public inbox for passt-dev@passt.top
 help / color / mirror / code / Atom feed
From: Stefano Brivio <sbrivio@redhat.com>
To: "Richard W.M. Jones" <rjones@redhat.com>
Cc: passt-dev@passt.top
Subject: Re: [PATCH passt 4/5] XXX build: Add extra syscalls needed by AFL instrumentation
Date: Thu, 17 Nov 2022 15:22:55 +0100	[thread overview]
Message-ID: <20221117152255.09a3d2c3@elisabeth> (raw)
In-Reply-To: <20221117122614.1269214-5-rjones@redhat.com>

On Thu, 17 Nov 2022 12:26:13 +0000
"Richard W.M. Jones" <rjones@redhat.com> wrote:

> This is a hack.  Ideally there'd be a way to build a "non-production"
> build of passt which would turn off all the encapsulation features.
> They are not relevant for fuzzing and simply add overhead.

I'm not sure how quantitatively relevant this is, but I was thinking
about cases where sandboxing or "security" features cause issues (not
necessarily security-relevant ones) that would be discovered by
fuzzing.

Partially fitting example:
  https://archives.passt.top/passt-dev/20221115012400.2240327-1-sbrivio@redhat.com/

there, perror() in glibc results in a dup() call, with seccomp
terminating the proceess, in a way that was totally unexpected to me.

Should fuzzing trigger a case like this one, without a seccomp filter
loaded, we won't notice.

Now, the guest affecting its own availability isn't security relevant,
and that's the worst that can happen, but still it would be something
to fix.

Considering this, I'm actually more inclined to polish your hack (into
an 'afl' Makefile target or similar).

-- 
Stefano


  reply	other threads:[~2022-11-17 14:23 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-17 12:26 [PATCH passt 0/5] Add fuzzing Richard W.M. Jones
2022-11-17 12:26 ` [PATCH passt 1/5] build: Force-create pasta symlink Richard W.M. Jones
2022-11-17 12:26 ` [PATCH passt 2/5] build: Remove *~ files with make clean Richard W.M. Jones
2022-11-17 12:26 ` [PATCH passt 3/5] Add --fd option Richard W.M. Jones
2022-11-17 15:26   ` [PATCH v2 3/5] passt, tap: " Stefano Brivio
2022-11-17 15:31     ` Stefano Brivio
2022-11-17 15:33       ` Richard W.M. Jones
2022-11-17 15:33     ` Richard W.M. Jones
2022-11-17 15:49       ` Stefano Brivio
2022-11-17 16:02         ` Richard W.M. Jones
2022-11-17 16:18           ` Stefano Brivio
2022-11-17 12:26 ` [PATCH passt 4/5] XXX build: Add extra syscalls needed by AFL instrumentation Richard W.M. Jones
2022-11-17 14:22   ` Stefano Brivio [this message]
2022-11-17 12:26 ` [PATCH passt 5/5] Import fuzzing wrapper from libnbd Richard W.M. Jones
2022-11-17 15:35   ` Stefano Brivio
2022-11-17 13:58 ` [PATCH passt 0/5] Add fuzzing Stefano Brivio
2022-11-17 14:13   ` Richard W.M. Jones

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221117152255.09a3d2c3@elisabeth \
    --to=sbrivio@redhat.com \
    --cc=passt-dev@passt.top \
    --cc=rjones@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://passt.top/passt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).