This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import re | |
import os | |
import sys | |
linux_syscalls = ["read", "write", "open", "close", "stat", "fstat", "lstat", "poll", "lseek", "mmap", "mprotect", "munmap", "brk", "rt_sigaction", "rt_sigprocmask", "rt_sigreturn", "ioctl", "pread64", "pwrite64", "readv", "writev", "access", "pipe", "select", "sched_yield", "mremap", "msync", "mincore", "madvise", "shmget", "shmat", "shmctl", "dup", "dup2", "pause", "nanosleep", "getitimer", "alarm", "setitimer", "getpid", "sendfile", "socket", "connect", "accept", "sendto", "recvfrom", "sendmsg", "recvmsg", "shutdown", "bind", "listen", "getsockname", "getpeername", "socketpair", "setsockopt", "getsockopt", "clone", "fork", "vfork", "execve", "exit", "wait4", "kill", "uname", "semget", "semop", "semctl", "shmdt", "msgget", "msgsnd", "msgrcv", "msgctl", "fcntl", "flock", "fsync", "fdatasync", "truncate", "ftruncate", "getdents", "getcwd", "chdir", "fchdir", "rename", "mkdir", "rmdir", "creat", "link", "unlink", "symlink", "readlink", "chmod", "fchmod", "chown", "fchown", "lchown", "umask", "gettimeofday", "getrlimit", "getrusage", "sysinfo", "times", "ptrace", "getuid", "syslog", "getgid", "setuid", "setgid", "geteuid", "getegid", "setpgid", "getppid", "getpgrp", "setsid", "setreuid", "setregid", "getgroups", "setgroups", "setresuid", "getresuid", "setresgid", "getresgid", "getpgid", "setfsuid", "setfsgid", "getsid", "capget", "capset", "rt_sigpending", "rt_sigtimedwait", "rt_sigqueueinfo", "rt_sigsuspend", "sigaltstack", "utime", "mknod", "uselib", "personality", "ustat", "statfs", "fstatfs", "sysfs", "getpriority", "setpriority", "sched_setparam", "sched_getparam", "sched_setscheduler", "sched_getscheduler", "sched_get_priority_max", "sched_get_priority_min", "sched_rr_get_interval", "mlock", "munlock", "mlockall", "munlockall", "vhangup", "modify_ldt", "pivot_root", "_sysctl", "prctl", "arch_prctl", "adjtimex", "setrlimit", "chroot", "sync", "acct", "settimeofday", "mount", "umount2", "swapon", "swapoff", "reboot", "sethostname", "setdomainname", "iopl", "ioperm", "create_module", "init_module", "delete_module", "get_kernel_syms", "query_module", "quotactl", "nfsservctl", "getpmsg", "putpmsg", "afs_syscall", "tuxcall", "security", "gettid", "readahead", "setxattr", "lsetxattr", "fsetxattr", "getxattr", "lgetxattr", "fgetxattr", "listxattr", "llistxattr", "flistxattr", "removexattr", "lremovexattr", "fremovexattr", "tkill", "time", "futex", "sched_setaffinity", "sched_getaffinity", "set_thread_area", "io_setup", "io_destroy", "io_getevents", "io_submit", "io_cancel", "get_thread_area", "lookup_dcookie", "epoll_create", "epoll_ctl_old", "epoll_wait_old", "remap_file_pages", "getdents64", "set_tid_address", "restart_syscall", "semtimedop", "fadvise64", "timer_create", "timer_settime", "timer_gettime", "timer_getoverrun", "timer_delete", "clock_settime", "clock_gettime", "clock_getres", "clock_nanosleep", "exit_group", "epoll_wait", "epoll_ctl", "tgkill", "utimes", "vserver", "mbind", "set_mempolicy", "get_mempolicy", "mq_open", "mq_unlink", "mq_timedsend", "mq_timedreceive", "mq_notify", "mq_getsetattr", "kexec_load", "waitid", "add_key", "request_key", "keyctl", "ioprio_set", "ioprio_get", "inotify_init", "inotify_add_watch", "inotify_rm_watch", "migrate_pages", "openat", "mkdirat", "mknodat", "fchownat", "futimesat", "newfstatat", "unlinkat", "renameat", "linkat", "symlinkat", "readlinkat", "fchmodat", "faccessat", "pselect6", "ppoll", "unshare", "set_robust_list", "get_robust_list", "splice", "tee", "sync_file_range", "vmsplice", "move_pages", "utimensat", "epoll_pwait", "signalfd", "timerfd_create", "eventfd", "fallocate", "timerfd_settime", "timerfd_gettime", "accept4", "signalfd4", "eventfd2", "epoll_create1", "dup3", "pipe2", "inotify_init1", "preadv", "pwritev", "rt_tgsigqueueinfo", "perf_event_open", "recvmmsg", "fanotify_init", "fanotify_mark", "prlimit64", "name_to_handle_at", "open_by_handle_at", "clock_adjtime", "syncfs", "sendmmsg", "setns", "getcpu", "process_vm_readv", "process_vm_writev", "kcmp", "finit_module", "sched_setattr", "sched_getattr", "renameat2", "seccomp", "getrandom", "memfd_create", "kexec_file_load", "bpf", "execveat", "userfaultfd", "membarrier", "mlock2", "copy_file_range", "preadv2", "pwritev2", "pkey_mprotect", "pkey_alloc", "pkey_free", "statx", "io_pgetevents", "rseq", "use", "entry","pidfd_send_signal", "io_uring_setup", "io_uring_enter", "io_uring_register","open_tree", "move_mount", "fsopen", "fsconfig", "fsmount", "fspick", "pidfd_open","clone3", "openat2", "pidfd_getfd", "rt_sigaction", "rt_sigreturn", "ioctl", "readv","writev", "recvfrom", "sendmsg", "recvmsg", "execve", "ptrace", "rt_sigpending","rt_sigtimedwait", "rt_sigqueueinfo", "sigaltstack", "timer_create", "mq_notify","kexec_load", "waitid", "set_robust_list", "get_robust_list", "vmsplice","move_pages", "preadv", "pwritev", "rt_tgsigqueueinfo", "recvmmsg", "sendmmsg","process_vm_readv", "process_vm_writev", "setsockopt", "getsockopt", "io_setup","io_submit", "execveat", "preadv2", "pwritev2"] | |
listed_syscalls = [] | |
listed_syscalls_names = [] | |
missing_syscalls = [] | |
def usage(): | |
print "USAGE: python linux.py <path to sys/linux>: Syzkaller Stats for linux" | |
def syzkaller_check(path): | |
for filename in os.listdir(path): | |
if filename.endswith(".txt"): | |
content = open(os.path.join(path, filename)).readlines() | |
syzkaller_file_parser(content) | |
#find_missing_syscalls() | |
print_syscalls() | |
def syzkaller_file_parser(content): | |
sys = re.compile("\A((?!(#|syz|define)).*?)\(.*\).*") | |
name_parse = re.compile("(.*)\$(.*)") | |
for line in content: | |
sys_match = sys.match(line) | |
if sys_match: | |
#print sys_match.groups() | |
syscall_name=sys_match.groups()[0].strip() | |
if name_parse.match(syscall_name): | |
listed_syscalls_names.append(name_parse.match(syscall_name).groups()[0].strip()) | |
else: | |
listed_syscalls_names.append(syscall_name) | |
def find_missing_syscalls(): | |
for i in set(listed_syscalls_names): | |
if i not in set(linux_syscalls): | |
missing_syscalls.append(i) | |
def print_syscalls(): | |
print "="*50 | |
print "Linux Stats" | |
print "="*50 | |
print "[*] No. of syscalls fuzzed : " + str(len(set(listed_syscalls_names))) | |
print "[*] Total no. of syscalls : " + str(len(linux_syscalls)) | |
print "[*] Coverage percentage : " + str((len(set(listed_syscalls_names))*100)/len(linux_syscalls)) | |
def main(): | |
if len(sys.argv) < 2: | |
usage() | |
exit() | |
path = sys.argv[1] | |
syzkaller_check(path) | |
if __name__ == "__main__": | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment