From c2127e3ff7c324e44ac6b84d55c3bb8382427436 Mon Sep 17 00:00:00 2001
From: hexcoder- <heiko@hexco.de>
Date: Sat, 27 Feb 2021 17:58:25 +0100
Subject: disable the generation of core files in DragonFly BSD

---
 afl-system-config | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'afl-system-config')

diff --git a/afl-system-config b/afl-system-config
index d5e5ceae..ba8ad3a3 100755
--- a/afl-system-config
+++ b/afl-system-config
@@ -60,8 +60,8 @@ if [ "$PLATFORM" = "OpenBSD" ] ; then
   DONE=1
 fi
 if [ "$PLATFORM" = "DragonFly" ] ; then
-  echo
-  echo 'System security features cannot be disabled on DragonFly.'
+  /sbin/sysctl kern.corefile=/dev/null
+  echo Settings applied.
   DONE=1
 fi
 if [ "$PLATFORM" = "NetBSD" ] ; then
-- 
cgit 1.4.1


From 6036cf8437853f0bd2d94bf8d959da58c80b889f Mon Sep 17 00:00:00 2001
From: heiko <heiko@FreeBSD12.1>
Date: Sun, 28 Feb 2021 00:24:29 +0100
Subject: BSD: how to avoid core dumps

---
 afl-system-config | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

(limited to 'afl-system-config')

diff --git a/afl-system-config b/afl-system-config
index ba8ad3a3..9905ac81 100755
--- a/afl-system-config
+++ b/afl-system-config
@@ -49,6 +49,12 @@ if [ "$PLATFORM" = "FreeBSD" ] ; then
   sysctl kern.elf64.aslr.enable=0
 } > /dev/null
   echo Settings applied.
+  cat <<EOF
+In order to suppress core file generation during fuzzing it is recommended to set
+me:\\
+	:coredumpsize=0:
+in the ~/.login_conf file for the user used for fuzzing.
+EOF
   echo It is recommended to boot the kernel with lots of security off - if you are running a machine that is in a secured network - so set this:
   echo '  sysctl hw.ibrs_disable=1'
   echo 'Setting kern.pmap.pg_ps_enabled=0 into /boot/loader.conf might be helpful too.'
@@ -60,8 +66,14 @@ if [ "$PLATFORM" = "OpenBSD" ] ; then
   DONE=1
 fi
 if [ "$PLATFORM" = "DragonFly" ] ; then
-  /sbin/sysctl kern.corefile=/dev/null
-  echo Settings applied.
+  #/sbin/sysctl kern.corefile=/dev/null
+  #echo Settings applied.
+  cat <<EOF
+In order to suppress core file generation during fuzzing it is recommended to set
+me:\\
+	:coredumpsize=0:
+in the ~/.login_conf file for the user used for fuzzing.
+EOF
   DONE=1
 fi
 if [ "$PLATFORM" = "NetBSD" ] ; then
@@ -88,7 +100,7 @@ fi
 if [ "$PLATFORM" = "Haiku" ] ; then
   SETTINGS=~/config/settings/system/debug_server/settings
   [ -r ${SETTINGS} ] && grep -qE "default_action\s+kill" ${SETTINGS} && { echo "Nothing to do"; } || { \
-    echo We change the debug_server default_action from user to silenty kill; \
+    echo We change the debug_server default_action from user to silently kill; \
     [ ! -r ${SETTINGS} ] && echo "default_action kill" >${SETTINGS} || { mv ${SETTINGS} s.tmp; sed -e "s/default_action\s\s*user/default_action kill/" s.tmp > ${SETTINGS}; rm s.tmp; }; \
     echo Settings applied.; \
   }
-- 
cgit 1.4.1


From 54c1087340e374fc4725e642b3a5cccf98a06d3f Mon Sep 17 00:00:00 2001
From: vanhauser-thc <vh@thc.org>
Date: Mon, 8 Mar 2021 15:12:47 +0100
Subject: more system speed in afl-system-config

---
 afl-system-config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'afl-system-config')

diff --git a/afl-system-config b/afl-system-config
index 9905ac81..77b77902 100755
--- a/afl-system-config
+++ b/afl-system-config
@@ -39,7 +39,7 @@ if [ "$PLATFORM" = "Linux" ] ; then
   echo Settings applied.
   dmesg | egrep -q 'nospectre_v2|spectre_v2=off' || {
     echo It is recommended to boot the kernel with lots of security off - if you are running a machine that is in a secured network - so set this:
-    echo '  /etc/default/grub:GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=off l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs nopcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=off pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off"'
+    echo '  /etc/default/grub:GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=0 l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs nopcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=off pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off srbds=off noexec=off noexec32=off tsx=on tsx_async_abort=off mitigations=off arm64.nopauth audit=0 hardened_usercopy=off ssbd=force-off"'
   }
   DONE=1
 fi
-- 
cgit 1.4.1


From e82ce952517cbb1db96101e84c53500a9a3be506 Mon Sep 17 00:00:00 2001
From: vanhauser-thc <vh@thc.org>
Date: Mon, 8 Mar 2021 18:12:18 +0100
Subject: remove duplicate

---
 afl-system-config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'afl-system-config')

diff --git a/afl-system-config b/afl-system-config
index 77b77902..ae37a062 100755
--- a/afl-system-config
+++ b/afl-system-config
@@ -39,7 +39,7 @@ if [ "$PLATFORM" = "Linux" ] ; then
   echo Settings applied.
   dmesg | egrep -q 'nospectre_v2|spectre_v2=off' || {
     echo It is recommended to boot the kernel with lots of security off - if you are running a machine that is in a secured network - so set this:
-    echo '  /etc/default/grub:GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=0 l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs nopcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=off pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off srbds=off noexec=off noexec32=off tsx=on tsx_async_abort=off mitigations=off arm64.nopauth audit=0 hardened_usercopy=off ssbd=force-off"'
+    echo '  /etc/default/grub:GRUB_CMDLINE_LINUX_DEFAULT="ibpb=off ibrs=off kpti=0 l1tf=off mds=off mitigations=off no_stf_barrier noibpb noibrs nopcid nopti nospec_store_bypass_disable nospectre_v1 nospectre_v2 pcid=off pti=off spec_store_bypass_disable=off spectre_v2=off stf_barrier=off srbds=off noexec=off noexec32=off tsx=on tsx_async_abort=off arm64.nopauth audit=0 hardened_usercopy=off ssbd=force-off"'
   }
   DONE=1
 fi
-- 
cgit 1.4.1