Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp605718ybh; Sat, 7 Mar 2020 06:02:49 -0800 (PST) X-Google-Smtp-Source: ADFU+vu2EJFiIoxk686g/VnhAwJdPYvzFPSuWMYp7UvFvWLTeZdpJUMmmVi8xmPAc27AYHG6vTRk X-Received: by 2002:aca:2312:: with SMTP id e18mr5697643oie.118.1583589769344; Sat, 07 Mar 2020 06:02:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1583589769; cv=none; d=google.com; s=arc-20160816; b=SdmDQZM+HiZCzmZzLo6NQd+dxYvHkkPBBUpxYF6GwTYtofwDIpvrYUMmTkcNxbLqTD LSGmCXR74vHRi8uzU0PZplO4WwI0euAKzFd6YM5BSDdb/HodNSaYK/qMRHWUu7xq/3Tu OYKqPCzYXPmqQ4drtzommi3VXJex5VVkgZqlTa8eYdpIWtP9X1XPrWnx07bzrg2TxYGN UwEgXgFdIq6tGIn8GnM02yL2etrtnqACQ7U2RmbKyKUJnbWn72LwYJsiwFIy3umTZUJw H3YsGY7SDuhwaSlWzbWzf1S+qhedeR41E6p4nuzdazPm4/lGdboxeAZbPauijInW0Vqs PNXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=k3yCOywDEe3OT3lbf08GI6uLlOZac/1BiOCShdcUzPo=; b=r4T0vFVI1gEYd1yd3+o6uCWF8otuN1+iAKICWdjj38DQNONnPva1dCjKYhsHRZdE/G k9lJQ9VLs4AxL6pvI2U98E0pFEjV+rZ2p4UEHmBDBvT23UCAjrG+oK6JqsTY4iY3EOi5 rr4i1g0QXNYPnkf3b533yO0bCnirsPfeuuYkjs1PrNJQEEKVVI3S0FHBLRpD1OofXl7o 48PuafShk/bGuhK38mSO/K01MA/g1xloi0t3elqWZtXDz31R+FSjDd+cz6lRDJ1D2OXU zzMeTPcfFcOM5OzKmHDVl8K5wmi7ti0mPN13NE32rDW+H0R/KVISsfPeTsSoc2K0OP8C ZpMQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d2si3298749otc.66.2020.03.07.06.02.36; Sat, 07 Mar 2020 06:02:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726276AbgCGOAY (ORCPT + 99 others); Sat, 7 Mar 2020 09:00:24 -0500 Received: from www262.sakura.ne.jp ([202.181.97.72]:56006 "EHLO www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726073AbgCGOAX (ORCPT ); Sat, 7 Mar 2020 09:00:23 -0500 Received: from fsav302.sakura.ne.jp (fsav302.sakura.ne.jp [153.120.85.133]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 027DwcKw034153; Sat, 7 Mar 2020 22:58:38 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav302.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav302.sakura.ne.jp); Sat, 07 Mar 2020 22:58:38 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav302.sakura.ne.jp) Received: from ccsecurity.localdomain (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 027DwVo3033899 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 7 Mar 2020 22:58:38 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) From: Tetsuo Handa To: Andrew Morton Cc: Matthew Garrett , Andi Kleen , "Theodore Y . Ts'o" , Greg Kroah-Hartman , Alexander Viro , Petr Mladek , Sergey Senozhatsky , Arnd Bergmann , Jiri Slaby , Steven Rostedt , Linus Torvalds , LKML , Tetsuo Handa , Dmitry Vyukov Subject: [PATCH v2] Add kernel config option for fuzz testing. Date: Sat, 7 Mar 2020 22:58:22 +0900 Message-Id: <20200307135822.3894-1-penguin-kernel@I-love.SAKURA.ne.jp> X-Mailer: git-send-email 2.18.2 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org While syzkaller is finding many bugs, sometimes syzkaller examines stupid operations. Currently we prevent syzkaller from examining stupid operations by blacklisting syscall arguments and/or disabling whole functionality using existing kernel config options, but it is a whack-a-mole approach. We need cooperation from kernel side [1]. This patch introduces a kernel config option which allows disabling only specific operations. This kernel config option should be enabled only when building kernels for fuzz testing. We discussed possibility of disabling specific operations at run-time using some lockdown mechanism [2], but conclusion seems that build-time control (i.e. kernel config option) fits better for this purpose. Since patches for users of this kernel config option will want a lot of explanation [3], this patch provides only kernel config option for them. [1] https://github.com/google/syzkaller/issues/1622 [2] https://lkml.kernel.org/r/CACdnJutc7OQeoor6WLTh8as10da_CN=crs79v3Fp0mJTaO=+yw@mail.gmail.com [3] https://lkml.kernel.org/r/20191216163155.GB2258618@kroah.com Signed-off-by: Tetsuo Handa Cc: Dmitry Vyukov --- lib/Kconfig.debug | 10 ++++++++++ 1 file changed, 10 insertions(+) Changes since v1: Drop users of this kernel config option. Update patch description. diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index 53e786e0a604..e360090e24c5 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -2208,4 +2208,14 @@ config HYPERV_TESTING endmenu # "Kernel Testing and Coverage" +config KERNEL_BUILT_FOR_FUZZ_TESTING + bool "Build kernel for fuzz testing" + default n + help + Say N unless you are building kernels for fuzz testing. + Saying Y here disables several things that legitimately cause + damage under a fuzzer workload (e.g. copying to arbitrary + user-specified kernel address, changing console loglevel, + freezing filesystems). + endmenu # Kernel hacking -- 2.18.2