2017-03-13 12:14 GMT+01:00 Wei Liu <wei.l...@citrix.com>: > Hi Felix > > Thanks for your interest in this project. > > On Sun, Mar 12, 2017 at 09:48:11PM +0100, Felix Ekkehard Schmoll wrote: > > Hi, > > > > I’m interested in the “Fuzzing Xen hypercall interface” project so I > > just wanted to introduce myself: > > > > I’m a third-year undergraduate CS student at Jacobs University in > > Bremen, Germany. It’s a rather small university and rather young but > > quite successful in the national rankings (*brag*). > > > > Last semester I spent as part of an exchange program at CMU where I > > took the sort of notorious 15-410 Operating Systems course where you > > have to implement a kernel from scratch in 6 weeks. There the > > professor (amazing guy) mentioned/promoted GSoC quite a couple of > > times, and this seems like a really cool project to work on. > > > > From the course I have quite a substantial amount of experience in C > > and ASM on x86, of the GCC toolchain and obviously of kernel > > programming. I don’t really have any experience with fuzzing yet, but > > I’m sure I’ll figure that out. > > > > I’d appreciate it if you could point me to some small patches I could > > work on to get going (sorry if I missed the link to it). > > > > Also any other comments are of course welcome. > > This project is rather challenging given the time scale. As a starter, > please install Xen from source and try it out -- you can find > instructions on how to install on the wiki. > > Please also have a look at American Fuzzy Lop (the fuzzer we currently > use) and play with it a bit. > > Then, as a small exercise, please provide patches against xen.git for > two tasks: > > 1. implement a hypercall to get back the domain id of the caller domain; > 2. check out gcc 6's -fsanitize-coverage=trace-pc option and build the > hypervisor with that enabled -- building with a stub is fine; > > Please then provide some ideas on how you would approach this project. > > I know the tasks I described are quite high level so please don't > hesitate to ask questions. > > Note that we don't have to finish all goals listed on the wiki page. > Realistically I think if we manage to extract the execution paths from > xen within three months and commit that in xen.git that would be rather > great progress. > > Wei. > > > > > Felix >
Hi, I installed Xen from source and I figured out that for the hypercall I have to make a two-line change in xen/xen/common/kernel.c and a couple of headers. I mostly went with what I got by grepping for the "xen_version"-hypercall. It seems really basic but after struggling with this for quite a while I have some questions: 1. -How do I test this? The usual way to make hypercalls seems to use the libxc-library, so do I have to change that as well? -The "xen_version"-hypercall had a couple of COMPAT_versions, do I need them? This seems to be related with if I need to support both ARM and x86, although I'm really not sure here. Is it fine to just choose to support the one which my hypervisor is running on? -Do I need to make changes in the XSM module? Again, this pops up when grepping for xen_version but it's disabled by default anyways and I'd otherwise just try to have a minimal working set. 2. -A stub for what? dom0? Felix
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
