[PATCH v4 3/3] mac80211: add KCOV remote annotations to incoming frame processing

From: Aleksandr Nogikh
Date: Wed Oct 28 2020 - 20:32:29 EST


From: Aleksandr Nogikh <nogikh@xxxxxxxxxx>

Add KCOV remote annotations to ieee80211_iface_work and
ieee80211_rx. This will enable coverage-guided fuzzing of
mac80211 code that processes incoming 802.11 frames.

Signed-off-by: Aleksandr Nogikh <nogikh@xxxxxxxxxx>
---
v1 -> v2:
* The commit now affects ieee80211_rx instead of
ieee80211_tasklet_handler.
---
include/net/mac80211.h | 2 ++
net/mac80211/iface.c | 2 ++
2 files changed, 4 insertions(+)

diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index e8e295dae744..f4c37a1b381e 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -4499,7 +4499,9 @@ void ieee80211_rx_napi(struct ieee80211_hw *hw, struct ieee80211_sta *sta,
*/
static inline void ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb)
{
+ kcov_remote_start_common(skb_get_kcov_handle(skb));
ieee80211_rx_napi(hw, NULL, skb, NULL);
+ kcov_remote_stop();
}

/**
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 1be775979132..56a1bcea2c1c 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -1356,6 +1356,7 @@ static void ieee80211_iface_work(struct work_struct *work)
while ((skb = skb_dequeue(&sdata->skb_queue))) {
struct ieee80211_mgmt *mgmt = (void *)skb->data;

+ kcov_remote_start_common(skb_get_kcov_handle(skb));
if (ieee80211_is_action(mgmt->frame_control) &&
mgmt->u.action.category == WLAN_CATEGORY_BACK) {
int len = skb->len;
@@ -1465,6 +1466,7 @@ static void ieee80211_iface_work(struct work_struct *work)
}

kfree_skb(skb);
+ kcov_remote_stop();
}

/* then other type-dependent work */
--
2.29.0.rc2.309.g374f81d7ae-goog