Re: [Announce] LPC 2018: Testing and Fuzzing Microconference
From: Sasha Levin
Date: Tue Oct 02 2018 - 17:03:16 EST
On Tue, Oct 2, 2018 at 4:44 PM Liam R. Howlett <Liam.Howlett@xxxxxxxxxx> wrote:
>
> * Dhaval Giani <dhaval.giani@xxxxxxxxx> [180919 13:15]:
> > Hi folks,
> >
> > Sasha and I are pleased to announce the Testing and Fuzzing track at
> > LPC [ 1 ]. We are planning to continue the discussions from last
> > year's microconference [2]. Many discussions from the Automated
> > Testing Summit [3] will also continue, and a final agenda will come up
> > only soon after that.
> >
> > Suggested Topics
> >
> > - Syzbot/syzkaller
> > - ATS
> > - Distro/stable testing
> > - kernelci
> > - kernelci auto bisection
> > - Unit testing framework
> >
> > We look forward to other interesting topics for this microconference
> > as a reply to this email.
> >
> > Thanks!
> > Dhaval and Sasha
> >
> > [1] https://blog.linuxplumbersconf.org/2018/testing-and-fuzzing-mc/
> > [2] https://lwn.net/Articles/735034/
> > [3] https://elinux.org/Automated_Testing_Summit
>
>
> Hello,
>
> I have a new way to analyze binaries to detect specific calls without
> the need for source. I would like to discuss Machine Code Trace
> (MCTrace) at the Testing and Fuzzing LPC track. MCTrace intercepts the
> application prior to execution and does not rely on a specific user
> input. It then decodes the machine instructions to follow all control
> flows to their natural conclusions. This includes control flows that go
> beyond the boundaries of the static executable code into shared
> libraries. This new technique avoids false positives which could be
> produced by static analysis and includes paths that could be missed by
> dynamic tracing. This type of analysis could be useful in both testing
> and fuzzing by providing a call graph to a given function.
>
> MCTrace was initially designed to help generate the seccomp() filter
> list, which is a whitelist/blacklist of system calls for a specific
> application. Seccomp filters easily become outdated when the application
> or shared library is updated. This can cause failures or security
> issues [ 1 ]. Other potential uses including examining binary blobs,
> vulnerability analysis, and debugging.
Hi Liam,
Is MCTrace available anywhere?
--
Thanks,
Sasha