| #!/bin/bash |
| |
| # Copyright 2018 syzkaller project authors. All rights reserved. |
| # Use of this source code is governed by Apache 2 LICENSE that can be found in |
| # the LICENSE file. |
| |
| # Produces GCE image of syz-ci running on OpenBSD. |
| |
| # Mostly derived from Go buildlet generator with blessing from bradfitz@. |
| |
| set -eu -o pipefail |
| |
| readonly MIRROR="${MIRROR:-cdn.openbsd.org}" |
| readonly VERSION="${VERSION:-6.5}" |
| readonly DOWNLOAD_VERSION="${DOWNLOAD_VERSION:-snapshots}" |
| readonly RELNO="${2:-${VERSION/./}}" |
| |
| # The only supported setting. |
| readonly ARCH="amd64" |
| |
| readonly ISO="install${RELNO}-${ARCH}.iso" |
| readonly ISO_PATCHED="install${RELNO}-${ARCH}-patched.iso" |
| |
| if [[ ! -f "${ISO}" ]]; then |
| curl -o "${ISO}" "https://${MIRROR}/pub/OpenBSD/${DOWNLOAD_VERSION}/${ARCH}/install${RELNO}.iso" |
| fi |
| |
| # Create custom siteXX.tgz set. |
| rm -fr etc && mkdir -p etc |
| cat >install.site <<EOF |
| #!/bin/sh |
| PKGS="bash gcc%8 git gmake go llvm nano wget" |
| PKG_PATH=https://${MIRROR}/pub/OpenBSD/${DOWNLOAD_VERSION}/packages/${ARCH}/ pkg_add -I \$PKGS |
| PKG_PATH= pkg_info -I \$PKGS && echo pkg_add OK |
| |
| echo 'set tty com0' > boot.conf |
| echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config |
| echo 'pass in on egress proto tcp from any to any port 80 rdr-to 127.0.0.1 port 8080' >> /etc/pf.conf |
| echo 'permit keepenv nopass syzkaller as root' > /etc/doas.conf |
| |
| mkdir /syzkaller |
| echo '/dev/sd1a /syzkaller ffs rw,noauto 1 0' >> /etc/fstab |
| EOF |
| |
| cat >etc/installurl <<EOF |
| https://${MIRROR}/pub/OpenBSD |
| EOF |
| |
| cat >etc/rc.local <<EOF |
| ( |
| nc metadata.google.internal 80 <<EOF2 | tail -n1 > /etc/myname.gce \ |
| && echo >> /etc/myname.gce \ |
| && mv /etc/myname{.gce,} \ |
| && hostname \$(cat /etc/myname) |
| GET /computeMetadata/v1/instance/hostname HTTP/1.0 |
| Host: metadata.google.internal |
| Metadata-Flavor: Google |
| |
| EOF2 |
| set -eux |
| |
| echo "starting syz-ci" |
| fsck -y /dev/sd1a |
| mount /syzkaller |
| su -l syzkaller <<EOF2 |
| cd /syzkaller |
| set -eux |
| ulimit -d 8000000 |
| test -x syz-ci || ( |
| go get github.com/google/syzkaller/syz-ci && |
| go build github.com/google/syzkaller/syz-ci) |
| ./syz-ci -config ./config-openbsd.ci 2>&1 | tee syz-ci.log & |
| EOF2 |
| ) |
| EOF |
| chmod +x install.site |
| |
| cat >etc/rc.conf.local <<EOF |
| slaacd_flags=NO |
| smtpd_flags=NO |
| sndiod_flags=NO |
| EOF |
| |
| cat >etc/sysctl.conf <<EOF |
| hw.smt=1 |
| EOF |
| |
| tar --owner=root --group=root -zcvf site${RELNO}.tgz install.site etc/* |
| |
| # Autoinstall script. |
| cat >auto_install.conf <<EOF |
| System hostname = ci-openbsd |
| DNS domain name = syzkaller |
| Which network interface = vio0 |
| IPv4 address for vio0 = dhcp |
| IPv6 address for vio0 = none |
| Password for root account = root |
| Public ssh key for root account = ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJeLpmSq+Dgrk01Ht+QtY0GDsY2gcwhT12SqizmacAF67TCa0n8OcpjVOpiiurb01Aa5lcl2WbakUFYmsp1U1l8= |
| Do you expect to run the X Window System = no |
| Change the default console to com0 = yes |
| Which speed should com0 use = 115200 |
| Setup a user = syzkaller |
| Full name for user syzkaller = Syz Kaller |
| Password for user syzkaller = syzkaller |
| Public ssh key for user syzkaller = ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJeLpmSq+Dgrk01Ht+QtY0GDsY2gcwhT12SqizmacAF67TCa0n8OcpjVOpiiurb01Aa5lcl2WbakUFYmsp1U1l8= |
| Allow root ssh login = prohibit-password |
| What timezone = US/Pacific |
| Which disk = sd0 |
| Use (W)hole disk or (E)dit the MBR = whole |
| Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout = auto |
| URL to autopartitioning template for disklabel = file://disklabel.template |
| Set name(s) = +* -x* -game* done |
| Directory does not contain SHA256.sig. Continue without verification = yes |
| EOF |
| |
| # Disklabel template. |
| cat >disklabel.template <<EOF |
| / 5G-* 95% |
| swap 1G |
| EOF |
| |
| # Hack install CD a bit. |
| echo 'set tty com0' > boot.conf |
| dd if=/dev/urandom of=random.seed bs=4096 count=1 |
| cp "${ISO}" "${ISO_PATCHED}" |
| growisofs -M "${ISO_PATCHED}" -l -R -graft-points \ |
| /${VERSION}/${ARCH}/site${RELNO}.tgz=site${RELNO}.tgz \ |
| /auto_install.conf=auto_install.conf \ |
| /disklabel.template=disklabel.template \ |
| /etc/boot.conf=boot.conf \ |
| /etc/random.seed=random.seed |
| |
| # Initialize disk image. |
| rm -f disk.raw |
| qemu-img create -f raw disk.raw 10G |
| |
| # Run the installer to create the disk image. |
| expect 2>&1 <<EOF | tee install_log |
| set timeout 1800 |
| |
| spawn qemu-system-x86_64 -nographic -smp 2 \ |
| -drive if=virtio,file=disk.raw,format=raw -cdrom "${ISO_PATCHED}" \ |
| -net nic,model=virtio -net user -boot once=d -m 4000 -enable-kvm |
| |
| expect timeout { exit 1 } "boot>" |
| send "\n" |
| |
| # Need to wait for the kernel to boot. |
| expect timeout { exit 1 } "\(I\)nstall, \(U\)pgrade, \(A\)utoinstall or \(S\)hell\?" |
| send "s\n" |
| |
| expect timeout { exit 1 } "# " |
| send "mount /dev/cd0c /mnt\n" |
| send "cp /mnt/auto_install.conf /mnt/disklabel.template /\n" |
| send "chmod a+r /disklabel.template\n" |
| send "umount /mnt\n" |
| send "exit\n" |
| |
| expect timeout { exit 1 } "CONGRATULATIONS!" |
| |
| proc login {} { |
| send "root\n" |
| |
| expect "Password:" |
| send "root\n" |
| |
| expect "# " |
| send "cat /etc/ssh/ssh_host_*_key.pub\nhalt -p\n" |
| |
| expect eof |
| } |
| |
| # There is some form of race condition with OpenBSD 6.2 MP |
| # and qemu, which can result in init(1) failing to run /bin/sh |
| # the first time around... |
| expect { |
| timeout { exit 1 } |
| "Enter pathname of shell or RETURN for sh:" { |
| send "\nexit\n" |
| expect "login:" { |
| login |
| } |
| } |
| "login:" { |
| login |
| } |
| } |
| EOF |
| |
| grep 'pkg_add OK' install_log > /dev/null \ |
| || { echo Package installation failed. Inspect install_log. 2>&1 ; exit 1; } |
| |
| # Create Compute Engine disk image. |
| echo "Archiving disk.raw... (this may take a while)" |
| i="openbsd-${ARCH}-${RELNO}-gce.tar.gz" |
| tar -Szcf "$i" disk.raw |
| |
| cat <<EOF |
| Done. |
| |
| To create GCE image run the following commands: |
| |
| gsutil cp -a public-read "$i" gs://syzkaller/ |
| gcloud compute images create ci-openbsd-root --source-uri gs://syzkaller/"$i" |
| |
| EOF |