Re: [PATCH v4 2/3] net: add kcov handle to skb extensions

From: Willem de Bruijn
Date: Wed Oct 28 2020 - 17:49:39 EST


On Wed, Oct 28, 2020 at 2:21 PM Aleksandr Nogikh
<aleksandrnogikh@xxxxxxxxx> wrote:
>
> From: Aleksandr Nogikh <nogikh@xxxxxxxxxx>
>
> Remote KCOV coverage collection enables coverage-guided fuzzing of the
> code that is not reachable during normal system call execution. It is
> especially helpful for fuzzing networking subsystems, where it is
> common to perform packet handling in separate work queues even for the
> packets that originated directly from the user space.
>
> Enable coverage-guided frame injection by adding kcov remote handle to
> skb extensions. Default initialization in __alloc_skb and
> __build_skb_around ensures that no socket buffer that was generated
> during a system call will be missed.
>
> Code that is of interest and that performs packet processing should be
> annotated with kcov_remote_start()/kcov_remote_stop().
>
> An alternative approach is to determine kcov_handle solely on the
> basis of the device/interface that received the specific socket
> buffer. However, in this case it would be impossible to distinguish
> between packets that originated during normal background network
> processes or were intentionally injected from the user space.
>
> Signed-off-by: Aleksandr Nogikh <nogikh@xxxxxxxxxx>

Acked-by: Willem de Bruijn <willemb@xxxxxxxxxx>