KCOV to support in AOSP Android kernel-4.4?
192 views
Skip to first unread message
miles....@gmail.com
Aug 7, 2017, 3:17:19 AM8/7/17
to syzkaller
Hi,
Is it possible for Android kernel-4.4 to support KCOV in AOSP?
Most of the Android devices are not using the latest Linux kernel, which make them difficult to integrate with Syzkaller fuzzing.
Syzkaller is a great fuzzer.
If KCOV is supported in Android kernel-4.4 or even Android kernel-3.18 directly, I think more Android vulnerabilities can be found by Syzkaller.
---
I manually patched my kernel-4.4 with the following three patches:
- kernel: add kcov code coverage: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c9a8750a6409c63a0f01d51a9024861022f6593
- arm64: allow building with kcov coverage on ARM64: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5e4c7549f7082b06bbba566c68696dbb8d2e5b6b
- kcov-allow-more-fine-grained-coverage-instrumentation: https://patchwork.kernel.org/patch/9131777/
I'm not sure if I miss any "required" patch?
I confirmed the result by https://groups.google.com/forum/#!topic/syzkaller/kbfiUW0ep7A
Seems only these patches can make Syzkaller working fine.
Thanks,
Miles
Dmitry Vyukov
Aug 7, 2017, 4:56:14 AM8/7/17
to Miles Fuzzer, Rom Lemarchand, Marissa Wall, Ramanan Rajeswaran, Mark Salyzyn, syzkaller
+AOSP developers, this is a popular request and we need this
ourselves. We have an internal bug open for this. Can you prioritize
this backporting?
> --
> You received this message because you are subscribed to the Google Groups
> "syzkaller" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to syzkaller+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
ourselves. We have an internal bug open for this. Can you prioritize
this backporting?
> You received this message because you are subscribed to the Google Groups
> "syzkaller" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to syzkaller+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Mark Salyzyn
Aug 7, 2017, 10:36:26 AM8/7/17
to Dmitry Vyukov, Rom Lemarchand, Marissa Wall, Ramanan Rajeswaran, syzkaller
-miles....@gmail.com
"kcov exposes kernel PCs and control flow to user-space which is
insecure. But debugfs should not be mapped as user accessible."
Keep in mind that the Android security update release team would consider
this a high on the vulnerability scale and have required code to be
removed, neutered or deactivated. I notice that in our kernels (4.9)
we do not have a base or recommended action w.r.t. KCOV.
We probably should.
File a bug to Android->Android O & Apps->system cc to android-kernel-team+aosp_reviews@ so this can be prioritized, scoped and/or evaluated. We may Cc: with android-security-bugs@ for their feedback at that point. Please put these concerns in the bug description.
-- Mark
> email to syzkaller+unsubscribe@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages