| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Richard Smith <happyercat@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Sometimes it can take a while for a root block device to appear when
backed by hardware that is slow to initialise, e.g. the ibmvfc Virtual
Fibre Channel interface.
Use the "rootwait" option to have the kernel wait for a disk to appear
rather than panicking immediately.
Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
|
| |
|
|
|
|
|
|
| |
There's no need to hardcode the GRUB device path for the root device -
that makes assumptions about how the partition firmware behaves. Just use
GRUB's search command to determine it dynamically.
Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
|
| |
|
|
|
|
|
|
| |
Some versions of PowerVM Partition Firmware have trouble handling GPT
partition tables on boot devices. Use MBR partition tables to avoid
compatibility issues.
Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we don't enable SFTP in SSH daemon, then scp will not work w/o -O option.
Fixes:
syz-ci-devel | 2022/05/10 09:01:23 syz-ci-devel-kasan: VM testing failed
with: failed to copy test binary to VM: failed to run ["scp" "-P" "55610"
"-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes"
"-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o"
"ConnectTimeout=10" "/workdir/syzkaller/current/bin/linux_s390x/syz-fuzzer"
"root@localhost:/syz-fuzzer"]: exit status 255
syz-ci-devel | Warning: Permanently added '[localhost]:55610' (ED25519)
to the list of known hosts.
syz-ci-devel | subsystem request failed on channel 0
syz-ci-devel | scp: Connection closed
Signed-off-by: Alexander Egorenkov <eaibmz@gmail.com>
|
| |
|
|
| |
These instances ignore WARNINGs, so they don't want panic_on_warn.
|
| |
|
|
|
|
| |
We used to use ssh keys, but there are no partiuclar advantages
of using key over empty password. It just makes things more complex.
And the new image building code in pkg/build does not support keys.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Move the remaining sysctls from image creation scripts into executor.
We have the rest in executor now, and these are captured in reproducers
and are not duplicated.
It seems that ping_group_range was accidentially lost along the way,
re-add it.
|
| |
|
|
|
|
|
|
|
|
|
| |
* pkg/vcs: remove obsolete test script
Per Dmitry, this should have been removed as part of 8f58e4b
("pkg/bisect: switch to kconfig.Minimize").
* all: convert shebang lines to use /usr/bin/env
* Makefile: fix non-portable use of find(1)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is suspicion that the random programs corrupt .text segment:
https://groups.google.com/g/syzkaller-bugs/c/d5GC1V8S34k/m/6LTarP8mBAAJ
which leads to a number of assorted confusing crashes:
https://syzkaller.appspot.com/bug?extid=ce179bc99e64377c24bc
Turns out we disable text ro protection with rodata=n.
The comment says that's because it's slow with KASAN,
but most likely what was slow is actually additional
debug checking due to CONFIG_DEBUG_WX.
If we don't enable CONFIG_DEBUG_WX (which we don't),
rodata itself should be fine and desirable.
My experiment with the latest kernel does not show
any noticable slowdown without rodata=n:
[ 11.985152][ T1] Freeing unused kernel image (initmem) memory: 3432K
[ 11.986129][ T1] Write protecting the kernel read-only data: 147456k
[ 11.990863][ T1] Freeing unused kernel image (text/rodata gap) memory: 2012K
[ 11.992797][ T1] Freeing unused kernel image (rodata/data gap) memory: 1324K
[ 11.993895][ T1] Run /sbin/init as init process
[ 11.910396][ T1] Freeing unused kernel image (initmem) memory: 3432K
[ 11.911277][ T1] Kernel memory protection disabled.
[ 11.911984][ T1] Run /sbin/init as init process
|
| |
|
|
|
|
|
| |
Add fstab entry to mount the root filesystem read-write after boot. This
has been done with commit 873745 for create-image.sh. Maybe this hint is
not necessary for GCE but it is required when running on other platforms
(e.g. VMware).
|
| |
|
|
| |
Signed-off-by: Alexander Egorenkov <Alexander.Egorenkov@ibm.com>
|
| |
|
|
|
|
|
| |
Add a udev rule to create /dev/i915, a symlink to /dev/dri/card#.
This prevents i915 related syscalls from being exercised during fuzzing
if the driver is not used.
|
| |
|
|
|
|
|
|
| |
Add a default udev rule file to the image creation process in
create-gce-image.sh and create-image.sh.
This change creates a default rule to make udev create a custom-named
symlink for the specific vim2m device.
|
| |
|
|
|
| |
Turns out this is not a sysctl, even though it's prefixed with sysctl:
https://groups.google.com/d/msg/syzkaller/EJP7uvY4O-c/XLrhrBqGAQAJ
|
| |
|
|
|
| |
The format of this knob has changed again:
https://groups.google.com/d/msg/syzkaller/EJP7uvY4O-c/XLrhrBqGAQAJ
|
| |
|
|
| |
Looks like it affects not only android-5.4.
|
| |
|
|
|
|
|
| |
Among other things this changes timeout for USB programs from 2 to 3 seconds.
ath9k fuzzing also requires ath9k firmware to be present, so system images
need to be regenerated with the updated script.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for generating ppc64le pseries disk images. This will create a
disk image with a PowerPC PReP boot partition at the start, and install
the IEEE1275/OpenFirmware version of GRUB.
If we ever support the powernv platform in the future we're going to have
to do something different here.
Add a command line argument to specify architecture, defaulting to amd64.
Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
|
| |
|
|
|
|
| |
We don't need consistent image after reboot since we always reimage.
We know of some use cases that don't use journalling, but don't know
of any that use journalling.
|
| | |
|
| |
|
|
|
|
|
| |
We don't have anything useful there.
But sometimes fuzzer somehow poppulates it with some nonsense,
and then it all dumped in crashes.
Disable it.
|
| |
|
|
|
|
|
| |
Currently we choose block device to use (nbd/loop) based on SYZ_VM_TYPE.
Strictly saying these things are orthogonal.
losetup is broken on Ubuntu. qemu-nbd is broken on Debian.
Try to auto-detect what will work based on uname.
|
| |
|
|
|
|
|
| |
Upstream "selinux: fix mounting of cgroup2 under older policies"
commit fixes mounting of cgroup2 under wheezy selinux policy.
So don't disable selinux on start.
Create separate cmdline arguments that enable selinux and apparmor.
|
| |
|
|
| |
Set some realistic modern ext4 options when creating the image.
|
| |
|
|
|
| |
Pass target OS/arch and VM type to kernel.CreateImage.
Use nbd for gce and loop for qemu VM type.
|
| | |
|
| |
|
|
|
|
| |
loop devices are nice, but unfortunately this creates images
that does not boot on GCE. Reason is unclear.
Revert back to nbd for now.
|
| |
|
|
|
|
|
|
|
|
|
| |
loop is much more standard than nbd and does not require additional modules.
nbd broke on Debian rolling.
loop also allows parallel execution thanks to losetup -f.
Use loop instead of nbd.
Also improve cleanup logic and add one missing sudo.
Update #501
|
| | |
|
| | |
|
| |
|
|
| |
These packages are required to actually activate selinux during boot.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
On most distributions default grub target is i386-pc, which works.
However, on some default is x86_64-efi, which fails with:
grub-install: error: cannot find EFI directory.
Explicitly specify i386-pc target.
|
| |
|
|
|
|
| |
If the script is aborted at an unfortunate point, it leaves the whole system broken.
E.g. we've seen that fdisk cannot update partition table until the next reboot.
If you really need to kill it, use a different signal. But better wait.
|
| | |
|
| |
|
|
|
| |
Allow to specify per-kernel command line and sysctl values
to more closely mimic the target kernel.
|
| |
|
|
|
|
|
|
|
|
| |
vm/gce differs from other VM types in that it accepts image
in a weird, GCE-specific format (namely, image named disk.raw
is put into .tar.gz file). This makes it impossible to write
generic code that creates images for any VM types.
Make vm/gce accept just image like e.g. vm/qemu
and handle own specifics internally.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Currently we append to /etc/network/interfaces,
which can lead to duplicate lo entry.
Write out the whole interfaces file instead.
|
| | |
|
| |
|
|
| |
+ raise console output level, otherwise stack traces may be dropped
|
| |
|
|
|
| |
Add "local" mode in which syz-gce clones, builds and
monitors for updates a linux kernel repo.
|
| |
|
|
|
| |
In particular it is useful to enable nested.
Enable a bunch of others as well.
|
| | |
|
| |
|
|
|
| |
bpf_jit_enable = 2 causes printing of all programs to console.
Produces lots of output and is not very useful. Disable it.
|
| | |
|
| | |
|
