Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Islet Mentorship: Strengthening Security through Fuzz Testing #398

Open
Salkimmich opened this issue Nov 14, 2024 · 12 comments
Open

Islet Mentorship: Strengthening Security through Fuzz Testing #398

Salkimmich opened this issue Nov 14, 2024 · 12 comments

Comments

@Salkimmich
Copy link
Contributor

Islet Mentorship: Strengthening Security through Fuzz Testing

This issue provides a brief description of the Linux Foundation Mentorship opportunity for Islet. This Issue is for potential mentees and project mentors to review and discuss.

Description:

Enhance Islet’s security by identifying vulnerabilities early using fuzz testing. This project integrates Cargo Fuzz tools with Islet’s CI pipeline, focusing on testing RMM interfaces (RMI and RSI) based on ARM’s RMM specification.

Expected Outcome: Deliver a set of robust fuzz tests integrated into Islet’s CI, improving security and compliance with ARM standards.

Recommended Skills: Knowledge of Rust programming and fuzz testing. Familiarity with confidential computing, virtualization, and ARM architecture is helpful but not required.

Mentor(s):

Bokdeuk Jeong (@bokdeuk-jeong, [email protected])
Sangwan Kwon (@bitboom, [email protected])

@Shruti78
Copy link

interested on contributing towards this project.

@ksachin7
Copy link

I am excited about the prospect of helping to make Islet's security even stronger using full-fledged fuzz testing. My method will rely on Cargo Fuzz and use it to systematically stress-test the RMM interfaces (RMI and RSI) in a focused manner of producing edge-case inputs to possibly expose weaknesses in ARM CCA implementation.

The RMM interface has potential attack surfaces within its boundaries. We need to develop comprehensive test cases that cover both expected and unexpected input scenarios and seamlessly integrate these fuzz tests into Islet's existing CI pipeline

I have been analysing islet codebase to understand it better and I look forward to deepening my understanding under the guidance of experienced mentors.

@bokdeuk-jeong
Copy link
Collaborator

Hi @Shruti78 and @ksachin7,
Thank you so much for showing interest in Islet and for expressing your willingness to participate!
Here's the link to apply for the mentorship program.
https://mentorship.lfx.linuxfoundation.org/project/fbd406ee-5d76-4d8b-939d-c37d42643fa8

If you have any questions, feel free to reach out anytime.
Looking forward to working together on this exciting project!

@ksachin7
Copy link

Hi @bokdeuk-jeong getting following error

error: could not compile rsi-test` (bin "rsi-test"); 1 warning emitted

Caused by:
process didn't exit successfully: /Users/sachin/.rustup/toolchains/nightly-aarch64-apple-darwin/bin/rustc --crate-name rsi_test --edition=2021 realm/rsi-test/src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=107 --crate-type bin --emit=dep-info,link -C panic=abort -C embed-bitcode=no -C debuginfo=2 -C split-debuginfo=unpacked --check-cfg 'cfg(docsrs)' --check-cfg 'cfg(feature, values())' -C metadata=ba4f7aa1ad74fffc -C extra-filename=-5c6e6e55fb55c39f --out-dir /Users/sachin/Downloads/LFX25/islet/out/aarch64-apple-darwin/debug/deps --target aarch64-apple-darwin -C incremental=/Users/sachin/Downloads/LFX25/islet/out/aarch64-apple-darwin/debug/incremental -L dependency=/Users/sachin/Downloads/LFX25/islet/out/aarch64-apple-darwin/debug/deps -L dependency=/Users/sachin/Downloads/LFX25/islet/out/debug/deps (exit status: 101)
warning: build failed, waiting for other jobs to finish...`

after running :

cargo build --target aarch64-apple-darwin

My setup :

islet % rustup show

Default host: aarch64-apple-darwin
rustup home: /Users/sachin/.rustup

installed toolchains

stable-aarch64-apple-darwin (default)
nightly-2024-04-21-aarch64-apple-darwin
nightly-aarch64-apple-darwin
1.75.0-aarch64-apple-darwin
1.70-aarch64-apple-darwin

installed targets for active toolchain

aarch64-apple-darwin
aarch64-unknown-none-softfloat
wasm32-unknown-unknown

active toolchain

nightly-aarch64-apple-darwin (directory override for '/Users/sachin/downloads/islet')
rustc 1.85.0-nightly (c26db435b 2024-12-15)

@drvcodenta
Copy link
Contributor

I also want to work on this project, I liked the project and wish to contribute.

@bitboom
Copy link
Collaborator

bitboom commented Dec 17, 2024

Hi @bokdeuk-jeong getting following error

error: could not compile rsi-test` (bin "rsi-test"); 1 warning emitted

Caused by: process didn't exit successfully: /Users/sachin/.rustup/toolchains/nightly-aarch64-apple-darwin/bin/rustc --crate-name rsi_test --edition=2021 realm/rsi-test/src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=107 --crate-type bin --emit=dep-info,link -C panic=abort -C embed-bitcode=no -C debuginfo=2 -C split-debuginfo=unpacked --check-cfg 'cfg(docsrs)' --check-cfg 'cfg(feature, values())' -C metadata=ba4f7aa1ad74fffc -C extra-filename=-5c6e6e55fb55c39f --out-dir /Users/sachin/Downloads/LFX25/islet/out/aarch64-apple-darwin/debug/deps --target aarch64-apple-darwin -C incremental=/Users/sachin/Downloads/LFX25/islet/out/aarch64-apple-darwin/debug/incremental -L dependency=/Users/sachin/Downloads/LFX25/islet/out/aarch64-apple-darwin/debug/deps -L dependency=/Users/sachin/Downloads/LFX25/islet/out/debug/deps (exit status: 101) warning: build failed, waiting for other jobs to finish...`

after running :

cargo build --target aarch64-apple-darwin

My setup :

islet % rustup show

Default host: aarch64-apple-darwin rustup home: /Users/sachin/.rustup

installed toolchains

stable-aarch64-apple-darwin (default) nightly-2024-04-21-aarch64-apple-darwin nightly-aarch64-apple-darwin 1.75.0-aarch64-apple-darwin 1.70-aarch64-apple-darwin

installed targets for active toolchain

aarch64-apple-darwin aarch64-unknown-none-softfloat wasm32-unknown-unknown

active toolchain

nightly-aarch64-apple-darwin (directory override for '/Users/sachin/downloads/islet') rustc 1.85.0-nightly (c26db435b 2024-12-15)

First, thank you for your interest in our project.

Since rsi-test operates as a Realm, it must be built for the aarch64-unknown-linux-gnu target. Please refer to the Makefile

Additionally, the current tests are conducted in a Linux environment. If you are using a Mac, I recommend using a VM or Docker to test in a Linux environment. The way to setup the development on linux is here.

Furthermore, it might be easier to approach the following tests before working on rsi-test:

  1. Crates Test: Test cases for RMM functionality that can run in the std environment: scripts/tests/crates.sh
  2. MIRI Test: Tests executed using the MIRI tool: scripts/tests/miri.sh
  3. ACS Test: Comprehensive tests for RMM’s RMI and RSI functionalities: scripts/tests/acs.sh

@Harsh1s
Copy link

Harsh1s commented Dec 18, 2024

Hi @bokdeuk-jeong and @bitboom,

I am really excited about the opportunity to contribute to this project, as it aligns perfectly with my background in Rust programming, testing, and systems-level development. Here’s a brief overview of my relevant experience:

Google Summer of Code Mentee — DatenLord
Enhanced testing and reliability in distributed systems by integrating deterministic simulation tools with fault injection capabilities (e.g., network partitions, message loss) to simulate chaotic and failure-prone environments, ensuring system resilience and correctness.
Technologies: Rust, Distributed Systems, Chaos Engineering, Deterministic Simulation, Testing

Summer of Bitcoin Intern — Validating Lightning Signer
Developed a modular fund recovery framework for handling force closes, breaches, and various transaction types (e.g., commitment, 2nd level HTLCs, sweeps). Enhanced logging, testing, and fee management while ensuring compatibility with standard and no-std environments.
Technologies: Rust, Cryptography, Blockchain, Fault Tolerance, Lightning Network

Code for GovTech Intern — Dhiway
Developed the ‘UseOnce’ Substrate pallet for efficient runtime storage and transaction processing to mark statements as usable just once.
Technologies: Rust, Substrate, Blockchain, TypeScript

EMG-Controlled Prosthetic Hand
Designed and developed an EMG-driven prosthetic arm with precise joint control, signal processing, and fuzzy logic classification.
Technologies: C++, fuzzylite

Could you please guide me on where to begin, any prerequisites to learn, and potential first issues to solve? Could you also recommend any specific Rust libraries, tools, or techniques that would be essential for integrating fuzz testing with Islet’s CI pipeline, and how best to familiarize myself with ARM’s RMM specification for testing the RMI and RSI interfaces?

Best Regards,
Harsh
Email: [email protected]
LinkedIn: https://www.linkedin.com/in/harsh1s/

@bokdeuk-jeong
Copy link
Collaborator

Hi @Harsh1s,

Thank you so much for expressing interest in the Islet project! We're especially excited to hear from someone with strong exprience in Rust and system testing.

To formally apply, please submit your application through the official mentorship program platfrom at https://mentorship.lfx.linuxfoundation.org/project/fbd406ee-5d76-4d8b-939d-c37d42643fa8. This ensures that all applicants are properly tracked and reviewed as part of the program.

Looking forward to seeing your application there! Feel free to reach out if you have any questions about the process.

@drvcodenta
Copy link
Contributor

Hi @bokdeuk-jeong, @bitboom

  • I have a quick suggestion for a problem with setting up the project! while running ./scripts/init.sh inside Ubuntu 24, it's failing to run the pip3 install toml command(/scripts/deps/pkgs.sh) due to the error externally-managed-environment
  • this error arises particularly in ubuntu(or newer debian based distros), as new changes were introduced to prevent conflicts between system-managed and user-managed python packages. This link contains the detail about the changes
  • to integrate the project further in future, I think it's necessary to prevent conflicts between globally managed and user managed python packages
  • To solve this problem, currently I am using python env for creating a temporary environment for toml, and put venv folder inside the .gitignore
  • Please suggest your views on this issue! If my method looks good for this problem, then I can go ahead and create a pr for review! But I am not sure whether using another environment for a dependency is a good idea or not!

@bokdeuk-jeong
Copy link
Collaborator

Hi @drvcodenta,
Thank you for bringing this to our attention. Creating a virtual environment for this seems like a good idea. Could you please prepare a PR for that? Please don't forget to sign off your commits.

@yashkmankad
Copy link

Thank you everyone for your interest in this Mentorship opportunity.

As @bokdeuk-jeong mentioned earlier, interested applicants can apply on the LFX Mentorship portal here:
https://mentorship.lfx.linuxfoundation.org/project/fbd406ee-5d76-4d8b-939d-c37d42643fa8

For those who've already applied, we expect the mentors to reach out and start the interviews shortly.

For any application or logistics-related question around the mentorship, and to hear about additional mentorship opportunities for CCC projects in 2025, please join the #mentorship_program channel on the CCC slack: slack.confidentialcomputing.io

@AashifAmeer
Copy link

Hi @bokdeuk-jeong, I am really excited and willing to contribute to this project. I am willing to put all my efforts to this as it seems really exciting.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

9 participants