github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/docs/fuchsia/setup.sh (about) 1 #!/usr/bin/env bash 2 3 # Copyright 2022 syzkaller project authors. All rights reserved. 4 # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. 5 6 set -o errexit 7 set -o errtrace 8 set -o nounset 9 set -o pipefail 10 shopt -s extdebug 11 IFS=$'\n\t' 12 13 # TODO: Make the workdir be a parameter. 14 # TODO: Scope locals, pass more things as parameters. 15 # TODO: This script is getting overgrown enough that it's probably time start 16 # using Go instead. 17 18 help="This script will set up, build, and run Syzkaller for Fuchsia. You will 19 need a Syzkaller checkout and a Fuchsia checkout, and you will need a working 20 installation of the Go programming language. See docs/fuchsia/README.md in the 21 Syzkaller repository for more information. 22 23 In the commands below, \`syzkaller-directory\` and \`fuchsia-directory\` must be 24 absolute pathnames. 25 26 Usage: 27 28 setup.sh help 29 30 Prints this help message. 31 32 setup.sh build syzkaller-directory fuchsia-directory 33 34 Builds Syzkaller and Fuchsia for x64. 35 36 setup.sh [-d] run syzkaller-directory fuchsia-directory 37 38 Runs Syzkaller on the Fuchsia emulator. (You must have built both first, using 39 \`setup.sh build ...\`.) If you pass the \`-d\` option, \`syz-manager\` will be 40 run with the \`--debug\` option. 41 42 setup.sh update syzkaller-directory fuchsia-directory 43 44 Updates the Fuchsia system call definitions that Syzkaller will use." 45 46 die() { 47 echo "$@" > /dev/stderr 48 echo "For help, run \`setup.sh help\`." 49 exit 1 50 } 51 52 usage() { 53 echo "$help" 54 exit 0 55 } 56 57 preflight() { 58 if ! which go > /dev/null; then 59 die "You need to install the Go language." 60 fi 61 62 syzkaller="$1" 63 if [[ ! -d "$syzkaller" ]]; then 64 die "$syzkaller is not a directory." 65 fi 66 fuchsia="$2" 67 if [[ ! -d "$fuchsia" ]]; then 68 die "$fuchsia is not a directory." 69 fi 70 } 71 72 build() { 73 preflight "$syzkaller" "$fuchsia" 74 75 cd "$fuchsia" 76 fx --dir "out/x64" set core.x64 \ 77 --with-base "//bundles/tools" \ 78 --with-base "//src/testing/fuzzing/syzkaller" \ 79 --args=syzkaller_dir="\"$syzkaller\"" \ 80 --variant=kasan 81 fx build 82 83 cd "$syzkaller" 84 make TARGETOS=fuchsia TARGETARCH=amd64 SOURCEDIR="$fuchsia" 85 } 86 87 run() { 88 preflight "$syzkaller" "$fuchsia" 89 90 cd "$fuchsia" 91 92 product_bundle_path="$(ffx config get product.path | tr -d '"')" 93 # Look up needed deps from the product bundle assembled 94 fxfs_path="$(ffx product get-image-path "$product_bundle_path" --slot a --image-type fxfs)" 95 zbi_path="$(ffx product get-image-path "$product_bundle_path" --slot a --image-type zbi)" 96 multiboot_path="$(ffx product get-image-path "$product_bundle_path" --slot a --image-type qemu-kernel)" 97 98 # Make sure there are ssh keys available 99 ffx config check-ssh-keys 100 auth_keys_path="$(ffx config get ssh.pub | tr -d '"')" 101 priv_key_path="$(ffx config get ssh.priv | tr -d '"')" 102 103 # Make a separate directory for copies of files we need to modify 104 syz_deps_path=$fuchsia/out/x64/syzdeps 105 mkdir -p "$syz_deps_path" 106 107 ./out/x64/host_x64/zbi -o "${syz_deps_path}/fuchsia-ssh.zbi" "${zbi_path}" \ 108 --entry "data/ssh/authorized_keys=${auth_keys_path}" 109 110 cp "$fxfs_path" "${syz_deps_path}/fxfs.blk" 111 112 echo "{ 113 \"name\": \"fuchsia\", 114 \"target\": \"fuchsia/amd64\", 115 \"http\": \":12345\", 116 \"workdir\": \"$workdir\", 117 \"kernel_obj\": \"$fuchsia/out/x64/kernel_x64-kasan/obj/zircon/kernel\", 118 \"syzkaller\": \"$syzkaller\", 119 \"image\": \"$syz_deps_path/fxfs.blk\", 120 \"sshkey\": \"$priv_key_path\", 121 \"reproduce\": false, 122 \"cover\": false, 123 \"procs\": 8, 124 \"type\": \"qemu\", 125 \"vm\": { 126 \"count\": 10, 127 \"cpu\": 4, 128 \"mem\": 2048, 129 \"kernel\": \"$multiboot_path\", 130 \"initrd\": \"$syz_deps_path/fuchsia-ssh.zbi\" 131 } 132 }" > "$workdir/fx-syz-manager-config.json" 133 134 cd "$syzkaller" 135 # TODO: Find the real way to fix this: Syzkaller wants to invoke qemu 136 # manually, but perhaps it should be calling `ffx emu ...` or the like. See 137 # also //scripts/hermetic-env and //tools/devshell/lib/prebuilt.sh in 138 # $fuchsia. 139 PATH="$PATH:$fuchsia/prebuilt/third_party/qemu/linux-x64/bin:$fuchsia/prebuilt/third_party/qemu/mac-x64/bin" 140 bin/syz-manager -config "$workdir/fx-syz-manager-config.json" "$debug" 141 } 142 143 update_syscall_definitions() { 144 # TODO 145 echo "NOTE: This command does not currently work." 146 exit 147 148 preflight "$syzkaller" "$fuchsia" 149 150 cd "$syzkaller" 151 make extract TARGETOS=fuchsia SOURCEDIR="$fuchsia" 152 make generate 153 } 154 155 main() { 156 debug="" 157 while getopts "d" o; do 158 case "$o" in 159 d) 160 debug="--debug" ;; 161 *) ;; 162 esac 163 done 164 shift $((OPTIND - 1)) 165 166 if [[ $# != 3 ]]; then 167 usage 168 fi 169 170 command="$1" 171 syzkaller="$2" 172 fuchsia="$3" 173 workdir="$syzkaller/workdir.fuchsia" 174 mkdir -p "$workdir" 175 176 case "$command" in 177 build) 178 build;; 179 run) 180 run;; 181 update) 182 update_syscall_definitions;; 183 *) 184 usage;; 185 esac 186 } 187 188 main "$@"