16062852561

Committed 03 Jul 2025 10:04PM UTC coverage: 72.193% (+0.1%) from 72.096%

Build # 16062852561

Build Type

push

github

Committed by

bluca

Commit Message

pcrlock: process components outside of location window properly

So far, when we tried to match a component to eent log entries we
skipped those components if they were outside of our location window.
That however is too aggressive, since it means any components that are
already in the logs, but outside of the location window will be
considered unrecognized in the logs, and thus removed from the PCR
policy.

Change things around: always try to match up all components, regardless
if inside the location window or outside, but then make it non-fatal we
can't find a component outside of the location window.

Fixes: #36079

Run Details

7 of 9 new or added lines in 1 file covered. (77.78%)

4116 existing lines in 75 files now uncovered.

301219 of 417241 relevant lines covered (72.19%)

730820.5 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/core/fuzz-execute-serialize.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */
/* Notes on how to run the fuzzer manually:
 *  1) Build the fuzzers with LLVM's libFuzzer and ASan+UBSan:
 *    $ CC=clang CXX=clang++ meson build-libfuzz -Db_sanitize=address,undefined -Dllvm-fuzz=true -Db_lundef=false
 *
 *  2) Collect some valid inputs:
 *
 * OUT=test/fuzz/fuzz-execute-serialize/initial
 * for section in context command parameters runtime cgroup; do
 *     awk "match(\$0, /startswith\\(.+, \"(exec-${section}-[^\"]+=)\"/, m) { print m[1]; }" \
 *         src/core/execute-serialize.c >>"$OUT"
 *     # Each "section" is delimited by an empty line
 *     echo >>"$OUT"
 * done
 *
 *  3) Run the fuzzer:
 *    $ build-libfuzz/fuzz-execute-serialize test/fuzz/fuzz-execute-serialize
 */

#include <stdio.h>
#include <stdlib.h>

#include "cgroup.h"
#include "dynamic-user.h"
#include "execute-serialize.h"
#include "execute.h"
#include "fd-util.h"
#include "fdset.h"
#include "fuzz.h"

static void exec_fuzz_one(FILE *f, FDSet *fdset) {
        _cleanup_(exec_params_deep_clear) ExecParameters params = EXEC_PARAMETERS_INIT(/* flags= */ 0);
        _cleanup_(exec_context_done) ExecContext exec_context = {};
        _cleanup_(cgroup_context_done) CGroupContext cgroup_context = {};
        DynamicCreds dynamic_creds = {};
        ExecCommand command = {};
        ExecSharedRuntime shared = {
                .netns_storage_socket = EBADF_PAIR,
                .ipcns_storage_socket = EBADF_PAIR,
        };
        ExecRuntime runtime = {
                .ephemeral_storage_socket = EBADF_PAIR,
                .shared = &shared,
                .dynamic_creds = &dynamic_creds,
        };

        exec_context_init(&exec_context);
        cgroup_context_init(&cgroup_context);

        (void) exec_deserialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);
        exec_context.private_var_tmp = PRIVATE_TMP_DISCONNECTED; /* The deserialization in the above may set an invalid value. */
        (void) exec_serialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);
        (void) exec_deserialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);

        /* We definitely didn't provide valid FDs during deserialization, so
         * wipe the FDs before exec_params_serialized_clear() kicks in, otherwise
         * we'll hit the assert in safe_close() */
        params.stdin_fd = -EBADF;
        params.stdout_fd = -EBADF;
        params.stderr_fd = -EBADF;
        params.exec_fd = -EBADF;
        params.user_lookup_fd = -EBADF;
        params.bpf_restrict_fs_map_fd = -EBADF;
        if (!params.fds)
                params.n_socket_fds = params.n_storage_fds = params.n_extra_fds = 0;
        for (size_t i = 0; params.fds && i < params.n_socket_fds + params.n_storage_fds + params.n_extra_fds; i++)
                params.fds[i] = -EBADF;

        exec_command_done_array(&command, /* n= */ 1);
        exec_shared_runtime_done(&shared);
        if (dynamic_creds.group != dynamic_creds.user)
                dynamic_user_free(dynamic_creds.group);
        dynamic_user_free(dynamic_creds.user);
        free(runtime.ephemeral_copy);
        safe_close_pair(runtime.ephemeral_storage_socket);
}

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        _cleanup_fclose_ FILE *f = NULL;
        _cleanup_fdset_free_ FDSet *fdset = NULL;

        if (outside_size_range(size, 0, 128 * 1024))
                return 0;

        fuzz_setup_logging();

        assert_se(fdset = fdset_new());
        assert_se(f = data_to_file(data, size));

        exec_fuzz_one(f, fdset);

        return 0;
}

1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
2	/* Notes on how to run the fuzzer manually:
3	* 1) Build the fuzzers with LLVM's libFuzzer and ASan+UBSan:
4	* $ CC=clang CXX=clang++ meson build-libfuzz -Db_sanitize=address,undefined -Dllvm-fuzz=true -Db_lundef=false
5	*
6	* 2) Collect some valid inputs:
7	*
8	* OUT=test/fuzz/fuzz-execute-serialize/initial
9	* for section in context command parameters runtime cgroup; do
10	* awk "match(\$0, /startswith\\(.+, \"(exec-${section}-[^\"]+=)\"/, m) { print m[1]; }" \
11	* src/core/execute-serialize.c >>"$OUT"
12	* # Each "section" is delimited by an empty line
13	* echo >>"$OUT"
14	* done
15	*
16	* 3) Run the fuzzer:
17	* $ build-libfuzz/fuzz-execute-serialize test/fuzz/fuzz-execute-serialize
18	*/
19
20	#include <stdio.h>
21	#include <stdlib.h>
22
23	#include "cgroup.h"
24	#include "dynamic-user.h"
25	#include "execute-serialize.h"
26	#include "execute.h"
27	#include "fd-util.h"
28	#include "fdset.h"
29	#include "fuzz.h"
30
31	static void exec_fuzz_one(FILE f, FDSet fdset) {	×
32	_cleanup_(exec_params_deep_clear) ExecParameters params = EXEC_PARAMETERS_INIT(/* flags= */ 0);	×
33	_cleanup_(exec_context_done) ExecContext exec_context = {};	×
34	_cleanup_(cgroup_context_done) CGroupContext cgroup_context = {};	×
35	DynamicCreds dynamic_creds = {};	×
36	ExecCommand command = {};	×
37	ExecSharedRuntime shared = {	×
38	.netns_storage_socket = EBADF_PAIR,
39	.ipcns_storage_socket = EBADF_PAIR,
40	};
41	ExecRuntime runtime = {	×
42	.ephemeral_storage_socket = EBADF_PAIR,
43	.shared = &shared,
44	.dynamic_creds = &dynamic_creds,
45	};
46
47	exec_context_init(&exec_context);	×
48	cgroup_context_init(&cgroup_context);	×
49
UNCOV 50	(void) exec_deserialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);	×
51	exec_context.private_var_tmp = PRIVATE_TMP_DISCONNECTED; /* The deserialization in the above may set an invalid value. */	×
52	(void) exec_serialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);	×
53	(void) exec_deserialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);	×
54
55	/* We definitely didn't provide valid FDs during deserialization, so
56	* wipe the FDs before exec_params_serialized_clear() kicks in, otherwise
57	* we'll hit the assert in safe_close() */
58	params.stdin_fd = -EBADF;	×
59	params.stdout_fd = -EBADF;	×
60	params.stderr_fd = -EBADF;	×
61	params.exec_fd = -EBADF;	×
62	params.user_lookup_fd = -EBADF;	×
63	params.bpf_restrict_fs_map_fd = -EBADF;	×
64	if (!params.fds)	×
65	params.n_socket_fds = params.n_storage_fds = params.n_extra_fds = 0;	×
66	for (size_t i = 0; params.fds && i < params.n_socket_fds + params.n_storage_fds + params.n_extra_fds; i++)	×
67	params.fds[i] = -EBADF;	×
68
69	exec_command_done_array(&command, /* n= */ 1);	×
70	exec_shared_runtime_done(&shared);	×
71	if (dynamic_creds.group != dynamic_creds.user)	×
72	dynamic_user_free(dynamic_creds.group);	×
73	dynamic_user_free(dynamic_creds.user);	×
74	free(runtime.ephemeral_copy);	×
75	safe_close_pair(runtime.ephemeral_storage_socket);	×
76	}	×
77
78	int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {	×
79	_cleanup_fclose_ FILE *f = NULL;	×
80	_cleanup_fdset_free_ FDSet *fdset = NULL;	×
81
82	if (outside_size_range(size, 0, 128 * 1024))	×
83	return 0;
84
85	fuzz_setup_logging();	×
86
87	assert_se(fdset = fdset_new());	×
88	assert_se(f = data_to_file(data, size));	×
89
90	exec_fuzz_one(f, fdset);	×
91
92	return 0;	×
93	}

systemd / systemd / 16062852561

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous