fuzz: Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing ("syscall sanitizer") #21538

practicalswift · 2021-03-28T10:29:50Z

Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing.

This PR is based on #20487. Only the last commit is new to this PR.

Example use:

$ make distclean
$ ./autogen.sh
$ CC=clang CXX=clang++ ./configure --enable-fuzz --with-sanitizers=fuzzer --with-syscall-sandbox
$ make
$ FUZZ=example_fuzzing_harness src/test/fuzz/fuzz
…
ERROR: The syscall "socket" (syscall number 41) is not allowed by the syscall sandbox in thread "*unnamed*". Please report. Exiting.
terminate called without an active exception
==27953== ERROR: libFuzzer: deadly signal
…
    #11 0x7f11a5dd0b20 in std::terminate() (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x92b20)
    #12 0x56445a4b8cb7 in (anonymous namespace)::SyscallSandboxDebugSignalHandler(int, siginfo_t*, void*) src/util/syscall_sandbox.cpp:71:5
…
artifact_prefix='./'; Test unit written to ./crash-78657a4e3dda0e9557c5a4f56dd9d19763459865

In this example use of an unexpected networking syscall (socket) was detected when running the example harness example_fuzzing_harness.

DrahtBot · 2021-03-28T11:08:15Z

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

Reviewers, this pull request conflicts with the following ones:

build: Add --with-append-cxxflags option #22159 (build: Add --enable-trivial-auto-var-init-pattern option by MarcoFalke)
Randomize message processing peer order #22144 (Randomize message processing peer order by sipa)
refactor: Remove ::Params() global from CChainState #21789 (refactor: Remove ::Params() global from CChainState by MarcoFalke)
test: Run AppInitSanityChecks before all tests #21763 (test: Run AppInitSanityChecks before all tests by MarcoFalke)
Use std::filesystem. Remove Boost Filesystem & System #20744 ([POC] Use std::filesystem. Remove Boost Filesystem & System by fanquake)
Add syscall sandboxing using seccomp-bpf (Linux secure computing mode) #20487 (Add syscall sandboxing using seccomp-bpf (Linux secure computing mode) by practicalswift)
Log RPC parameters (arguments) if -debug=rpcparams #16365 (Log RPC parameters (arguments) if -debug=rpcparams by LarryRuane)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

DrahtBot · 2021-05-03T09:32:49Z

🕵️ @jonatack @sipa have been requested to review this pull request as specified in the REVIEWERS file.

…uzzing

DrahtBot mentioned this pull request Mar 28, 2021

net_processing: lock clean up #21527

Closed

DrahtBot added Build system GUI P2P RPC/REST/ZMQ Utils/log/libs UTXO Db and Indexes Validation labels Mar 28, 2021

practicalswift changed the title ~~fuzz: Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing~~ fuzz: Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing ("syscall sanitizer") Mar 28, 2021

3h6-1 approved these changes Mar 29, 2021

View reviewed changes

practicalswift force-pushed the seccomp-bpf-fuzzing branch from 555559f to 5555d02 Compare March 29, 2021 07:03

practicalswift mentioned this pull request Mar 30, 2021

Avoid use of "socket" syscall when formatting IP addresses in CNetAddr::ToString #21466

Closed

This was referenced Apr 3, 2021

rpc, gui: bumpfee signer support #21576

Merged

refactor: Create blockstorage module #21575

Merged

DrahtBot mentioned this pull request Apr 12, 2021

multiprocess: Add bitcoin-gui -ipcconnect option #19461

Draft

DrahtBot added the Needs rebase label Apr 13, 2021

practicalswift force-pushed the seccomp-bpf-fuzzing branch from 5555d02 to 545454b Compare April 27, 2021 20:16

DrahtBot removed the Needs rebase label Apr 27, 2021

This was referenced Apr 28, 2021

refactor: Remove ::Params() global from CChainState #21789

Merged

test: Run AppInitSanityChecks before all tests #21763

Closed

refactor: Move more stuff to blockstorage #21727

Merged

practicalswift force-pushed the seccomp-bpf-fuzzing branch from 545454b to 5454bcd Compare April 28, 2021 08:16

This was referenced Apr 28, 2021

Add syscall sandboxing using seccomp-bpf (Linux secure computing mode) #20487

Merged

refactor: Cleanup thread ctor calls #19064

Merged

laanwj added Tests and removed Build system GUI P2P RPC/REST/ZMQ UTXO Db and Indexes Utils/log/libs Validation labels May 4, 2021

DrahtBot added the Needs rebase label May 5, 2021

practicalswift force-pushed the seccomp-bpf-fuzzing branch from 5454bcd to 545462f Compare May 12, 2021 22:12

DrahtBot removed the Needs rebase label May 12, 2021

This was referenced May 13, 2021

fuzz: Terminate immediately if a fuzzing harness tries to create a TCP socket (belt and suspenders) #21936

Merged

test: Fix off-by-one in mockscheduler test RPC #21948

Merged

DrahtBot added the Needs rebase label May 15, 2021

practicalswift force-pushed the seccomp-bpf-fuzzing branch from 545462f to 4848222 Compare May 15, 2021 11:40

DrahtBot removed the Needs rebase label May 15, 2021

DrahtBot mentioned this pull request May 20, 2021

fuzz: Terminate immediately if a fuzzing harness tries to perform a DNS lookup (belt and suspenders) #21795

Merged

DrahtBot added the Needs rebase label May 21, 2021

practicalswift added 2 commits May 23, 2021 21:34

Add syscall sandboxing (seccomp-bpf)

0ea0870

Add fuzzing syscall sandbox: detect use of unexpected syscalls when f…

333374a

…uzzing

practicalswift force-pushed the seccomp-bpf-fuzzing branch from 4848222 to 333374a Compare May 23, 2021 21:41

DrahtBot removed the Needs rebase label May 23, 2021

This was referenced Jun 4, 2021

Randomize message processing peer order #22144

Merged

build: Add --with-append-cxxflags option #22159

Closed

practicalswift closed this Jun 7, 2021

bitcoin locked as resolved and limited conversation to collaborators Aug 18, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fuzz: Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing ("syscall sanitizer") #21538

fuzz: Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing ("syscall sanitizer") #21538

Uh oh!

practicalswift commented Mar 28, 2021 •

edited

Loading

Uh oh!

DrahtBot commented Mar 28, 2021 •

edited

Loading

Uh oh!

DrahtBot commented May 3, 2021

Uh oh!

Uh oh!

fuzz: Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing ("syscall sanitizer") #21538

fuzz: Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing ("syscall sanitizer") #21538

Uh oh!

Conversation

practicalswift commented Mar 28, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

DrahtBot commented Mar 28, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Conflicts

Uh oh!

DrahtBot commented May 3, 2021

Uh oh!

Uh oh!

practicalswift commented Mar 28, 2021 •

edited

Loading

DrahtBot commented Mar 28, 2021 •

edited

Loading