reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2024-10-08 09:43:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
240fb175d9
syzkaller/docs/configuration.md
Dmitry Vyukov 97b58e7eae syz-manager/mgrconfig: move sshkey from vm config to manager config 
Sshkey is a property of image, which is in manager config.
Move sshkey to the same location as image.

The motivation for the move is as follows.
Continuous build produces an image and the key,
both need to be passed manager instance.
Continuous build system should not distinguish
different VM types and mess with their configs.

NOTE FOR USERS: this breaks manager configs again.
Hopefully the last time for now. Docs are updated.
2017-06-17 15:02:58 +02:00

2.6 KiB
Raw Blame History

Configuration

The operation of the syzkaller syz-manager process is governed by a configuration file, passed at invocation time with the -config option. This configuration can be based on the example; the file is in JSON format with the following keys in its top-level object:

  • http: URL that will display information about the running syz-manager process.
  • workdir: Location of a working directory for the syz-manager process. Outputs here include:
    • <workdir>/crashes/*: crash output files (see Crash Reports)
    • <workdir>/corpus.db: corpus with interesting programs
    • <workdir>/instance-x: per VM instance temporary files
  • syzkaller: Location of the syzkaller checkout.
  • vmlinux: Location of the vmlinux file that corresponds to the kernel being tested.
  • procs: Number of parallel test processes in each VM (4 or 8 would be a reasonable number).
  • leak: Detect memory leaks with kmemleak.
  • image: Location of the disk image file for the QEMU instance; a copy of this file is passed as the -hda option to qemu-system-x86_64.
  • sshkey: Location (on the host machine) of a root SSH identity to use for communicating with the virtual machine.
  • sandbox : Sandboxing mode, the following modes are supported:
    • "none": don't do anything special (has false positives, e.g. due to killing init)
    • "setuid": impersonate into user nobody (65534), default
    • "namespace": use namespaces to drop privileges (requires a kernel built with CONFIG_NAMESPACES, CONFIG_UTS_NS, CONFIG_USER_NS, CONFIG_PID_NS and CONFIG_NET_NS)
  • enable_syscalls: List of syscalls to test (optional).
  • disable_syscalls: List of system calls that should be treated as disabled (optional).
  • suppressions: List of regexps for known bugs.
  • type: Type of virtual machine to use, e.g. qemu or adb.
  • vm: object with VM-type-specific parameters; for example, for qemu type paramters include:
    • count: Number of VMs to run in parallel.
    • kernel: Location of the bzImage file for the kernel to be tested; this is passed as the -kernel option to qemu-system-x86_64.
    • cmdline: Additional command line options for the booting kernel, for example root=/dev/sda1.
    • cpu: Number of CPUs to simulate in the VM (not currently used).
    • mem: Amount of memory (in MiB) for the VM; this is passed as the -m option to qemu-system-x86_64.

See also config.go for all config parameters.