Update Dockerfile with permissions and llvm versions(#172)

Fixed permissions Allow to set the LLVM version with: docker build --build-arg LLVM_VERSION=12 . Partial fix for bug #164
eurecom-s3 · Apr 24, 2024 · 55157ad · 55157ad
1 parent 64a8b86
commit 55157ad
Showing 1 changed file with 36 additions and 10 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -28,9 +28,7 @@ RUN apt-get update \
         ninja-build \
         python3-pip \
         zlib1g-dev \
-        llvm-15 \
-        clang-15 \
-    && rm -rf /var/lib/apt/lists/*
+        wget  
 RUN pip3 install lit
 
 WORKDIR /
@@ -40,9 +38,27 @@ RUN git clone -b v2.56b https://github.com/google/AFL.git afl \
     && cd afl \
     && make
 
+# This is passed along to symcc and qsym backend
+# Version 15 is buggy  https://github.com/eurecom-s3/symcc/issues/164
+arg LLVM_VERSION=12
+
+# installing/building with the right LLVM version, currently:
+# - no plan to support < 11
+# - 12 to 15 are in official packages,
+# - 16 and 17 provided by llvm.org
+# - TODO 18 should be fixed
+RUN if  [ $LLVM_VERSION -le 11 ];  then echo "LLVM <= 11 not supported" ; false ;fi
+RUN if  [ $LLVM_VERSION -ge 18 ];  then echo "LLVM >= 18 currently not supported" ; false ;fi
+RUN if  [ $LLVM_VERSION -eq 12 ] || [ $LLVM_VERSION -eq 13 ] || [ $LLVM_VERSION -eq 14 ] || [ $LLVM_VERSION -eq 15 ]; then 	\
+          apt install -y llvm-${LLVM_VERSION} clang-${LLVM_VERSION} ; 								\
+    else 					\
+          false  ; \
+    fi
+
+RUN rm -rf /var/lib/apt/lists/*
 # Download the LLVM sources already so that we don't need to get them again when
 # SymCC changes
-RUN git clone -b llvmorg-15.0.0 --depth 1 https://github.com/llvm/llvm-project.git /llvm_source
+RUN git clone -b llvmorg-$LLVM_VERSION.0.0 --depth 1 https://github.com/llvm/llvm-project.git /llvm_source
 
 # Build a version of SymCC with the simple backend to compile libc++
 COPY . /symcc_source
@@ -51,7 +67,6 @@ COPY . /symcc_source
 WORKDIR /symcc_source
 RUN git submodule update --init --recursive
 
-
 #
 # Build SymCC with the simple backend
 #
@@ -101,31 +116,42 @@ RUN cmake -G Ninja \
 #
 # The final image
 #
-FROM ubuntu:22.04
+FROM ubuntu:22.04 as symcc
 
 RUN apt-get update \
     && DEBIAN_FRONTEND=noninteractive apt-get install -y \
         build-essential \
         g++ \
         zlib1g \
         sudo \
-    && rm -rf /var/lib/apt/lists/* \
     && useradd -m -s /bin/bash ubuntu \
     && echo 'ubuntu ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/ubuntu
 
+arg LLVM_VERSION=15
+
+RUN apt-get update \
+    && DEBIAN_FRONTEND=noninteractive apt-get install -y \
+    llvm-$LLVM_VERSION \
+    clang-$LLVM_VERSION \
+    && rm -rf /var/lib/apt/lists/*
+
 COPY --from=builder_qsym /symcc_build /symcc_build
 COPY --from=builder_qsym /root/.cargo/bin/symcc_fuzzing_helper /symcc_build/
 COPY util/pure_concolic_execution.sh /symcc_build/
 COPY --from=builder_qsym /libcxx_symcc_install /libcxx_symcc_install
 COPY --from=builder_qsym /afl /afl
 
+# fix permissions
+RUN chmod -R og+rX /symcc_build
+
 ENV PATH /symcc_build:$PATH
 ENV AFL_PATH /afl
-ENV AFL_CC clang-15
-ENV AFL_CXX clang++-15
+ENV AFL_CC clang-$LLVM_VERSION
+ENV AFL_CXX clang++-$LLVM_VERSION
 ENV SYMCC_LIBCXX_PATH=/libcxx_symcc_install
 
 USER ubuntu
 WORKDIR /home/ubuntu
-COPY sample.cpp /home/ubuntu/
+COPY --chown=ubuntu:ubuntu sample.cpp /home/ubuntu/
+
 RUN mkdir /tmp/output