From 838e7e2cd9228583ca33c49a39aea4d863d3e36d Mon Sep 17 00:00:00 2001 From: Aleksandr Nogikh Date: Wed, 6 Oct 2021 12:54:07 +0000 Subject: syz-manager: add the "fuzzing_vms" flag Currenly there are no means to limit the total number of reproducing instances and syzkaller can de facto suspend fuzzing when there are many new bug types. Introduce the option to control this behavior. --- pkg/mgrconfig/config.go | 6 ++++++ pkg/mgrconfig/load.go | 4 ++++ 2 files changed, 10 insertions(+) (limited to 'pkg') diff --git a/pkg/mgrconfig/config.go b/pkg/mgrconfig/config.go index 24854af38..a2e850db1 100644 --- a/pkg/mgrconfig/config.go +++ b/pkg/mgrconfig/config.go @@ -135,6 +135,12 @@ type Config struct { // Reproduce, localize and minimize crashers (default: true). Reproduce bool `json:"reproduce"` + // The number of VMs that are reserved to only perform fuzzing and nothing else. + // Can be helpful e.g. to ensure that the pool of fuzzing VMs is never exhaused and + // the manager continues fuzzing no matter how many new bugs are encountered. + // By default the value is 0, i.e. all VMs can be used for all purposes. + FuzzingVMs int `json:"fuzzing_vms,omitempty"` + // List of syscalls to test (optional). For example: // "enable_syscalls": [ "mmap", "openat$ashmem", "ioctl$ASHMEM*" ] EnabledSyscalls []string `json:"enable_syscalls,omitempty"` diff --git a/pkg/mgrconfig/load.go b/pkg/mgrconfig/load.go index f26b26124..ff9d8e61f 100644 --- a/pkg/mgrconfig/load.go +++ b/pkg/mgrconfig/load.go @@ -167,6 +167,10 @@ func Complete(cfg *Config) error { return err } } + if cfg.FuzzingVMs < 0 { + return fmt.Errorf("fuzzing_vms cannot be less than 0") + } + var err error cfg.Syscalls, err = ParseEnabledSyscalls(cfg.Target, cfg.EnabledSyscalls, cfg.DisabledSyscalls) if err != nil { -- cgit mrf-deployment