syzkaller/tools/create-openbsd-gce-ci.sh
2019-08-27 18:20:23 -07:00

208 lines
5.7 KiB
Bash
Executable File

#!/bin/bash
# Copyright 2018 syzkaller project authors. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in
# the LICENSE file.
# Produces GCE image of syz-ci running on OpenBSD.
# Mostly derived from Go buildlet generator with blessing from bradfitz@.
set -eu -o pipefail
readonly MIRROR="${MIRROR:-cdn.openbsd.org}"
readonly VERSION="${VERSION:-6.6}"
readonly DOWNLOAD_VERSION="${DOWNLOAD_VERSION:-snapshots}"
readonly RELNO="${2:-${VERSION/./}}"
# The only supported setting.
readonly ARCH="amd64"
readonly ISO="install${RELNO}-${ARCH}.iso"
readonly ISO_PATCHED="install${RELNO}-${ARCH}-patched.iso"
if [[ ! -f "${ISO}" ]]; then
curl -o "${ISO}" "https://${MIRROR}/pub/OpenBSD/${DOWNLOAD_VERSION}/${ARCH}/install${RELNO}.iso"
fi
# Create custom siteXX.tgz set.
rm -fr etc && mkdir -p etc
cat >install.site <<EOF
#!/bin/sh
PKGS="bash gcc%8 git gmake go llvm nano wget"
PKG_PATH=https://${MIRROR}/pub/OpenBSD/${DOWNLOAD_VERSION}/packages/${ARCH}/ pkg_add -I \$PKGS
PKG_PATH= pkg_info -I \$PKGS && echo pkg_add OK
echo 'set tty com0' > boot.conf
echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config
echo 'pass in on egress proto tcp from any to any port 80 rdr-to 127.0.0.1 port 8080' >> /etc/pf.conf
echo 'permit keepenv nopass syzkaller as root' > /etc/doas.conf
mkdir /syzkaller
echo '/dev/sd1a /syzkaller ffs rw,noauto 1 0' >> /etc/fstab
EOF
cat >etc/installurl <<EOF
https://${MIRROR}/pub/OpenBSD
EOF
cat >etc/rc.local <<EOF
(
nc metadata.google.internal 80 <<EOF2 | tail -n1 > /etc/myname.gce \
&& echo >> /etc/myname.gce \
&& mv /etc/myname{.gce,} \
&& hostname \$(cat /etc/myname)
GET /computeMetadata/v1/instance/hostname HTTP/1.0
Host: metadata.google.internal
Metadata-Flavor: Google
EOF2
set -eux
echo "starting syz-ci"
fsck -y /dev/sd1a
mount /syzkaller
su -l syzkaller <<EOF2
cd /syzkaller
set -eux
ulimit -d 8000000
test -x syz-ci || (
go get github.com/google/syzkaller/syz-ci &&
go build github.com/google/syzkaller/syz-ci)
./syz-ci -config ./config-openbsd.ci 2>&1 | tee syz-ci.log &
EOF2
)
EOF
chmod +x install.site
cat >etc/rc.conf.local <<EOF
slaacd_flags=NO
smtpd_flags=NO
sndiod_flags=NO
EOF
cat >etc/sysctl.conf <<EOF
hw.smt=1
EOF
tar --owner=root --group=root -zcvf site${RELNO}.tgz install.site etc/*
# Autoinstall script.
cat >auto_install.conf <<EOF
System hostname = ci-openbsd
DNS domain name = syzkaller
Which network interface = vio0
IPv4 address for vio0 = dhcp
IPv6 address for vio0 = none
Password for root account = root
Public ssh key for root account = ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJeLpmSq+Dgrk01Ht+QtY0GDsY2gcwhT12SqizmacAF67TCa0n8OcpjVOpiiurb01Aa5lcl2WbakUFYmsp1U1l8=
Do you expect to run the X Window System = no
Change the default console to com0 = yes
Which speed should com0 use = 115200
Setup a user = syzkaller
Full name for user syzkaller = Syz Kaller
Password for user syzkaller = syzkaller
Public ssh key for user syzkaller = ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJeLpmSq+Dgrk01Ht+QtY0GDsY2gcwhT12SqizmacAF67TCa0n8OcpjVOpiiurb01Aa5lcl2WbakUFYmsp1U1l8=
Allow root ssh login = prohibit-password
What timezone = US/Pacific
Which disk = sd0
Use (W)hole disk or (E)dit the MBR = whole
Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout = auto
URL to autopartitioning template for disklabel = file:/disklabel.template
Set name(s) = +* -x* -game* done
Directory does not contain SHA256.sig. Continue without verification = yes
Location of sets = cd0
EOF
# Disklabel template.
cat >disklabel.template <<EOF
/ 5G-* 95%
swap 1G
EOF
# Hack install CD a bit.
echo 'set tty com0' > boot.conf
dd if=/dev/urandom of=random.seed bs=4096 count=1
cp "${ISO}" "${ISO_PATCHED}"
growisofs -M "${ISO_PATCHED}" -l -R -graft-points \
/${VERSION}/${ARCH}/site${RELNO}.tgz=site${RELNO}.tgz \
/auto_install.conf=auto_install.conf \
/disklabel.template=disklabel.template \
/etc/boot.conf=boot.conf \
/etc/random.seed=random.seed
# Initialize disk image.
rm -f disk.raw
qemu-img create -f raw disk.raw 10G
# Run the installer to create the disk image.
expect 2>&1 <<EOF | tee install_log
set timeout 1800
spawn qemu-system-x86_64 -nographic -smp 2 \
-drive if=virtio,file=disk.raw,format=raw -cdrom "${ISO_PATCHED}" \
-net nic,model=virtio -net user -boot once=d -m 4000 -enable-kvm
expect timeout { exit 1 } "boot>"
send "\n"
# Need to wait for the kernel to boot.
expect timeout { exit 1 } "\(I\)nstall, \(U\)pgrade, \(A\)utoinstall or \(S\)hell\?"
send "s\n"
expect timeout { exit 1 } "# "
send "mount /dev/cd0c /mnt\n"
send "cp /mnt/auto_install.conf /mnt/disklabel.template /\n"
send "chmod a+r /disklabel.template\n"
send "umount /mnt\n"
send "exit\n"
expect timeout { exit 1 } "CONGRATULATIONS!"
proc login {} {
send "root\n"
expect "Password:"
send "root\n"
expect "# "
send "cat /etc/ssh/ssh_host_*_key.pub\nhalt -p\n"
expect eof
}
# There is some form of race condition with OpenBSD 6.2 MP
# and qemu, which can result in init(1) failing to run /bin/sh
# the first time around...
expect {
timeout { exit 1 }
"Enter pathname of shell or RETURN for sh:" {
send "\nexit\n"
expect "login:" {
login
}
}
"login:" {
login
}
}
EOF
grep 'pkg_add OK' install_log > /dev/null \
|| { echo Package installation failed. Inspect install_log. 2>&1 ; exit 1; }
# Create Compute Engine disk image.
echo "Archiving disk.raw... (this may take a while)"
i="openbsd-${ARCH}-${RELNO}-gce.tar.gz"
tar -Szcf "$i" disk.raw
cat <<EOF
Done.
To create GCE image run the following commands:
gsutil cp -a public-read "$i" gs://syzkaller/
gcloud compute images create ci-openbsd-root --source-uri gs://syzkaller/"$i"
EOF