Re: [PATCH] fuzz: Add virtio-9p configurations for fuzzing

[Alexander Bulekov]

On 210115 1033, Darren Kenny wrote:
> Hi Alex,
> 
> On Thursday, 2021-01-14 at 17:17:48 -05, Alexander Bulekov wrote:
> > Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> 
> In general this look good, so:
> 
> Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
> 
> but I do have a question below...
> 
> > ---
> >  tests/qtest/fuzz/generic_fuzz_configs.h | 12 ++++++++++++
> >  1 file changed, 12 insertions(+)
> >
> > diff --git a/tests/qtest/fuzz/generic_fuzz_configs.h 
> > b/tests/qtest/fuzz/generic_fuzz_configs.h
> > index 7fed035345..ffdb590c58 100644
> > --- a/tests/qtest/fuzz/generic_fuzz_configs.h
> > +++ b/tests/qtest/fuzz/generic_fuzz_configs.h
> > @@ -59,6 +59,18 @@ const generic_fuzz_config predefined_configs[] = {
> >          .name = "virtio-mouse",
> >          .args = "-machine q35 -nodefaults -device virtio-mouse",
> >          .objects = "virtio*",
> > +    },{
> > +        .name = "virtio-9p",
> > +        .args = "-machine q35 -nodefaults "
> > +        "-device virtio-9p,fsdev=hshare,mount_tag=hshare "
> > +        "-fsdev local,id=hshare,path=/tmp/,security_model=none",
> > +        .objects = "virtio*",
> 
> I wonder about the use of "/tmp" rather than maybe some generated name
> using mkdtemp() - I also realise that the ability to generate this and
> plug it in here probably doesn't exist either, hence not holding you to
> it for this patch. Also the fact that in OSS-Fuzz this is run in limited
> containers.
> 
> Have you observed any changes to "/tmp" while this is running? My
> concerns may be unfounded since I don't really know what state things
> are in while this is executed with no running OS.
> 

So far, I haven't seen any files created, however this might be due to
the fact that I used security_model=none. In any case, I agree that this
is not a nice solution. I'll think of a way to use mkdtemp() for v2.
-Alex

> Thanks,
> 
> Darren.
>