diff options
| author | Marco Vanotti <mvanotti@google.com> | 2019-10-30 18:16:22 -0700 |
|---|---|---|
| committer | Marco Vanotti <mvanotti@users.noreply.github.com> | 2019-12-09 15:13:49 -0800 |
| commit | 607350e438a212477ce42ba3e85e82bc570d459a (patch) | |
| tree | 512b550c35536d6b3b2fbdb8bff49c8fe96e2ef0 /pkg/instance | |
| parent | 1f9a4e330bd054cd88f7fc662197f33bfa7ceff0 (diff) | |
syz/targets: add SyzExecutorCmd flag
This commit adds a new attribute to syzkaller targets that tells
syzkaller how to invoke the syz-executor command.
Some systems, like Fuchsia, are now building syz-executor as part of the
build, and there is no need to copy it over, or to run it from `/tmp`.
In fact, that might stop working at some time in the future in Fuchsia.
All places that used to copy syz-executor into the target machine will
now check for the SyzExecutorCmd flag, and won't copy it if the flag is
set.
Diffstat (limited to 'pkg/instance')
| -rw-r--r-- | pkg/instance/instance.go | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/pkg/instance/instance.go b/pkg/instance/instance.go index 775366667..5adc9dc63 100644 --- a/pkg/instance/instance.go +++ b/pkg/instance/instance.go @@ -300,16 +300,23 @@ func (inst *inst) testInstance() error { if err != nil { return fmt.Errorf("failed to setup port forwarding: %v", err) } + fuzzerBin, err := inst.vm.Copy(inst.cfg.SyzFuzzerBin) if err != nil { return &TestError{Title: fmt.Sprintf("failed to copy test binary to VM: %v", err)} } - executorBin, err := inst.vm.Copy(inst.cfg.SyzExecutorBin) - if err != nil { - return &TestError{Title: fmt.Sprintf("failed to copy test binary to VM: %v", err)} + + // If SyzExecutorCmd is provided, it means that syz-executor is already in + // the image, so no need to copy it. + executorCmd := targets.Get(inst.cfg.TargetOS, inst.cfg.TargetArch).SyzExecutorCmd + if executorCmd == "" { + executorCmd, err = inst.vm.Copy(inst.cfg.SyzExecutorBin) + if err != nil { + return &TestError{Title: fmt.Sprintf("failed to copy test binary to VM: %v", err)} + } } - cmd := OldFuzzerCmd(fuzzerBin, executorBin, "test", inst.cfg.TargetOS, inst.cfg.TargetArch, fwdAddr, + cmd := OldFuzzerCmd(fuzzerBin, executorCmd, "test", inst.cfg.TargetOS, inst.cfg.TargetArch, fwdAddr, inst.cfg.Sandbox, 0, inst.cfg.Cover, true) outc, errc, err := inst.vm.Run(10*time.Minute, nil, cmd) if err != nil { @@ -340,9 +347,14 @@ func (inst *inst) testRepro() error { if err != nil { return &TestError{Title: fmt.Sprintf("failed to copy test binary to VM: %v", err)} } - executorBin, err := inst.vm.Copy(cfg.SyzExecutorBin) - if err != nil { - return &TestError{Title: fmt.Sprintf("failed to copy test binary to VM: %v", err)} + // If SyzExecutorCmd is provided, it means that syz-executor is already in + // the image, so no need to copy it. + executorCmd := targets.Get(cfg.TargetOS, cfg.TargetArch).SyzExecutorCmd + if executorCmd == "" { + executorCmd, err = inst.vm.Copy(inst.cfg.SyzExecutorBin) + if err != nil { + return &TestError{Title: fmt.Sprintf("failed to copy test binary to VM: %v", err)} + } } progFile := filepath.Join(cfg.Workdir, "repro.prog") if err := osutil.WriteFile(progFile, inst.reproSyz); err != nil { @@ -366,7 +378,7 @@ func (inst *inst) testRepro() error { if !opts.Fault { opts.FaultCall = -1 } - cmdSyz := ExecprogCmd(execprogBin, executorBin, cfg.TargetOS, cfg.TargetArch, opts.Sandbox, + cmdSyz := ExecprogCmd(execprogBin, executorCmd, cfg.TargetOS, cfg.TargetArch, opts.Sandbox, true, true, true, cfg.Procs, opts.FaultCall, opts.FaultNth, vmProgFile) if err := inst.testProgram(cmdSyz, 7*time.Minute); err != nil { return err |