| # Setup |
| |
| Instructions for running OpenBSD host, OpenBSD vm, amd64 kernel. |
| In addition, the host must be running `-current`. |
| |
| Variables used throughout the instructions: |
| |
| - `$KERNEL` - Custom built kernel, see [Compile Kernel](#compile-kernel). |
| Defaults to `/sys/arch/amd64/compile/SYZKALLER/obj/bsd` if the |
| instructions are honored. |
| - `$SSHKEY` - SSH key ***without a passphrase*** used to connect to the VMs, |
| it's advised to use a dedicated key. |
| - `$USER` - The name of the user intended to run syzkaller. |
| - `$VMIMG` - VM disk image. |
| - `$VMID` - The numeric ID of last started VM. |
| |
| ## Install syzkaller |
| |
| 1. Install dependencies: |
| |
| ```sh |
| # pkg_add git gmake go |
| ``` |
| |
| In order for reproducers to work, GCC from ports is also required: |
| |
| ```sh |
| # pkg_add gcc |
| ``` |
| |
| 2. Clone repository: |
| |
| ```sh |
| $ git clone https://github.com/google/syzkaller |
| $ cd syzkaller |
| $ gmake all |
| ``` |
| |
| ## Compile Kernel |
| |
| A `GENERIC` kernel must be compiled with |
| [kcov(4)](https://man.openbsd.org/kcov.4) |
| enabled: |
| |
| ```sh |
| $ cd /sys/arch/amd64 |
| $ cat <<EOF >conf/SYZKALLER |
| include "arch/amd64/conf/GENERIC" |
| pseudo-device kcov 1 |
| EOF |
| $ cp -R compile/GENERIC compile/SYZKALLER |
| $ make -C compile/SYZKALLER obj |
| $ make -C compile/SYZKALLER config |
| $ make -C compile/SYZKALLER |
| ``` |
| |
| ## Create VM |
| |
| 1. [vmd(8)](https://man.openbsd.org/vmd.8) |
| must be configured to allow non-root users to create VMs since it removes the |
| need to run syzkaller as root: |
| |
| ```sh |
| $ cat /etc/vm.conf |
| vm "syzkaller" { |
| disable |
| disk "/dev/null" |
| local interface |
| owner $USER |
| allow instance { boot, disk, memory } |
| } |
| ``` |
| |
| 2. Create disk image: |
| |
| ```sh |
| $ vmctl create -s 4G "qcow2:$VMIMG" |
| ``` |
| |
| 3. Install VM: |
| |
| ```sh |
| $ vmctl start -c -t syzkaller -b /bsd.rd -d "$VMIMG" syzkaller-1 |
| ``` |
| |
| Answers to questions that deviates from the defaults: |
| |
| ``` |
| Password for root account? ****** |
| Allow root ssh login? yes |
| ``` |
| |
| 4. Restart the newly created VM and copy the SSH-key: |
| |
| ```sh |
| $ vmctl stop -w syzkaller-1 |
| $ vmctl start -c -t syzkaller -d "$VMIMG" syzkaller-1 |
| $ ssh "root@100.64.${VMID}.3" 'cat >~/.ssh/authorized_keys' <$SSHKEY.pub |
| ``` |
| |
| 5. Optionally, library ASLR can be disabled in order to improve boot time: |
| |
| ```sh |
| $ ssh "root@100.64.${VMID}.3" 'echo library_aslr=NO >>/etc/rc.conf.local' |
| ``` |
| |
| 6. Finally, stop the VM: |
| |
| ```sh |
| $ vmctl stop -w syzkaller-1 |
| ``` |
| |
| ## Configure and run syzkaller |
| |
| ```sh |
| $ pwd |
| ~/go/src/github.com/google/syzkaller |
| $ cat openbsd.cfg |
| { |
| "name": "openbsd", |
| "target": "openbsd/amd64", |
| "http": ":10000", |
| "workdir": "$HOME/go/src/github.com/google/syzkaller/workdir", |
| "kernel_obj": "/sys/arch/amd64/compile/SYZKALLER/obj", |
| "kernel_src": "/", |
| "syzkaller": "$HOME/go/src/github.com/google/syzkaller", |
| "image": "$VMIMG", |
| "sshkey": "$SSHKEY", |
| "sandbox": "none", |
| "procs": 2, |
| "type": "vmm", |
| "vm": { |
| "count": 4, |
| "mem": 512, |
| "kernel": "$KERNEL", |
| "template": "syzkaller" |
| } |
| } |
| $ ./bin/syz-manager -config openbsd.cfg |
| ``` |
