Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAGXu5jLEizJK=YBrErDZGbANwWe2AdnsRPLAQL=nvnuCC_Q8LQ@mail.gmail.com>
Date: Mon, 7 Mar 2016 13:07:32 -0800
From: Kees Cook <keescook@...omium.org>
To: Dmitry Vyukov <dvyukov@...gle.com>, Emese Revfy <re.emese@...il.com>
Cc: linux-kbuild <linux-kbuild@...r.kernel.org>, PaX Team <pageexec@...email.hu>, 
	Brad Spengler <spender@...ecurity.net>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, Michal Marek <mmarek@...e.com>, 
	Rasmus Villemoes <linux@...musvillemoes.dk>, Fengguang Wu <fengguang.wu@...el.com>, 
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v5 5/5] Add sancov plugin

On Sun, Mar 6, 2016 at 3:07 PM, Emese Revfy <re.emese@...il.com> wrote:
> The sancov gcc plugin inserts a __sanitizer_cov_trace_pc() call
> at the start of basic blocks.
>
> This plugin is a helper plugin for the kcov feature. It supports
> all gcc versions with plugin support (from gcc-4.5 on).
> It is based on the gcc commit "Add fuzzing coverage support" by Dmitry Vyukov
> (https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=231296).

Very cool! Dmitry, is this something you could put to good use?

> [...]
> diff --git a/tools/gcc/sancov_plugin.c b/tools/gcc/sancov_plugin.c
> new file mode 100644
> index 0000000..5a9179b
> --- /dev/null
> +++ b/tools/gcc/sancov_plugin.c
> @@ -0,0 +1,133 @@
> +/*
> + * Copyright 2011-2016 by Emese Revfy <re.emese@...il.com>
> + * Licensed under the GPL v2, or (at your option) v3
> + *
> + * Homepage:
> + * https://github.com/ephox-gcc-plugins/sancov
> + *
> + * This plugin inserts a __sanitizer_cov_trace_pc() call at the start of basic blocks.
> + * It supports all gcc versions with plugin support (from gcc-4.5 on).
> + * It is based on the commit "Add fuzzing coverage support" by Dmitry Vyukov <dvyukov@...gle.com>.
> + *
> + * You can read about it more here:
> + *  https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=231296
> + *  http://lwn.net/Articles/674854/
> + *  https://github.com/google/syzkaller
> + *  https://lwn.net/Articles/677764/
> + *
> + * Usage:
> + * make run

Is this accurate? Wouldn't it just be selected from CONFIGs during kernel build?

-Kees

-- 
Kees Cook
Chrome OS & Brillo Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.