_GETFPREGS |
| ptrace_req_setregs = PTRACE_SETREGS, PTRACE_SETFPREGS |
| ptrace_req_setopts = PTRACE_SETOPTIONS, PTRACE_SEIZE |
| ptrace_req_cont = PTRACE_CONT, PTRACE_SYSCALL, PTRACE_SINGLESTEP, PTRACE_SYSEMU, PTRACE_SYSEMU_SINGLESTEP |
| pthread_regset = NT_PRSTATUS, NT_PRFPREG, NT_PRPSINFO, NT_TASKSTRUCT, NT_AUXV, NT_386_TLS, NT_386_IOPERM, NT_X86_XSTATE |
| ptrace_options = PTRACE_O_EXITKILL, PTRACE_O_TRACECLONE, PTRACE_O_TRACEEXEC, PTRACE_O_TRACEEXIT, PTRACE_O_TRACEFORK, PTRACE_O_TRACESYSGOOD, PTRACE_O_TRACEVFORK, PTRACE_O_TRACEVFORKDONE |
| fcntl_dupfd = F_DUPFD, F_DUPFD_CLOEXEC |
| fcntl_getflags = F_GETFD, F_GETFL, F_GETSIG, F_GETLEASE, F_GETPIPE_SZ, F_GET_SEALS |
| fcntl_lock = F_SETLK, F_SETLKW, F_GETLK, F_OFD_GETLK, F_OFD_SETLK, F_OFD_SETLKW |
| fcntl_flags = FD_CLOEXEC |
| fcntl_status = O_APPEND, FASYNC, O_DIRECT, O_NOATIME, O_NONBLOCK |
| flock_type = F_RDLCK, F_WRLCK, F_UNLCK |
| f_owner_type = F_OWNER_TID, F_OWNER_PID, F_OWNER_PGRP |
| fcntl_notify = DN_MULTISHOT, DN_ACCESS, DN_MODIFY, DN_CREATE, DN_DELETE, DN_RENAME, DN_ATTRIB |
| seal_types = F_SEAL_SEAL, F_SEAL_SHRINK, F_SEAL_GROW, F_SEAL_WRITE |
| ioctl_void = FIOCLEX, FIONCLEX, FITHAW |
| ioctl_int_in = FIONBIO, FIOASYNC |
| ioctl_int_out = FIOQSIZE, FIGETBSZ |
| fcntl_rw_hint = RWF_WRITE_LIFE_NOT_SET, RWH_WRITE_LIFE_NONE, RWH_WRITE_LIFE_SHORT, RWH_WRITE_LIFE_MEDIUM, RWH_WRITE_LIFE_LONG, RWH_WRITE_LIFE_EXTREME |
| fiemap_flags = FIEMAP_FLAG_SYNC, FIEMAP_FLAG_XATTR, FIEMAP_FLAG_CACHE |
| fiemap_extent_flags = FIEMAP_EXTENT_LAST, FIEMAP_EXTENT_UNKNOWN, FIEMAP_EXTENT_DELALLOC, FIEMAP_EXTENT_ENCODED, FIEMAP_EXTENT_DATA_ENCRYPTED, FIEMAP_EXTENT_NOT_ALIGNED, FIEMAP_EXTENT_DATA_INLINE, FIEMAP_EXTENT_DATA_TAIL, FIEMAP_EXTENT_UNWRITTEN, FIEMAP_EXTENT_MERGED, FIEMAP_EXTENT_SHARED |
| getrandom_flags = GRND_NONBLOCK, GRND_RANDOM |
| clone_flags = CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_PTRACE, CLONE_VFORK, CLONE_PARENT, CLONE_THREAD, CLONE_NEWNS, CLONE_SYSVSEM, CLONE_SETTLS, CLONE_PARENT_SETTID, CLONE_CHILD_CLEARTID, CLONE_UNTRACED, CLONE_CHILD_SETTID, CLONE_NEWCGROUP, CLONE_NEWUTS, CLONE_NEWIPC, CLONE_NEWUSER, CLONE_NEWPID, CLONE_NEWNET, CLONE_IO, CLONE_PIDFD |
| |
| # adjtimex flags. |
| _ = STA_PLL, STA_PPSFREQ, STA_PPSTIME, STA_FLL, STA_INS, STA_DEL, STA_UNSYNC, STA_FREQHOLD, STA_PPSSIGNAL, STA_PPSJITTER, STA_PPSWANDER, STA_PPSERROR, STA_CLOCKERR, STA_NANO, STA_MODE, STA_CLK, STA_RONLY |
| # clock_adjtime modes |
| _ = ADJ_OFFSET, ADJ_FREQUENCY, ADJ_MAXERROR, ADJ_ESTERROR, ADJ_STATUS, ADJ_TIMECONST, ADJ_TAI, ADJ_SETOFFSET, ADJ_MICRO, ADJ_NANO, ADJ_TICK, ADJ_OFFSET_SINGLESHOT |
| |
| # misc |
| _ = KCOV_INIT_TRACE, KCOV_ENABLE, KCOV_DISABLE, KCOV_TRACE_PC, KCOV_TRACE_CMP, FIFREEZE, PTRACE_TRACEME, SYSLOG_ACTION_CONSOLE_ON, SYSLOG_ACTION_CONSOLE_OFF, SYSLOG_ACTION_CONSOLE_LEVEL, SYSLOG_ACTION_CLEAR, __NR_mmap2 |
| |
| # Hardcode KCOV_REMOTE_ENABLE value for amd64 until new kcov patches reach mainline. |
| define KCOV_REMOTE_ENABLE 1075340134 |
| |
| # Not yet implemented syscalls |
| #define __NR_umask 95 |
| #define __NR_vhangup 153 |
| #define __NR__sysctl 156 |
| #define __NR_adjtimex 159 |
| #define __NR_swapon 167 |
| #define __NR_swapoff 168 |
| #define __NR_quotactl 179 |
| #define __NR_nfsservctl 180 |
| #define __NR_getcpu 309 |
| |
| # Probably no sense in calling there. |
| # Also affect system-wide state, so not reproducble anyway. |
| #define __NR_gettimeofday 96 |
| #define __NR_settimeofday 164 |
| #define __NR_reboot 169 |
| #define __NR_sethostname 170 |
| #define __NR_setdomainname 171 |
| #define __NR_sched_get_priority_max 146 |
| #define __NR_sched_get_priority_min 147 |