xref: /aosp_15_r20/external/AFLplusplus/afl-persistent-config (revision 08b48e0b10e97b33e7b60c5b6e2243bd915777f2) 
1#!/bin/bash
2# written by jhertz
3#
4
5test "$1" = "-h" -o "$1" = "-hh" -o "$1" = "--help" && {
6  echo 'afl-persistent-config'
7  echo
8  echo $0
9  echo
10  echo afl-persistent-config has no command line options
11  echo
12  echo afl-persistent-config permanently reconfigures the system to a high performance fuzzing state.
13  echo "WARNING: this reduces the security of the system!"
14  echo
15  echo Note that there is also afl-system-config which sets additional runtime
16  echo configuration options.
17  exit 0
18}
19
20if [ $# -ne 0 ]; then
21  echo "ERROR: Unknown option(s): $@"
22  exit 1
23fi
24
25echo
26echo "WARNING: This scripts makes permanent configuration changes to the system to"
27echo "         increase the performance for fuzzing. As a result, the system also"
28echo "         becomes less secure against attacks! If you use this script, setup"
29echo "         strong firewall rules and only make SSH available as a network"
30echo "         service!"
31echo
32echo -n "Type \"YES\" to continue: "
33read ANSWER
34if [[ "$ANSWER" != "YES" ]]; then
35  echo Input was not YES, aborting ...
36  exit 1
37fi
38
39echo
40PLATFORM=`uname -s`
41ARCH=`uname -m`
42
43# check that we're on Mac
44if [[ "$PLATFORM" = "Darwin" ]] ; then
45
46  # check if UID == 0
47  if [[ "$EUID" -ne 0 ]]; then
48    echo "You need to be root to do this. E.g. use \"sudo\""
49    exit 1
50  fi
51
52  # check if SIP is disabled
53  if [[ ! $(csrutil status | grep "disabled") ]]; then
54    echo "SIP needs to be disabled. Restart and press Command-R at reboot, Utilities => Terminal => enter \"csrutil disable\""
55    exit 1
56  fi
57
58  echo "Checks passed."
59
60  echo "Installing /Library/LaunchDaemons/shm_setup.plist"
61
62  cat << EOF > /Library/LaunchDaemons/shm_setup.plist
63<?xml version="1.0" encoding="UTF-8"?>
64<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
65<plist version="1.0">
66  <dict>
67    <key>Label</key>
68    <string>shmemsetup</string>
69    <key>UserName</key>
70    <string>root</string>
71    <key>GroupName</key>
72    <string>wheel</string>
73    <key>ProgramArguments</key>
74    <array>
75      <string>/usr/sbin/sysctl</string>
76      <string>-w</string>
77      <string>kern.sysv.shmmax=524288000</string>
78      <string>kern.sysv.shmmin=1</string>
79      <string>kern.sysv.shmmni=128</string>
80      <string>kern.sysv.shmseg=48</string>
81      <string>kern.sysv.shmall=131072000</string>
82    </array>
83    <key>KeepAlive</key>
84    <false/>
85    <key>RunAtLoad</key>
86    <true/>
87  </dict>
88</plist>
89EOF
90
91  if [[ "$ARCH" = "x86_64" ]]; then
92    echo "Disabling ASLR system wide"
93    nvram boot-args="no_aslr=1"
94  else
95    echo NOTICE: on ARM64 we do not know currently how to disable system wide ASLR, please report if you know how.
96  fi
97
98  echo
99  echo "Reboot and enjoy your fuzzing"
100  exit 0
101fi
102
103if [[ "$PLATFORM" = "Linux" ]] ; then
104
105  # check if UID == 0
106  if [[ "$EUID" -ne 0 ]]; then
107    echo "You need to be root to do this. E.g. use \"sudo\""
108    exit 1
109  fi
110
111  echo "Checks passed."
112
113  test -d /etc/sysctl.d || echo Error: /etc/sysctl.d directory not found, cannot install shmem config
114  test -d /etc/sysctl.d -a '!' -e /etc/sysctl.d/99-fuzzing.conf && {
115    echo "Installing /etc/sysctl.d/99-fuzzing.conf"
116    cat << EOF > /etc/sysctl.d/99-fuzzing.conf
117kernel.core_uses_pid=0
118kernel.core_pattern=core
119kernel.randomize_va_space=0
120kernel.sched_child_runs_first=1
121kernel.sched_autogroup_enabled=1
122kernel.sched_migration_cost_ns=50000000
123kernel.sched_latency_ns=250000000
124EOF
125  }
126
127  grep -E -q '^GRUB_CMDLINE_LINUX_DEFAULT=' /etc/default/grub 2>/dev/null || echo Error: /etc/default/grub with GRUB_CMDLINE_LINUX_DEFAULT is not present, cannot set boot options
128  grep -E -q '^GRUB_CMDLINE_LINUX_DEFAULT=' /etc/default/grub 2>/dev/null && {
129    grep -E '^GRUB_CMDLINE_LINUX_DEFAULT=' /etc/default/grub | grep -E -q 'noibrs pcid nopti' || {
130      echo "Configuring performance boot options"
131      LINE=`grep -E '^GRUB_CMDLINE_LINUX_DEFAULT=' /etc/default/grub | sed 's/^GRUB_CMDLINE_LINUX_DEFAULT=//' | tr -d '"'`
132      OPTIONS="$LINE ibpb=off ibrs=off kpti=off l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs pcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=on pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off srbds=off noexec=off noexec32=off tsx=on tsx=on tsx_async_abort=off mitigations=off audit=0 hardened_usercopy=off ssbd=force-off"
133      echo Setting boot options in /etc/default/grub to GRUB_CMDLINE_LINUX_DEFAULT=\"$OPTIONS\"
134      sed -i "s|^GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"$OPTIONS\"|" /etc/default/grub
135    }
136  }
137
138  echo
139  echo "Reboot and enjoy your fuzzing"
140  exit 0
141fi
142
143
144
145echo "Error: Unknown platform \"$PLATFORM\", currently supported are Linux and MacOS."
146exit 1
147