| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a fuzz test for PCHG and ctn730 driver.
With the given corpus, the test currently reaches all the normal mode
states.
BUG=b:190841496
BRANCH=trogdor
TEST=make run-pchg_fuzz
TEST=pchg_fuzz.exe -seed=1 -runs=1000000 -dict=fuzz/pchg_fuzz.corpus
Change-Id: I6eedbbbdbf3396dfa2b98ca302e16d142ea251d5
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2956076
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TCPMv2 stack defaults to PD2.0 functionality. Defining
CONFIG_USB_PD_REV30 enables PD3.0 functionality.
BUG=b:155879504
BRANCH=none
TEST=make -j buildall
Manual tests:
passed FAFT_PD running on kohaku
Before patch:
*** 18624 bytes in flash and 29216 bytes in RAM on kohaku RO ****
*** 18544 bytes in flash and 29216 bytes in RAM on kohaku RW ****
After patch:
*** 23320 bytes in flash and 30336 bytes in RAM on kohaku RO ****
*** 23228 bytes in flash and 30336 bytes in RAM on kohaku RW ****
Flash savings of 4696 bytest
Ram savings of 1120
Signed-off-by: Sam Hurst <shurst@google.com>
Change-Id: I082cf62617a91b487d2d3567afd5e340bd52258c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2184547
Reviewed-by: Jett Rink <jettrink@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes cr50 or TPM2 related test cases from fuzz and
test directory, so that buildall or chromeos-ec package won't check
them. Those test cases are already moved to cr50_stab branch.
BUG=b:149243259
BRANCH=none
TEST=ran 'make buildall -j' and
'sudo 'FEATURES=test' 'PKGDIR=/build/eve/test-packages' \
-- /mnt/host/source/chromite/bin/parallel_emerge \
'--sysroot=/build/eve' '--jobs=10' chromeos-ec
Change-Id: Ie6f7c8622fe3e488758a814dc99ddf4587ffd973
Signed-off-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2047935
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add usb_tcpm_v2_fuzz, a TCPMv2 version of usb_pd_fuzz.
This gives some fuzz test coverage of:
common/usbc/usb_pe_drp_sm.c
common/usbc/usb_prl_sm.c
common/usbc/usb_sm.c
common/usbc/usb_tc_drp_acc_trysrc_sm.c
common/usbc/usbc_task.c
BRANCH=none
BUG=none
TEST=make run-usb_tcpm_v2_fuzz
Change-Id: Ic129d9ebbe9bb37c2ca2674106e2a6652d08ee2a
Signed-off-by: Edward Hill <ecgh@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1865017
Reviewed-by: Denis Brockus <dbrockus@chromium.org>
Commit-Queue: Denis Brockus <dbrockus@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch includes changes to support testing of the new nvmem
implementation.
Making fizz compatible required duplicating a lot of functionality
available in the test/ directory (fuzz/nvmem_tpm2_mock.c is very
similar to test/nvmem_tpm2_mock.c), but I could not find an easy way
to avoid it.
BRANCH=cr50, cr50-mp
BUG=b:69907320, b:129710256
CQ-DEPEND=CL:1496607
TEST=with the rest of the patches applied 'make buildall -j' succeeds,
which confirms both test and fuzz success.
Change-Id: Ife999b04d22f8ddbe9ea5d35f4c3e21f57592754
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1450278
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new symbol was added to third_party/tpm2 that needed a mock
implementation in cr50_fuzz to fix compilation.
CQ-DEPEND=CL:1370404,CL:1377383
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: I3e2546829646e89361bfa2a8b4084c95b346f78f
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1370747
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This incorporates the fuzz targets into buildall and adds a quick
sanity check to each fuzz target to make sure it exits successfully for
an empty input.
This adds roughly 5.88 seconds to "make -j buildall" (This includes an
addtionally target that will be enabled in a later CL).
time make -j buildall # BEFORE
real 1m19.519s
user 23m9.220s
sys 5m1.690s
time make -j buildall # AFTER
real 1m25.399s
user 23m35.753s
sys 5m12.609s
BRANCH=None
BUG=None
TEST=make -j buildall
Change-Id: Ib77a57297ee896569c509d0c8c998552d2a3a76c
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1370934
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: I15ac87b14a0f28a62e257bb155f1862753053eb4
Reviewed-on: https://chromium-review.googlesource.com/c/1368010
Tested-by: Allen Webb <allenwebb@google.com>
Trybot-Ready: Allen Webb <allenwebb@google.com>
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Setup CC lines, then send up to 8 PD messages, in an attempt to
cause errors while parsing PDO and other messages.
BRANCH=none
BUG=chromium:854975
TEST=make -j buildfuzztests && \
./build/host/usb_pd_fuzz/usb_pd_fuzz.exe > /dev/null
Change-Id: Ibb575ea8d464945390d1663dd6fff279bd9d77ea
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1116626
Reviewed-by: Jonathan Metzman <metzman@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'mem_hash_tree.h' was missing '#define HIDE_EC_STDLIB' before
'dcrypto.h'. This problem was only apparent when -O2 is set.
CQ-DEPEND=CL:1358746
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: I19d00c165764f80cfa385fb3bed64efc67bfc3f9
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1361680
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a dependency problem that was introduced in CL:1184107.
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: Ib4795d6a716fe3fcb7a88bf6a165f96ffe10640a
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1358746
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=None
BUG=chromium:911310
TEST=USE="ubsan asan fuzzer" ./build_packages \
--board=amd64-generic --skip_chroot_upgrade chromeos-ec
Change-Id: Ib2ffc7035d0f6912834709bb8a5f6b3c11a2c67a
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1359652
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This uses protocol buffers to model what actions can be taken with
pinweaver at a higher level of abstraction than the raw requests to
greatly increase the coverage that can be achieved by fuzzing, while
still allowing for invalid inputs to be checked.
BRANCH=none
BUG=chromium:876582
TEST=sudo emerge libprotobuf-mutator &&
make -j buildfuzztests && ./build/host/cr50_fuzz/cr50_fuzz.exe
Change-Id: Ie7ce569650ca06866f277f36eae61df2684de60c
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1184107
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a minimal pinweaver fuzzer as a foundation for further work.
It will not be able to achieve good coverage because it doesn't have a
proper description of the protocol, however it demonstrates that the
prerequisites to build against dcrypto, nvmem_vars, and nvcounter are
satisfied for the host board.
CQ-DEPEND=CL:1183532
BRANCH=none
BUG=chromium:876582
TEST=make -j buildfuzztests &&
./build/host/cr50_fuzz/cr50_fuzz.exe
Change-Id: I520d71c224d583c51dc3292dc051ee8de4a4116a
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1183534
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This creates a build target called libec.a by setting the visibility
of functions that conflict with cstdlib to hidden. It then links
those symbols locally into one large object file that makes up libec.a
Fuzzing targets are linked against libec.a so that they can invoke ec
functionality while depending on outside libraries that need cstdlib.
When linking a particular object against cstdlib, to avoid conflicting
function declarations put the following before any includes from the
ec codebase:
#define __stdlib_compat(...)
The fuzzing targets are now linked using clang++, so that c++ libraries
and objects can be used as part of the fuzzers.
BRANCH=none
BUG=chromium:876582
TEST=make -j buildfuzztests &&
./build/host/host_command_fuzz/host_command_fuzz.exe
Change-Id: Ifdfdc6a51c6ef23b4e192b013ca993bf48a4411b
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1180401
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
BRANCH=none
CQ-DEPEND=CL:*664115
BUG=chromium:876582
TEST=make -j buildall && make -j buildfuzztests
Change-Id: Iade5e5138f495e6b3b99ec16f1a467861ade5537
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1180179
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|