Skip to content

Commit 0b0439e

Browse files
ramosian-gliderramosian-glider
committed
executor: arm64: syzos: prevent jump table emission
When compiling SYZOS into the executor binary, the compiler often attempts to emit a jump table, putting it into the data section of the executor. SYZOS is unable to access that data and crashes. Use primes multiplied by 10 to defeat the compiler's heuristics for jump table emission.
1 parent 77908e5 commit 0b0439e

File tree

2 files changed

+19
-19
lines changed

2 files changed

+19
-19
lines changed

executor/common_kvm_arm64_syzos.h

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -19,16 +19,16 @@
1919
extern char *__start_guest, *__stop_guest;
2020

2121
typedef enum {
22-
SYZOS_API_UEXIT,
23-
SYZOS_API_CODE,
24-
SYZOS_API_MSR,
25-
SYZOS_API_SMC,
26-
SYZOS_API_HVC,
27-
SYZOS_API_IRQ_SETUP,
28-
SYZOS_API_MEMWRITE,
29-
SYZOS_API_ITS_SETUP,
30-
SYZOS_API_ITS_SEND_CMD,
31-
SYZOS_API_MRS,
22+
SYZOS_API_UEXIT = 0,
23+
SYZOS_API_CODE = 10,
24+
SYZOS_API_MSR = 20,
25+
SYZOS_API_SMC = 30,
26+
SYZOS_API_HVC = 50,
27+
SYZOS_API_IRQ_SETUP = 70,
28+
SYZOS_API_MEMWRITE = 110,
29+
SYZOS_API_ITS_SETUP = 130,
30+
SYZOS_API_ITS_SEND_CMD = 170,
31+
SYZOS_API_MRS = 190,
3232
SYZOS_API_STOP, // Must be the last one
3333
} syzos_api_id;
3434

sys/linux/dev_kvm_arm64.txt

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -203,13 +203,13 @@ type syzos_api[NUM, PAYLOAD] {
203203

204204
syzos_api_call [
205205
uexit syzos_api[0, intptr]
206-
code syzos_api[1, syzos_api_code]
207-
msr syzos_api[2, syzos_api_msr]
208-
smc syzos_api[3, syzos_api_smccc]
209-
hvc syzos_api[4, syzos_api_smccc]
210-
irq_setup syzos_api[5, syzos_api_irq_setup]
211-
memwrite syzos_api[6, syzos_api_memwrite]
212-
its_setup syzos_api[7, syzos_api_its_setup]
213-
its_send_cmd syzos_api[8, syzos_api_its_send_cmd]
214-
mrs syzos_api[9, syzos_api_mrs]
206+
code syzos_api[10, syzos_api_code]
207+
msr syzos_api[20, syzos_api_msr]
208+
smc syzos_api[30, syzos_api_smccc]
209+
hvc syzos_api[50, syzos_api_smccc]
210+
irq_setup syzos_api[70, syzos_api_irq_setup]
211+
memwrite syzos_api[110, syzos_api_memwrite]
212+
its_setup syzos_api[130, syzos_api_its_setup]
213+
its_send_cmd syzos_api[170, syzos_api_its_send_cmd]
214+
mrs syzos_api[190, syzos_api_mrs]
215215
] [varlen]

0 commit comments

Comments
 (0)