| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Regenerate deterministic configs.
|
| |
|
|
|
| |
Regenerate the configs using the latest mainline, linux-next and stable
versions.
|
| |
|
|
| |
To enable new USB drivers from the distro configs added in the last patch.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CONFIG_SECURITY_TOMOYO produces a large amount of coverage entries for each
ioctl call. For normal instances, this might not be a problem, as they
call only a single ioctl for each syzkaller syscall.
However, the syz_usb_connect pseudo-syscall calls a large number of ioctls.
As a result, the KCOV coverage buffer for this syscall might overflow due
to the tomoyo-produced entries.
For example, with tomoyo, the first syscall of the vusb_ath9k runtest
produces ~140k KCOV entries (with [1] applied), which is not far from the
current 256k limit of KCOV entries per syscall.
With tomoyo disabled, the number of entries falls to ~30k.
Drop the security modules–related bits from the USB instance: I don't think
they are useful for that instance anyway.
[1] https://lore.kernel.org/all/eaf54b8634970b73552dcd38bf9be6ef55238c10.1718092070.git.dvyukov@google.com/
|
| |
|
|
|
|
|
|
| |
We are going to replace ci-upstream-kmsan-gce-386-root with an
x86_64 instance tracking -next.
The new configs will be using smack instead of AppArmor to increase
the overall KMSAN coverage.
|
| |
|
|
|
| |
It's not the default for most kernels, so it makes sense to test it more.
E.g. for KCSAN, KMSAN we have only 1 instance, makes sense to test LRU_GEN.
|
| |
|
|
|
| |
Regenerate the configs using the latest RC and the latest linux-next
tag.
|
| |
|
|
|
| |
The new config will enable KASAN_SW_TAGS and KCOV.
Also make sure KVM_SW_PROTECTED_VM is only enabled on x86_64.
|
| |
|
|
| |
As suggested by @groeck.
|
| |
|
|
|
|
|
| |
Use the latest revisions for existing configs.
Add the new ChromeOS 6.6 config.
No longer generate ChromeOS 5.4 configs.
Switch ChromeOS configs to clang.
|
| |
|
|
|
|
|
| |
Akaros support is unused, it was shutdown on syzbot for a while,
the akaros development seems to be frozen for years as well.
We have a bunch of hacks for Akaros since it supported
only super old gcc and haven't supported Go. Remove it.
|
| |
|
|
|
|
| |
Regenerate configs using latest Linux release candidate and linux-next.
Enable more bcachefs configs.
|
| |
|
|
|
|
|
| |
KMSAN is currently reporting boot-time false positives in debugging code
called from stackdepot.c (see https://github.com/google/syzkaller/issues/4504)
Disable CONFIG_DEBUG_LIST under KMSAN until the fix lands.
|
| | |
|
| |
|
|
| |
Regenerate the configs using the latest Linux revisions.
|
| |
|
|
|
|
|
| |
This has become possible with the new series from Jan Kara:
https://lore.kernel.org/all/20231101173542.23597-1-jack@suse.cz/
Regenerate configs on the latest linux-next.
|
| |
|
|
|
| |
Commit 4553bf0cfac5 added CONFIG_BLK_DEV_NULL_BLK as required to the gki_defconfig.
Updated the android14-5.15 config to build off the most recent commit to reflect this.
|
| |
|
|
|
|
|
|
|
| |
Use latest Linux mainline and -next versions.
Disable config options that were dropped.
Stop disabling PINCTRL for arm64_emu -- it's too tricky to ensure it's
not enabled + it's only possible to test it on qemu anyway.
|
| |
|
|
| |
Reorder configs in a proper way.
|
| |
|
|
|
|
| |
Disable unmaintained code parts (at least those known so far) in
existing configs and enable them in a special upstream-unmaintained.config
file.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've been running into the following error:
error: static declaration of 'mem_encrypt_init' follows non-static declaration
The problem was caused by Kconfig not being able to adjust the
depenencies, the fix is already coming:
https://lore.kernel.org/lkml/CANp29Y6AnNeouWgAevBEDZcYcOjzDQwxLDfLxe41Lp3BC=h8bA@mail.gmail.com/T/
After it's merged, we'll have to update our configs anyway. So let's do
it now.
|
| |
|
|
| |
Let's spread the load more evenly.
|
| |
|
|
| |
It's not present in earlier versions.
|
| |
|
|
|
| |
Since we are using the upstream tree to build KMSAN on syzbot,
switch the kernel configs to also reference that tree.
|
| |
|
|
|
| |
1) Migration to a new Docker image changed toolchain versions.
2) Regenerate cuttlefish configs that were previously omitted.
|
| | |
|
| |
|
|
| |
This also lets us enable CONFIG_PVH for it.
|
| |
|
|
| |
This will let users boot directly from the vmlinux file.
|
| |
|
|
| |
Disable more kernel configs for baseline files.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Baseline configs were meant to be the minimum configs, however, since
they are based on defconfigs, they are still quite big.
To facilitate even smaller baseline configs, let's split the `baseline`
feature in two:
1) `baseline` only disables the addition of extra features on top of
baseline config. It's enabled for `-base.config` files automatically,
but can be also manually set, e.g. if we only want to add debug
configs on top of a defconfig.
2) `base-config` is automatically set for `-base.config` files and can
be used to disable configs in those files.
Regenerate configs.
|
| |
|
|
| |
Closes #3918.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Update mainline tag and linux-next version.
Notable changes:
- SLAB is being deprecated. To still be able to test it we need
to set SLAB_DEPRECATED.
Due to SLAB deprecation, the kcsan and leak instances are switched to
SLUB to avoid tripping over issues due to SLAB not being supported
properly anymore.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a variant of upstream-apparmor-kasan, which enables:
- kasan.fault=panic_on_write [1]
- kasan_multi_shot, so that panic_on_warn does cause KASAN to
panic on bad non-write accesses
As discussed in [1], "KASAN reported invalid _writes_ are of special
interest, because they have greater potential to corrupt random kernel
memory or be more easily exploited."
With this config we can set up a syzbot instance that can detect such
issues.
[1] https://lore.kernel.org/linux-mm/20230614095158.1133673-1-elver@google.com/
|
| |
|
|
|
|
|
| |
Allow modules in config if `modules` are specified in main.yml.
Added Cuttlefish instances for android13-5.10, android13-5.15, and
android14-5.15 branches.
|
| |
|
|
|
|
|
| |
Bump the Android kernels to their latest SHAs and generate
the kernel configs using tools/syz-env.
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux v6.4-rc1 built with Clang versions <= 16 with stack protector
enabled panic with the following stack trace:
Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: start_kernel+0xd8a/0xd90
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.3.0-rc1-00042-g9ea7e6b62c2b-dirty #106
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88
dump_stack_lvl+0x1bc/0x250 lib/dump_stack.c:106
dump_stack+0x1e/0x20 lib/dump_stack.c:113
panic+0x4cd/0xc10 kernel/panic.c:340
__stack_chk_fail+0x18/0x20 kernel/panic.c:759
start_kernel+0xd8a/0xd90 init/main.c:?
x86_64_start_reservations+0x2e/0x30 arch/x86/kernel/head64.c:556
x86_64_start_kernel+0x118/0x120 arch/x86/kernel/head64.c:537
secondary_startup_64_no_verify+0xcf/0xdb arch/x86/kernel/head_64.S:358
</TASK>
https://github.com/ClangBuiltLinux/linux/issues/1815 describes the
problem, which is fixed on the Clang side
(https://reviews.llvm.org/D147975), but before the fix reaches syzbot
we'll have to keep the stack protector disabled.
|
| |
|
|
|
|
|
| |
Add support for Android 6.1. The configs are for 'android14-6.1',
there's no android-6.1-lts available yet.
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit d341bdbd6837aa0214ee9dfd1c3ddfc58c2a0c9c.
The bump of CONFIG_FRAME_WARN was done for Android 5.10 with the hope
to get rid of the -Wframe-larger-than errors that were hit when
KASAN_STACK && CC_IS_CLANG were set. Unfortunately this didn't fix the
build as the stack instrumentation when using clang is broken and the
errors were hit again as we can't predict the increase of the stack. The
fix is to disable CONFIG_WERROR which now is done because we just bumped
the Android 5.10 kernel config (which contains CONFIG_WERROR=y) and the
kernel config tweak that disables CONFIG_WERROR now does its job
(see dashboard/config/linux/bits/base.yml).
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
|
| |
|
|
|
|
| |
Update configs to latest android13-5.15-lts.
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
|
| |
|
|
|
|
|
|
|
| |
Change the Android 5.10-lts branch and update the configs to latest
android13-5.10-lts (higher EOL). This also fixes the build error
reported at link, as CONFIG_WERROR is now unset.
Link: https://syzkaller.appspot.com/bug?id=0f1e1644d7ed28d1d925d6c9e2e2c0c1c18cb794
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
|
| |
|
|
|
|
|
| |
Update configs to latest android12-5.4-lts. Get rid of
CONFIG_REFCOUNT_FULL as the patch removing it got integrated.
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
|
| |
|
|
|
|
|
|
|
|
| |
The way syz-kconf works, having the reference to timeouts_emu here
means users must have at least one config using timeouts_emu,
otherwise syz-kconf will complain.
We don't use -timeouts_emu for any of our other common config patches.
CONFIG_PAGE_TABLE_CHECK is not even one of our more expensive config
patches. Let's not give it a special treatment.
|
| |
|
|
|
| |
The config is now reference directly from its original location.
The old way was a carry-over from days long gone.
|
| | |
|
