diff options
| author | Aleksandr Nogikh <nogikh@google.com> | 2025-09-03 21:03:54 +0200 |
|---|---|---|
| committer | Aleksandr Nogikh <nogikh@google.com> | 2025-10-01 20:14:51 +0000 |
| commit | 267f56c68647622ed18443309598739a42bc3d31 (patch) | |
| tree | a929f60d8096e89a96afef8b88df06d28ee8d97e /syz-cluster | |
| parent | 17e67ed6bfc97990b3215df7fe40b5fba86eba62 (diff) | |
syz-cluster: prefix fuzzing-related steps
Specify a track name for each fuzzing campaign.
It will help distinguish them once there are multiple ones.
Diffstat (limited to 'syz-cluster')
| -rw-r--r-- | syz-cluster/pkg/api/api.go | 10 | ||||
| -rw-r--r-- | syz-cluster/pkg/workflow/template.yaml | 8 | ||||
| -rw-r--r-- | syz-cluster/workflow/fuzz-step/main.go | 22 |
3 files changed, 27 insertions, 13 deletions
diff --git a/syz-cluster/pkg/api/api.go b/syz-cluster/pkg/api/api.go index a634fe344..a6a199431 100644 --- a/syz-cluster/pkg/api/api.go +++ b/syz-cluster/pkg/api/api.go @@ -22,6 +22,7 @@ type FuzzTask struct { // FuzzConfig represents a set of parameters passed to the fuzz step. type FuzzConfig struct { + Track string `json:"track"` // E.g. KASAN. Config string `json:"config"` // Refers to workflow/configs/{}. CorpusURL string `json:"corpus_url"` // Don't expect kernel coverage for the patched area. @@ -230,12 +231,15 @@ const ( fsCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci2-upstream-fs-corpus.db` ) +const kasanTrack = "KASAN" + // The list is ordered by decreasing importance. var FuzzConfigs = []*TriageFuzzConfig{ { EmailLists: []string{`kvm@vger.kernel.org`}, KernelConfig: `upstream-apparmor-kasan.config`, FuzzConfig: FuzzConfig{ + Track: kasanTrack, Config: `kvm`, CorpusURL: allCorpusURL, }, @@ -244,6 +248,7 @@ var FuzzConfigs = []*TriageFuzzConfig{ EmailLists: []string{`io-uring@vger.kernel.org`}, KernelConfig: `upstream-apparmor-kasan.config`, FuzzConfig: FuzzConfig{ + Track: kasanTrack, Config: `io-uring`, CorpusURL: allCorpusURL, }, @@ -252,6 +257,7 @@ var FuzzConfigs = []*TriageFuzzConfig{ EmailLists: []string{`bpf@vger.kernel.org`}, KernelConfig: `upstream-apparmor-kasan.config`, FuzzConfig: FuzzConfig{ + Track: kasanTrack, Config: `bpf`, CorpusURL: bpfCorpusURL, }, @@ -264,6 +270,7 @@ var FuzzConfigs = []*TriageFuzzConfig{ }, KernelConfig: `upstream-apparmor-kasan.config`, FuzzConfig: FuzzConfig{ + Track: kasanTrack, Config: `net`, CorpusURL: netCorpusURL, }, @@ -277,6 +284,7 @@ var FuzzConfigs = []*TriageFuzzConfig{ }, KernelConfig: `upstream-apparmor-kasan.config`, FuzzConfig: FuzzConfig{ + Track: kasanTrack, Config: `fs`, CorpusURL: fsCorpusURL, }, @@ -285,6 +293,7 @@ var FuzzConfigs = []*TriageFuzzConfig{ EmailLists: []string{`linux-mm@kvack.org`}, KernelConfig: `upstream-apparmor-kasan.config`, FuzzConfig: FuzzConfig{ + Track: kasanTrack, Config: `all`, CorpusURL: allCorpusURL, // Not all mm/ code is instrumented with KCOV. @@ -295,6 +304,7 @@ var FuzzConfigs = []*TriageFuzzConfig{ EmailLists: nil, // A fallback option. KernelConfig: `upstream-apparmor-kasan.config`, FuzzConfig: FuzzConfig{ + Track: kasanTrack, Config: `all`, CorpusURL: allCorpusURL, }, diff --git a/syz-cluster/pkg/workflow/template.yaml b/syz-cluster/pkg/workflow/template.yaml index c253187e4..31b217566 100644 --- a/syz-cluster/pkg/workflow/template.yaml +++ b/syz-cluster/pkg/workflow/template.yaml @@ -66,7 +66,7 @@ spec: arguments: parameters: - name: test-name - value: "Build Base" + value: "[{{=jsonpath(inputs.parameters.element, '$.track')}}] Build Base" - name: session-id value: "{{workflow.parameters.session-id}}" artifacts: @@ -95,7 +95,7 @@ spec: - name: base-build-id value: "{{=jsonpath(steps['base-build'].outputs.parameters.result, '$.build_id')}}" - name: test-name - value: "Boot test: Base" + value: "[{{=jsonpath(inputs.parameters.element, '$.track')}}] Boot test: Base" - - name: abort-if-base-boot-failed template: exit-workflow when: "{{=jsonpath(steps['boot-test-base'].outputs.parameters.result, '$.success') == false}}" @@ -106,7 +106,7 @@ spec: arguments: parameters: - name: test-name - value: "Build Patched" + value: "[{{=jsonpath(inputs.parameters.element, '$.track')}}] Build Patched" - name: findings value: "true" - name: session-id @@ -133,7 +133,7 @@ spec: - name: report-findings value: "true" - name: test-name - value: "Boot test: Patched" + value: "[{{=jsonpath(inputs.parameters.element, '$.track')}}] Boot test: Patched" - - name: abort-if-patched-boot-failed template: exit-workflow when: "{{=jsonpath(steps['boot-test-patched'].outputs.parameters.result, '$.success') == false}}" diff --git a/syz-cluster/workflow/fuzz-step/main.go b/syz-cluster/workflow/fuzz-step/main.go index 72b50c943..227e3431d 100644 --- a/syz-cluster/workflow/fuzz-step/main.go +++ b/syz-cluster/workflow/fuzz-step/main.go @@ -38,8 +38,6 @@ var ( flagWorkdir = flag.String("workdir", "/workdir", "base workdir path") ) -const testName = "Fuzzing" - func main() { flag.Parse() if *flagConfig == "" || *flagSession == "" || *flagTime == "" { @@ -56,7 +54,7 @@ func main() { config := readFuzzConfig() ctx := context.Background() - if err := reportStatus(ctx, client, api.TestRunning, nil); err != nil { + if err := reportStatus(ctx, config, client, api.TestRunning, nil); err != nil { app.Fatalf("failed to report the test: %v", err) } @@ -78,7 +76,7 @@ func main() { } log.Logf(0, "fuzzing is finished") logFinalState(store) - if err := reportStatus(ctx, client, status, store); err != nil { + if err := reportStatus(ctx, config, client, status, store); err != nil { app.Fatalf("failed to update the test: %v", err) } } @@ -166,7 +164,7 @@ func run(baseCtx context.Context, config *api.FuzzConfig, client *api.Client, app.Errorf("failed to report a base kernel crash %q: %v", title, err) } case bug := <-bugs: - err := reportFinding(ctx, client, bug) + err := reportFinding(ctx, config, client, bug) if err != nil { app.Errorf("failed to report a finding %q: %v", bug.Report.Title, err) } @@ -221,7 +219,7 @@ func run(baseCtx context.Context, config *api.FuzzConfig, client *api.Client, lastArtifactUpdate = time.Now() useStore = store } - err := reportStatus(ctx, client, api.TestRunning, useStore) + err := reportStatus(ctx, config, client, api.TestRunning, useStore) if err != nil { app.Errorf("failed to update status: %v", err) } @@ -298,7 +296,9 @@ func loadConfigs(configFolder, configName string, complete bool) (*mgrconfig.Con return base, patched, nil } -func reportStatus(ctx context.Context, client *api.Client, status string, store *manager.DiffFuzzerStore) error { +func reportStatus(ctx context.Context, config *api.FuzzConfig, client *api.Client, + status string, store *manager.DiffFuzzerStore) error { + testName := getTestName(config) testResult := &api.TestResult{ SessionID: *flagSession, TestName: testName, @@ -328,10 +328,10 @@ func reportStatus(ctx context.Context, client *api.Client, status string, store return nil } -func reportFinding(ctx context.Context, client *api.Client, bug *manager.UniqueBug) error { +func reportFinding(ctx context.Context, config *api.FuzzConfig, client *api.Client, bug *manager.UniqueBug) error { finding := &api.NewFinding{ SessionID: *flagSession, - TestName: testName, + TestName: getTestName(config), Title: bug.Report.Title, Report: bug.Report.Report, Log: bug.Report.Output, @@ -352,6 +352,10 @@ func reportFinding(ctx context.Context, client *api.Client, bug *manager.UniqueB return client.UploadFinding(ctx, finding) } +func getTestName(config *api.FuzzConfig) string { + return fmt.Sprintf("[%s] Fuzzing", config.Track) +} + var ignoreLinuxVariables = map[string]bool{ "raw_data": true, // from arch/x86/entry/vdso/vdso-image // Build versions / timestamps. |