lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <529ed65f-f82e-7341-3a4f-6eea1f2961a9@amazon.com>
Date:   Fri, 31 May 2019 10:02:25 +0200
From:   Alexander Graf <graf@...zon.com>
To:     Sam Caccavale <samcacc@...zon.de>
CC:     <samcaccavale@...il.com>, <nmanthey@...zon.de>,
        <wipawel@...zon.de>, <dwmw@...zon.co.uk>, <mpohlack@...zon.de>,
        <graf@...zon.de>, <karahmed@...zon.de>,
        <andrew.cooper3@...rix.com>, <JBeulich@...e.com>,
        <pbonzini@...hat.com>, <rkrcmar@...hat.com>, <tglx@...utronix.de>,
        <mingo@...hat.com>, <bp@...en8.de>, <hpa@...or.com>,
        <paullangton4@...il.com>, <anirudhkaushik@...gle.com>,
        <x86@...nel.org>, <kvm@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/3] Build target for emulate.o as a userspace binary


On 21.05.19 17:39, Sam Caccavale wrote:
> This commit contains the minimal set of functionality to build
> afl-harness around arch/x86/emulate.c which allows exercising code
> in that source file, like x86_emulate_insn.  Resolving the
> dependencies was done via GCC's -H flag by get_headers.py.
>
> ---
>   tools/Makefile                                |   9 ++
>   .../fuzz/x86_instruction_emulation/.gitignore |   2 +
>   tools/fuzz/x86_instruction_emulation/Makefile |  57 +++++++
>   .../fuzz/x86_instruction_emulation/README.md  |  12 ++
>   .../x86_instruction_emulation/afl-harness.c   | 149 ++++++++++++++++++
>   tools/fuzz/x86_instruction_emulation/common.h |  87 ++++++++++
>   .../x86_instruction_emulation/emulator_ops.c  |  58 +++++++
>   .../x86_instruction_emulation/emulator_ops.h  | 117 ++++++++++++++
>   .../scripts/get_headers.py                    |  95 +++++++++++
>   .../scripts/make_deps                         |   4 +
>   tools/fuzz/x86_instruction_emulation/stubs.c  |  56 +++++++
>   tools/fuzz/x86_instruction_emulation/stubs.h  |  52 ++++++
>   12 files changed, 698 insertions(+)
>   create mode 100644 tools/fuzz/x86_instruction_emulation/.gitignore
>   create mode 100644 tools/fuzz/x86_instruction_emulation/Makefile
>   create mode 100644 tools/fuzz/x86_instruction_emulation/README.md
>   create mode 100644 tools/fuzz/x86_instruction_emulation/afl-harness.c
>   create mode 100644 tools/fuzz/x86_instruction_emulation/common.h
>   create mode 100644 tools/fuzz/x86_instruction_emulation/emulator_ops.c
>   create mode 100644 tools/fuzz/x86_instruction_emulation/emulator_ops.h
>   create mode 100644 tools/fuzz/x86_instruction_emulation/scripts/get_headers.py
>   create mode 100755 tools/fuzz/x86_instruction_emulation/scripts/make_deps
>   create mode 100644 tools/fuzz/x86_instruction_emulation/stubs.c
>   create mode 100644 tools/fuzz/x86_instruction_emulation/stubs.h
>
> diff --git a/tools/Makefile b/tools/Makefile
> index 3dfd72ae6c1a..4d68817b7e49 100644
> --- a/tools/Makefile
> +++ b/tools/Makefile
> @@ -94,6 +94,12 @@ freefall: FORCE
>   kvm_stat: FORCE
>   	$(call descend,kvm/$@)
>   
> +fuzz: FORCE
> +	$(call descend,fuzz/x86_instruction_emulation)
> +
> +fuzz_deps: FORCE
> +	$(call descend,fuzz/x86_instruction_emulation,fuzz_deps)
> +
>   all: acpi cgroup cpupower gpio hv firewire liblockdep \
>   		perf selftests spi turbostat usb \
>   		virtio vm bpf x86_energy_perf_policy \
> @@ -171,6 +177,9 @@ tmon_clean:
>   freefall_clean:
>   	$(call descend,laptop/freefall,clean)
>   
> +fuzz_clean:
> +	$(call descend,fuzz/x86_instruction_emulation,clean)
> +
>   build_clean:
>   	$(call descend,build,clean)
>   
> diff --git a/tools/fuzz/x86_instruction_emulation/.gitignore b/tools/fuzz/x86_instruction_emulation/.gitignore
> new file mode 100644
> index 000000000000..7d44f7ce266e
> --- /dev/null
> +++ b/tools/fuzz/x86_instruction_emulation/.gitignore
> @@ -0,0 +1,2 @@
> +*.o
> +*-harness
> diff --git a/tools/fuzz/x86_instruction_emulation/Makefile b/tools/fuzz/x86_instruction_emulation/Makefile
> new file mode 100644
> index 000000000000..d2854a332605
> --- /dev/null
> +++ b/tools/fuzz/x86_instruction_emulation/Makefile
> @@ -0,0 +1,57 @@
> +ROOT_DIR=../../..
> +THIS_DIR=tools/fuzz/x86_instruction_emulation
> +
> +include ../../scripts/Makefile.include
> +
> +.DEFAULT_GOAL := all
> +
> +INCLUDES := $(patsubst -I./%,-I./$(ROOT_DIR)/%, $(LINUXINCLUDE))
> +INCLUDES := $(patsubst ./include/%,./$(ROOT_DIR)/include/%, $(INCLUDES))
> +INCLUDES += -include ./$(ROOT_DIR)/include/linux/compiler_types.h
> +
> +$(ROOT_DIR)/.config:
> +	make -C $(ROOT_DIR) menuconfig
> +	sed -i -r 's/^#? *CONFIG_KVM(.*)=.*/CONFIG_KVM\1=y/' $(ROOT_DIR)/.config
> +
> +
> +ifdef DEBUG
> +KBUILD_CFLAGS += -DDEBUG
> +endif
> +KBUILD_CFLAGS += -g -O0


Why -O0? I would expect a some bugs to only emerge with optimization 
enabled.

Alex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ