diff options
Diffstat (limited to 'images')
15 files changed, 57 insertions, 30 deletions
diff --git a/images/basic/hostoverlaytest/Dockerfile b/images/basic/hostoverlaytest/Dockerfile deleted file mode 100644 index 6cef1a542..000000000 --- a/images/basic/hostoverlaytest/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM ubuntu:bionic - -WORKDIR /root -COPY . . - -RUN apt-get update && apt-get install -y gcc -RUN gcc -O2 -o test_copy_up test_copy_up.c -RUN gcc -O2 -o test_rewinddir test_rewinddir.c diff --git a/images/basic/integrationtest/Dockerfile.x86_64 b/images/basic/integrationtest/Dockerfile.x86_64 new file mode 100644 index 000000000..e80e17527 --- /dev/null +++ b/images/basic/integrationtest/Dockerfile.x86_64 @@ -0,0 +1,7 @@ +FROM ubuntu:bionic + +WORKDIR /root +COPY . . +RUN chmod +x *.sh + +RUN apt-get update && apt-get install -y gcc iputils-ping iproute2 diff --git a/images/basic/hostoverlaytest/copy_up_testfile.txt b/images/basic/integrationtest/copy_up_testfile.txt index e4188c841..e4188c841 100644 --- a/images/basic/hostoverlaytest/copy_up_testfile.txt +++ b/images/basic/integrationtest/copy_up_testfile.txt diff --git a/images/basic/linktest/link_test.c b/images/basic/integrationtest/link_test.c index 45ab00abe..45ab00abe 100644 --- a/images/basic/linktest/link_test.c +++ b/images/basic/integrationtest/link_test.c diff --git a/images/basic/ping4test/ping4.sh b/images/basic/integrationtest/ping4.sh index 2a343712a..2a343712a 100644 --- a/images/basic/ping4test/ping4.sh +++ b/images/basic/integrationtest/ping4.sh diff --git a/images/basic/ping6test/ping6.sh b/images/basic/integrationtest/ping6.sh index 4268951d0..4268951d0 100644 --- a/images/basic/ping6test/ping6.sh +++ b/images/basic/integrationtest/ping6.sh diff --git a/images/basic/hostoverlaytest/test_copy_up.c b/images/basic/integrationtest/test_copy_up.c index 010b261dc..010b261dc 100644 --- a/images/basic/hostoverlaytest/test_copy_up.c +++ b/images/basic/integrationtest/test_copy_up.c diff --git a/images/basic/hostoverlaytest/test_rewinddir.c b/images/basic/integrationtest/test_rewinddir.c index f1a4085e1..f1a4085e1 100644 --- a/images/basic/hostoverlaytest/test_rewinddir.c +++ b/images/basic/integrationtest/test_rewinddir.c diff --git a/images/basic/linktest/Dockerfile b/images/basic/linktest/Dockerfile deleted file mode 100644 index baebc9b76..000000000 --- a/images/basic/linktest/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM ubuntu:bionic - -WORKDIR /root -COPY . . - -RUN apt-get update && apt-get install -y gcc -RUN gcc -O2 -o link_test link_test.c diff --git a/images/basic/ping4test/Dockerfile b/images/basic/ping4test/Dockerfile deleted file mode 100644 index 1536be376..000000000 --- a/images/basic/ping4test/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM ubuntu:bionic - -WORKDIR /root -COPY ping4.sh . -RUN chmod +x ping4.sh - -RUN apt-get update && apt-get install -y iputils-ping diff --git a/images/basic/ping6test/Dockerfile b/images/basic/ping6test/Dockerfile deleted file mode 100644 index cb740bd60..000000000 --- a/images/basic/ping6test/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM ubuntu:bionic - -WORKDIR /root -COPY ping6.sh . -RUN chmod +x ping6.sh - -RUN apt-get update && apt-get install -y iputils-ping iproute2 diff --git a/images/default/Dockerfile b/images/default/Dockerfile index 19b340237..5f652f2c3 100644 --- a/images/default/Dockerfile +++ b/images/default/Dockerfile @@ -24,6 +24,6 @@ RUN curl https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud ln -s /google-cloud-sdk/bin/gcloud /usr/bin/gcloud # Download the official bazel binary. The APT repository isn't used because there is not packages for arm64. -RUN sh -c 'curl -o /usr/local/bin/bazel https://releases.bazel.build/3.5.1/release/bazel-3.5.1-linux-$(uname -m | sed s/aarch64/arm64/) && chmod ugo+x /usr/local/bin/bazel' +RUN sh -c 'curl -o /usr/local/bin/bazel https://releases.bazel.build/4.0.0/release/bazel-4.0.0-linux-$(uname -m | sed s/aarch64/arm64/) && chmod ugo+x /usr/local/bin/bazel' WORKDIR /workspace ENTRYPOINT ["/usr/local/bin/bazel"] diff --git a/images/syzkaller/Dockerfile b/images/syzkaller/Dockerfile new file mode 100644 index 000000000..df6680f40 --- /dev/null +++ b/images/syzkaller/Dockerfile @@ -0,0 +1,9 @@ +FROM gcr.io/syzkaller/env + +RUN apt update && apt install -y git vim strace gdb procps + +WORKDIR /syzkaller/gopath/src/github.com/google/syzkaller + +RUN git init . && git remote add origin https://github.com/google/syzkaller && git fetch origin && git checkout origin/master && make + +ENTRYPOINT ./bin/syz-manager --config /tmp/syzkaller/syzkaller.cfg diff --git a/images/syzkaller/README.md b/images/syzkaller/README.md new file mode 100644 index 000000000..1eac474f3 --- /dev/null +++ b/images/syzkaller/README.md @@ -0,0 +1,25 @@ +syzkaller is an unsupervised coverage-guided kernel fuzzer. + +* [Github](https://github.com/google/syzkaller) +* [gVisor dashboard](https://syzkaller.appspot.com/gvisor) + +# How to run syzkaller. + +* Build the syzkaller docker image `make load-syzkaller` +* Build runsc and place it in /tmp/syzkaller. `make RUNTIME_DIR=/tmp/syzkaller + refresh` +* Copy the syzkaller config in /tmp/syzkaller `cp + images/syzkaller/default-gvisor-config.cfg /tmp/syzkaller/syzkaller.cfg` +* Run syzkaller `docker run --privileged -it --rm -v + /tmp/syzkaller:/tmp/syzkaller gvisor.dev/images/syzkaller:latest` + +# How to run a syz repro. + +* Repeate all steps except the last one from the previous section. + +* Save a syzkaller repro in /tmp/syzkaller/repro + +* Run syz-repro `docker run --privileged -it --rm -v + /tmp/syzkaller:/tmp/syzkaller --entrypoint="" + gvisor.dev/images/syzkaller:latest ./bin/syz-repro -config + /tmp/syzkaller/syzkaller.cfg /tmp/syzkaller/repro` diff --git a/images/syzkaller/default-gvisor-config.cfg b/images/syzkaller/default-gvisor-config.cfg new file mode 100644 index 000000000..c69641c21 --- /dev/null +++ b/images/syzkaller/default-gvisor-config.cfg @@ -0,0 +1,15 @@ +{ + "name": "gvisor", + "target": "linux/amd64", + "http": ":80", + "workdir": "/tmp/syzkaller/workdir/", + "image": "/tmp/syzkaller/runsc", + "syzkaller": "/syzkaller/gopath/src/github.com/google/syzkaller", + "cover": false, + "procs": 1, + "type": "gvisor", + "vm": { + "count": 1, + "runsc_args": "--debug --network none --platform ptrace --vfs2 --fuse -net-raw -watchdog-action=panic" + } +} |