From: Sascha Hauer <s.hauer@pengutronix.de>
To: barebox@lists.infradead.org, Ahmad Fatoum <a.fatoum@pengutronix.de>
Subject: Re: [PATCH 00/21] sandbox: add libfuzzer-based fuzzing
Date: Tue, 10 Jun 2025 10:46:52 +0200 [thread overview]
Message-ID: <174954521212.330896.4880517797866988058.b4-ty@pengutronix.de> (raw)
In-Reply-To: <20250605113530.2076990-1-a.fatoum@pengutronix.de>
On Thu, 05 Jun 2025 13:35:09 +0200, Ahmad Fatoum wrote:
> We have a number of security-sensitive parsers in barebox that process
> untrusted input, even in secure boot systems, e.g. the FIT parser, but
> also the partition parser.
>
> This series adds fuzzing tests for a number of these parsers based on
> libfuzzer.
>
> [...]
Applied, thanks!
[01/21] pbl: add provision for architectures without piggy loader
https://git.pengutronix.de/cgit/barebox/commit/?id=f188bd7651d7 (link may not be stable)
[02/21] firmware: make Layerscape FMan firmware proper-only
https://git.pengutronix.de/cgit/barebox/commit/?id=095a7670a274 (link may not be stable)
[03/21] mci: sdhci: support compiling common SDHCI code for sandbox PBL
https://git.pengutronix.de/cgit/barebox/commit/?id=de9d003b5347 (link may not be stable)
[04/21] kbuild: define and use more generic symlink command
https://git.pengutronix.de/cgit/barebox/commit/?id=125b9f671a99 (link may not be stable)
[05/21] kbuild: collect compatibility symlink creation in symlink-y
https://git.pengutronix.de/cgit/barebox/commit/?id=a1f893cc16e6 (link may not be stable)
[06/21] kbuild: allow customizing barebox proper binary
https://git.pengutronix.de/cgit/barebox/commit/?id=fb2b03c00323 (link may not be stable)
[07/21] sandbox: make available all CONFIG_ symbols to OS glue code
https://git.pengutronix.de/cgit/barebox/commit/?id=30047fe2da73 (link may not be stable)
[08/21] sandbox: switch to using PBL
https://git.pengutronix.de/cgit/barebox/commit/?id=2aba0017c95a (link may not be stable)
[09/21] kbuild: populate non-host CXX variables
https://git.pengutronix.de/cgit/barebox/commit/?id=f478c579a65b (link may not be stable)
[10/21] string: add fortify source support
https://git.pengutronix.de/cgit/barebox/commit/?id=4aaaed53fec4 (link may not be stable)
[11/21] sandbox: populate UNAME_M variable
https://git.pengutronix.de/cgit/barebox/commit/?id=aeed44d3d083 (link may not be stable)
[12/21] Add fuzzing infrastructure
https://git.pengutronix.de/cgit/barebox/commit/?id=3e0963489879 (link may not be stable)
[13/21] filetype: add fuzz target
https://git.pengutronix.de/cgit/barebox/commit/?id=08b8143838ea (link may not be stable)
[14/21] block: mark underlying cdev with DEVFS_IS_BLOCK_DEV
https://git.pengutronix.de/cgit/barebox/commit/?id=a6410cfa9aff (link may not be stable)
[15/21] block: add lightweight ramdisk support
https://git.pengutronix.de/cgit/barebox/commit/?id=cf4b60803b61 (link may not be stable)
[16/21] fuzz: add support for passing fuzz data as r/o ramdisk
https://git.pengutronix.de/cgit/barebox/commit/?id=323b4062fca3 (link may not be stable)
[17/21] partitions: add partition table parser fuzz target
https://git.pengutronix.de/cgit/barebox/commit/?id=532358a9f4f5 (link may not be stable)
[18/21] fdt: add fuzz test
https://git.pengutronix.de/cgit/barebox/commit/?id=68d5c01480d2 (link may not be stable)
[19/21] fit: add fuzz test
https://git.pengutronix.de/cgit/barebox/commit/?id=30c0d7117909 (link may not be stable)
[20/21] Documentation: add LLVM libfuzzer documentation
https://git.pengutronix.de/cgit/barebox/commit/?id=46a839f7c848 (link may not be stable)
[21/21] sandbox: add support for coverage info generation
https://git.pengutronix.de/cgit/barebox/commit/?id=4db442561229 (link may not be stable)
Best regards,
--
Sascha Hauer <s.hauer@pengutronix.de>
prev parent reply other threads:[~2025-06-10 8:48 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-05 11:35 Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 01/21] pbl: add provision for architectures without piggy loader Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 02/21] firmware: make Layerscape FMan firmware proper-only Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 03/21] mci: sdhci: support compiling common SDHCI code for sandbox PBL Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 04/21] kbuild: define and use more generic symlink command Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 05/21] kbuild: collect compatibility symlink creation in symlink-y Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 06/21] kbuild: allow customizing barebox proper binary Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 07/21] sandbox: make available all CONFIG_ symbols to OS glue code Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 08/21] sandbox: switch to using PBL Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 09/21] kbuild: populate non-host CXX variables Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 10/21] string: add fortify source support Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 11/21] sandbox: populate UNAME_M variable Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 12/21] Add fuzzing infrastructure Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 13/21] filetype: add fuzz target Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 14/21] block: mark underlying cdev with DEVFS_IS_BLOCK_DEV Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 15/21] block: add lightweight ramdisk support Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 16/21] fuzz: add support for passing fuzz data as r/o ramdisk Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 17/21] partitions: add partition table parser fuzz target Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 18/21] fdt: add fuzz test Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 19/21] fit: " Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 20/21] Documentation: add LLVM libfuzzer documentation Ahmad Fatoum
2025-06-05 11:35 ` [PATCH 21/21] sandbox: add support for coverage info generation Ahmad Fatoum
2025-06-10 8:46 ` Sascha Hauer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=174954521212.330896.4880517797866988058.b4-ty@pengutronix.de \
--to=s.hauer@pengutronix.de \
--cc=a.fatoum@pengutronix.de \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox