We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Fuzzing Device Models in Rust: Common Pitfalls

Formal Metadata

Title
Fuzzing Device Models in Rust: Common Pitfalls
Title of Series
Number of Parts
542
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
As of October 2022, we run a 15 minutes fuzzing session for all Pull Requests submitted to the Virtio Device implementation in rust-vmm. But implementing the fuzz targets was not smooth sailing. In this talk, we go over the challenges of implementing fuzzing for Virtio Devices and how to overcome them. Being one of the most critical components in a virtualization stack, the Virtio Device Model is a great target for fuzzing. Fuzzing is a security focused testing technique through which you can discover vulnerabilities in code that deals with untrusted input. When fuzzing Virtio Devices one of the biggest challenges is mocking the device-driver communication. This talk will show how we approached this in rust-vmm, and why fuzzing should be taken into consideration from the early development stages.