Vault 2015 has ended
Back To Schedule
Thursday, March 12 • 9:00am - 9:50am
Filesystem Fuzzing Simplified - Sasha Levin, Oracle

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Filesystem testing has been mostly focused around using "standard" testcase based tools. While they provide good coverage and are good for testing for known regressions, they miss quite a lot.

I'd like to present an approach which allows fuzz testing a filesystem by loading the target filesystem into a disposable harness built around the kvm tool and trinity with the ability to use the traditional test tools in parallel.

This approach, when targeted at specific subsystems has produced interesting results:
- CVE-2014-8086 (EXT4 DoS)
- CVE-2014-8559 (FS remote DoS)
- CVE-2014-4171 (shmem DoS)
- CVE-2014-3940 (procfs DoS)
- CVE-2013-7348 (AIO memory corruption)

And quite a few more issues that are just plain bugs.


Sasha Levin

Kernel Hacker, Microsoft
Sasha is a contributor to stable trees, the maintainer of the 4.1 LTS tree, and has previously maintained 3.18 LTS. Sasha is also the maintainer of liblockdep, a userspace lockdep library. Sasha is currently employed by Microsoft where he helps make Linux run better on Windows. Previously... Read More →

Thursday March 12, 2015 9:00am - 9:50am PDT
Carver 1