Skip to content

Commit 63d186a

Browse files
hsiangkaohsiangkao
committed
docs: add a new GSoC idea for advanced Fuzzing and image injection
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
1 parent 31a4c55 commit 63d186a

1 file changed

Lines changed: 37 additions & 1 deletion

File tree

src/gsoc.md

Lines changed: 37 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,7 +142,7 @@ Skills:
142142
Proposed mentors: Gao Xiang, Hongbo Li ([@hb-lee](https://github.com/hb-lee))
143143
Languages: C
144144
Estimated project length: 350 hours
145-
Difficulty: medium
145+
Difficulty: hard
146146
Skills:
147147
- Proficiency in C programming;
148148
- Experience with file system concepts and operations.
@@ -178,3 +178,39 @@ Key objectives:
178178
- Integrate EROFS with FreeBSD’s VFS, buffer cache, and VM systems;
179179
- Validate correctness and performance using real-world workloads;
180180
- Lay groundwork for future BSD ports (OpenBSD, NetBSD).
181+
182+
### Advanced Fuzzing and image injection for the kernel and erofs-utils
183+
184+
Proposed mentors: Gao Xiang, XXX
185+
Languages: C
186+
Estimated project length: 175 hours
187+
Difficulty: medium
188+
Skills:
189+
- Proficiency in C programming;
190+
- Experience with file system concepts and operations;
191+
- Familiarity with fuzzing frameworks (e.g., AFL++, libFuzzer) is a plus.
192+
193+
**Description**
194+
195+
EROFS aims to be a secure, immutable image-based kernel filesystem by design.
196+
Since its on-disk format contains less redundant metadata and is designed to
197+
tolerate any bogus or corrupted values, unlike generic writable filesystems,
198+
and due to its immutable characteristic, all writable data is copied up (aka.
199+
copy-on-write) into another local trusted filesystem. This makes it safer than
200+
writing directly to an untrusted and potentially inconsistent generic writable
201+
filesystem.
202+
203+
We pay particular attention to the EROFS core on-disk format. Although the
204+
format design is simple and the implementation (especially for the core format)
205+
is straightforward, it is highly beneficial to develop more advanced tools
206+
alongside the current syzkaller and the existing erofs-utils fuzzer. These tools
207+
will keep the codebase robust and allow us to address random human-introduced
208+
bugs more actively and in time.
209+
210+
The main goal is to implement an advanced fuzzing tool and an image injection
211+
tool (maybe it is easier to be implemented with go-erofs or erofs-rs for
212+
example), and we intend to enable a new GitHub Actions CI workflow to perform
213+
periodic fuzzing.
214+
215+
This will allow us to maintain the kernel and erofs-utils implementations in
216+
better shape.

0 commit comments

Comments
 (0)