github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/tools/create-openbsd-vmm-worker.sh (about) 1 #!/usr/bin/env bash 2 3 # Copyright 2018 syzkaller project authors. All rights reserved. 4 # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. 5 6 # Produces a very minimal image for running syzkaller fuzzers running on OpenBSD. 7 8 # Mostly derived from Go buildlet generator with blessing from bradfitz@. 9 10 set -eu -o pipefail 11 12 readonly MIRROR="${MIRROR:-cdn.openbsd.org}" 13 # The only supported setting. 14 readonly ARCH="amd64" 15 readonly SNAPSHOTS="https://${MIRROR}/pub/OpenBSD/snapshots/" 16 17 readonly VERSION=$(curl -s "${SNAPSHOTS}${ARCH}/" | perl -ne 'print "$1.$2" if m/>base(.)(.)\.tgz/') 18 echo "Found snapshots for version ${VERSION}" 19 20 readonly RELNO="${2:-${VERSION/./}}" 21 readonly ISO="install${RELNO}-${ARCH}.iso" 22 readonly ISO_PATCHED="install${RELNO}-${ARCH}-patched.iso" 23 24 if [[ ! -f "${ISO}" ]]; then 25 curl -o "${ISO}" "${SNAPSHOTS}${ARCH}/install${RELNO}.iso" 26 fi 27 28 # Create custom siteXX.tgz set. 29 rm -fr etc && mkdir -p etc 30 cat >install.site <<'EOF' 31 #!/bin/sh 32 echo 'set tty com0' > boot.conf 33 echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config 34 35 rm /usr/libexec/reorder_kernel 36 ln -s /usr/bin/true /usr/libexec/reorder_kernel 37 rm -fr /usr/share/relink 38 39 perl -i.bak -pne 's/^(ttyC.*)vt220.*/$1unknown off/' /etc/ttys 40 41 touch root/.hushlogin home/syzkaller/.hushlogin 42 EOF 43 44 cat >etc/sysctl.conf <<EOF 45 ddb.max_line=0 46 ddb.max_width=0 47 hw.smt=1 48 kern.allowdt=1 49 EOF 50 51 cat >etc/installurl <<EOF 52 https://${MIRROR}/pub/OpenBSD 53 EOF 54 55 cat >etc/rc.local <<'EOF' 56 ( 57 nc metadata.google.internal 80 <<EOF2 | tail -n1 > /etc/myname.gce \ 58 && echo >> /etc/myname.gce \ 59 && mv /etc/myname{.gce,} \ 60 && hostname $(cat /etc/myname) 61 GET /computeMetadata/v1/instance/hostname HTTP/1.0 62 Host: metadata.google.internal 63 Metadata-Flavor: Google 64 65 EOF2 66 ) 67 cd /dev && for i in `jot - 0 7`; do sh MAKEDEV tap$i; done 68 EOF 69 70 chmod +x install.site 71 72 cat >etc/rc.conf.local <<EOF 73 cron_flags=NO 74 pflogd_flags=NO 75 library_aslr=NO 76 slaacd_flags=NO 77 smtpd_flags=NO 78 sndiod_flags=NO 79 pf=NO 80 ntpd_flags=NO 81 EOF 82 83 # Generate the worker keys. 84 rm -f worker_key* 85 ssh-keygen -t ed25519 -N '' -f worker_key -C worker_key 86 87 tar --owner=root --group=root -zcvf "site${RELNO}.tgz" install.site etc/* 88 89 # Autoinstall script. 90 cat >auto_install.conf <<EOF 91 System hostname = worker 92 DNS domain name = syzkaller 93 Which network interface = vio0 94 IPv4 address for vio0 = dhcp 95 IPv6 address for vio0 = none 96 Password for root account = root 97 Public ssh key for root account = $(cat worker_key.pub) 98 Do you expect to run the X Window System = no 99 Change the default console to com0 = yes 100 Which speed should com0 use = 115200 101 Setup a user = syzkaller 102 Full name for user syzkaller = Syz Kaller 103 Password for user syzkaller = syzkaller 104 Public ssh key for user syzkaller = $(cat worker_key.pub) 105 Allow root ssh login = prohibit-password 106 What timezone = US/Pacific 107 Which disk = sd0 108 Use (W)hole disk or (E)dit the MBR = whole 109 Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout = auto 110 URL to autopartitioning template for disklabel = file:/disklabel.template 111 Set name(s) = -* +bsd +bsd.mp +base* +site* done 112 Directory does not contain SHA256.sig. Continue without verification = yes 113 Location of sets = cd0 114 EOF 115 116 # Disklabel template. 117 cat >disklabel.template <<EOF 118 / 700M-* 100% 119 swap 300M 120 EOF 121 122 # Hack install CD a bit. 123 echo 'set tty com0' > boot.conf 124 dd if=/dev/urandom of=random.seed bs=4096 count=1 125 cp "${ISO}" "${ISO_PATCHED}" 126 growisofs -M "${ISO_PATCHED}" -l -R -graft-points \ 127 "/${VERSION}/${ARCH}/site${RELNO}.tgz=site${RELNO}.tgz" \ 128 /auto_install.conf=auto_install.conf \ 129 /disklabel.template=disklabel.template \ 130 /etc/boot.conf=boot.conf \ 131 /etc/random.seed=random.seed 132 133 # Initialize disk image. 134 rm -f worker_disk.raw 135 qemu-img create -f raw worker_disk.raw 1500M 136 137 # Run the installer to create the disk image. 138 expect 2>&1 <<EOF | tee install_log 139 set timeout 1800 140 141 spawn qemu-system-x86_64 -nographic -smp 2 \ 142 -drive if=virtio,file=worker_disk.raw,format=raw -cdrom "${ISO_PATCHED}" \ 143 -net nic,model=virtio -net user -boot once=d -m 4000 -enable-kvm 144 145 expect timeout { exit 1 } "boot>" 146 send "\n" 147 148 # Need to wait for the kernel to boot. 149 expect timeout { exit 1 } "\(I\)nstall, \(U\)pgrade, \(A\)utoinstall or \(S\)hell\?" 150 send "s\n" 151 152 expect timeout { exit 1 } "# " 153 send "mount /dev/cd0c /mnt\n" 154 send "cp /mnt/auto_install.conf /mnt/disklabel.template /\n" 155 send "chmod a+r /disklabel.template\n" 156 send "umount /mnt\n" 157 send "exit\n" 158 159 expect timeout { exit 1 } "CONGRATULATIONS!" 160 161 proc login {} { 162 send "root\n" 163 164 expect "Password:" 165 send "root\n" 166 167 expect "# " 168 send "cat /etc/ssh/ssh_host_*_key.pub\nhalt -p\n" 169 170 expect eof 171 } 172 173 # There is some form of race condition with OpenBSD 6.2 MP 174 # and qemu, which can result in init(1) failing to run /bin/sh 175 # the first time around... 176 expect { 177 timeout { exit 1 } 178 "Enter pathname of shell or RETURN for sh:" { 179 send "\nexit\n" 180 expect "login:" { 181 login 182 } 183 } 184 "login:" { 185 login 186 } 187 } 188 EOF 189 190 cat <<EOF 191 Done: worker_disk.raw 192 EOF