From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7C967C433EF for ; Mon, 30 May 2022 10:03:25 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 4F0C7843F4; Mon, 30 May 2022 12:01:58 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.b="e6UIXO/1"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 4F18A843D6; Mon, 30 May 2022 12:01:09 +0200 (CEST) Received: from mail-wr1-x44a.google.com (mail-wr1-x44a.google.com [IPv6:2a00:1450:4864:20::44a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id A7ABE843BE for ; Mon, 30 May 2022 12:00:53 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=31ZWUYgYKBm4MeOgXXSaaSXQ.OaYg-NaafXUefe.PQZj.PQ@flex--ascull.bounces.google.com Received: by mail-wr1-x44a.google.com with SMTP id e24-20020a5d5958000000b0020ffd1d62b2so1542241wri.17 for ; Mon, 30 May 2022 03:00:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=dHlsHB7N4JQZ99gETUz/O770BClcEfY86oyFcdo9Or8=; b=e6UIXO/1NZHvP4ZJGKvDLtT9RKXmeuKnwwZnvrY9pJu19KjBR6MMW7odxwoUPU2NM0 D+/ozDg8OxKhYyq6KqP9QjFc6UzSBq+jrhLx4InO5UvuZOE1HgGP5gvu2xA5GayywuJP mTeU3kMfs5DDX+yf+JeD6f6oRGufhWoggL+blqE6Utp4p9s1pwkZeCL9FWxwIsabt8+j z0yazrsLIqGhSQ0WZkN4M/BWwfV1O7ZtpOwDbW30+66ZcBGCqpyXdLzkCAGDOzhYf5tE dZQiPFwKeGK6xsIfxw96QlYPNokNGi+Qv8ARFIAPdj4Vq9shP8rJDzHnjMv+p025uA25 y2Rw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=dHlsHB7N4JQZ99gETUz/O770BClcEfY86oyFcdo9Or8=; b=tVpCKe68RjIXqzM4iSJu1AipIODOpESQMCVCc3OBOXIJInPZMH+NCIYe5JjZf32W/M TvTFRiEOGFHT7qxDT7oUsOdro1/dK5Sj1U47tapU1V/nsyklmW3r0U3ppWtN4y4zJtzE h6Qq3JNGBL/hA2m8xaYGz4kKT0kBHkx0YpHLPPFBGWv3Vv22FCxbSpM1XF1gQ8EJ7182 sx47UVxxmIwZZ9Hm3p7+l3RUpaRsc/y4ge8ZzaP22Zf80Ch9jxA6Z5aEu4VOLPYUmAtQ 5g/o/qdSl9mUqItwiumbcKXNEqvujBb+CyYbAsfk9fKGUIUScLa496aZ5vJiOlMJJLuO 3Vpg== X-Gm-Message-State: AOAM532w6dhfQluxbFjFJNw3OxT2x68uB1Tm8d1fXG/5s3PvY2GUHZaq nrySM8Nwhi+zh4ylUvCTxRkBS/b7GxZo09ooYHObqiTWn3XYad6kuCL0E8UdEhONGqn1hMSgke+ k382E5bMR0MfBd4jfi/qOmMQL7jS2DYF3ofxJLjoLcEEsYVeNg481r0qu4S4= X-Google-Smtp-Source: ABdhPJyV9K417WyN84+/7/2fLvAkxKNEnhK/QWHvTz5lveJi7bKAj34yRp2PhSq6En4K+6TDpi+jOt13KAg= X-Received: from ascull.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:1510]) (user=ascull job=sendgmr) by 2002:a05:600c:5011:b0:397:6e41:f6ec with SMTP id n17-20020a05600c501100b003976e41f6ecmr18622986wmr.190.1653904853066; Mon, 30 May 2022 03:00:53 -0700 (PDT) Date: Mon, 30 May 2022 10:00:12 +0000 In-Reply-To: <20220530100013.3753780-1-ascull@google.com> Message-Id: <20220530100013.3753780-13-ascull@google.com> Mime-Version: 1.0 References: <20220530100013.3753780-1-ascull@google.com> X-Mailer: git-send-email 2.36.1.124.g0e6072fb45-goog Subject: [PATCH v3 12/13] sandbox: Implement fuzzing engine driver From: Andrew Scull To: u-boot@lists.denx.de Cc: sjg@chromium.org, trini@konsulko.com, xypron.glpk@gmx.de, jonbottarini@google.com, seanga2@gmail.com, Andrew Scull Content-Type: text/plain; charset="UTF-8" X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean Add a fuzzing engine driver for the sandbox to take inputs from libfuzzer and expose them to the fuzz tests. Signed-off-by: Andrew Scull --- arch/Kconfig | 2 ++ arch/sandbox/dts/test.dts | 4 +++ drivers/fuzz/Kconfig | 16 +++++++++--- drivers/fuzz/Makefile | 1 + drivers/fuzz/sandbox_fuzzing_engine.c | 35 +++++++++++++++++++++++++++ 5 files changed, 54 insertions(+), 4 deletions(-) create mode 100644 drivers/fuzz/sandbox_fuzzing_engine.c diff --git a/arch/Kconfig b/arch/Kconfig index 12de8a1165..8eaf853e4d 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -135,6 +135,7 @@ config SANDBOX select BZIP2 select CMD_POWEROFF select DM + select DM_FUZZING_ENGINE select DM_GPIO select DM_I2C select DM_KEYBOARD @@ -170,6 +171,7 @@ config SANDBOX imply CRC32_VERIFY imply FAT_WRITE imply FIRMWARE + imply FUZZING_ENGINE_SANDBOX imply HASH_VERIFY imply LZMA imply TEE diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts index 8f93775ff4..8662017d17 100644 --- a/arch/sandbox/dts/test.dts +++ b/arch/sandbox/dts/test.dts @@ -89,6 +89,10 @@ }; }; + fuzzing-engine { + compatible = "sandbox,fuzzing-engine"; + }; + reboot-mode0 { compatible = "reboot-mode-gpio"; gpios = <&gpio_c 0 GPIO_ACTIVE_HIGH>, <&gpio_c 1 GPIO_ACTIVE_HIGH>; diff --git a/drivers/fuzz/Kconfig b/drivers/fuzz/Kconfig index a03120f63a..6311385222 100644 --- a/drivers/fuzz/Kconfig +++ b/drivers/fuzz/Kconfig @@ -3,7 +3,15 @@ config DM_FUZZING_ENGINE depends on DM help Enable driver model for fuzzing engine devices. This interface is - used to get successive inputs from a fuzzing engine that aims to - explore different code paths in a fuzz test. The fuzzing engine may - be instrumenting the execution in order to more effectively generate - inputs that explore different code paths. + used to get fuzzing inputs from a fuzzing engine. + +if DM_FUZZING_ENGINE + +config FUZZING_ENGINE_SANDBOX + bool "Sanbox fuzzing engine" + depends on SANDBOX + default y + help + Enable fuzzing engine for sandbox. + +endif diff --git a/drivers/fuzz/Makefile b/drivers/fuzz/Makefile index acd894999c..073743ba94 100644 --- a/drivers/fuzz/Makefile +++ b/drivers/fuzz/Makefile @@ -5,3 +5,4 @@ # obj-$(CONFIG_DM_FUZZING_ENGINE) += fuzzing_engine-uclass.o +obj-$(CONFIG_FUZZING_ENGINE_SANDBOX) += sandbox_fuzzing_engine.o diff --git a/drivers/fuzz/sandbox_fuzzing_engine.c b/drivers/fuzz/sandbox_fuzzing_engine.c new file mode 100644 index 0000000000..ebb938e5ba --- /dev/null +++ b/drivers/fuzz/sandbox_fuzzing_engine.c @@ -0,0 +1,35 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2022 Google, Inc. + * Written by Andrew Scull + */ + +#include +#include +#include +#include + +static int get_input(struct udevice *dev, + const uint8_t **data, + size_t *size) +{ + return sandbox_fuzzing_engine_get_input(data, size); +} + +static const struct dm_fuzzing_engine_ops sandbox_fuzzing_engine_ops = { + .get_input = get_input, +}; + +static const struct udevice_id sandbox_fuzzing_engine_match[] = { + { + .compatible = "sandbox,fuzzing-engine", + }, + {}, +}; + +U_BOOT_DRIVER(sandbox_fuzzing_engine) = { + .name = "sandbox-fuzzing-engine", + .id = UCLASS_FUZZING_ENGINE, + .of_match = sandbox_fuzzing_engine_match, + .ops = &sandbox_fuzzing_engine_ops, +}; -- 2.36.1.124.g0e6072fb45-goog