-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile-env
295 lines (253 loc) · 13.4 KB
/
Dockerfile-env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
# FT-Net: https://github.com/fuzztruction-net/fuzztruction-net
FROM nbars/fuzztruction-llvm_debug:llvmorg-17.0.6 as llvm
FROM ubuntu:23.04 as builder
ARG HTTP_PROXY
ARG HTTPS_PROXY
ENV HTTP_PROXY=${HTTP_PROXY}
ENV HTTPS_PROXY=${HTTPS_PROXY}
ENV http_proxy=${HTTP_PROXY}
ENV https_proxy=${HTTP_PROXY}
ARG MAKE_OPT="-j8"
ENV MAKE_OPT=${MAKE_OPT}
ARG CARGO_BUILD_JOBS="8"
ENV CARGO_BUILD_JOBS=${CARGO_BUILD_JOBS}
# Change the Ubuntu package mirror
RUN apt update && apt install -y apt-transport-https ca-certificates
RUN sed -i 's@//.*archive.ubuntu.com@//mirrors.ustc.edu.cn@g' /etc/apt/sources.list && apt clean
# # LLVM-17
# RUN apt update && apt install -y --no-install-recommends wget gnupg2 && rm -rf /var/lib/apt/lists
# RUN echo deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-17 main >> /etc/apt/sources.list
# RUN wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add -
# TODO: 精简安装包
# Install common dependencies
ENV DEBIAN_FRONTEND=noninteractive
RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \
apt update -y && apt-mark hold "llvm-*" && apt-mark hold "clang-*" && \
apt install -y \
apt-utils git build-essential mold curl libc++-dev sudo libtool libtool-bin libz-dev libglib2.0-dev graphviz-dev bison flex automake libpixman-1-dev cgroup-tools \
cmake bear autoconf pkg-config gdb strace \
openssh-server openssl libssl-dev libgnutls28-dev \
libcap-dev libpcap-dev tcpdump \
rsync autopoint gperf texinfo gettext \
openjdk-11-jdk \
vim nano screen htop man wget httpie bash-completion ripgrep iputils-ping iproute2 telnet net-tools ncat netcat-traditional \
zsh autojump fzf
RUN pip3 install --break-system-packages -i https://mirrors.aliyun.com/pypi/simple --proxy=${HTTP_PROXY} \
gcovr
# Copy prebuilt custom LLVM version
COPY --from=llvm /llvm/* /usr
# RUN update-alternatives --install /usr/bin/clang clang $(which clang-17) 1 && \
# update-alternatives --install /usr/bin/clang++ clang++ $(which clang++-17) 1 && \
# update-alternatives --install /usr/bin/llvm-config llvm-config $(which llvm-config-17) 1 && \
# update-alternatives --install /usr/bin/llvm-symbolizer llvm-symbolizer $(which llvm-symbolizer-17) 1 && \
# update-alternatives --install /usr/bin/llvm-cov llvm-cov $(which llvm-cov-17) 1 && \
# update-alternatives --install /usr/bin/llvm-profdata llvm-profdata $(which llvm-profdata-17) 1
RUN chmod 777 /tmp
RUN echo "Acquire::http::Proxy \"${HTTP_PROXY}\";" > /etc/apt/apt.conf.d/99proxy && \
echo "Acquire::ftp::Proxy \"${HTTP_PROXY}\";" >> /etc/apt/apt.conf.d/99proxy && \
echo "Acquire::https::Proxy \"${HTTP_PROXY}\";" >> /etc/apt/apt.conf.d/99proxy
# Users
##############
# Add a new user
ARG USER_ID=1000
ARG GROUP_ID=1000
ENV USER_ID=${USER_ID}
ENV GROUP_ID=${GROUP_ID}
# ubuntu:23.04 has an 'ubuntu' user and group
# so we use the 'user' as the default
# to avoid the conflict between ${USER_ID} and the id of 'ubuntu'
# here we remove the existed user 'ubuntu'
RUN userdel $(getent passwd ${USER_ID} | cut -d: -f1) || true
RUN groupdel $(getent group ${GROUP_ID} | cut -d: -f1) || true
RUN groupadd -g ${GROUP_ID} user && \
useradd -u ${USER_ID} -rm -d /home/user -s /usr/bin/zsh -g user -G sudo user -p "$(openssl passwd -1 user)" && \
echo "user ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
# Use user as default username
USER user
WORKDIR /home/user
ENV HOME=/home/user
RUN git config --global http.version HTTP/1.1
# Rust
ENV RUSTUP_DIST_SERVER=https://rsproxy.cn
ENV RUSTUP_UPDATE_ROOT=https://rsproxy.cn/rustup
RUN --mount=type=cache,target=${HOME}/.rustup,uid=${USER_ID},gid=${GROUP_ID} \
--mount=type=cache,target=${HOME}/.cargo,uid=${USER_ID},gid=${GROUP_ID} \
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain stable && \
${HOME}/.cargo/bin/cargo install grcov && \
sudo cp ${HOME}/.cargo/bin/grcov /usr/local/bin/
COPY scripts/cargo.toml ${HOME}/.cargo/
COPY scripts/.zshrc ${HOME}/.zshrc
COPY scripts/.p10k.zsh ${HOME}/.p10k.zsh
RUN zsh -c ". ~/.zshrc"
##############
# End of user setup
# Code
##############
# Environments and fuzzer tools
##############
# Pingu: My Fuzzer :)
FROM builder as pingu-builder
ARG GITHUB_TOKEN
RUN --mount=type=cache,target=${HOME}/.cargo,uid=${USER_ID},gid=${GROUP_ID} \
--mount=type=cache,target=${HOME}/.rustup,uid=${USER_ID},gid=${GROUP_ID} \
git clone https://Kherrisan:[email protected]/Kherrisan/pingu.git && \
cd pingu && \
echo "nightly-2024-02-14" >> rust-toolchain && \
git submodule update --init && \
cd fuzztruction && \
git submodule update --init && \
cd .. && \
${HOME}/.cargo/bin/cargo build -p pingu-fuzzer -p pingu-cc && \
${HOME}/.cargo/bin/cargo build --manifest-path ${HOME}/pingu/fuzztruction/generator/agent/Cargo.toml
RUN mkdir -p ${HOME}/libafl_cc_tmp && \
cp -r ${HOME}/pingu/target/debug/build/libafl_cc* ${HOME}/libafl_cc_tmp
# FT-Net
FROM builder as ft-net-builder
COPY patches /tmp/patches
RUN --mount=type=cache,target=${HOME}/.cargo,uid=${USER_ID},gid=${GROUP_ID} \
--mount=type=cache,target=${HOME}/.rustup,uid=${USER_ID},gid=${GROUP_ID} \
git clone https://github.com/fuzztruction/fuzztruction-net.git && \
cd fuzztruction-net && \
git checkout c34408b && \
git apply /tmp/patches/ft.patch && \
echo "nightly-2023-10-10" >> rust-toolchain && \
${HOME}/.cargo/bin/cargo build --workspace --release && \
git submodule update --init && \
cd consumer/aflpp-consumer && \
make clean && \
make all ${MAKE_OPT}
# TLS-Anvil
# Change the maven mirror ?
# de.rub.nds.* package may not be found in the aliyun maven registry.
FROM builder as tlsanvil-builder
RUN sudo apt update && sudo DEBIAN_FRONTEND=noninteractive apt install -y maven
RUN --mount=type=cache,target=${HOME}/.git,uid=${USER_ID},gid=${GROUP_ID} \
--mount=type=cache,target=${HOME}/.m2,uid=${USER_ID},gid=${GROUP_ID} \
PROXY_HOST=$(echo ${HTTP_PROXY} | sed -E 's|^http://([^:]+):.+|\1|') && \
PROXY_PORT=$(echo ${HTTP_PROXY} | sed -E 's|^http://[^:]+:(.+)|\1|') && \
git clone https://gitee.com/kherrisan/TLS-Anvil.git && \
cd TLS-Anvil && \
git checkout v1.2.9 && \
mvn install -DskipTests -Dspotless.apply.skip -DproxySet=true -DproxyHost=${PROXY_HOST} -DproxyPort=${PROXY_PORT}
FROM builder as faketime-builder
RUN git clone https://gitee.com/kherrisan/libfaketime.git && \
cd libfaketime && \
make -j
# build the final image
FROM builder
RUN sudo ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo "Asia/Shanghai" | sudo tee /etc/timezone
COPY patches /tmp/patches
ENV HTTP_PROXY=${HTTP_PROXY}
ENV HTTPS_PROXY=${HTTPS_PROXY}
ENV http_proxy=${HTTP_PROXY}
ENV https_proxy=${HTTP_PROXY}
# AFLNet
RUN git clone https://gitee.com/skyworld123/aflnet.git && \
cd aflnet && \
git checkout 62d63a59230bb5f5c6e54cddd381b9425dba3726 && \
git apply /tmp/patches/aflnet.patch && \
make clean all ${MAKE_OPT} && \
cd llvm_mode && make ${MAKE_OPT} && \
rm -rf .git tutorials docs
# StateAFL
# ENV STATEAFL_CFLAGS="-DENABLE_TRACE_GLOBAL_DATA -DBLACKLIST_ALLOC_SITES -DBLACKLIST_GLOBALS"
RUN sudo apt update && sudo DEBIAN_FRONTEND=noninteractive apt install -y tshark
RUN git clone https://gitee.com/zhangadiu/stateafl.git --depth=1 && \
cd stateafl && \
git checkout d923e22f7b2688db45b08f3fa3a29a566e7ff3a4 && \
git submodule init && \
git submodule update && \
git apply /tmp/patches/stateafl.patch && \
make ${MAKE_OPT} && \
rm as && \
cd llvm_mode && \
rm -f libmvptree.a containers.a libtlsh.a && \
cd tlsh && \
git apply /tmp/patches/tlsh.patch && \
cd .. && \
make ${MAKE_OPT} && \
rm -rf .git tutorials images docs
# SGFuzz
RUN git clone https://gitee.com/pine404/SGFuzz.git --depth=1 && \
cd SGFuzz && \
git checkout 00dbbd70ba79f1bcff3f7dfdb4fda0645cf91225 && \
git apply /tmp/patches/sgfuzz.patch && \
./build.sh && \
sudo cp libsfuzzer.a /usr/lib/libsFuzzer.a && \
rm -rf .git examples
# Install hongfuzz netdrive that is used by SGFuzz
RUN git clone https://gitee.com/kherrisan/honggfuzz.git --depth=1 && \
cd honggfuzz && \
CC=clang CFLAGS="-fsanitize=fuzzer-no-link -fsanitize=address" make libhfcommon/libhfcommon.a && \
CC=clang CFLAGS="-fsanitize=fuzzer-no-link -fsanitize=address -DHFND_RECVTIME=1" make libhfnetdriver/libhfnetdriver.a && \
sudo mv libhfcommon/libhfcommon.a /usr/lib/libhfcommon.a && \
sudo mv libhfnetdriver/libhfnetdriver.a /usr/lib/libhfnetdriver.a && \
rm -rf .git examples
# tlsfuzzer
RUN pip3 install --break-system-packages -i https://mirrors.aliyun.com/pypi/simple --pre tlslite-ng --proxy=${HTTP_PROXY} && \
git clone https://github.com/tlsfuzzer/tlsfuzzer.git --depth=1
RUN cd /tmp && \
git clone https://github.com/NixOS/patchelf.git && \
cd patchelf && \
./bootstrap.sh && \
./configure && \
make && \
make check && \
sudo make install
# TODO:
# DY fuzzer
# Install rr
RUN cd /tmp && \
wget https://github.com/rr-debugger/rr/releases/download/5.7.0/rr-5.7.0-Linux-$(uname -m).deb && \
sudo dpkg -i rr-5.7.0-Linux-$(uname -m).deb
# Copy libfaketime artifact
COPY --from=faketime-builder ${HOME}/libfaketime/src/libfaketime.so.1 ${HOME}/libfaketime.so.1
COPY --from=faketime-builder ${HOME}/libfaketime/src/libfaketimeMT.so.1 ${HOME}/libfaketimeMT.so.1
COPY --from=faketime-builder ${HOME}/libfaketime/src/faketime* ${HOME}/faketime*
# Copy FT-Net artifact
RUN mkdir -p ${HOME}/fuzztruction-net/target/release/ && \
mkdir -p ${HOME}/fuzztruction-net/target/debug/ && \
mkdir -p ${HOME}/fuzztruction-net/generator/pass/ && \
mkdir -p ${HOME}/fuzztruction-net/consumer/aflpp-consumer && \
mkdir -p ${HOME}/fuzztruction-net/eval-result
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/consumer/aflpp-consumer ${HOME}/fuzztruction-net/consumer/aflpp-consumer
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/target/release/fuzztruction ${HOME}/fuzztruction-net/target/release/fuzztruction
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/target/release/libgenerator_agent.a ${HOME}/fuzztruction-net/target/release/libgenerator_agent.a
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/target/release/libgenerator_agent.so ${HOME}/fuzztruction-net/target/release/libgenerator_agent.so
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/generator/pass/fuzztruction-source-clang-fast ${HOME}/fuzztruction-net/generator/pass/fuzztruction-source-clang-fast
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/generator/pass/fuzztruction-source-clang-fast++ ${HOME}/fuzztruction-net/generator/pass/fuzztruction-source-clang-fast++
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/generator/pass/fuzztruction-source-llvm-pass.so ${HOME}/fuzztruction-net/generator/pass/fuzztruction-source-llvm-pass.so
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/generator/pass/mem_functions.ll ${HOME}/fuzztruction-net/generator/pass/mem_functions.ll
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/env/check_env.sh /usr/bin/
COPY --from=ft-net-builder ${HOME}/fuzztruction-net/fuzztruction-experiments ${HOME}/fuzztruction-net/fuzztruction-experiments
# Copy pingu artifact
RUN mkdir -p ${HOME}/pingu/target/debug/ && \
mkdir -p ${HOME}/pingu/fuzztruction/generator/pass/ && \
mkdir -p ${HOME}/pingu/fuzztruction/target/debug/ && \
mkdir -p ${HOME}/pingu/fuzztruction/target/debug/build
COPY --from=pingu-builder ${HOME}/pingu/target/debug/pingu ${HOME}/pingu/target/debug/pingu
COPY --from=pingu-builder ${HOME}/libafl_cc_tmp ${HOME}/pingu/target/debug/build/
COPY --from=pingu-builder ${HOME}/pingu/target/debug/grcov-all ${HOME}/pingu/target/debug/grcov-all
COPY --from=pingu-builder ${HOME}/pingu/target/debug/libafl_cc ${HOME}/pingu/target/debug/libafl_cc
COPY --from=pingu-builder ${HOME}/pingu/target/debug/libafl_cxx ${HOME}/pingu/target/debug/libafl_cxx
COPY --from=pingu-builder ${HOME}/pingu/target/debug/libpingu_sink_agent.a ${HOME}/pingu/target/debug/libpingu_sink_agent.a
COPY --from=pingu-builder ${HOME}/pingu/target/debug/libfake_random.so ${HOME}/libfake_random.so
COPY --from=pingu-builder ${HOME}/pingu/fuzztruction/target/debug/libpingu_generator.so ${HOME}/pingu/fuzztruction/target/debug/libpingu_generator.so
COPY --from=pingu-builder ${HOME}/pingu/fuzztruction/generator/pass/fuzztruction-source-clang-fast ${HOME}/pingu/fuzztruction/generator/pass/fuzztruction-source-clang-fast
COPY --from=pingu-builder ${HOME}/pingu/fuzztruction/generator/pass/fuzztruction-source-clang-fast++ ${HOME}/pingu/fuzztruction/generator/pass/fuzztruction-source-clang-fast++
COPY --from=pingu-builder ${HOME}/pingu/fuzztruction/generator/pass/fuzztruction-source-llvm-pass.so ${HOME}/pingu/fuzztruction/generator/pass/fuzztruction-source-llvm-pass.so
COPY --from=pingu-builder ${HOME}/pingu/fuzztruction/generator/pass/mem_functions.ll ${HOME}/pingu/fuzztruction/generator/pass/mem_functions.ll
ENV PATH=${HOME}/pingu/target/debug/:${PATH}
# Copy TLS-Anvil artifact
RUN mkdir -p ${HOME}/TLS-Anvil/TLS-Testsuite/
COPY --from=tlsanvil-builder ${HOME}/TLS-Anvil/TLS-Testsuite/apps ${HOME}/TLS-Anvil/TLS-Testsuite/apps
# Build libgcov_preload.so
COPY scripts/gcov_preload.c gcov_preload.c
RUN gcc -shared -fpic gcov_preload.c -o libgcov_preload.so && \
sudo touch "/etc/ld.so.conf.d/gcov.conf" && \
echo "${HOME}" | sudo tee "/etc/ld.so.conf.d/gcov.conf" && \
sudo ldconfig
# Disable ASLR fowever
RUN echo "kernel.randomize_va_space = 0" | sudo tee -a /etc/sysctl.d/01-disable-aslr.conf && \
sudo sysctl -p /etc/sysctl.d/01-disable-aslr.conf