Skip to content

Commit

Permalink
kernelCTF: server: open-source server code
Browse files Browse the repository at this point in the history
  • Loading branch information
@koczkatamas
koczkatamas committed Feb 15, 2024
1 parent 3bfe4c2 commit 2ee769b
Show file tree
Hide file tree
Showing 7 changed files with 420 additions and 0 deletions.
10 changes: 10 additions & 0 deletions kernelctf/server/kernelctf.service
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
[Unit]
Description=kernelCTF

[Service]
ExecStart=/home/poprdi/service.sh
User=kernelctf
Group=kernelctf

[Install]
WantedBy=multi-user.target
22 changes: 22 additions & 0 deletions kernelctf/server/qemu.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
#!/bin/bash
if [ $# -ne 3 ]; then echo "Usage: $0 <release_path> <flag_fn> <init>"; exit 1; fi

RELEASE_PATH=$1
FLAG_FN=$2
INIT=$3
RELEASE=$(basename "$RELEASE_PATH")

HARDENING=""
if [[ "$RELEASE" == "mitigation-v3"* ]]; then
HARDENING="sysctl.kernel.dmesg_restrict=1 sysctl.kernel.kptr_restrict=2 sysctl.kernel.unprivileged_bpf_disabled=2 sysctl.net.core.bpf_jit_harden=1 sysctl.kernel.yama.ptrace_scope=1";
fi

exec qemu-system-x86_64 -m 3.5G -nographic -no-reboot \
-monitor none \
-enable-kvm -cpu host -smp cores=2 \
-kernel $RELEASE_PATH/bzImage \
-initrd ramdisk_v1.img \
-nic user,model=virtio-net-pci \
-drive file=rootfs_v3.img,if=virtio,cache=none,aio=native,format=raw,discard=on,readonly \
-drive file=$FLAG_FN,if=virtio,format=raw,readonly \
-append "console=ttyS0 root=/dev/vda1 rootfstype=ext4 rootflags=discard ro $HARDENING init=$INIT hostname=$RELEASE"
38 changes: 38 additions & 0 deletions kernelctf/server/refresh_slots.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
#!/usr/bin/env -S python3 -u
import csv
import io
import json
import os
import requests

def fail(msg):
print("\n[!] [FAIL] " + msg.replace('\n', '\n '))
os._exit(1)

def parseCsv(csvContent):
columns, *rows = list(csv.reader(io.StringIO(csvContent), strict=True))
return [{ columns[i]: row[i] for i in range(len(columns)) } for row in rows]

def fetch(url):
response = requests.get(url)
if response.status_code != 200:
fail(f"expected 200 OK for request: {url}")
return response.content.decode('utf-8')

print("Fetching public spreadsheet...\n")
publicCsv = fetch("https://docs.google.com/spreadsheets/d/e/2PACX-1vS1REdTA29OJftst8xN5B5x8iIUcxuK6bXdzF8G1UXCmRtoNsoQ9MbebdRdFnj6qZ0Yd7LwQfvYC2oF/pub?output=csv")
publicSheet = parseCsv(publicCsv)

slots = {}
for row in publicSheet:
for slot in [row["LTS slot"], row["COS slot"]]:
if slot != "" and not slot.startswith("("):
slots[slot] = row["ID"]
slots = dict(sorted(slots.items()))

print("Taken slots:")
for slot in slots:
print(f" - {slot}: {slots[slot]}")

print("\nSaving to slots.json")
with open("slots.json", "wt") as f: f.write(json.dumps(slots, indent=4))
129 changes: 129 additions & 0 deletions kernelctf/server/releases.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
lts-6.1.76:
release-date: 2024-02-20T12:00:00Z
cos-97-16919.450.16:
release-date: 2024-02-20T12:00:00Z
cos-105-17412.294.23:
release-date: 2024-02-20T12:00:00Z

lts-6.1.77:
release-date: 2024-02-09T12:00:00Z
cos-97-16919.450.6:
release-date: 2024-02-09T12:00:00Z
cos-105-17412.294.10:
release-date: 2024-02-09T12:00:00Z

lts-6.1.74:
release-date: 2024-01-26T12:00:00Z
cos-97-16919.404.34:
release-date: 2024-01-26T12:00:00Z
cos-105-17412.226.68:
release-date: 2024-01-26T12:00:00Z

lts-6.1.72:
release-date: 2024-01-19T12:00:00Z
cos-97-16919.404.33:
release-date: 2024-01-19T12:00:00Z
cos-105-17412.226.67:
release-date: 2024-01-19T12:00:00Z

lts-6.1.70:
release-date: 2024-01-12T12:00:00Z
cos-105-17412.226.52:
release-date: 2024-01-12T12:00:00Z
cos-97-16919.404.26:
release-date: 2024-01-12T12:00:00Z

lts-6.1.67:
release-date: 2023-12-18T12:00:00Z
cos-105-17412.226.43:
release-date: 2023-12-18T12:00:00Z
cos-97-16919.404.21:
release-date: 2023-12-18T12:00:00Z

lts-6.1.63:
release-date: 2023-12-01T12:00:00Z

lts-6.1.61:
release-date: 2023-11-17T12:00:00Z
cos-105-17412.226.28:
release-date: 2023-11-17T12:00:00Z
cos-97-16919.404.13:
release-date: 2023-11-17T12:00:00Z

lts-6.1.60:
release-date: 2023-11-03T12:00:00Z
cos-105-17412.226.18:
release-date: 2023-11-03T12:00:00Z
cos-97-16919.404.4:
release-date: 2023-11-03T12:00:00Z

mitigation-v3-6.1.55:
release-date: 2023-10-21T12:00:00Z

lts-6.1.58:
release-date: 2023-10-20T12:00:00Z
cos-105-17412.156.69:
release-date: 2023-10-20T12:00:00Z
cos-97-16919.353.53:
release-date: 2023-10-20T12:00:00Z

lts-6.1.54:
release-date: 2023-09-29T12:00:00Z
cos-105-17412.156.59:
release-date: 2023-09-29T12:00:00Z
cos-97-16919.353.46:
release-date: 2023-09-29T12:00:00Z

lts-6.1.52:
release-date: 2023-09-13T12:00:00Z
cos-105-17412.156.30:
release-date: 2023-09-13T12:00:00Z

lts-6.1.47:
release-date: 2023-08-30T12:00:00Z
cos-105-17412.156.23:
release-date: 2023-08-30T12:00:00Z
cos-97-16919.353.23:
release-date: 2023-08-30T12:00:00Z

lts-6.1.36:
release-date: 2023-06-30T13:35:00Z
cos-105-17412.101.42:
release-date: 2023-07-19T00:00:00Z
cos-101-17162.210.48:
release-date: 2023-07-19T00:00:00Z
deprecated: true
cos-97-16919.294.48:
release-date: 2023-07-19T00:00:00Z
cos-93-16623.402.40:
release-date: 2023-07-19T00:00:00Z
deprecated: true
mitigation-6.1-v2:
release-date: 2023-07-08T17:20:00Z
available-until: 2023-10-21T12:00:00Z

lts-6.1.35:
release-date: 2023-06-30T14:05:00Z

lts-6.1.31:
release-date: 2023-06-14T16:00:00Z
vmlinux: false
cos-105-17412.101.17:
release-date: 2023-06-14T16:00:00Z
vmlinux: false
cos-101-17162.127.42:
release-date: 2023-06-14T16:00:00Z
deprecated: true
vmlinux: false
cos-97-16919.294.28:
release-date: 2023-06-14T16:00:00Z
vmlinux: false
cos-93-16623.341.29:
release-date: 2023-06-14T16:00:00Z
deprecated: true
vmlinux: false
mitigation-6.1-broken:
release-date: 2023-06-14T16:00:00Z
deprecated: true
vmlinux: false
available-until: 2023-07-08T17:20:00Z
Loading

0 comments on commit 2ee769b

Please sign in to comment.