lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250815011744.GB1302@sol>
Date: Thu, 14 Aug 2025 18:17:44 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Ignat Korchagin <ignat@...udflare.com>
Cc: Marco Elver <elver@...gle.com>,
	Ethan Graham <ethan.w.s.graham@...il.com>, ethangraham@...gle.com,
	glider@...gle.com, andreyknvl@...il.com, brendan.higgins@...ux.dev,
	davidgow@...gle.com, dvyukov@...gle.com, jannh@...gle.com,
	rmoar@...gle.com, shuah@...nel.org, tarasmadan@...gle.com,
	kasan-dev@...glegroups.com, kunit-dev@...glegroups.com,
	linux-kernel@...r.kernel.org, linux-mm@...ck.org,
	David Howells <dhowells@...hat.com>, Lukas Wunner <lukas@...ner.de>,
	Herbert Xu <herbert@...dor.apana.org.au>,
	"David S. Miller" <davem@...emloft.net>,
	"open list:HARDWARE RANDOM NUMBER GENERATOR CORE" <linux-crypto@...r.kernel.org>
Subject: Re: [PATCH v1 RFC 6/6] crypto: implement KFuzzTest targets for PKCS7
 and RSA parsing

On Thu, Aug 14, 2025 at 04:28:13PM +0100, Ignat Korchagin wrote:
> Not sure if it has been mentioned elsewhere, but one thing I already
> don't like about it is that these definitions "pollute" the actual
> source files. Might not be such a big deal here, but kernel source
> files for core subsystems tend to become quite large and complex
> already, so not a great idea to make them even larger and harder to
> follow with fuzz definitions.
> 
> As far as I'm aware, for the same reason KUnit [1] is not that popular
> (or at least less popular than other approaches, like selftests [2]).
> Is it possible to make it that these definitions live in separate
> files or even closer to selftests?

That's not the impression I get.  KUnit suites are normally defined in
separate files, and KUnit seems to be increasing in popularity.
KFuzzTest can use separate files too, it looks like?

Would it make any sense for fuzz tests to be a special type of KUnit
test, instead of a separate framework?

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ