| Message ID | 4520671eeb604adbc2432c248b0c07fbaa5519ef.1585233617.git.andreyknvl@google.com (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 76e278d6b50534092038d4117d7a2687af034107 |
| Headers | show |
| Series | kcov: collect coverage from usb soft interrupts | expand |
On Thu, Mar 26, 2020 at 3:44 PM Andrey Konovalov <andreyknvl@google.com> wrote: > > This patch adds kcov_remote_start/stop() callbacks around the urb > complete() callback that is executed in softirq context when dummy_hcd > is in use. As the result, kcov can be used to collect coverage from those > callbacks, which is used to facilitate coverage-guided fuzzing with > syzkaller. > > Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Reviewed-by: Dmitry Vyukov <dvyukov@google.com> > --- > drivers/usb/core/hcd.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c > index aa45840d8273..de624c47e190 100644 > --- a/drivers/usb/core/hcd.c > +++ b/drivers/usb/core/hcd.c > @@ -31,6 +31,7 @@ > #include <linux/types.h> > #include <linux/genalloc.h> > #include <linux/io.h> > +#include <linux/kcov.h> > > #include <linux/phy/phy.h> > #include <linux/usb.h> > @@ -1645,7 +1646,9 @@ static void __usb_hcd_giveback_urb(struct urb *urb) > > /* pass ownership to the completion handler */ > urb->status = status; > + kcov_remote_start_usb((u64)urb->dev->bus->busnum); > urb->complete(urb); > + kcov_remote_stop(); > > usb_anchor_resume_wakeups(anchor); > atomic_dec(&urb->use_count); > -- > 2.26.0.rc2.310.g2932bb562d-goog >
diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c index aa45840d8273..de624c47e190 100644 --- a/drivers/usb/core/hcd.c +++ b/drivers/usb/core/hcd.c @@ -31,6 +31,7 @@ #include <linux/types.h> #include <linux/genalloc.h> #include <linux/io.h> +#include <linux/kcov.h> #include <linux/phy/phy.h> #include <linux/usb.h> @@ -1645,7 +1646,9 @@ static void __usb_hcd_giveback_urb(struct urb *urb) /* pass ownership to the completion handler */ urb->status = status; + kcov_remote_start_usb((u64)urb->dev->bus->busnum); urb->complete(urb); + kcov_remote_stop(); usb_anchor_resume_wakeups(anchor); atomic_dec(&urb->use_count);
This patch adds kcov_remote_start/stop() callbacks around the urb complete() callback that is executed in softirq context when dummy_hcd is in use. As the result, kcov can be used to collect coverage from those callbacks, which is used to facilitate coverage-guided fuzzing with syzkaller. Signed-off-by: Andrey Konovalov <andreyknvl@google.com> --- drivers/usb/core/hcd.c | 3 +++ 1 file changed, 3 insertions(+)