1 // Copyright 2018 The Chromium OS Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 // 5 // Copyright © 2022 Intel Corporation 6 // 7 // SPDX-License-Identifier: Apache-2.0 AND BSD-3-Clause 8 9 #![no_main] 10 11 use libfuzzer_sys::{fuzz_target, Corpus}; 12 use vm_memory::bitmap::AtomicBitmap; 13 use vm_memory::GuestAddress; 14 15 type GuestMemoryMmap = vm_memory::GuestMemoryMmap<AtomicBitmap>; 16 17 const MEM_SIZE: usize = 256 * 1024 * 1024; 18 // From 'arch::x86_64::layout::CMDLINE_START' 19 const CMDLINE_START: GuestAddress = GuestAddress(0x20000); 20 21 fuzz_target!(|bytes: &[u8]| -> Corpus { 22 let payload_config = vmm::vm_config::PayloadConfig { 23 firmware: None, 24 kernel: None, 25 cmdline: Some(String::from_utf8_lossy(&bytes).to_string()), 26 initramfs: None, 27 #[cfg(feature = "igvm")] 28 igvm: None, 29 }; 30 let kernel_cmdline = match vmm::vm::Vm::generate_cmdline(&payload_config) { 31 Ok(cmdline) => cmdline, 32 _ => return Corpus::Reject, 33 }; 34 let guest_memory = GuestMemoryMmap::from_ranges(&[(GuestAddress(0), MEM_SIZE)]).unwrap(); 35 36 linux_loader::loader::load_cmdline(&guest_memory, CMDLINE_START, &kernel_cmdline).ok(); 37 38 Corpus::Keep 39 }); 40