lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20181002202256.vchh4j5k2wfjqdry@oracle.com>
Date:   Tue, 2 Oct 2018 16:22:57 -0400
From:   "Liam R. Howlett" <Liam.Howlett@...cle.com>
To:     Dhaval Giani <dhaval.giani@...il.com>
Cc:     alexander.levin@...rosoft.com, LKML <linux-kernel@...r.kernel.org>,
        gregkh@...uxfoundation.org, alice.ferrazzi@...il.com,
        Kevin Hilman <khilman@...libre.com>,
        Tim Bird <tbird20d@...il.com>, dvyukov@...gle.com,
        Laura Abbott <labbott@...hat.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        gustavo.padovan@...labora.co.uk,
        "Carpenter,Dan" <dan.carpenter@...cle.com>, willy@...radead.org,
        knut.omang@...cle.com
Subject: Re: [Announce] LPC 2018: Testing and Fuzzing Microconference

* Dhaval Giani <dhaval.giani@...il.com> [180919 13:15]:
> Hi folks,
> 
> Sasha and I are pleased to announce the Testing and Fuzzing track at
> LPC [ 1 ]. We are planning to continue the discussions from last
> year's microconference [2]. Many discussions from the Automated
> Testing Summit [3] will also continue, and a final agenda will come up
> only soon after that.
> 
> Suggested Topics
> 
> - Syzbot/syzkaller
> - ATS
> - Distro/stable testing
> - kernelci
> - kernelci auto bisection
> - Unit testing framework
> 
> We look forward to other interesting topics for this microconference
> as a reply to this email.
> 
> Thanks!
> Dhaval and Sasha
> 
> [1] https://blog.linuxplumbersconf.org/2018/testing-and-fuzzing-mc/
> [2] https://lwn.net/Articles/735034/
> [3] https://elinux.org/Automated_Testing_Summit


Hello,

I have a new way to analyze binaries to detect specific calls without
the need for source.  I would like to discuss Machine Code Trace
(MCTrace) at the Testing and Fuzzing LPC track.  MCTrace intercepts the
application prior to execution and does not rely on a specific user
input. It then decodes the machine instructions to follow all control
flows to their natural conclusions.  This includes control flows that go
beyond the boundaries of the static executable code into shared
libraries. This new technique avoids false positives which could be
produced by static analysis and includes paths that could be missed by
dynamic tracing.  This type of analysis could be useful in both testing
and fuzzing by providing a call graph to a given function.

MCTrace was initially designed to help generate the seccomp() filter
list, which is a whitelist/blacklist of system calls for a specific
application. Seccomp filters easily become outdated when the application
or shared library is updated. This can cause failures or security
issues [ 1 ].  Other potential uses including examining binary blobs,
vulnerability analysis, and debugging.

Thank you,
Liam R. Howlett

[1] https://lwn.net/Articles/738750/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ