commit 808cbcd708ef39370772bd2e38461e93e1d3a7d8
author Tamas Ban <tamas.ban@arm.com> Tue Aug 13 13:32:06 2024 +0200
committer Anton Komlev <Anton.Komlev@arm.com> Mon Sep 09 18:03:33 2024 +0200
tree a9b56f9881265624b069583197605d93fdad96cd
parent 545bb5c98f7c7e04005687ba45153aa4a2e5021a

DPE: Add fuzz test capability

The goal to fuzz test the stand-alone DPE
program in a native Linux environment.

Change-Id: I7fe28aca817c1af3554b1ae072e03f3dcfca232a
Signed-off-by: Tamas Ban <tamas.ban@arm.com>

partitions/dice_protection_environment/CMakeLists.txt

diff --git a/partitions/dice_protection_environment/CMakeLists.txt b/partitions/dice_protection_environment/CMakeLists.txt
index 25563cd..3ca1beb 100644
--- a/partitions/dice_protection_environment/CMakeLists.txt
+++ b/partitions/dice_protection_environment/CMakeLists.txt
@@ -125,6 +125,8 @@
                                  -DTFM_PATH=${CMAKE_SOURCE_DIR}       # To locate t_cose src
                                  -DTFM_TEST_PATH=${TFM_TEST_PATH}     # To locate test framework src
                                  -DTFM_PARTITION_LOG_LEVEL=${TFM_PARTITION_LOG_LEVEL}
+                                 $<$<BOOL:${AFL_CC}>:-DCMAKE_C_COMPILER=${AFL_CC}>
+                                 $<$<BOOL:${AFL_CC}>:-DFUZZ_TEST=ON>
         COMMAND ${CMAKE_COMMAND} --build ${CMAKE_CURRENT_BINARY_DIR}/dpe_host
         COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_CURRENT_BINARY_DIR}/dpe_host/dpe_host ${CMAKE_BINARY_DIR}/bin/host/dpe
     )

partitions/dice_protection_environment/test/fuzz/allowlist.txt

diff --git a/partitions/dice_protection_environment/test/fuzz/allowlist.txt b/partitions/dice_protection_environment/test/fuzz/allowlist.txt
new file mode 100644
index 0000000..47510a3
--- /dev/null
+++ b/partitions/dice_protection_environment/test/fuzz/allowlist.txt
@@ -0,0 +1,7 @@
+# DPE lib
+dpe_certificate.c
+dpe_cmd_decode.c
+dpe_context_mngr.c
+dpe_crypto_interface.c
+dpe_log.c
+dpe_cmd_encode.c

partitions/dice_protection_environment/test/host/CMakeLists.txt

diff --git a/partitions/dice_protection_environment/test/host/CMakeLists.txt b/partitions/dice_protection_environment/test/host/CMakeLists.txt
index 5b5a45f..68a8cd2 100644
--- a/partitions/dice_protection_environment/test/host/CMakeLists.txt
+++ b/partitions/dice_protection_environment/test/host/CMakeLists.txt
@@ -17,6 +17,17 @@
 set(ENABLE_DOCS OFF)
 set(INSTALL_MBEDTLS_HEADERS OFF)
 
+################################## Fuzzing #####################################
+
+if(FUZZ_TEST)
+    if(NOT DEFINED ENV{AFL_LLVM_ALLOWLIST})
+        message(FATAL_ERROR
+            "The AFL_LLVM_ALLOWLIST environment variable is not defined. "
+            "Define it as below to instrument only the DPE library:\n"
+            "export AFL_LLVM_ALLOWLIST=<TF_M_EXTRAS_PATH>/partitions/dice_protection_environment/test/fuzz/allowlist.txt")
+    endif()
+endif()
+
 ############################### Crypto Library #################################
 
 add_subdirectory(${MBEDCRYPTO_PATH} mbedtls)