Hi everyone, Regarding syzbot testing for Debian kernel, I have developed an python tool called debsb (Debian Sandbox) that simplifies this process. It includes built-in automation for SSH key generation and configures password-less login out of the box for syzkaller testing.
The tool features a command-line interface very similar to virtme-ng (vng). You can easily generate the base setup and append the necessary fuzzing configs like this: # Install from https://pypi.org/project/debsb pip3 install debsb debsb build --debian --configitem CONFIG_KASAN=y --configitem CONFIG_KCOV=y I checked on a GitHub Actions CI runner that building with both KCOV and KASAN enabled takes 140 minutes: https://github.com/yskzalloc/debsb/actions/runs/27085934281 This uses the full Debian generic amd64 configuration (comprising roughly 6,800 options)—the exact config utilized to build the official linux-image-*-amd64 packages in Debian. I believe syzbot can be used to verify the Debian-specific patches found here: https://salsa.debian.org/kernel-team/linux/-/tree/debian/latest/debian/patches I also plan to extend support to arm64 and kvmtool in the near future. For more details on how it handles the build pipeline, please see the "Build with Debian kernel" section on the project page: https://github.com/yskzalloc/debsb I hope this helps with syzbot integration efforts and ongoing security research. Best regards, Yunseong Kim
