aboutsummaryrefslogtreecommitdiffstats
path: root/syz-cluster/pkg/api/api.go
diff options
context:
space:
mode:
Diffstat (limited to 'syz-cluster/pkg/api/api.go')
-rw-r--r--syz-cluster/pkg/api/api.go94
1 files changed, 46 insertions, 48 deletions
diff --git a/syz-cluster/pkg/api/api.go b/syz-cluster/pkg/api/api.go
index feb06be32..8c107b8f4 100644
--- a/syz-cluster/pkg/api/api.go
+++ b/syz-cluster/pkg/api/api.go
@@ -20,11 +20,20 @@ type FuzzTask struct {
FuzzConfig
}
+const (
+ FocusNet = "net"
+ FocusKVM = "kvm"
+ FocusIoUring = "io_uring"
+ FocusBPF = "bpf"
+ FocusFS = "fs"
+)
+
// FuzzConfig represents a set of parameters passed to the fuzz step.
+// The triage step aggregates multiple KernelFuzzConfig to construct FuzzConfig.
type FuzzConfig struct {
- Track string `json:"track"` // E.g. KASAN.
- Config string `json:"config"` // Refers to workflow/configs/{}.
- CorpusURL string `json:"corpus_url"`
+ Track string `json:"track"` // E.g. KASAN.
+ Focus []string `json:"focus"`
+ CorpusURLs []string `json:"corpus_urls"`
// Don't expect kernel coverage for the patched area.
SkipCoverCheck bool `json:"skip_cover_check"`
// Only report the bugs that match the regexp.
@@ -39,19 +48,24 @@ type Tree struct {
EmailLists []string `json:"email_lists"`
}
+// KernelFuzzConfig is a specific fuzzing assignment.
+// Based on it, the triage step will construct FuzzTasks.
+type KernelFuzzConfig struct {
+ EmailLists []string `json:"email_lists"`
+ Track string `json:"track"` // E.g. KASAN.
+ KernelConfig string `json:"kernel_config"`
+ Focus string `json:"focus"`
+ CorpusURL string `json:"corpus_url"`
+ SkipCoverCheck bool `json:"skip_cover_check"`
+ BugTitleRe string `json:"bug_title_re"`
+}
+
// FuzzTriageTarget is a single record in the list of supported fuzz configs.
type FuzzTriageTarget struct {
EmailLists []string `json:"email_lists"`
Campaigns []*KernelFuzzConfig `json:"campaigns"`
}
-// KernelFuzzConfig is a specific fuzzing assignment.
-// Based on it, the triage step will construct FuzzTasks.
-type KernelFuzzConfig struct {
- KernelConfig string `json:"kernel_config"`
- FuzzConfig
-}
-
type BuildRequest struct {
Arch string `json:"arch"`
TreeName string `json:"tree_name"`
@@ -233,8 +247,8 @@ var DefaultTrees = []*Tree{
const (
netCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci-upstream-net-kasan-gce-corpus.db`
bpfCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci-upstream-bpf-kasan-gce-corpus.db`
- allCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db`
fsCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci2-upstream-fs-corpus.db`
+ allCorpusURL = `https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db`
)
const kasanTrack = "KASAN"
@@ -245,12 +259,10 @@ var FuzzTargets = []*FuzzTriageTarget{
EmailLists: []string{`kvm@vger.kernel.org`},
Campaigns: []*KernelFuzzConfig{
{
+ Track: kasanTrack,
KernelConfig: `upstream-apparmor-kasan.config`,
- FuzzConfig: FuzzConfig{
- Track: kasanTrack,
- Config: `kvm`,
- CorpusURL: allCorpusURL,
- },
+ Focus: FocusKVM,
+ CorpusURL: allCorpusURL,
},
},
},
@@ -258,12 +270,10 @@ var FuzzTargets = []*FuzzTriageTarget{
EmailLists: []string{`io-uring@vger.kernel.org`},
Campaigns: []*KernelFuzzConfig{
{
+ Track: kasanTrack,
KernelConfig: `upstream-apparmor-kasan.config`,
- FuzzConfig: FuzzConfig{
- Track: kasanTrack,
- Config: `io-uring`,
- CorpusURL: allCorpusURL,
- },
+ Focus: FocusIoUring,
+ CorpusURL: allCorpusURL,
},
},
},
@@ -271,12 +281,10 @@ var FuzzTargets = []*FuzzTriageTarget{
EmailLists: []string{`bpf@vger.kernel.org`},
Campaigns: []*KernelFuzzConfig{
{
+ Track: kasanTrack,
KernelConfig: `upstream-apparmor-kasan.config`,
- FuzzConfig: FuzzConfig{
- Track: kasanTrack,
- Config: `bpf`,
- CorpusURL: bpfCorpusURL,
- },
+ Focus: FocusBPF,
+ CorpusURL: bpfCorpusURL,
},
},
},
@@ -288,12 +296,10 @@ var FuzzTargets = []*FuzzTriageTarget{
},
Campaigns: []*KernelFuzzConfig{
{
+ Track: kasanTrack,
KernelConfig: `upstream-apparmor-kasan.config`,
- FuzzConfig: FuzzConfig{
- Track: kasanTrack,
- Config: `net`,
- CorpusURL: netCorpusURL,
- },
+ Focus: FocusNet,
+ CorpusURL: netCorpusURL,
},
},
},
@@ -307,11 +313,9 @@ var FuzzTargets = []*FuzzTriageTarget{
Campaigns: []*KernelFuzzConfig{
{
KernelConfig: `upstream-apparmor-kasan.config`,
- FuzzConfig: FuzzConfig{
- Track: kasanTrack,
- Config: `fs`,
- CorpusURL: fsCorpusURL,
- },
+ Track: kasanTrack,
+ Focus: FocusFS,
+ CorpusURL: fsCorpusURL,
},
},
},
@@ -320,13 +324,10 @@ var FuzzTargets = []*FuzzTriageTarget{
Campaigns: []*KernelFuzzConfig{
{
KernelConfig: `upstream-apparmor-kasan.config`,
- FuzzConfig: FuzzConfig{
- Track: kasanTrack,
- Config: `all`,
- CorpusURL: allCorpusURL,
- // Not all mm/ code is instrumented with KCOV.
- SkipCoverCheck: true,
- },
+ Track: kasanTrack,
+ CorpusURL: allCorpusURL,
+ // Not all mm/ code is instrumented with KCOV.
+ SkipCoverCheck: true,
},
},
},
@@ -335,11 +336,8 @@ var FuzzTargets = []*FuzzTriageTarget{
Campaigns: []*KernelFuzzConfig{
{
KernelConfig: `upstream-apparmor-kasan.config`,
- FuzzConfig: FuzzConfig{
- Track: kasanTrack,
- Config: `all`,
- CorpusURL: allCorpusURL,
- },
+ Track: kasanTrack,
+ CorpusURL: allCorpusURL,
},
},
},
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-11 20:28:40 +0000