Update setup_ubuntu-host_qemu-vm_x86-64-kernel.md

1 files changed, 28 insertions, 15 deletions

diff --git a/docs/linux/setup_ubuntu-host_qemu-vm_x86-64-kernel.md b/docs/linux/setup_ubuntu-host_qemu-vm_x86-64-kernel.md
index 4b2cb8b5e..8fb299d9d 100644
--- a/docs/linux/setup_ubuntu-host_qemu-vm_x86-64-kernel.md
+++ b/docs/linux/setup_ubuntu-host_qemu-vm_x86-64-kernel.md
@@ -1,12 +1,11 @@
 # Setup: Ubuntu host, QEMU vm, x86-64 kernel
 
-These are the instructions on how to fuzz the x86-64 kernel in a QEMU with Ubuntu 14.04 on the host machine and Debian Stretch in the QEMU instances.
+These are the instructions on how to fuzz the x86-64 kernel in a QEMU with Ubuntu on the host machine and Debian Stretch in the QEMU instances.
 
 ## GCC
 
-Use the latest compiler from your distro or get the one from [this](/docs/syzbot.md#crash-does-not-reproduce) list and unpack into `$GCC`.
+While you may use GCC that is available from your distro, it's preferable to get the lastest one from [this](/docs/syzbot.md#crash-does-not-reproduce) list. Download and unpack into `$GCC`, and you should have GCC binaries in `$GCC/bin/`
 
-Now you should have GCC binaries in `$GCC/bin/`:
 ``` bash
 $ ls $GCC/bin/
 cpp     gcc-ranlib  x86_64-pc-linux-gnu-gcc        x86_64-pc-linux-gnu-gcc-ranlib
@@ -18,11 +17,13 @@ gcc-nm  gcov-tool   x86_64-pc-linux-gnu-gcc-nm
 ## Kernel
 
 Checkout Linux kernel source:
+
 ``` bash
 git clone https://github.com/torvalds/linux.git $KERNEL
 ```
 
 Generate default configs:
+
 ``` bash
 cd $KERNEL
 make CC="$GCC/bin/gcc" defconfig
@@ -31,6 +32,7 @@ make CC="$GCC/bin/gcc" kvmconfig
 
 Now we need to enable some config options required for syzkaller.
 Edit `.config` file manually and enable:
+
 ```
 CONFIG_KCOV=y
 CONFIG_DEBUG_INFO=y
@@ -39,6 +41,7 @@ CONFIG_KASAN_INLINE=y
 ```
 
 You may also need the following for a recent linux image:
+
 ```
 CONFIG_CONFIGFS_FS=y
 CONFIG_SECURITYFS=y
@@ -46,17 +49,20 @@ CONFIG_SECURITYFS=y
 
 You might also want to enable some other kernel configs as described [here](kernel_configs.md).
 
-Since enabling these options results in more sub options being available, we need to regenerate config. Run this and press enter each time when prompted for some config value to leave it as default:
+Since enabling these options results in more sub options being available, we need to regenerate config:
+
 ``` bash
-make CC="$GCC/bin/gcc" oldconfig
+make CC="$GCC/bin/gcc" olddefconfig
 ```
 
-Build the kernel with previously built GCC:
+Build the kernel:
+
 ```
 make CC="$GCC/bin/gcc" -j64
 ```
 
 Now you should have `vmlinux` (kernel binary) and `bzImage` (packed kernel image):
+
 ``` bash
 $ ls $KERNEL/vmlinux
 $KERNEL/vmlinux
@@ -67,11 +73,13 @@ $KERNEL/arch/x86/boot/bzImage
 ## Image
 
 Install debootstrap:
+
 ``` bash
 sudo apt-get install debootstrap
 ```
 
-Create a Debian-stretch Linux image:
+To create a Debian Stretch Linux image with the minimal set of required packages do:
+
 ```
 cd $IMAGE/
 wget https://raw.githubusercontent.com/google/syzkaller/master/tools/create-image.sh -O create-image.sh
@@ -79,41 +87,42 @@ chmod +x create-image.sh
 ./create-image.sh
 ```
 
-By default, this script will create a minimal Debian-stretch Linux image. The result should be `$IMAGE/stretch.img` disk image.
+The result should be `$IMAGE/stretch.img` disk image.
+
+If you would like to generate an image with Debian Wheezy, instead of Stretch, do:
 
-If you would like to generate wheezy debian image, instead of stretch, just add one option of the script
 ``` bash
 ./create-image.sh --distribution wheezy
 ```
 
-Sometimes it's useful to have some additional packages and tools available in the VM even though they are not required to run syzkaller.
-The instructions to install some useful tools are below.
+Sometimes it's useful to have some additional packages and tools available in the VM even though they are not required to run syzkaller. To install a set of tools we find useful do (feel free to edit the list of tools in the script):
 
-To install other packages, like `make sysbench git vim tmux usbutils` (not required to run syzkaller):
 ``` bash
 ./create-image.sh --feature full
 ```
 
-To install perf (not required to run syzkaller):
+To install perf (not required to run syzkaller; requires `$KERNEL` to point to the kernel sources):
+
 ``` bash
 ./create-image.sh --add-perf
 ```
-Note: remember to set `$KERNEL` before installing perf
 
 For additional options of `create-image.sh`, please refer to `./create-image.sh -h`
 
 ## QEMU
 
 Install `QEMU`:
+
 ``` bash
 sudo apt-get install qemu-system-x86
 ```
 
 Make sure the kernel boots and `sshd` starts:
+
 ``` bash
 qemu-system-x86_64 \
   -kernel $KERNEL/arch/x86/boot/bzImage \
-  -append "console=ttyS0 root=/dev/sda debug earlyprintk=serial slub_debug=QUZ"\
+  -append "console=ttyS0 root=/dev/sda earlyprintk=serial"\
   -hda $IMAGE/stretch.img \
   -net user,hostfwd=tcp::10021-:22 -net nic \
   -enable-kvm \
@@ -144,6 +153,7 @@ Booting the kernel.
 ```
 
 After that you should be able to ssh to QEMU instance in another terminal:
+
 ``` bash
 ssh -i $IMAGE/stretch.id_rsa -p 10021 -o "StrictHostKeyChecking no" root@localhost
 ```
@@ -152,6 +162,7 @@ If this fails with "too many tries", ssh may be passing default keys before
 the one explicitly passed with `-i`. Append option `-o "IdentitiesOnly yes"`.
 
 To kill the running QEMU instance:
+
 ``` bash
 kill $(cat vm.pid)
 ```
@@ -161,6 +172,7 @@ kill $(cat vm.pid)
 Build syzkaller as described [here](/docs/contributing.md). Then
 create a manager config like the following, replacing the environment
 variables `$GOPATH`, `$KERNEL` and `$IMAGE` with their actual values.
+
 ```
 {
 	"target": "linux/amd64",
@@ -182,6 +194,7 @@ variables `$GOPATH`, `$KERNEL` and `$IMAGE` with their actual values.
 ```
 
 Run syzkaller manager:
+
 ``` bash
 mkdir workdir
 ./bin/syz-manager -config=my.cfg