Re: [GSoC] GSoC Introduction : Fuzzing Xen hypercall interface

[Felix Schmoll <eggi.innovations@gmail.com>]

[-- Attachment #1.1: Type: text/plain, Size: 6888 bytes --]

Hi,

this time for real:

so I've been reading up on the task quite a bit now and I'd be thankful if
you could clarify what exactly you're looking for with the execution path.
The AFL-fuzzer seems to make use just of a rather simple representation of
that (https://lwn.net/Articles/674854/), so you would just have to insert
this snippet:

  cur_location = <COMPILE_TIME_RANDOM>;
  shared_mem[cur_location ^ prev_location]++;
  prev_location = cur_location >> 1;

at every edge, i.e. into *__sanitizer_cov_trace_pc,* and somehow set up a
shared memory section between kernel (where you'd run the fuzzer) and
hypervisor. That might however just be true for AFL and not for other
coverage-guided fuzzers, so maybe that's the problem. For the fuzzer to
work I'd also have to implement some templates on what hypercalls are
available and what arguments they expect, but that would still not fill
three months, so I'm assuming that I'm fundamentally missing something here.

On another note, would it be possible to apply for a second project (Adding
Floating Point support to Mini-OS) without having to do another patch?
I added Juergen Gross in the recipients for this. I'd still be prefer the
fuzzing project in case I can figure out a useful proposal, but the idea
for the floating point project seems much clearer, so I figured to have
something along the following lines as my proposal (I also assumed that the
template you provide [https://wiki.xen.org/wiki/GSo
C_Student_Application_Template] is still active):

1) Personal Information

*1.1) Full Name: Felix Ekkehard Schmoll*

*1.2) Email: eggi.innovations@gmail.com <eggi.innovations@gmail.com>*

*1.4) Other applications:* Not currently

*1.5) Previous experience:* No

*1.6) Time commitment:* full-time

*1.7) Other programs:* No
2) Preparation done so far

*2.1) Hardware*: Yes.

*2.2) Ability to Build and Test*: Yes.

*2.4) Other*: Did patches suggested bei Wei Liu to get familiar with the
hypervisor in general (https://lists.xen.org/archive
s/html/xen-devel/2017-03/msg01450.html)
3) Proposed Project

*3.1) Project Category for which you are applying* Mini-OS

*3.2) Title for your proposal* Adding Floating Point Support to Mini-OS

*3.3) Link to original proposal*

https://wiki.xenproject.org/wiki/Outreach_Program_Projects#A
dding_Floating_Point_support_to_Mini-OS
4) Implementation Plan

*4.1) Detailed Problem Description* (Provide a high-level overview textual
description of the problem): Mini-OS is a small kernel provided as part of
the Xen project that is mainly used for stub domains, allowing to outsource
certain computations from dom0. Currently Mini-OS however doesn't support
the use of floating point registers, meaning that userspace programs can't
do floating-point computations if they are multi-threaded. This should be
fixed.

*4.2) Implementation Plan* (Provide as much detail and organisation as you
can. Discuss with your mentor. Make sure you build in sufficient time for
learning and getting up to speed. The questions in section 2 will help you
and are very valuable to create a plan): At first I will implement a test
application and read up on the details of floating point support for x86
and ARM. I will then start with x86, make sure that the application runs
and continue with ARM. Once that works too I will do some thorough testing.

*4.3) Expected Outcomes/Goals:* (List the main outcomes that you will
deliver during the program - this does not have to be perfect. It is also a
good idea to link to a discussion on the relevant public mailing list here
to give us some context. As an aside, it will also help you as well. Set
some minimum outcomes/goals and stretch outcomes/goals - these are nice to
have's. If you have experience with or prefer agile development
methodologies, write down what you would like to achieve in different
scrums. That's perfectly OK: you may want to discuss with your mentor -
he/she can act as product owner or scrum master if you want. Do agree with
him/her upfront.)


   - Userspace-program to test functionality of floating point registers
   - Patch that implements functionality of floating point registers for
   x86 and ARM

*4.4) Timeline* (Be specific and as complete as you can. Discuss
feasibility with your mentor. Build in some buffers and set some stretch
goals. This will help you with progress and motivation! ):

*Bonding Period*

Follow mailing lists

Ask clarifying questions

*Weeks 1-2/ May 30 - June 13*

Reading into the kernel and how usually floating point operations are
implemented

Read up on documentation (e.g. Intel Architecture Software Developer's
Manual, Volume 1: Basic Architecture, Chapter 7 on the Floating-Point Unit)

Build example application based on where critical parts are identified

*Weeks 3 - 4, June 14 - June 30*

Implement on x86

*Midterm deliverables*

Test application using floating point registers

*Weeks 5-6*

Implement on ARM

*Weeks 7-8*

Buffer time

*Weeks 9-10*

Do thorough testing, consider edge cases, do stress testing, commit to
source tree

*4.5) Maintenance: *I don't expect any maintenance to be required, the
Mini-OS tree seems to be fairly stable.
5) Let us know how much help you need

*5.1 Describe experience* with Domain Support, Xen Hypervisor, The XAPI
toolstack, Mirage OS, Windows PV Drivers, Embedded & Automotive Drivers (as
appropriate): No previous experience

*5.2) Other experience:* describe relevant experience that you have (If
possible, describe what uniquely qualifies you for this proposal): Took
15-410 at CMU, i.e. building a kernel from scratch in six weeks, involved
ASM and obviously large amounts of kernel programming and used an x86
processor; notably the kernel did also not support floating point
computations; also built a thread-library based on the kernel

*5.3) Learning and support:* describe the part(s) of the proposed plan do
you expect to be most difficult ( Include the specific types of of mentor
help you think you will need for the part(s): Understanding the specifics
of the processor architectures might require some help, in case I have
troubles with specific parts of the manuals. They're usually quite detailed
though.

*5.5)* Describe the part(s) of the proposed plan do you expect to be
easiest:
Building the user space application (user space is generally easier than
kernel and you don't have to get any offsets right or alike)

Questions:
*What if the CPU doesn't have an FPU? Is that even possible for the given
two architectures?

Any comments would be appreciated.

Felix

2017-03-22 12:21 GMT+01:00 Wei Liu <wei.liu2@citrix.com>:

> On Wed, Mar 22, 2017 at 10:54:38AM +0100, Felix Schmoll wrote:
> >
> > Got it working! Thanks for all the help, will look into the "actual" task
> > now :D
>
> That's good.
>
> IIRC the application is now open. Don't forget to submit your proposal.
>
> Wei.
>
> >
> > >
> > > Wei.
> > >
>

[-- Attachment #1.2: Type: text/html, Size: 15625 bytes --]

[-- Attachment #2: Type: text/plain, Size: 127 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel