trusty: fuzz: Helper lib for libFuzzer extra counters
Bug: 169776499
Test: /data/nativetest64/libtrusty_coverage_test/libtrusty_coverage_test
Change-Id: Iad18af1f0404fc47bef481955c7a4292ef3a24ec
diff --git a/trusty/fuzz/Android.bp b/trusty/fuzz/Android.bp
index ac49751..22d834d 100644
--- a/trusty/fuzz/Android.bp
+++ b/trusty/fuzz/Android.bp
@@ -15,6 +15,7 @@
cc_defaults {
name: "trusty_fuzzer_defaults",
shared_libs: [
+ "libtrusty_coverage",
"libtrusty_fuzz_utils",
"libbase",
"liblog",
@@ -31,9 +32,16 @@
cc_library {
name: "libtrusty_fuzz_utils",
- srcs: ["utils.cpp"],
+ srcs: [
+ "counters.cpp",
+ "utils.cpp",
+ ],
export_include_dirs: ["include"],
+ static_libs: [
+ "libFuzzer",
+ ],
shared_libs: [
+ "libtrusty_coverage",
"libtrusty_test",
"libbase",
"liblog",
diff --git a/trusty/fuzz/counters.cpp b/trusty/fuzz/counters.cpp
new file mode 100644
index 0000000..3fc9f48
--- /dev/null
+++ b/trusty/fuzz/counters.cpp
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2020 The Android Open Sourete Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "trusty-fuzz-counters"
+
+#include <FuzzerDefs.h>
+
+#include <trusty/fuzz/counters.h>
+
+#include <android-base/logging.h>
+#include <trusty/coverage/coverage.h>
+#include <trusty/coverage/tipc.h>
+
+using android::base::ErrnoError;
+using android::base::Error;
+using android::base::Result;
+
+/*
+ * We don't know how many counters the coverage record will contain. So, eyeball
+ * the size of this section.
+ */
+__attribute__((section("__libfuzzer_extra_counters"))) volatile uint8_t counters[PAGE_SIZE];
+
+namespace android {
+namespace trusty {
+namespace fuzz {
+
+ExtraCounters::ExtraCounters(coverage::CoverageRecord* record) : record_(record) {
+ assert(fuzzer::ExtraCountersBegin());
+ assert(fuzzer::ExtraCountersEnd());
+
+ uint8_t* begin = NULL;
+ uint8_t* end = NULL;
+ record_->GetRawData((volatile void**)&begin, (volatile void**)&end);
+ assert(end - begin <= sizeof(counters));
+}
+
+ExtraCounters::~ExtraCounters() {
+ Flush();
+}
+
+void ExtraCounters::Reset() {
+ record_->Reset();
+ fuzzer::ClearExtraCounters();
+}
+
+void ExtraCounters::Flush() {
+ volatile uint8_t* begin = NULL;
+ volatile uint8_t* end = NULL;
+
+ record_->GetRawData((volatile void**)&begin, (volatile void**)&end);
+
+ size_t num_counters = end - begin;
+ for (size_t i = 0; i < num_counters; i++) {
+ *(counters + i) = *(begin + i);
+ }
+}
+
+} // namespace fuzz
+} // namespace trusty
+} // namespace android
diff --git a/trusty/fuzz/include/trusty/fuzz/counters.h b/trusty/fuzz/include/trusty/fuzz/counters.h
new file mode 100644
index 0000000..db933d9
--- /dev/null
+++ b/trusty/fuzz/include/trusty/fuzz/counters.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <string>
+
+#include <android-base/result.h>
+#include <trusty/coverage/coverage.h>
+
+namespace android {
+namespace trusty {
+namespace fuzz {
+
+class ExtraCounters {
+ public:
+ ExtraCounters(coverage::CoverageRecord* record);
+ ~ExtraCounters();
+
+ void Reset();
+ void Flush();
+
+ private:
+ coverage::CoverageRecord* record_;
+};
+
+} // namespace fuzz
+} // namespace trusty
+} // namespace android