syz-cluster: define a separate fs config

When fuzzing fs-related series, enable fs syscalls and use the fs
corpus.

3 files changed, 75 insertions, 0 deletions

diff --git a/syz-cluster/pkg/api/api.go b/syz-cluster/pkg/api/api.go
index 65f0f4bd2..887b6e0eb 100644
--- a/syz-cluster/pkg/api/api.go
+++ b/syz-cluster/pkg/api/api.go
@@ -213,6 +213,7 @@ const (
 	netCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci-upstream-net-kasan-gce-corpus.db`
 	bpfCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci-upstream-bpf-kasan-gce-corpus.db`
 	allCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db`
+	fsCorpusURL  = `https://storage.googleapis.com/syzkaller/corpus/ci2-upstream-fs-corpus.db`
 )
 
 // The list is ordered by decreasing importance.
@@ -254,6 +255,18 @@ var FuzzConfigs = []*TriageFuzzConfig{
 		},
 	},
 	{
+		EmailLists: []string{
+			`linux-fsdevel@vger.kernel.org`,
+			`linux-unionfs@vger.kernel.org`,
+			`linux-ext4@vger.kernel.org`,
+		},
+		KernelConfig: `upstream-apparmor-kasan.config`,
+		FuzzConfig: FuzzConfig{
+			Config:    `fs`,
+			CorpusURL: fsCorpusURL,
+		},
+	},
+	{
 		EmailLists:   []string{`linux-mm@kvack.org`},
 		KernelConfig: `upstream-apparmor-kasan.config`,
 		FuzzConfig: FuzzConfig{
diff --git a/syz-cluster/workflow/configs/fs/base.cfg b/syz-cluster/workflow/configs/fs/base.cfg
new file mode 100644
index 000000000..85aa83acb
--- /dev/null
+++ b/syz-cluster/workflow/configs/fs/base.cfg
@@ -0,0 +1,52 @@
+{
+    "name": "base",
+    "target": "linux/amd64",
+    "kernel_obj": "/base/obj",
+    "kernel_build_src": "/workdir",
+    "image": "/base/image",
+    "syzkaller": "/syzkaller",
+    "workdir": "/workdir",
+    "type": "qemu",
+    "enable_syscalls": [
+        "syz_mount_image", "open", "openat", "creat", "close", "read",
+        "pread64", "readv", "preadv", "preadv2", "write", "pwrite64",
+        "writev", "pwritev", "pwritev2", "lseek", "copy_file_range", "dup",
+        "dup2", "dup3", "tee", "splice", "vmsplice", "sendfile", "stat",
+        "lstat", "fstat", "newfstatat", "statx", "poll", "clock_gettime",
+        "ppoll", "select", "pselect6", "epoll_create", "epoll_create1",
+        "epoll_ctl", "epoll_wait", "epoll_pwait", "epoll_pwait2", "mmap",
+        "munmap", "mremap", "msync", "readahead", "fcntl", "mknod", "mknodat",
+        "chmod", "fchmod", "fchmodat", "chown", "lchown", "fchown",
+        "fchownat", "fallocate", "faccessat", "faccessat2", "utime", "utimes",
+        "futimesat", "utimensat", "link", "linkat", "symlinkat", "symlink",
+        "unlink", "unlinkat", "readlink", "readlinkat", "rename", "renameat",
+        "renameat2", "mkdir", "mkdirat", "rmdir", "truncate", "ftruncate",
+        "flock", "fsync", "fdatasync", "sync", "syncfs", "sync_file_range",
+        "getdents", "getdents64", "name_to_handle_at", "open_by_handle_at",
+        "chroot", "getcwd", "chdir", "fchdir", "quotactl", "pivot_root",
+        "statfs", "fstatfs", "syz_open_procfs", "syz_read_part_table",
+        "mount", "fsopen", "fspick", "fsconfig", "fsmount", "move_mount",
+        "open_tree", "mount_setattr", "ioctl$FS_*", "ioctl$BTRFS*",
+        "ioctl$AUTOFS*", "ioctl$EXT4*", "ioctl$F2FS*", "ioctl$FAT*",
+        "ioctl$VFAT*", "ioctl$FI*"
+    ],
+    "no_mutate_syscalls": [
+        "syz_mount_image$btrfs",
+        "syz_mount_image$ext4",
+        "syz_mount_image$f2fs",
+        "syz_mount_image$ntfs",
+        "syz_mount_image$ocfs2",
+        "syz_mount_image$xfs"
+    ],
+    "procs": 3,
+    "sandbox": "none",
+    "experimental": {"cover_edges": false},
+    "vm": {    
+      "count": 4,
+      "cmdline": "root=/dev/sda1",
+      "kernel": "/base/kernel",
+      "cpu": 2,
+      "mem": 3072,
+      "qemu_args": "-machine pc-q35-7.1 -enable-kvm -smp 2,sockets=2,cores=1"
+    }
+}
diff --git a/syz-cluster/workflow/configs/fs/patched.cfg b/syz-cluster/workflow/configs/fs/patched.cfg
new file mode 100644
index 000000000..9c2efd8ba
--- /dev/null
+++ b/syz-cluster/workflow/configs/fs/patched.cfg
@@ -0,0 +1,10 @@
+{
+    "name": "patched",
+    "target": "linux/amd64",
+    "kernel_obj": "/patched/obj",
+    "image": "/patched/image",
+    "vm": {
+      "count": 10,
+      "kernel": "/patched/kernel"
+    }
+}