From: "Liam R. Howlett" <Liam.Howlett@Oracle.com>
To: Sasha Levin <levinsasha928@gmail.com>
Cc: dhaval.giani@gmail.com,
Sasha Levin <alexander.levin@microsoft.com>,
"linux-kernel@vger.kernel.org List"
<linux-kernel@vger.kernel.org>,
Greg KH <gregkh@linuxfoundation.org>,
alice.ferrazzi@gmail.com, khilman@baylibre.com,
tbird20d@gmail.com, Dmitry Vyukov <dvyukov@google.com>,
labbott@redhat.com, Steven Rostedt <rostedt@goodmis.org>,
gustavo.padovan@collabora.co.uk, dan.carpenter@Oracle.com,
willy@infradead.org, knut.omang@Oracle.com,
"Liam R. Howlett" <Liam.Howlett@Oracle.com>
Subject: Re: [Announce] LPC 2018: Testing and Fuzzing Microconference
Date: Wed, 3 Oct 2018 15:16:01 -0400 [thread overview]
Message-ID: <20181003191600.ocbplbxdtikltavo@oracle.com> (raw)
In-Reply-To: <CA+1xoqc+aZkQ01oYwby9pvOv3rVh+Qm7t5iJZ1+iT+t19QY6oA@mail.gmail.com>
* Sasha Levin <levinsasha928@gmail.com> [181002 17:03]:
> On Tue, Oct 2, 2018 at 4:44 PM Liam R. Howlett <Liam.Howlett@oracle.com> wrote:
> >
> > * Dhaval Giani <dhaval.giani@gmail.com> [180919 13:15]:
> > > Hi folks,
> > >
> > > Sasha and I are pleased to announce the Testing and Fuzzing track at
> > > LPC [ 1 ]. We are planning to continue the discussions from last
> > > year's microconference [2]. Many discussions from the Automated
> > > Testing Summit [3] will also continue, and a final agenda will come up
> > > only soon after that.
> > >
> > > Suggested Topics
> > >
> > > - Syzbot/syzkaller
> > > - ATS
> > > - Distro/stable testing
> > > - kernelci
> > > - kernelci auto bisection
> > > - Unit testing framework
> > >
> > > We look forward to other interesting topics for this microconference
> > > as a reply to this email.
> > >
> > > Thanks!
> > > Dhaval and Sasha
> > >
> > > [1] https://blog.linuxplumbersconf.org/2018/testing-and-fuzzing-mc/
> > > [2] https://lwn.net/Articles/735034/
> > > [3] https://elinux.org/Automated_Testing_Summit
> >
> >
> > Hello,
> >
> > I have a new way to analyze binaries to detect specific calls without
> > the need for source. I would like to discuss Machine Code Trace
> > (MCTrace) at the Testing and Fuzzing LPC track. MCTrace intercepts the
> > application prior to execution and does not rely on a specific user
> > input. It then decodes the machine instructions to follow all control
> > flows to their natural conclusions. This includes control flows that go
> > beyond the boundaries of the static executable code into shared
> > libraries. This new technique avoids false positives which could be
> > produced by static analysis and includes paths that could be missed by
> > dynamic tracing. This type of analysis could be useful in both testing
> > and fuzzing by providing a call graph to a given function.
> >
> > MCTrace was initially designed to help generate the seccomp() filter
> > list, which is a whitelist/blacklist of system calls for a specific
> > application. Seccomp filters easily become outdated when the application
> > or shared library is updated. This can cause failures or security
> > issues [ 1 ]. Other potential uses including examining binary blobs,
> > vulnerability analysis, and debugging.
>
> Hi Liam,
>
> Is MCTrace available anywhere?
Hello Sasha,
I missed this email as I was not CC'ed.
MCTrace is currently a proof-of-concept and the source is not available.
There are a number of instructions that need additional work, but I have
some test applications that can be analyzed. I'd like to explain the
concept, why it is useful, and debate other potential uses.
Thank you,
Liam
next prev parent reply other threads:[~2018-10-03 19:16 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-19 17:14 [Announce] LPC 2018: Testing and Fuzzing Microconference Dhaval Giani
2018-10-02 20:22 ` Liam R. Howlett
2018-10-02 21:03 ` Sasha Levin
2018-10-03 18:21 ` Dhaval Giani
2018-10-03 19:16 ` Liam R. Howlett [this message]
2018-10-03 22:01 ` Sasha Levin
2018-10-16 19:46 ` Dan Carpenter
2018-10-30 22:05 ` Knut Omang
[not found] <CAPhKKr_XFzGcBBuQ51w7HjZd_Kq3nTOB6uAFG2vP5JH+Vx_eng@mail.gmail.com>
2018-09-22 12:52 ` Matthew Wilcox
2018-09-24 13:42 ` Dmitry Vyukov
2018-09-24 15:56 ` Knut Omang
2018-10-08 17:02 ` Dmitry Vyukov
2018-10-08 18:23 ` Steven Rostedt
2018-10-10 15:47 ` Dhaval Giani
2018-10-11 8:54 ` Dmitry Vyukov
2018-10-11 9:41 ` Dmitry Vyukov
2018-10-11 13:40 ` Steven Rostedt
2018-11-05 18:05 ` Gustavo Padovan
2018-11-08 16:30 ` Dhaval Giani
2018-11-08 18:12 ` Kevin Hilman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181003191600.ocbplbxdtikltavo@oracle.com \
--to=liam.howlett@oracle.com \
--cc=alexander.levin@microsoft.com \
--cc=alice.ferrazzi@gmail.com \
--cc=dan.carpenter@Oracle.com \
--cc=dhaval.giani@gmail.com \
--cc=dvyukov@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=gustavo.padovan@collabora.co.uk \
--cc=khilman@baylibre.com \
--cc=knut.omang@Oracle.com \
--cc=labbott@redhat.com \
--cc=levinsasha928@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rostedt@goodmis.org \
--cc=tbird20d@gmail.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox