diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2020-11-15 13:03:33 +0100 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2020-11-21 14:22:40 +0100 |
| commit | 5de4ef6cb71a4a07492ab0f28b0bb35cb6ab2e21 (patch) | |
| tree | 0deebd8e9d1283d13b58644bd93cb979013a678e | |
| parent | c7ec2d19f82830161738378f96761b57328eed7a (diff) | |
tools/create-gce-image.sh: move sysctl's to executor
Move the remaining sysctls from image creation scripts into executor.
We have the rest in executor now, and these are captured in reproducers
and are not duplicated.
It seems that ping_group_range was accidentially lost along the way,
re-add it.
| -rw-r--r-- | executor/common_linux.h | 6 | ||||
| -rw-r--r-- | pkg/build/linux_generated.go | 2 | ||||
| -rw-r--r-- | pkg/csource/generated.go | 3 | ||||
| -rwxr-xr-x | tools/create-gce-image.sh | 2 | ||||
| -rwxr-xr-x | tools/create-image.sh | 9 |
5 files changed, 9 insertions, 13 deletions
diff --git a/executor/common_linux.h b/executor/common_linux.h index 16b78e99a..98489f12d 100644 --- a/executor/common_linux.h +++ b/executor/common_linux.h @@ -4587,6 +4587,8 @@ static void setup_usb() static void setup_sysctl() { + // TODO: consider moving all sysctl's into CMDLINE config later. + // Kernel has support for setting sysctl's via command line since 3db978d480e28 (v5.8). static struct { const char* name; const char* data; @@ -4612,6 +4614,10 @@ static void setup_sysctl() {"/proc/sys/fs/mount-max", "100"}, // Dumping all tasks to console can take too long. {"/proc/sys/vm/oom_dump_tasks", "0"}, + // Executor hits lots of SIGSEGVs, no point in logging them. + {"/proc/sys/debug/exception-trace", "0"}, + {"/proc/sys/kernel/printk", "7 4 1 3"}, + {"/proc/sys/net/ipv4/ping_group_range", "0 65535"}, }; for (size_t i = 0; i < sizeof(files) / sizeof(files[0]); i++) { if (!write_file(files[i].name, files[i].data)) diff --git a/pkg/build/linux_generated.go b/pkg/build/linux_generated.go index e35428f18..78c55fd79 100644 --- a/pkg/build/linux_generated.go +++ b/pkg/build/linux_generated.go @@ -101,8 +101,6 @@ echo 'ATTR{name}=="vim2m", SYMLINK+="vim2m"' | sudo tee -a disk.mnt/etc/udev/rul echo 'SUBSYSTEMS=="pci", DRIVERS=="i915", SYMLINK+="i915"' | sudo tee -a disk.mnt/etc/udev/rules.d/60-drm.rules -echo "kernel.printk = 7 4 1 3" | sudo tee -a disk.mnt/etc/sysctl.conf -echo "debug.exception-trace = 0" | sudo tee -a disk.mnt/etc/sysctl.conf SYZ_SYSCTL_FILE="${SYZ_SYSCTL_FILE:-}" if [ "$SYZ_SYSCTL_FILE" != "" ]; then cat $SYZ_SYSCTL_FILE | sudo tee -a disk.mnt/etc/sysctl.conf diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go index 5e234d47a..2c2c7c398 100644 --- a/pkg/csource/generated.go +++ b/pkg/csource/generated.go @@ -9385,6 +9385,9 @@ static void setup_sysctl() {"/proc/sys/kernel/softlockup_all_cpu_backtrace", "1"}, {"/proc/sys/fs/mount-max", "100"}, {"/proc/sys/vm/oom_dump_tasks", "0"}, + {"/proc/sys/debug/exception-trace", "0"}, + {"/proc/sys/kernel/printk", "7 4 1 3"}, + {"/proc/sys/net/ipv4/ping_group_range", "0 65535"}, }; for (size_t i = 0; i < sizeof(files) / sizeof(files[0]); i++) { if (!write_file(files[i].name, files[i].data)) diff --git a/tools/create-gce-image.sh b/tools/create-gce-image.sh index 075143fcc..86aa8ef36 100755 --- a/tools/create-gce-image.sh +++ b/tools/create-gce-image.sh @@ -154,8 +154,6 @@ echo 'ATTR{name}=="vim2m", SYMLINK+="vim2m"' | sudo tee -a disk.mnt/etc/udev/rul echo 'SUBSYSTEMS=="pci", DRIVERS=="i915", SYMLINK+="i915"' | sudo tee -a disk.mnt/etc/udev/rules.d/60-drm.rules # sysctls -echo "kernel.printk = 7 4 1 3" | sudo tee -a disk.mnt/etc/sysctl.conf -echo "debug.exception-trace = 0" | sudo tee -a disk.mnt/etc/sysctl.conf SYZ_SYSCTL_FILE="${SYZ_SYSCTL_FILE:-}" if [ "$SYZ_SYSCTL_FILE" != "" ]; then cat $SYZ_SYSCTL_FILE | sudo tee -a disk.mnt/etc/sysctl.conf diff --git a/tools/create-image.sh b/tools/create-image.sh index 0a71efb7a..4dd9b2594 100755 --- a/tools/create-image.sh +++ b/tools/create-image.sh @@ -162,15 +162,6 @@ echo 'debugfs /sys/kernel/debug debugfs defaults 0 0' | sudo tee -a $DIR/etc/fst echo 'securityfs /sys/kernel/security securityfs defaults 0 0' | sudo tee -a $DIR/etc/fstab echo 'configfs /sys/kernel/config/ configfs defaults 0 0' | sudo tee -a $DIR/etc/fstab echo 'binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc defaults 0 0' | sudo tee -a $DIR/etc/fstab -echo "kernel.printk = 7 4 1 3" | sudo tee -a $DIR/etc/sysctl.conf -echo 'debug.exception-trace = 0' | sudo tee -a $DIR/etc/sysctl.conf -echo "net.core.bpf_jit_enable = 1" | sudo tee -a $DIR/etc/sysctl.conf -echo "net.core.bpf_jit_kallsyms = 1" | sudo tee -a $DIR/etc/sysctl.conf -echo "net.core.bpf_jit_harden = 0" | sudo tee -a $DIR/etc/sysctl.conf -echo "kernel.softlockup_all_cpu_backtrace = 1" | sudo tee -a $DIR/etc/sysctl.conf -echo "kernel.kptr_restrict = 0" | sudo tee -a $DIR/etc/sysctl.conf -echo "kernel.watchdog_thresh = 60" | sudo tee -a $DIR/etc/sysctl.conf -echo "net.ipv4.ping_group_range = 0 65535" | sudo tee -a $DIR/etc/sysctl.conf echo -en "127.0.0.1\tlocalhost\n" | sudo tee $DIR/etc/hosts echo "nameserver 8.8.8.8" | sudo tee -a $DIR/etc/resolve.conf echo "syzkaller" | sudo tee $DIR/etc/hostname |