From 429afb710cb0037f925ea8e9c6c91dfcaa862f45 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Wed, 29 May 2019 09:42:13 +0200 Subject: performance script and info --- Makefile | 2 +- afl-system-config | 15 +++++++++++++++ afl-system-config.sh | 15 --------------- docs/ChangeLog | 2 +- docs/perf_tips.txt | 2 ++ 5 files changed, 19 insertions(+), 17 deletions(-) create mode 100755 afl-system-config delete mode 100755 afl-system-config.sh diff --git a/Makefile b/Makefile index 9b40a5a7..9b539f82 100644 --- a/Makefile +++ b/Makefile @@ -25,7 +25,7 @@ MISC_PATH = $(PREFIX)/share/afl # PROGS intentionally omit afl-as, which gets installed elsewhere. PROGS = afl-gcc afl-fuzz afl-showmap afl-tmin afl-gotcpu afl-analyze -SH_PROGS = afl-plot afl-cmin afl-whatsup +SH_PROGS = afl-plot afl-cmin afl-whatsup alf-system-config CFLAGS ?= -O3 -funroll-loops CFLAGS += -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign \ diff --git a/afl-system-config b/afl-system-config new file mode 100755 index 00000000..88564c20 --- /dev/null +++ b/afl-system-config @@ -0,0 +1,15 @@ +#!/bin/sh +echo This reconfigures the system to have a better fuzzing performance +sysctl -w kernel.core_pattern=core +sysctl -w kernel.randomize_va_space=0 +sysctl -w kernel.sched_child_runs_first=1 +sysctl -w kernel.sched_autogroup_enabled=1 +sysctl -w kernel.sched_migration_cost_ns=50000000 +sysctl -w kernel.sched_latency_ns=250000000 +echo never > /sys/kernel/mm/transparent_hugepage/enabled +echo performance | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor > /dev/null +echo +echo It is recommended to boot the kernel with lots of security off - if you are running a machine that is in a secured network - so set this: +echo '/etc/default/grub:GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=off l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs nopcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=off pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off"' +echo +echo Also use AFL_TMPDIR to use a tmpfs for the input file diff --git a/afl-system-config.sh b/afl-system-config.sh deleted file mode 100755 index 88564c20..00000000 --- a/afl-system-config.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -echo This reconfigures the system to have a better fuzzing performance -sysctl -w kernel.core_pattern=core -sysctl -w kernel.randomize_va_space=0 -sysctl -w kernel.sched_child_runs_first=1 -sysctl -w kernel.sched_autogroup_enabled=1 -sysctl -w kernel.sched_migration_cost_ns=50000000 -sysctl -w kernel.sched_latency_ns=250000000 -echo never > /sys/kernel/mm/transparent_hugepage/enabled -echo performance | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor > /dev/null -echo -echo It is recommended to boot the kernel with lots of security off - if you are running a machine that is in a secured network - so set this: -echo '/etc/default/grub:GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=off l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs nopcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=off pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off"' -echo -echo Also use AFL_TMPDIR to use a tmpfs for the input file diff --git a/docs/ChangeLog b/docs/ChangeLog index 1da1b3f1..e0db8b71 100644 --- a/docs/ChangeLog +++ b/docs/ChangeLog @@ -23,7 +23,7 @@ Version ++2.52c (2019-05-28): afl-fuzz: -e EXTENSION commandline option llvm_mode: LAF-intel performance (needs activation, see llvm/README.laf-intel) a few new environment variables for afl-fuzz, llvm and qemu, see docs/env_variables.txt - - added afl-system-config.sh script to set all system performance options for fuzzing + - added afl-system-config script to set all system performance options for fuzzing --------------------------- diff --git a/docs/perf_tips.txt b/docs/perf_tips.txt index 799691c7..287284fc 100644 --- a/docs/perf_tips.txt +++ b/docs/perf_tips.txt @@ -188,6 +188,8 @@ There are several OS-level factors that may affect fuzzing speed: SCHED_RR - can usually speed things up, too, but needs to be done with care. + - Use the afl-system-config script to set all proc/sys settings above + - Disable all the spectre, meltdown etc. security countermeasures in the kernel if your machine is properly seperated: "ibpb=off ibrs=off kpti=off l1tf=off mds=off mitigations=off -- cgit 1.4.1