syz-cluster: add net config

Refactor Tree structure to host both the kernel config and the fuzzer
config.
Add some basic net fuzzing configs.

5 files changed, 73 insertions, 16 deletions

diff --git a/syz-cluster/pkg/api/api.go b/syz-cluster/pkg/api/api.go
index 535808e29..1b2b8f79f 100644
--- a/syz-cluster/pkg/api/api.go
+++ b/syz-cluster/pkg/api/api.go
@@ -25,12 +25,13 @@ type FuzzConfig struct {
 
 // The triage step of the workflow will request these from controller.
 type Tree struct {
-	Name       string   `json:"name"` // Primary key.
-	URL        string   `json:"URL"`
-	Branch     string   `json:"branch"`
-	EmailLists []string `json:"email_lists"`
-	Priority   int64    `json:"priority"` // Higher numbers mean higher priority.
-	ConfigName string   `json:"config_name"`
+	Name         string   `json:"name"` // Primary key.
+	URL          string   `json:"URL"`
+	Branch       string   `json:"branch"`
+	EmailLists   []string `json:"email_lists"`
+	Priority     int64    `json:"priority"` // Higher numbers mean higher priority.
+	KernelConfig string   `json:"kernel_config"`
+	FuzzConfig   string   `json:"fuzz_config"`
 }
 
 type BuildRequest struct {
@@ -147,11 +148,21 @@ type BuildInfo struct {
 // Let them stay here until we find a better place.
 var DefaultTrees = []*Tree{
 	{
-		Name:       `torvalds`,
-		URL:        `https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux`,
-		Branch:     `master`,
-		Priority:   0,
-		EmailLists: []string{},
-		ConfigName: `upstream-apparmor-kasan.config`,
+		Name:         `torvalds`,
+		URL:          `https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux`,
+		Branch:       `master`,
+		Priority:     0,
+		EmailLists:   []string{},
+		KernelConfig: `upstream-apparmor-kasan.config`,
+		FuzzConfig:   `all`,
+	},
+	{
+		Name:         `netdev`,
+		URL:          `https://kernel.googlesource.com/pub/scm/linux/kernel/git/netdev/net.git`,
+		Branch:       `main`,
+		Priority:     1,
+		EmailLists:   []string{`netdev@vger.kernel.org`},
+		KernelConfig: `upstream-apparmor-kasan.config`,
+		FuzzConfig:   `net`,
 	},
 }
diff --git a/syz-cluster/workflow/configs/net/base.cfg b/syz-cluster/workflow/configs/net/base.cfg
new file mode 100644
index 000000000..223fdda3b
--- /dev/null
+++ b/syz-cluster/workflow/configs/net/base.cfg
@@ -0,0 +1,36 @@
+{
+    "name": "base",
+    "target": "linux/amd64",
+    "kernel_obj": "/base/obj",
+    "image": "/base/image",
+    "syzkaller": "/syzkaller",
+    "workdir": "/workdir",
+    "type": "qemu",
+    "enable_syscalls": [
+	    "accept", "accept4", "bind", "close", "connect", "epoll_create",
+	    "epoll_create1", "epoll_ctl", "epoll_pwait", "epoll_wait",
+	    "getpeername", "getsockname", "getsockopt", "ioctl", "listen",
+	    "mmap", "poll", "ppoll", "pread64", "preadv", "pselect6",
+	    "pwrite64", "pwritev", "read", "readv", "recvfrom", "recvmmsg",
+	    "recvmsg", "select", "sendfile", "sendmmsg", "sendmsg", "sendto",
+	    "setsockopt", "shutdown", "socket", "socketpair", "splice",
+	    "vmsplice", "write", "writev", "tee", "bpf", "getpid",
+	    "getgid", "getuid", "gettid", "unshare", "pipe",
+	    "syz_emit_ethernet", "syz_extract_tcp_res",
+	    "syz_genetlink_get_family_id", "syz_init_net_socket",
+	    "mkdirat$cgroup*", "openat$cgroup*", "write$cgroup*",
+	    "clock_gettime", "bpf", "openat$tun", "openat$ppp",
+	    "syz_open_procfs$namespace", "syz_80211_*", "nanosleep"
+    ],
+    "procs": 3,
+    "sandbox": "none",
+    "experimental": {"cover_edges": false},
+    "vm": {    
+      "count": 4,
+      "cmdline": "root=/dev/sda1",
+      "kernel": "/base/kernel",
+      "cpu": 2,
+      "mem": 3072,
+      "qemu_args": "-machine pc-q35-7.1 -enable-kvm -smp 2,sockets=2,cores=1"
+    }
+}
diff --git a/syz-cluster/workflow/configs/net/patched.cfg b/syz-cluster/workflow/configs/net/patched.cfg
new file mode 100644
index 000000000..9c2efd8ba
--- /dev/null
+++ b/syz-cluster/workflow/configs/net/patched.cfg
@@ -0,0 +1,10 @@
+{
+    "name": "patched",
+    "target": "linux/amd64",
+    "kernel_obj": "/patched/obj",
+    "image": "/patched/image",
+    "vm": {
+      "count": 10,
+      "kernel": "/patched/kernel"
+    }
+}
diff --git a/syz-cluster/workflow/rebuild-kernels-cron.yaml b/syz-cluster/workflow/rebuild-kernels-cron.yaml
index 3d93a05c5..c8e4a15ad 100644
--- a/syz-cluster/workflow/rebuild-kernels-cron.yaml
+++ b/syz-cluster/workflow/rebuild-kernels-cron.yaml
@@ -87,7 +87,7 @@ spec:
             "arch": "amd64", # TODO: consider others as well.
             "tree_name": input["name"],
             "commit_hash": input["branch"],
-            "config_name": input["config_name"]
+            "config_name": input["kernel_config"]
           }
           with open('/output/request.json', 'w') as f:
             json.dump(output, f)
diff --git a/syz-cluster/workflow/triage-step/main.go b/syz-cluster/workflow/triage-step/main.go
index 5c7390db1..73cf67fd2 100644
--- a/syz-cluster/workflow/triage-step/main.go
+++ b/syz-cluster/workflow/triage-step/main.go
@@ -72,7 +72,7 @@ func getVerdict(ctx context.Context, client *api.Client, ops triage.TreeOps) (*a
 	arch := "amd64"
 	lastBuild, err := client.LastBuild(ctx, &api.LastBuildReq{
 		Arch:       arch,
-		ConfigName: tree.ConfigName,
+		ConfigName: tree.KernelConfig,
 		TreeName:   tree.Name,
 		Status:     api.BuildSuccess,
 	})
@@ -94,7 +94,7 @@ func getVerdict(ctx context.Context, client *api.Client, ops triage.TreeOps) (*a
 	}
 	base := api.BuildRequest{
 		TreeName:   tree.Name,
-		ConfigName: tree.ConfigName,
+		ConfigName: tree.KernelConfig,
 		CommitHash: commit,
 		Arch:       arch,
 	}
@@ -102,7 +102,7 @@ func getVerdict(ctx context.Context, client *api.Client, ops triage.TreeOps) (*a
 		Fuzz: &api.FuzzConfig{
 			Base:    base,
 			Patched: base,
-			Config:  "all",
+			Config:  tree.FuzzConfig,
 		},
 	}
 	ret.Fuzz.Patched.SeriesID = series.ID