summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--images/syzkaller/Dockerfile9
-rw-r--r--images/syzkaller/README.md34
-rw-r--r--images/syzkaller/default-gvisor-config.cfg15
3 files changed, 58 insertions, 0 deletions
diff --git a/images/syzkaller/Dockerfile b/images/syzkaller/Dockerfile
new file mode 100644
index 000000000..df6680f40
--- /dev/null
+++ b/images/syzkaller/Dockerfile
@@ -0,0 +1,9 @@
+FROM gcr.io/syzkaller/env
+
+RUN apt update && apt install -y git vim strace gdb procps
+
+WORKDIR /syzkaller/gopath/src/github.com/google/syzkaller
+
+RUN git init . && git remote add origin https://github.com/google/syzkaller && git fetch origin && git checkout origin/master && make
+
+ENTRYPOINT ./bin/syz-manager --config /tmp/syzkaller/syzkaller.cfg
diff --git a/images/syzkaller/README.md b/images/syzkaller/README.md
new file mode 100644
index 000000000..60aa61d12
--- /dev/null
+++ b/images/syzkaller/README.md
@@ -0,0 +1,34 @@
+syzkaller is an unsupervised coverage-guided kernel fuzzer.
+
+* [Github](https://github.com/google/syzkaller)
+* [gVisor dashboard](https://syzkaller.appspot.com/gvisor)
+
+# How to run syzkaller.
+
+* Build the syzkaller docker image
+```
+make load-syzkaller
+```
+* Build runsc and place it in /tmp/syzkaller.
+```
+ make RUNTIME_DIR=/tmp/syzkaller refresh
+```
+* Copy the syzkaller config in /tmp/syzkaller
+```
+cp images/syzkaller/default-gvisor-config.cfg /tmp/syzkaller/syzkaller.cfg
+```
+* Run syzkaller
+```
+docker run --privileged -it --rm -v /tmp/syzkaller:/tmp/syzkaller gvisor.dev/images/syzkaller:latest
+```
+
+# How to run a syz repro.
+
+* Repeate all steps except the last one from the previous section.
+
+* Save a syzkaller repro in /tmp/syzkaller/repro
+
+* Run syz-repro
+```
+docker run --privileged -it --rm -v /tmp/syzkaller:/tmp/syzkaller --entrypoint="" gvisor.dev/images/syzkaller:latest ./bin/syz-repro -config /tmp/syzkaller/syzkaller.cfg /tmp/syzkaller/repro
+```
diff --git a/images/syzkaller/default-gvisor-config.cfg b/images/syzkaller/default-gvisor-config.cfg
new file mode 100644
index 000000000..c69641c21
--- /dev/null
+++ b/images/syzkaller/default-gvisor-config.cfg
@@ -0,0 +1,15 @@
+{
+ "name": "gvisor",
+ "target": "linux/amd64",
+ "http": ":80",
+ "workdir": "/tmp/syzkaller/workdir/",
+ "image": "/tmp/syzkaller/runsc",
+ "syzkaller": "/syzkaller/gopath/src/github.com/google/syzkaller",
+ "cover": false,
+ "procs": 1,
+ "type": "gvisor",
+ "vm": {
+ "count": 1,
+ "runsc_args": "--debug --network none --platform ptrace --vfs2 --fuse -net-raw -watchdog-action=panic"
+ }
+}