about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xafl-persistent-config12
-rwxr-xr-xafl-system-config2
-rw-r--r--docs/best_practices.md2
-rw-r--r--docs/fuzzing_in_depth.md2
4 files changed, 9 insertions, 9 deletions
diff --git a/afl-persistent-config b/afl-persistent-config
index d1649468..ef1c9da2 100755
--- a/afl-persistent-config
+++ b/afl-persistent-config
@@ -124,14 +124,14 @@ kernel.sched_latency_ns=250000000
 EOF
   }
 
-  grep -E -q '^GRUB_CMDLINE_LINUX_DEFAULT=' /etc/default/grub 2>/dev/null || echo Error: /etc/default/grub with GRUB_CMDLINE_LINUX_DEFAULT is not present, cannot set boot options
-  grep -E -q '^GRUB_CMDLINE_LINUX_DEFAULT=' /etc/default/grub 2>/dev/null && {
-    grep -E '^GRUB_CMDLINE_LINUX_DEFAULT=' /etc/default/grub | grep -E -q 'noibrs pcid nopti' || {
+  grep -E -q '^GRUB_CMDLINE_LINUX=' /etc/default/grub 2>/dev/null || echo Error: /etc/default/grub with GRUB_CMDLINE_LINUX is not present, cannot set boot options
+  grep -E -q '^GRUB_CMDLINE_LINUX=' /etc/default/grub 2>/dev/null && {
+    grep -E '^GRUB_CMDLINE_LINUX=' /etc/default/grub | grep -E -q 'noibrs pcid nopti' || {
       echo "Configuring performance boot options"
-      LINE=`grep -E '^GRUB_CMDLINE_LINUX_DEFAULT=' /etc/default/grub | sed 's/^GRUB_CMDLINE_LINUX_DEFAULT=//' | tr -d '"'`
+      LINE=`grep -E '^GRUB_CMDLINE_LINUX=' /etc/default/grub | sed 's/^GRUB_CMDLINE_LINUX=//' | tr -d '"'`
       OPTIONS="$LINE ibpb=off ibrs=off kpti=off l1tf=off spec_rstack_overflow=off mds=off no_stf_barrier noibpb noibrs pcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=on pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off srbds=off noexec=off noexec32=off tsx=on tsx=on tsx_async_abort=off mitigations=off audit=0 hardened_usercopy=off ssbd=force-off"
-      echo Setting boot options in /etc/default/grub to GRUB_CMDLINE_LINUX_DEFAULT=\"$OPTIONS\"
-      sed -i "s|^GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"$OPTIONS\"|" /etc/default/grub
+      echo Setting boot options in /etc/default/grub to GRUB_CMDLINE_LINUX=\"$OPTIONS\"
+      sed -i "s|^GRUB_CMDLINE_LINUX=.*|GRUB_CMDLINE_LINUX=\"$OPTIONS\"|" /etc/default/grub
     }
   }
 
diff --git a/afl-system-config b/afl-system-config
index 7e2cb688..8053d74a 100755
--- a/afl-system-config
+++ b/afl-system-config
@@ -54,7 +54,7 @@ if [ "$PLATFORM" = "Linux" ] ; then
   echo
   dmesg | grep -E -q 'noibrs pcid nopti' || {
     echo It is recommended to boot the kernel with lots of security off - if you are running a machine that is in a secured network - so set this:
-    echo '  /etc/default/grub:GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=0 l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs pcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=on pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off srbds=off noexec=off noexec32=off tsx=on tsx_async_abort=off arm64.nopauth audit=0 hardened_usercopy=off ssbd=force-off"'
+    echo '  /etc/default/grub:GRUB_CMDLINE_LINUX="ibpb=off ibrs=off kpti=0 l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs pcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=on pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off srbds=off noexec=off noexec32=off tsx=on tsx_async_abort=off arm64.nopauth audit=0 hardened_usercopy=off ssbd=force-off"'
     echo
   }
   echo If you run fuzzing instances in docker, run them with \"--security-opt seccomp=unconfined\" for more speed.
diff --git a/docs/best_practices.md b/docs/best_practices.md
index 459fcaf7..a871bc11 100644
--- a/docs/best_practices.md
+++ b/docs/best_practices.md
@@ -104,7 +104,7 @@ allows you to define network state with different type of data packets.
    file directory on a tempfs location, see
    [env_variables.md](env_variables.md).
 5. Improve Linux kernel performance: modify `/etc/default/grub`, set
-   `GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=off l1tf=off mds=off
+   `GRUB_CMDLINE_LINUX="ibpb=off ibrs=off kpti=off l1tf=off mds=off
    mitigations=off no_stf_barrier noibpb noibrs nopcid nopti
    nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=off pti=off
    spec_store_bypass_disable=off spectre_v2=off stf_barrier=off"`; then
diff --git a/docs/fuzzing_in_depth.md b/docs/fuzzing_in_depth.md
index 6a217641..5f2bcebe 100644
--- a/docs/fuzzing_in_depth.md
+++ b/docs/fuzzing_in_depth.md
@@ -791,7 +791,7 @@ or honggfuzz.
 * If you do not use shmem persistent mode, use `AFL_TMPDIR` to point the input
   file on a tempfs location, see [env_variables.md](env_variables.md).
 * Linux: Improve kernel performance: modify `/etc/default/grub`, set
-  `GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=off l1tf=off mds=off
+  `GRUB_CMDLINE_LINUX="ibpb=off ibrs=off kpti=off l1tf=off mds=off
   mitigations=off no_stf_barrier noibpb noibrs nopcid nopti
   nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=off pti=off
   spec_store_bypass_disable=off spectre_v2=off stf_barrier=off"`; then
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-23 15:49:32 +0000