diff options
| author | Andrew Scull | 2022-05-30 10:00:08 +0000 |
|---|---|---|
| committer | Tom Rini | 2022-06-23 12:58:18 -0400 |
| commit | 3f807c6b81219555ac964f2623cfcbd1103151fa (patch) | |
| tree | 86067661215f9dc62b0e88b6ee3573112297f78d | |
| parent | eabc4e2980b25f16e6d2805077aaa6ecbc074d63 (diff) | |
fuzzing_engine: Add fuzzing engine uclass
This new class of device will provide fuzzing inputs from a fuzzing
engine.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
| -rw-r--r-- | drivers/Kconfig | 2 | ||||
| -rw-r--r-- | drivers/Makefile | 1 | ||||
| -rw-r--r-- | drivers/fuzz/Kconfig | 9 | ||||
| -rw-r--r-- | drivers/fuzz/Makefile | 7 | ||||
| -rw-r--r-- | drivers/fuzz/fuzzing_engine-uclass.c | 28 | ||||
| -rw-r--r-- | include/dm/uclass-id.h | 1 | ||||
| -rw-r--r-- | include/fuzzing_engine.h | 51 |
7 files changed, 99 insertions, 0 deletions
diff --git a/drivers/Kconfig b/drivers/Kconfig index b26ca8cf70c..8b6fead3510 100644 --- a/drivers/Kconfig +++ b/drivers/Kconfig @@ -40,6 +40,8 @@ source "drivers/fastboot/Kconfig" source "drivers/firmware/Kconfig" +source "drivers/fuzz/Kconfig" + source "drivers/fpga/Kconfig" source "drivers/gpio/Kconfig" diff --git a/drivers/Makefile b/drivers/Makefile index 67c8af74424..d63fd1c04d1 100644 --- a/drivers/Makefile +++ b/drivers/Makefile @@ -115,6 +115,7 @@ obj-$(CONFIG_W1) += w1/ obj-$(CONFIG_W1_EEPROM) += w1-eeprom/ obj-$(CONFIG_MACH_PIC32) += ddr/microchip/ +obj-$(CONFIG_FUZZ) += fuzz/ obj-$(CONFIG_DM_HWSPINLOCK) += hwspinlock/ obj-$(CONFIG_DM_RNG) += rng/ endif diff --git a/drivers/fuzz/Kconfig b/drivers/fuzz/Kconfig new file mode 100644 index 00000000000..a03120f63ab --- /dev/null +++ b/drivers/fuzz/Kconfig @@ -0,0 +1,9 @@ +config DM_FUZZING_ENGINE + bool "Driver support for fuzzing engine devices" + depends on DM + help + Enable driver model for fuzzing engine devices. This interface is + used to get successive inputs from a fuzzing engine that aims to + explore different code paths in a fuzz test. The fuzzing engine may + be instrumenting the execution in order to more effectively generate + inputs that explore different code paths. diff --git a/drivers/fuzz/Makefile b/drivers/fuzz/Makefile new file mode 100644 index 00000000000..acd894999c9 --- /dev/null +++ b/drivers/fuzz/Makefile @@ -0,0 +1,7 @@ +# SPDX-License-Identifier: GPL-2.0+ +# +# Copyright (c) 2022 Google, Inc. +# Written by Andrew Scull <ascull@google.com> +# + +obj-$(CONFIG_DM_FUZZING_ENGINE) += fuzzing_engine-uclass.o diff --git a/drivers/fuzz/fuzzing_engine-uclass.c b/drivers/fuzz/fuzzing_engine-uclass.c new file mode 100644 index 00000000000..b16f1c4cfb7 --- /dev/null +++ b/drivers/fuzz/fuzzing_engine-uclass.c @@ -0,0 +1,28 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2022 Google, Inc. + * Written by Andrew Scull <ascull@google.com> + */ + +#define LOG_CATEGORY UCLASS_FUZZING_ENGINE + +#include <common.h> +#include <dm.h> +#include <fuzzing_engine.h> + +int dm_fuzzing_engine_get_input(struct udevice *dev, + const uint8_t **data, + size_t *size) +{ + const struct dm_fuzzing_engine_ops *ops = device_get_ops(dev); + + if (!ops->get_input) + return -ENOSYS; + + return ops->get_input(dev, data, size); +} + +UCLASS_DRIVER(fuzzing_engine) = { + .name = "fuzzing_engine", + .id = UCLASS_FUZZING_ENGINE, +}; diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index 3ba69ad9a08..a432e438716 100644 --- a/include/dm/uclass-id.h +++ b/include/dm/uclass-id.h @@ -56,6 +56,7 @@ enum uclass_id { UCLASS_ETH, /* Ethernet device */ UCLASS_ETH_PHY, /* Ethernet PHY device */ UCLASS_FIRMWARE, /* Firmware */ + UCLASS_FUZZING_ENGINE, /* Fuzzing engine */ UCLASS_FS_FIRMWARE_LOADER, /* Generic loader */ UCLASS_GPIO, /* Bank of general-purpose I/O pins */ UCLASS_HASH, /* Hash device */ diff --git a/include/fuzzing_engine.h b/include/fuzzing_engine.h new file mode 100644 index 00000000000..357346e93df --- /dev/null +++ b/include/fuzzing_engine.h @@ -0,0 +1,51 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2022 Google, Inc. + * Written by Andrew Scull <ascull@google.com> + */ + +#ifndef __FUZZING_ENGINE_H +#define __FUZZING_ENGINE_H + +struct udevice; + +/** + * dm_fuzzing_engine_get_input() - get an input from the fuzzing engine device + * + * The function will return a pointer to the input data and the size of the + * data pointed to. The pointer will remain valid until the next invocation of + * this function. + * + * @dev: fuzzing engine device + * @data: output pointer to input data + * @size output size of input data + * Return: 0 if OK, -ve on error + */ +int dm_fuzzing_engine_get_input(struct udevice *dev, + const uint8_t **data, + size_t *size); + +/** + * struct dm_fuzzing_engine_ops - operations for the fuzzing engine uclass + * + * This contains the functions implemented by a fuzzing engine device. + */ +struct dm_fuzzing_engine_ops { + /** + * @get_input() - get an input + * + * The function will return a pointer to the input data and the size of + * the data pointed to. The pointer will remain valid until the next + * invocation of this function. + * + * @get_input.dev: fuzzing engine device + * @get_input.data: output pointer to input data + * @get_input.size output size of input data + * @get_input.Return: 0 if OK, -ve on error + */ + int (*get_input)(struct udevice *dev, + const uint8_t **data, + size_t *size); +}; + +#endif /* __FUZZING_ENGINE_H */ |