github.com/google/syzkaller@v0.0.0-20251211124644-a066d2bc4b02/tools/docker/syzbot/Dockerfile

github.com/google/syzkaller@v0.0.0-20251211124644-a066d2bc4b02/tools/docker/syzbot/Dockerfile (about)

     1  # Copyright 2021 syzkaller project authors. All rights reserved.
     2  # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
     3  
     4  # See /tools/docker/README.md for details.
     5  
     6  FROM debian:trixie
     7  
     8  RUN apt-get update
     9  RUN DEBIAN_FRONTEND=noninteractive apt-get install -y -q \
    10  	# Build essentials:
    11  	gcc g++ binutils make ccache \
    12  	# Some common utilities:
    13  	unzip curl sudo procps psmisc nano vim git bzip2 dh-autoreconf fdisk \
    14  	# These are needed to build Linux kernel:
    15  	flex bison bc gawk dwarves cpio texinfo texi2html lzop lbzip2 \
    16  	zlib1g-dev libncurses-dev libmpc-dev libssl-dev \
    17  	apt-transport-https curl gnupg python-is-python3 python3-legacy-cgi \
    18  	# Needed for building Cuttlefish images.
    19  	rsync libarchive-tools \
    20  	# These are various fsck-like commands needed for prog/fsck:
    21  	dosfstools e2fsprogs btrfs-progs util-linux f2fs-tools jfsutils \
    22  	util-linux dosfstools ocfs2-tools reiserfsprogs xfsprogs erofs-utils \
    23  	exfatprogs gfs2-utils \
    24  	# Needed for buiding gVisor.
    25  	crossbuild-essential-amd64 crossbuild-essential-arm64 libbpf-dev
    26  RUN test "$(uname -m)" != x86_64 && exit 0 || \
    27          DEBIAN_FRONTEND=noninteractive apt-get install -y -q \
    28  	  libc6-dev-i386 libc6-dev-i386-amd64-cross lib32gcc-14-dev lib32stdc++-14-dev \
    29  	  # Cross-compilation:
    30  	  g++-arm-linux-gnueabi g++-aarch64-linux-gnu g++-powerpc64le-linux-gnu \
    31  	  g++-mips64el-linux-gnuabi64 g++-s390x-linux-gnu g++-riscv64-linux-gnu
    32  
    33  # Since go 1.21 the toolchain required by go.mod is automatically downloaded.
    34  # There is no need to version up golang here after go.mod changes.
    35  RUN curl https://dl.google.com/go/go1.24.4.linux-$(uname -m | sed 's/aarch64/arm64/;s/x86_64/amd64/').tar.gz | tar -C /usr/local -xz
    36  ENV PATH /usr/local/go/bin:$PATH
    37  
    38  # Install the latest clang
    39  RUN apt-get install -y -q gnupg apt-transport-https
    40  RUN curl https://apt.llvm.org/llvm-snapshot.gpg.key | tee /usr/share/keyrings/llvm-snapshot.gpg
    41  RUN echo "deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/llvm-snapshot.gpg] http://apt.llvm.org/trixie/ llvm-toolchain-trixie-21 main" | tee /etc/apt/sources.list.d/llvm-21.list
    42  RUN apt-get update --allow-releaseinfo-change
    43  RUN apt-get install -y -q --no-install-recommends llvm-21 clang-21 clang-format-21 clang-tidy-21 lld-21
    44  RUN apt autoremove -y -q
    45  RUN sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-21 100
    46  RUN sudo update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-21 100
    47  RUN sudo update-alternatives --install /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-21 100
    48  RUN sudo update-alternatives --install /usr/bin/clang-format clang-format /usr/bin/clang-format-21 100
    49  RUN sudo update-alternatives --install /usr/bin/ld.lld ld.lld /usr/bin/lld-21 100
    50  RUN sudo update-alternatives --install /usr/bin/llvm-nm llvm-nm /usr/bin/llvm-nm-21 100
    51  RUN sudo update-alternatives --install /usr/bin/llvm-ar llvm-ar /usr/bin/llvm-ar-21 100
    52  RUN sudo update-alternatives --install /usr/bin/llvm-objcopy llvm-objcopy /usr/bin/llvm-objcopy-21 100
    53  RUN sudo update-alternatives --install /usr/bin/llvm-objdump llvm-objdump /usr/bin/llvm-objdump-21 100
    54  RUN sudo update-alternatives --install /usr/bin/llvm-addr2line llvm-addr2line /usr/bin/llvm-addr2line-21 100
    55  RUN sudo update-alternatives --install /usr/bin/llvm-readelf llvm-readelf /usr/bin/llvm-readelf-21 100
    56  RUN sudo update-alternatives --install /usr/bin/llvm-strip llvm-strip /usr/bin/llvm-strip-21 100
    57  
    58  # Also install clang-15 to keep bisections alive.
    59  RUN echo "deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/llvm-snapshot.gpg] http://apt.llvm.org/bookworm/ llvm-toolchain-bookworm-15 main" | sudo tee /etc/apt/sources.list.d/llvm-bookworm-15.list
    60  RUN apt-get update --allow-releaseinfo-change
    61  RUN apt-get install -y -q --no-install-recommends -t llvm-toolchain-bookworm-15 clang-15
    62  RUN apt-get install libelf-dev libdwarf-dev
    63  
    64  # Not really GRTE, but it's enough to run some scripts that hardcode the path.
    65  RUN mkdir -p /usr/grte/v5/bin && ln -s /usr/bin/python3 /usr/grte/v5/bin/python2.7
    66  
    67  # Install bazelisk
    68  RUN curl -s https://api.github.com/repos/bazelbuild/bazelisk/releases/latest \
    69          | sed -n '/browser_download_url/s/[^:]*:[^"]*\("[^"]*"\).*/url = \1/p' \
    70          | grep bazelisk-linux-$(uname -m | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) \
    71          | curl -L -o /usr/local/bin/bazel -K - \
    72          && chmod +x /usr/local/bin/bazel
    73  
    74  RUN DEBIAN_FRONTEND=noninteractive apt-get install -y -q \
    75  # This is required to run alien arch binaries in pkg/cover tests:
    76  	qemu-user
    77  
    78  # QEMU packages required to run x86/arm64 kernels - install them for both x86 and arm64.
    79  RUN DEBIAN_FRONTEND=noninteractive apt-get install -y -q \
    80      qemu-utils qemu-system-misc qemu-system-x86 qemu-system-arm qemu-system-aarch64
    81  
    82  # Install QEMU packages for other arches on x86 machines only.
    83  RUN test "$(uname -m)" != x86_64 && exit 0 || \
    84      DEBIAN_FRONTEND=noninteractive apt-get install -y -q \
    85      qemu-system-s390x qemu-system-mips qemu-system-ppc
    86  
    87  # Rust toolchain for kernel builds.
    88  ENV RUSTUP_HOME=/usr/local/rustup
    89  ENV CARGO_HOME=/usr/local/cargo
    90  ENV PATH=/usr/local/cargo/bin:$PATH
    91  ENV RUST_VERSION=1.91.1
    92  RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain $RUST_VERSION
    93  RUN rustup component add rust-src
    94  RUN cargo install --locked bindgen-cli
    95  
    96  RUN apt-get install -y --no-install-recommends libdw-dev libelf-dev
    97  
    98  # Install gcloud https://cloud.google.com/sdk/docs/install#deb.
    99  RUN apt-get install -y -q ca-certificates \
   100      && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /usr/share/keyrings/cloud.google.gpg \
   101      && echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
   102  RUN apt-get update && apt-get install -y google-cloud-cli
   103  RUN git config --system credential.'https://*.*.sourcemanager.dev'.helper gcloud.sh
   104  
   105  # pkg/osutil uses syzkaller user for sandboxing.
   106  RUN useradd --create-home syzkaller
   107  RUN echo "export PS1='\n\W🤖 '" >> /root/.bashrc
   108  
   109  COPY run-syz-command.sh /run-syz-command.sh