1. Now SyzDescribe supports Linux kernel v6.1/v6.2.

2. Add a script to run all bitcode
seclab-ucr · Jul 6, 2023 · 74f5d50 · 74f5d50
1 parent 8f713c1
commit 74f5d50
Show file tree

Hide file tree

Showing 4 changed files with 909 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -1,10 +1,12 @@
 # SyzDescribe
 
 ## Next
-1. Because the bitcodes generated from the Linux v6.1 are different from the Linux v5.12.
-There will be some additional changes coming for the Linux v6.1.
-2. A more powerful and general SyzDescribe based on under constrained symbolic execution.
-3. To support net device drivers. 
+1. A more powerful and general SyzDescribe based on under constrained symbolic execution.
+1. To support net device drivers. 
+
+## Update
+1. Now SyzDescribe supports Linux kernel v6.1/v6.2.
+2. Add a script to run all bitcode
 
 ## SyzDescribe: Principled, Automated, Static Generation of Syscall Descriptions for Kernel Drivers
 
@@ -39,7 +41,7 @@ Note: The version of LLVM/Clang is 14.
 
 ## Run
 ```shell
-build/tools/SyzDescribe/SyzDescribe --config_json=config.json
+build/tools/SyzDescribe/SyzDescribe --config=config.json
 ```
 > The config.json refers to `config/config.json `, for example:
 ```
@@ -48,12 +50,42 @@ build/tools/SyzDescribe/SyzDescribe --config_json=config.json
     // the path of the linked bitcode file of kernel modules
   "knowledge": "~/SyzDescribe/config/knowledge.json",
     // the path of the knowledge file
-  "version": "v5.12"
+  "version": "v6.2"
     // the version of the kernel, used to generate debug info
 }
 ```
 The generated syscall descriptions are `syz_describe_*.txt`, which can directly used in syzkaller based on [doc](https://github.com/google/syzkaller/blob/master/docs/syscall_descriptions.md).
 
+> There are two knowledge files for different versions of the kernel.
+> Please choose the correct one.
+
+## Run All
+There are two scripts to help run SyzDescribe on all bitcode.
+```
+script/syzlang_run.py
+script/syzlang_run_all.py
+```
+Usage:
+1. copy two scripts to the bitcode dir.
+2. change the value in syzlang_run.py based on comments
+3. rename all other bitcode to built-in.bc if needed
+  ```
+  python3 syzlang_run_all.py rename_bc
+  ```
+4. copy script to all subdirectories of built-in.bc
+  ```
+  python3 syzlang_run_all.py copy_script
+  ```
+5. run script in all subdirectories of built-in.bc
+  ```
+  python3 syzlang_run_all.py run_script
+  ```
+6. copy all generate syzlang files to all_syscall_descriptions
+  ```
+  python3 syzlang_run_all.py copy_syzlang
+  ```
+
+
 ## Linked LLVM Bitcode for Linux Kernel: `built-in.bc`
 refer to [https://github.com/ZHYfeng/Generate_Linux_Kernel_Bitcode/tree/master/v5.12](https://github.com/ZHYfeng/Generate_Linux_Kernel_Bitcode/tree/master/v5.12)
 > use `-save-temps` and `-g` to generate LLVM bitcode with debug info and less optimization