cloud-hypervisor/fuzz/fuzz_targets/linux_loader_cmdline.rs

// Copyright 2018 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// Copyright © 2022 Intel Corporation
//
// SPDX-License-Identifier: Apache-2.0 AND BSD-3-Clause

#![no_main]

use libfuzzer_sys::fuzz_target;
use vm_memory::{bitmap::AtomicBitmap, GuestAddress};

type GuestMemoryMmap = vm_memory::GuestMemoryMmap<AtomicBitmap>;

const MEM_SIZE: usize = 256 * 1024 * 1024;
// From 'arch::x86_64::layout::CMDLINE_START'
const CMDLINE_START: GuestAddress = GuestAddress(0x20000);

fuzz_target!(|bytes| {
    let payload_config = vmm::config::PayloadConfig {
        firmware: None,
        kernel: None,
        cmdline: Some(String::from_utf8_lossy(&bytes).to_string()),
        initramfs: None,
        #[cfg(feature = "igvm")]
        igvm: None,
    };
    let kernel_cmdline = match vmm::vm::Vm::generate_cmdline(&payload_config) {
        Ok(cmdline) => cmdline,
        _ => return,
    };
    let guest_memory = GuestMemoryMmap::from_ranges(&[(GuestAddress(0), MEM_SIZE)]).unwrap();

    linux_loader::loader::load_cmdline(&guest_memory, CMDLINE_START, &kernel_cmdline).ok();
});
fuzz: Add fuzzer for 'linux loader' cmdline Signed-off-by: Bo Chen <chen.bo@intel.com> 2022-12-07 19:32:14 +00:00			`// Copyright 2018 The Chromium OS Authors. All rights reserved.`
			`// Use of this source code is governed by a BSD-style license that can be`
			`// found in the LICENSE file.`
			`//`
			`// Copyright © 2022 Intel Corporation`
			`//`
			`// SPDX-License-Identifier: Apache-2.0 AND BSD-3-Clause`

			`#![no_main]`

			`use libfuzzer_sys::fuzz_target;`
			`use vm_memory::{bitmap::AtomicBitmap, GuestAddress};`

			`type GuestMemoryMmap = vm_memory::GuestMemoryMmap<AtomicBitmap>;`

			`const MEM_SIZE: usize = 256 * 1024 * 1024;`
			`// From 'arch::x86_64::layout::CMDLINE_START'`
			`const CMDLINE_START: GuestAddress = GuestAddress(0x20000);`

			`fuzz_target!(\|bytes\| {`
			`let payload_config = vmm::config::PayloadConfig {`
			`firmware: None,`
			`kernel: None,`
			`cmdline: Some(String::from_utf8_lossy(&bytes).to_string()),`
			`initramfs: None,`
vmm: Add IGVM to the config/commandline This patch adds igvm to the Vm config and params as well as the command line argument to pass igvm file to load into guest memory. The file must maintain the IGVM format. The CLI option is featured guarded by igvm feature gate. The IGVM(Independent Guest Virtual Machine) file format is designed to encapsulate all information required to launch a virtual machine on any given virtualization stack, with support for different isolation technologies such as AMD SEV-SNP and Intel TDX. At a conceptual level, this file format is a set of commands created by the tool that generated the file, used by the loader to construct the initial guest state. The file format also contains measurement information that the underlying platform will use to confirm that the file was loaded correctly and signed by the appropriate authorities. The IGVM file is generated by the tool: https://github.com/microsoft/igvm-tooling The IGVM file is parsed by the following crates: https://github.com/microsoft/igvm Signed-off-by: Muminul Islam <muislam@microsoft.com> 2023-10-05 01:07:45 +00:00			`#[cfg(feature = "igvm")]`
			`igvm: None,`
fuzz: Add fuzzer for 'linux loader' cmdline Signed-off-by: Bo Chen <chen.bo@intel.com> 2022-12-07 19:32:14 +00:00			`};`
			`let kernel_cmdline = match vmm::vm::Vm::generate_cmdline(&payload_config) {`
			`Ok(cmdline) => cmdline,`
			`_ => return,`
			`};`
			`let guest_memory = GuestMemoryMmap::from_ranges(&[(GuestAddress(0), MEM_SIZE)]).unwrap();`

			`linux_loader::loader::load_cmdline(&guest_memory, CMDLINE_START, &kernel_cmdline).ok();`
			`});`