Re: [Announce] LPC 2018: Testing and Fuzzing Microconference
From: Liam R. Howlett
Date: Tue Oct 02 2018 - 16:23:46 EST
* Dhaval Giani <dhaval.giani@xxxxxxxxx> [180919 13:15]:
> Hi folks,
>
> Sasha and I are pleased to announce the Testing and Fuzzing track at
> LPC [ 1 ]. We are planning to continue the discussions from last
> year's microconference [2]. Many discussions from the Automated
> Testing Summit [3] will also continue, and a final agenda will come up
> only soon after that.
>
> Suggested Topics
>
> - Syzbot/syzkaller
> - ATS
> - Distro/stable testing
> - kernelci
> - kernelci auto bisection
> - Unit testing framework
>
> We look forward to other interesting topics for this microconference
> as a reply to this email.
>
> Thanks!
> Dhaval and Sasha
>
> [1] https://blog.linuxplumbersconf.org/2018/testing-and-fuzzing-mc/
> [2] https://lwn.net/Articles/735034/
> [3] https://elinux.org/Automated_Testing_Summit
Hello,
I have a new way to analyze binaries to detect specific calls without
the need for source. I would like to discuss Machine Code Trace
(MCTrace) at the Testing and Fuzzing LPC track. MCTrace intercepts the
application prior to execution and does not rely on a specific user
input. It then decodes the machine instructions to follow all control
flows to their natural conclusions. This includes control flows that go
beyond the boundaries of the static executable code into shared
libraries. This new technique avoids false positives which could be
produced by static analysis and includes paths that could be missed by
dynamic tracing. This type of analysis could be useful in both testing
and fuzzing by providing a call graph to a given function.
MCTrace was initially designed to help generate the seccomp() filter
list, which is a whitelist/blacklist of system calls for a specific
application. Seccomp filters easily become outdated when the application
or shared library is updated. This can cause failures or security
issues [ 1 ]. Other potential uses including examining binary blobs,
vulnerability analysis, and debugging.
Thank you,
Liam R. Howlett
[1] https://lwn.net/Articles/738750/