Merge "[avb] Refactor Payload and AvbOps into new module ops"
diff --git a/compos/benchmark/src/java/com/android/compos/benchmark/ComposBenchmark.java b/compos/benchmark/src/java/com/android/compos/benchmark/ComposBenchmark.java
index c25de71..b884b9e 100644
--- a/compos/benchmark/src/java/com/android/compos/benchmark/ComposBenchmark.java
+++ b/compos/benchmark/src/java/com/android/compos/benchmark/ComposBenchmark.java
@@ -17,6 +17,7 @@
import static androidx.test.platform.app.InstrumentationRegistry.getInstrumentation;
+import static com.google.common.truth.Truth.assertThat;
import static com.google.common.truth.TruthJUnit.assume;
import static org.junit.Assert.assertTrue;
@@ -136,9 +137,7 @@
Long compileStartTime = System.nanoTime();
String output = executeCommand(command);
Long compileEndTime = System.nanoTime();
- Pattern pattern = Pattern.compile("All Ok");
- Matcher matcher = pattern.matcher(output);
- assertTrue(matcher.find());
+ assertThat(output).containsMatch("All Ok");
double elapsedSec = (compileEndTime - compileStartTime) / NANOS_IN_SEC;
Log.i(TAG, "Compile time in guest took " + elapsedSec + "s");
getMetricsRunnable.stop();
diff --git a/pvmfw/avb/fuzz/Android.bp b/pvmfw/avb/fuzz/Android.bp
new file mode 100644
index 0000000..451fd8a
--- /dev/null
+++ b/pvmfw/avb/fuzz/Android.bp
@@ -0,0 +1,34 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+rust_fuzz {
+ name: "avb_kernel_without_footer_verify_fuzzer",
+ srcs: ["without_footer_verify_fuzzer.rs"],
+ rustlibs: [
+ "libpvmfw_avb_nostd",
+ ],
+ fuzz_config: {
+ cc: [
+ "android-kvm@google.com",
+ ],
+ fuzz_on_haiku_device: true,
+ fuzz_on_haiku_host: true,
+ },
+}
+
+// TODO(b/260574387): Add avb_kernel_with_footer_verify_fuzzer
diff --git a/pvmfw/avb/fuzz/without_footer_verify_fuzzer.rs b/pvmfw/avb/fuzz/without_footer_verify_fuzzer.rs
new file mode 100644
index 0000000..fc8fa85
--- /dev/null
+++ b/pvmfw/avb/fuzz/without_footer_verify_fuzzer.rs
@@ -0,0 +1,28 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#![allow(missing_docs)]
+#![no_main]
+
+use libfuzzer_sys::fuzz_target;
+use pvmfw_avb::verify_payload;
+
+fuzz_target!(|kernel: &[u8]| {
+ // This fuzzer is mostly supposed to catch the memory corruption in
+ // AVB footer parsing. It is unlikely that the randomly generated
+ // kernel can pass the kernel verification, so the value of `initrd`
+ // is not so important as we won't reach initrd verification with
+ // this fuzzer.
+ let _ = verify_payload(kernel, /*initrd=*/ None, &[0u8; 64]);
+});