static void sanitise_socketcall(int childno) { unsigned long *args; args = malloc(6 * sizeof(unsigned long)); shm->a1[childno] = rand() % 20; switch (shm->a1[childno]) { case SYS_SOCKET: sanitise_socket(childno); shm->syscallno[childno] = search_syscall_table(syscalls, max_nr_syscalls, "socket"); break; case SYS_BIND: break; case SYS_CONNECT: break; case SYS_LISTEN: break; case SYS_ACCEPT: break; case SYS_GETSOCKNAME: break; case SYS_GETPEERNAME: break; case SYS_SOCKETPAIR: break; case SYS_SEND: break; case SYS_RECV: break; case SYS_SENDTO: break; case SYS_RECVFROM: break; case SYS_SHUTDOWN: break; case SYS_SETSOCKOPT: break; case SYS_GETSOCKOPT: break; case SYS_SENDMSG: break; case SYS_RECVMSG: break; case SYS_ACCEPT4: break; case SYS_RECVMMSG: break; case SYS_SENDMMSG: break; default: break; } shm->a2[childno] = (unsigned long) args; }
void generate_sockets(void) { struct flock fl = { .l_type = F_WRLCK, .l_whence = SEEK_SET, }; int fd, n; unsigned int i, tries; int cachefile; unsigned int nr_to_create = NR_SOCKET_FDS; unsigned long domain, type, protocol; unsigned int buffer[3]; cachefile = creat(cachefilename, S_IWUSR|S_IRUSR); if (cachefile < 0) { printf("Couldn't open cachefile for writing! (%s)\n", strerror(errno)); exit(EXIT_FAILURE); } output(2, "taking writer lock for cachefile\n"); fl.l_pid = getpid(); fl.l_type = F_WRLCK; if (fcntl(cachefile, F_SETLKW, &fl) == -1) { perror("fcntl F_WRLCK F_SETLKW"); exit(EXIT_FAILURE); } output(2, "took writer lock for cachefile\n"); while (nr_to_create > 0) { if (shm->exit_reason != STILL_RUNNING) return; for (i = 0; i < PF_MAX; i++) sockarray[i] = 0; for (i = 0; i < PF_MAX; i++) { tries = 0; if (sockarray[i] == MAX_PER_DOMAIN) break; /* Pretend we're child 0 and we've called sys_socket */ sanitise_socket(0); domain = shm->a1[0]; type = shm->a2[0]; protocol = shm->a3[0]; if (do_specific_proto == TRUE) domain = specific_proto; else domain = i; fd = socket(domain, type, protocol); if (fd > -1) { shm->socket_fds[nr_sockets] = fd; output(2, "fd[%i] = domain:%i type:0x%x protocol:%i\n", fd, domain, type, protocol); sockarray[i]++; nr_sockets++; nr_to_create--; buffer[0] = domain; buffer[1] = type; buffer[2] = protocol; n = write(cachefile, &buffer, sizeof(int) * 3); if (n == -1) { printf("something went wrong writing the cachefile!\n"); exit(EXIT_FAILURE); } if (nr_to_create == 0) goto done; } else { tries++; } if (tries == MAX_TRIES_PER_DOMAIN) break; } } done: fl.l_type = F_UNLCK; if (fcntl(cachefile, F_SETLK, &fl) == -1) { perror("fcntl F_SETLK"); exit(1); } output(2, "dropped writer lock for cachefile\n"); output(1, "created %d sockets\n", nr_sockets); close(cachefile); }
void generate_sockets(void) { struct flock fl = { .l_type = F_WRLCK, .l_whence = SEEK_SET, }; int fd, n; int cachefile; unsigned int nr_to_create = NR_SOCKET_FDS; unsigned long domain, type, protocol; unsigned int buffer[3]; cachefile = creat(cachefilename, S_IWUSR|S_IRUSR); if (cachefile < 0) { printf("Couldn't open cachefile for writing! (%s)\n", strerror(errno)); exit(EXIT_FAILURE); } if (verbose) output(2, "taking writer lock for cachefile\n"); fl.l_pid = getpid(); fl.l_type = F_WRLCK; if (fcntl(cachefile, F_SETLKW, &fl) == -1) { perror("fcntl F_WRLCK F_SETLKW"); exit(EXIT_FAILURE); } if (verbose) output(2, "took writer lock for cachefile\n"); while (nr_to_create > 0) { if (shm->exit_reason != STILL_RUNNING) return; /* Pretend we're child 0 and we've called sys_socket */ sanitise_socket(0); //FIXME: If we passed a specific domain, we want to sanitise // the proto/type fields. Split it out of sanitise_socket() if (do_specific_proto == TRUE) domain = specific_proto; else domain = shm->a1[0]; type = shm->a2[0]; protocol = shm->a3[0]; fd = open_socket(domain, type, protocol); if (fd > -1) { nr_to_create--; buffer[0] = domain; buffer[1] = type; buffer[2] = protocol; n = write(cachefile, &buffer, sizeof(int) * 3); if (n == -1) { printf("something went wrong writing the cachefile!\n"); exit(EXIT_FAILURE); } if (nr_to_create == 0) goto done; } /* check for ctrl-c */ if (shm->exit_reason != STILL_RUNNING) return; //FIXME: If we've passed -P and we're spinning here without making progress // then we should abort after a few hundred loops. } done: fl.l_type = F_UNLCK; if (fcntl(cachefile, F_SETLK, &fl) == -1) { perror("fcntl F_SETLK"); exit(1); } if (verbose) output(2, "dropped writer lock for cachefile\n"); output(1, "created %d sockets\n", nr_sockets); close(cachefile); }