[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [GSoC] GSoC Introduction : Fuzzing Xen hypercall interface



Sorry, the email went out too early accidentally, just ignore it for now, I still have to fill in the template.

2017-03-23 8:18 GMT+01:00 Felix Schmoll <eggi.innovations@xxxxxxxxx>:
Hi,

so I've been reading up on the task quite a bit now and I'd be thankful if you could clarify what exactly you're looking for with the execution path. The AFL-fuzzer seems to make use just of a rather simple representation of that (https://lwn.net/Articles/674854/), so you would just have to insert this snippet:
  cur_location = <COMPILE_TIME_RANDOM>;
  shared_mem[cur_location ^ prev_location]++; 
  prev_location = cur_location >> 1;
at every edge, i.e. into __sanitizer_cov_trace_pc and somehow set up a shared memory section between kernel (where you'd run the fuzzer) and hypervisor. That might however just be true for AFL and not for other coverage-guided fuzzers, so maybe that's the problem. For the fuzzer to work I'd also have to implement some templates on what hypercalls are available and what arguments they expect, but that would still not fill three months, so I'm assuming that I'm fundamentally missing something here.

On another note, would it be possible to apply for a second project without having to do another task (Adding Floating Point support to Mini-OS) without having to do another patch?
I added Juergen Gross in the recipients for this. I'd still be prefer the fuzzing project in case I can figure out a useful proposal, but the idea for the floating point project seems much clearer, so I figured to have something along the following lines as my proposal (I also assumed that the template you provide [https://wiki.xen.org/wiki/GSoC_Student_Application_Template] is still active):

1) Personal Information

1.1) Full Name: Felix Ekkehard Schmoll

1.2) Email:

1.3) Other contact information (Optional): <add IRC handle, skype, whatever you like here>

1.4) Other applications: have you applied to or do you plan to apply to other Google Summer of Code projects for other organizations?

1.5) Previous experience: have you been part of the Google Summer of Code in the past or OPW in the past? (if so, link to your work)

1.6) Time commitment: we'd also like to know whether you're planning to work full-time on the project, or do you have other commitments (e.g. full/part time jobs, summer classes) during the summer? (It's no problem either way, but useful for us to know)

1.7) Other programs: please let us know whether you have applied to other student and/or intern programs such as Outreachy and list the ones you applied to

2) Preparation done so far

Note that the following questions are *not required* for an application. However, demonstrating that you have dealt with these following questions will make sure that you can get started quickly on the project and will give you an edge compared to other applicants.

2.1) Hardware: (Have you checked, whether you have the right Hardware to complete the project - see Outreachy/Hypervisor in particular for Hypervisor projects. Link to any public threads on mailing lists, where you discussed hardware requirements and summarise the outcome.)

2.2) Ability to Build and Test: (Being able to build the project from source and run it, is the first hurdle when trying to get started. If you manage to do this, you are pretty much set for development. Thus, we recommend that you work with your mentor to build the project - maybe with an extra log entry added to the code, deploy it, run it and share the logs with the mentor on the developer list. Link to any public threads on mailing lists, where you discussed hardware requirements and summarise the outcome.)

2.3) Make a Small Contribution: (Small contributions show that you understand the workflow within the community. We always have a lot of small issues that can be fixed. If you have done so, link to any public patches you may have posted.)

2.4) Other: (List any other preparation tasks that you may have performed here)

3) Proposed Project

3.1) Project Category for which you are applying (Xen Hypervisor, The XAPI toolstack, Mirage OS, Windows PV Drivers, Embedded & Automotive Drivers, ... these are in the main table on the project's proposal page):

3.2) Title for your proposal (for example "Virtio on Xen"):

3.3) Link to original proposal (link to the original proposal on the project's proposal page; if it is a project you proposed please state here):

4) Implementation Plan

4.1) Detailed Problem Description (Provide a high-level overview textual description of the problem):

4.2) Implementation Plan (Provide as much detail and organisation as you can. Discuss with your mentor. Make sure you build in sufficient time for learning and getting up to speed. The questions in section 2 will help you and are very valuable to create a plan) :

4.3) Expected Outcomes/Goals: (List the main outcomes that you will deliver during the program - this does not have to be perfect. It is also a good idea to link to a discussion on the relevant public mailing list here to give us some context. As an aside, it will also help you as well. Set some minimum outcomes/goals and stretch outcomes/goals - these are nice to have's. If you have experience with or prefer agile development methodologies, write down what you would like to achieve in different scrums. That's perfectly OK: you may want to discuss with your mentor - he/she can act as product owner or scrum master if you want. Do agree with him/her upfront.)

4.4) Timeline (Be specific and as complete as you can. Discuss feasibility with your mentor. Build in some buffers and set some stretch goals. This will help you with progress and motivation! ):

4.5) Maintenance: (optional) Think about how much maintenance you think the code you write is likely to require. Your mentor will have a good idea about this and you may want to discuss with him or her. Trying to estimate this is a good work skill. If not too much, think about whether you would like to be involved in maintaining your code after the project finishes and let us know.

5) Let us know how much help you need

5.1 Describe experience with Domain Support, Xen Hypervisor, The XAPI toolstack, Mirage OS, Windows PV Drivers, Embedded & Automotive Drivers (as appropriate):

5.2) Other experience: describe relevant experience that you have (If possible, describe what uniquely qualifies you for this proposal):

5.3) Learning and support: describe the part(s) of the proposed plan do you expect to be most difficult ( Include the specific types of of mentor help you think you will need for the part(s):

5.4) Hardware (if not done in 2.1) let us know what Hardware and Software that you have for development (exact model number, etc.). Some projects require certain features in your Hardware such that you can do development. Also note that in some cases, it may be possible to loan you Hardware for development:

5.5) Describe the part(s) of the proposed plan do you expect to be easiest:


2017-03-22 12:21 GMT+01:00 Wei Liu <wei.liu2@xxxxxxxxxx>:
On Wed, Mar 22, 2017 at 10:54:38AM +0100, Felix Schmoll wrote:
>
> Got it working! Thanks for all the help, will look into the "actual" task
> now :D

That's good.

IIRC the application is now open. Don't forget to submit your proposal.

Wei.

>
> >
> > Wei.
> >


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.