-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
69 lines (53 loc) · 2.34 KB
/
Dockerfile
File metadata and controls
69 lines (53 loc) · 2.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
## Dockerfile for the ROSA toolchain.
FROM ubuntu:22.04
LABEL maintainer="dimitri.kokkonis@cea.fr"
LABEL description="Docker image for the ROSA backdoor detector toolchain"
RUN apt-get clean && apt-get update
WORKDIR /root
COPY . ./rosa/
# Install AFL++ dependencies.
RUN apt-get update && apt-get install -y build-essential python3-dev automake cmake git flex \
bison libglib2.0-dev libpixman-1-dev python3-setuptools cargo libgtk-3-dev lld llvm llvm-dev \
clang ninja-build cpio libcapstone-dev wget curl python3-pip
RUN apt-get update && apt-get install -y \
gcc-$(gcc --version|head -n1|sed 's/\..*//'|sed 's/.* //')-plugin-dev \
libstdc++-$(gcc --version|head -n1|sed 's/\..*//'|sed 's/.* //')-dev
# Apply patches to AFL++ (and QEMU-AFL).
WORKDIR /root/rosa/fuzzers/aflpp/aflpp/qemu_mode/qemuafl
RUN patch -p1 < /root/rosa/fuzzers/aflpp/patches/qemuafl-rosa.patch
WORKDIR /root/rosa/fuzzers/aflpp/aflpp
RUN patch -p1 < /root/rosa/fuzzers/aflpp/patches/aflpp-rosa.patch
RUN patch -p1 < /root/rosa/fuzzers/aflpp/patches/aflpp-qemuafl-build.patch
# Build AFL++ (and QEMU-AFL).
RUN make -j$(nproc)
WORKDIR /root/rosa/fuzzers/aflpp/aflpp/qemu_mode
RUN ./build_qemu_support.sh
# Install dependencies needed by the examples.
RUN apt-get update && apt-get install -y build-essential libpam0g-dev
# Build the examples.
WORKDIR /root/rosa/examples
RUN make
# Create a symbolic link for the backdoored version of sudo (used in the quickstart guide).
RUN ln -s /root/rosa/examples/sudo/target/backdoored/build/bin/sudo /usr/bin/backdoored-sudo
# Install ROSA dependencies (the Rust toolchain).
RUN apt-get update && apt-get install -y curl
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | bash -s -- -y
ENV PATH="/root/.cargo/bin:${PATH}"
# Build the ROSA toolchain.
WORKDIR /root/rosa
RUN cargo build --release
RUN cargo install --path .
RUN cargo clean
# Install debugging tools.
RUN apt-get update && apt-get install -y strace gdb
# Install mdbook and simple-http-server to have the documentation available via an HTTP server on
# localhost.
#
# `libssl-dev` is needed by `simple-http-server`.
RUN apt-get update && apt-get install -y libssl-dev
RUN cargo install mdbook simple-http-server
RUN mdbook build /root/rosa/doc
# Needed to have accurate colors for the ROSA toolchain binaries.
ENV COLORTERM=truecolor
WORKDIR /root
CMD ["/root/rosa/start.sh"]