Skip to content

docs/linux: add instructions for fuzzing Linux x86-64 kernel on Android virtual device #6293

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Radon10043 wants to merge 0 commits into from
Closed

docs/linux: add instructions for fuzzing Linux x86-64 kernel on Android virtual device #6293

Radon10043 wants to merge 0 commits into from

Conversation

@Radon10043
Copy link
Contributor

@Radon10043 Radon10043 commented Aug 16, 2025

Hi syzkaller maintainers,

When I was trying to set up syzkaller for fuzzing the Linux kernel on an Android virtual device, I found that several crucial links are broken in existing documentation (leading to 404 errors). This may make the setup process challenging for new users.

To address this, I have created a new documentation page that provides instructions for fuzzing the Linux x86-64 kernel on an Android virtual device.

This new page specifically covers:

  • How to build the Android Generic System Image (GSI).
  • How to build the corresponding Generic Kernel Image (GKI).
  • How to launch the Android virtual device on an Ubuntu host and fuzz its kernel with syzkaller.

Hope this contribution will be helpful to the community!

Please let me know if any changes are needed.

Thanks!

@tarasmadan
Copy link
Collaborator

tarasmadan commented Aug 18, 2025

Hi @Radon10043 . Thanks for summarizing your experience as a documentation page!

several crucial links are broken in existing documentation (leading to 404 errors)

Internal links or external links?

@a-nogikh
Copy link
Collaborator

a-nogikh commented Aug 18, 2025

Thanks!

Please note the following ci/aux error:

Error: Please limit commit description line length to 120 characters.

a-nogikh
a-nogikh reviewed Aug 18, 2025
View reviewed changes
docs/linux/setup_linux-host_android-virtual-device_x86-64-kernel.md Outdated
- enable `virtio-blk` so Cuttlefish can emulate the device as expected;
- and minimize kernel size.

Add the following flags to the `update_kasan_config` function in `common-android13-5.15/common/build.config.gki_kasan.x86_64`:
Copy link
Collaborator

@a-nogikh a-nogikh Aug 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if it's not already enabled in the default Cuttlefish configs.

See e.g. https://github.com/google/syzkaller/blob/master/pkg/build/cuttlefish.go

Here we build the common-modules/virtual-device:virtual_device_x86_64_dist target and end up with the VIRTIO_* configs already enabled.

Copy link
Contributor Author

@Radon10043 Radon10043 Aug 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just checked cuttlefish.go. For build.sh, I found that kasan config provided by GKI will be used by syzkaller to build the kernel. However, based on my experience, this configuration will not enable VIRTIO_* related configs, leading to cuttlefish failing to emulate a virtual device.

syzkaller/pkg/build/cuttlefish.go

Lines 20 to 21 in 1804e95

kernelConfig = "common/build.config.gki_kasan.x86_64"
moduleConfig = "common-modules/virtual-device/build.config.virtual_device_kasan.x86_64"

Regarding bazel, I'm not sure if the applied kernel config enables VIRTIO_* related configs. Going to verify it later.

syzkaller/pkg/build/cuttlefish.go

Line 22 in 1804e95

bazelTarget = "//common-modules/virtual-device:virtual_device_x86_64_dist"

@Radon10043
Copy link
Contributor Author

Radon10043 commented Aug 18, 2025

Hi @tarasmadan ,

Internal links or external links?

Some external links are broken. Here is the list of invalid links I found:

@Radon10043
Copy link
Contributor Author

Radon10043 commented Aug 18, 2025

Hi @a-nogikh ,

Thanks!

Please note the following ci/aux error:

Error: Please limit commit description line length to 120 characters.

Thanks for the heads-up!

I've just amended the commit to fix the line length in the description. The ci/aux check should pass now.

@a-nogikh
Copy link
Collaborator

a-nogikh commented Aug 19, 2025

The CI will now fail because of the merge commit - we rebase instead.

@Radon10043 Radon10043 closed this Aug 19, 2025
@Radon10043 Radon10043 mentioned this pull request Aug 19, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@a-nogikh a-nogikh a-nogikh left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Radon10043 @tarasmadan @a-nogikh