github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/tools/create-openbsd-gce-ci.sh (about) 1 #!/usr/bin/env bash 2 3 # Copyright 2018 syzkaller project authors. All rights reserved. 4 # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. 5 6 # Produces GCE image of syz-ci running on OpenBSD. 7 8 # Mostly derived from Go buildlet generator with blessing from bradfitz@. 9 10 set -eu -o pipefail 11 12 readonly MIRROR="${MIRROR:-cdn.openbsd.org}" 13 # The only supported setting. 14 readonly ARCH="amd64" 15 readonly SNAPSHOTS="https://${MIRROR}/pub/OpenBSD/snapshots/" 16 17 readonly VERSION=$(curl -s "${SNAPSHOTS}${ARCH}/" | perl -ne 'print "$1.$2" if m/>base(.)(.)\.tgz/') 18 echo "Found snapshots for version ${VERSION}" 19 20 readonly RELNO="${2:-${VERSION/./}}" 21 readonly ISO="install${RELNO}-${ARCH}.iso" 22 readonly ISO_PATCHED="install${RELNO}-${ARCH}-patched.iso" 23 24 if [[ ! -f "${ISO}" ]]; then 25 curl -o "${ISO}" "${SNAPSHOTS}${ARCH}/install${RELNO}.iso" 26 fi 27 28 # Create custom siteXX.tgz set. 29 rm -fr etc && mkdir -p etc 30 cat >install.site <<EOF 31 #!/bin/sh 32 PKGS="bash gcc%8 git gmake go llvm%13 nano wget" 33 PKG_PATH=${SNAPSHOTS}packages/${ARCH}/ pkg_add -I \$PKGS 34 PKG_PATH= pkg_info -I \$PKGS && echo pkg_add OK 35 36 echo 'set tty com0' > boot.conf 37 echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config 38 echo 'pass in on egress proto tcp from any to any port 80 rdr-to 127.0.0.1 port 8080' >> /etc/pf.conf 39 echo 'permit keepenv nopass syzkaller as root' > /etc/doas.conf 40 41 mkdir /syzkaller 42 echo '/dev/sd1a /syzkaller ffs rw,noauto 1 0' >> /etc/fstab 43 44 mkdir -p /usr/lib/clang/16/lib/openbsd 45 ln -s /usr/lib/clang/16/lib/libclang_rt.ubsan_minimal.a /usr/lib/clang/16/lib/openbsd/libclang_rt.ubsan_standalone-x86_64.a 46 touch /usr/lib/clang/16/lib/openbsd/libclang_rt.ubsan_standalone_cxx-x86_64.a 47 EOF 48 49 cat >etc/installurl <<EOF 50 https://${MIRROR}/pub/OpenBSD 51 EOF 52 53 cat >etc/rc.local <<EOF 54 ( 55 nc metadata.google.internal 80 <<EOF2 | tail -n1 > /etc/myname.gce \ 56 && echo >> /etc/myname.gce \ 57 && mv /etc/myname{.gce,} \ 58 && hostname \$(cat /etc/myname) 59 GET /computeMetadata/v1/instance/hostname HTTP/1.0 60 Host: metadata.google.internal 61 Metadata-Flavor: Google 62 63 EOF2 64 set -eux 65 66 echo "starting syz-ci" 67 fsck -y /dev/sd1a 68 mount /syzkaller 69 su -l syzkaller <<EOF2 70 cd /syzkaller 71 export HOME=/syzkaller 72 set -eux 73 ulimit -d 8000000 74 mkdir -p /syzkaller/go-cache 75 export GOCACHE=/syzkaller/go-cache 76 test -d /syzkaller/gopath/src/github.com/google/syzkaller || ( 77 mkdir -p /syzkaller/gopath/src/github.com/google && \ 78 git clone https://github.com/google/syzkaller.git && \ 79 mv syzkaller /syzkaller/gopath/src/github.com/google) 80 (cd /syzkaller/gopath/src/github.com/google/syzkaller && \ 81 gmake ci && \ 82 install bin/syz-ci /syzkaller) 83 ./syz-ci -config /syzkaller/gopath/src/github.com/google/syzkaller/dashboard/config/openbsd/config.ci 2>&1 | tee /syzkaller/syz-ci.log & 84 EOF2 85 ) 86 EOF 87 chmod +x install.site 88 89 cat >etc/rc.conf.local <<EOF 90 slaacd_flags=NO 91 smtpd_flags=NO 92 sndiod_flags=NO 93 EOF 94 95 cat >etc/sysctl.conf <<EOF 96 hw.smt=1 97 EOF 98 99 tar --owner=root --group=root -zcvf "site${RELNO}.tgz" install.site etc/* 100 101 # Autoinstall script. 102 cat >auto_install.conf <<EOF 103 System hostname = ci-openbsd 104 DNS domain name = syzkaller 105 Which network interface = vio0 106 IPv4 address for vio0 = dhcp 107 IPv6 address for vio0 = none 108 Password for root account = root 109 Public ssh key for root account = ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJeLpmSq+Dgrk01Ht+QtY0GDsY2gcwhT12SqizmacAF67TCa0n8OcpjVOpiiurb01Aa5lcl2WbakUFYmsp1U1l8= 110 Do you expect to run the X Window System = no 111 Change the default console to com0 = yes 112 Which speed should com0 use = 115200 113 Setup a user = syzkaller 114 Full name for user syzkaller = Syz Kaller 115 Password for user syzkaller = syzkaller 116 Public ssh key for user syzkaller = ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJeLpmSq+Dgrk01Ht+QtY0GDsY2gcwhT12SqizmacAF67TCa0n8OcpjVOpiiurb01Aa5lcl2WbakUFYmsp1U1l8= 117 Allow root ssh login = prohibit-password 118 What timezone = US/Pacific 119 Which disk = sd0 120 Use (W)hole disk or (E)dit the MBR = whole 121 Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout = auto 122 URL to autopartitioning template for disklabel = file:/disklabel.template 123 Set name(s) = +* -x* -game* done 124 Directory does not contain SHA256.sig. Continue without verification = yes 125 Location of sets = cd0 126 EOF 127 128 # Disklabel template. 129 cat >disklabel.template <<EOF 130 / 5G-* 95% 131 swap 1G 132 EOF 133 134 # Hack install CD a bit. 135 echo 'set tty com0' > boot.conf 136 dd if=/dev/urandom of=random.seed bs=4096 count=1 137 cp "${ISO}" "${ISO_PATCHED}" 138 growisofs -M "${ISO_PATCHED}" -l -R -graft-points \ 139 "/${VERSION}/${ARCH}/site${RELNO}.tgz=site${RELNO}.tgz" \ 140 /auto_install.conf=auto_install.conf \ 141 /disklabel.template=disklabel.template \ 142 /etc/boot.conf=boot.conf \ 143 /etc/random.seed=random.seed 144 145 # Initialize disk image. 146 rm -f disk.raw 147 qemu-img create -f raw disk.raw 10G 148 149 # Run the installer to create the disk image. 150 expect 2>&1 <<EOF | tee install_log 151 set timeout 1800 152 153 spawn qemu-system-x86_64 -nographic -smp 2 \ 154 -drive if=virtio,file=disk.raw,format=raw -cdrom "${ISO_PATCHED}" \ 155 -net nic,model=virtio -net user -boot once=d -m 4000 -enable-kvm 156 157 expect timeout { exit 1 } "boot>" 158 send "\n" 159 160 # Need to wait for the kernel to boot. 161 expect timeout { exit 1 } "\(I\)nstall, \(U\)pgrade, \(A\)utoinstall or \(S\)hell\?" 162 send "s\n" 163 164 expect timeout { exit 1 } "# " 165 send "mount /dev/cd0c /mnt\n" 166 send "cp /mnt/auto_install.conf /mnt/disklabel.template /\n" 167 send "chmod a+r /disklabel.template\n" 168 send "umount /mnt\n" 169 send "exit\n" 170 171 expect timeout { exit 1 } "CONGRATULATIONS!" 172 173 proc login {} { 174 send "root\n" 175 176 expect "Password:" 177 send "root\n" 178 179 expect "# " 180 send "cat /etc/ssh/ssh_host_*_key.pub\nhalt -p\n" 181 182 expect eof 183 } 184 185 # There is some form of race condition with OpenBSD 6.2 MP 186 # and qemu, which can result in init(1) failing to run /bin/sh 187 # the first time around... 188 expect { 189 timeout { exit 1 } 190 "Enter pathname of shell or RETURN for sh:" { 191 send "\nexit\n" 192 expect "login:" { 193 login 194 } 195 } 196 "login:" { 197 login 198 } 199 } 200 EOF 201 202 grep 'pkg_add OK' install_log > /dev/null \ 203 || { echo Package installation failed. Inspect install_log. 2>&1 ; exit 1; } 204 205 # Create Compute Engine disk image. 206 echo "Archiving disk.raw... (this may take a while)" 207 i="openbsd-${ARCH}-snapshot-gce.tar.gz" 208 tar -Szcf "$i" disk.raw 209 210 cat <<EOF 211 Done. 212 213 To create GCE image run the following commands: 214 215 gsutil cp -a public-read "$i" gs://syzkaller/ 216 gcloud compute images create ci-openbsd-root --source-uri gs://syzkaller/"$i" 217 218 EOF