Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 37208ab3 authored by Zach Johnson's avatar Zach Johnson
Browse files

Rename DevNullHci to HciLayerFuzzClient 

Better reflects current usage.

Test: fuzz/run --host bluetooth_gd_hci_fuzz_test
Change-Id: I747ad92b615a30a88c6202b5e40027f1de6fcd7f
parent 2097bbd8

system/gd/hci/Android.bp

+1 −1
Original line number Diff line number Diff line
@@ -57,7 +57,7 @@ filegroup { 
    name: "BluetoothHciFuzzHelperSources",

    srcs: [

        "fuzz/status_vs_complete_commands.cc",

        "fuzz/dev_null_hci.cc",

        "fuzz/hci_layer_fuzz_client.cc",

    ],

}

system/gd/hci/fuzz/dev_null_hci.ccsystem/gd/hci/fuzz/hci_layer_fuzz_client.cc

+12 −12
Original line number Diff line number Diff line
@@ -14,7 +14,7 @@ 
 * limitations under the License.

 */



#include "hci/fuzz/dev_null_hci.h"

#include "hci/fuzz/hci_layer_fuzz_client.h"



using bluetooth::hci::AclPacketView;
@@ -22,9 +22,9 @@ namespace bluetooth { 
namespace hci {

namespace fuzz {



const ModuleFactory DevNullHci::Factory = ModuleFactory([]() { return new DevNullHci(); });

const ModuleFactory HciLayerFuzzClient::Factory = ModuleFactory([]() { return new HciLayerFuzzClient(); });



void DevNullHci::Start() {

void HciLayerFuzzClient::Start() {

  hci_ = GetDependency<hci::HciLayer>();

  aclDevNull_ = new os::fuzz::DevNullQueue<AclPacketView>(hci_->GetAclQueueEnd(), GetHandler());

  aclDevNull_->Start();
@@ -41,13 +41,13 @@ void DevNullHci::Start() { 
  le_scanning_interface_ = hci_->GetLeScanningInterface(common::Bind([](LeMetaEventView) {}), GetHandler());

}



void DevNullHci::Stop() {

void HciLayerFuzzClient::Stop() {

  aclDevNull_->Stop();

  delete aclDevNull_;

  delete aclInject_;

}



void DevNullHci::injectAclData(std::vector<uint8_t> data) {

void HciLayerFuzzClient::injectAclData(std::vector<uint8_t> data) {

  hci::AclPacketView aclPacket = hci::AclPacketView::FromBytes(data);

  if (!aclPacket.IsValid()) {

    return;
@@ -56,32 +56,32 @@ void DevNullHci::injectAclData(std::vector<uint8_t> data) { 
  aclInject_->Inject(AclPacketBuilder::FromView(aclPacket));

}



void DevNullHci::injectHciCommand(std::vector<uint8_t> data) {

void HciLayerFuzzClient::injectHciCommand(std::vector<uint8_t> data) {

  inject_command<CommandPacketView, CommandPacketBuilder>(data, hci_);

}



void DevNullHci::injectSecurityCommand(std::vector<uint8_t> data) {

void HciLayerFuzzClient::injectSecurityCommand(std::vector<uint8_t> data) {

  inject_command<SecurityCommandView, SecurityCommandBuilder>(data, security_interface_);

}



void DevNullHci::injectLeSecurityCommand(std::vector<uint8_t> data) {

void HciLayerFuzzClient::injectLeSecurityCommand(std::vector<uint8_t> data) {

  inject_command<LeSecurityCommandView, LeSecurityCommandBuilder>(data, le_security_interface_);

}



void DevNullHci::injectAclConnectionCommand(std::vector<uint8_t> data) {

void HciLayerFuzzClient::injectAclConnectionCommand(std::vector<uint8_t> data) {

  inject_command<ConnectionManagementCommandView, ConnectionManagementCommandBuilder>(data, acl_connection_interface_);

}



void DevNullHci::injectLeAclConnectionCommand(std::vector<uint8_t> data) {

void HciLayerFuzzClient::injectLeAclConnectionCommand(std::vector<uint8_t> data) {

  inject_command<LeConnectionManagementCommandView, LeConnectionManagementCommandBuilder>(data,

                                                                                          le_acl_connection_interface_);

}



void DevNullHci::injectLeAdvertisingCommand(std::vector<uint8_t> data) {

void HciLayerFuzzClient::injectLeAdvertisingCommand(std::vector<uint8_t> data) {

  inject_command<LeAdvertisingCommandView, LeAdvertisingCommandBuilder>(data, le_advertising_interface_);

}



void DevNullHci::injectLeScanningCommand(std::vector<uint8_t> data) {

void HciLayerFuzzClient::injectLeScanningCommand(std::vector<uint8_t> data) {

  inject_command<LeScanningCommandView, LeScanningCommandBuilder>(data, le_scanning_interface_);

}

system/gd/hci/fuzz/dev_null_hci.hsystem/gd/hci/fuzz/hci_layer_fuzz_client.h

+2 −2
Original line number Diff line number Diff line
@@ -29,9 +29,9 @@ namespace bluetooth { 
namespace hci {

namespace fuzz {



class DevNullHci : public Module {

class HciLayerFuzzClient : public Module {

 public:

  DevNullHci() : Module() {}

  HciLayerFuzzClient() : Module() {}



  void Start() override;

  void Stop() override;

system/gd/hci/fuzz/hci_layer_fuzz_test.cc

+12 −12
Original line number Diff line number Diff line
@@ -17,7 +17,7 @@ 
#include <stddef.h>

#include <stdint.h>

#include "hal/fuzz/fuzz_hci_hal.h"

#include "hci/fuzz/dev_null_hci.h"

#include "hci/fuzz/hci_layer_fuzz_client.h"

#include "hci/hci_layer.h"

#include "module.h"

#include "os/fuzz/fake_timerfd.h"
@@ -28,7 +28,7 @@ 
using bluetooth::TestModuleRegistry;

using bluetooth::hal::HciHal;

using bluetooth::hal::fuzz::FuzzHciHal;

using bluetooth::hci::fuzz::DevNullHci;

using bluetooth::hci::fuzz::HciLayerFuzzClient;

using bluetooth::os::fuzz::fake_timerfd_advance;

using bluetooth::os::fuzz::fake_timerfd_cap_at;

using bluetooth::os::fuzz::fake_timerfd_reset;
@@ -45,8 +45,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 
  FuzzHciHal* fuzzHal = new FuzzHciHal();



  moduleRegistry.InjectTestModule(&HciHal::Factory, fuzzHal);

  moduleRegistry.Start<DevNullHci>(&moduleRegistry.GetTestThread());

  DevNullHci* devNullHci = moduleRegistry.GetModuleUnderTest<DevNullHci>();

  moduleRegistry.Start<HciLayerFuzzClient>(&moduleRegistry.GetTestThread());

  HciLayerFuzzClient* fuzzClient = moduleRegistry.GetModuleUnderTest<HciLayerFuzzClient>();



  while (dataProvider.remaining_bytes() > 0) {

    const uint8_t action = dataProvider.ConsumeIntegralInRange(0, 12);
@@ -64,28 +64,28 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 
        fuzzHal->injectScoData(GetArbitraryBytes(&dataProvider));

        break;

      case 5:

        devNullHci->injectAclData(GetArbitraryBytes(&dataProvider));

        fuzzClient->injectAclData(GetArbitraryBytes(&dataProvider));

        break;

      case 6:

        devNullHci->injectHciCommand(GetArbitraryBytes(&dataProvider));

        fuzzClient->injectHciCommand(GetArbitraryBytes(&dataProvider));

        break;

      case 7:

        // TODO: devNullHci->injectSecurityCommand(GetArbitraryBytes(&dataProvider));

        // TODO: fuzzClient->injectSecurityCommand(GetArbitraryBytes(&dataProvider));

        break;

      case 8:

        devNullHci->injectLeSecurityCommand(GetArbitraryBytes(&dataProvider));

        fuzzClient->injectLeSecurityCommand(GetArbitraryBytes(&dataProvider));

        break;

      case 9:

        devNullHci->injectAclConnectionCommand(GetArbitraryBytes(&dataProvider));

        fuzzClient->injectAclConnectionCommand(GetArbitraryBytes(&dataProvider));

        break;

      case 10:

        devNullHci->injectLeAclConnectionCommand(GetArbitraryBytes(&dataProvider));

        fuzzClient->injectLeAclConnectionCommand(GetArbitraryBytes(&dataProvider));

        break;

      case 11:

        devNullHci->injectLeAdvertisingCommand(GetArbitraryBytes(&dataProvider));

        fuzzClient->injectLeAdvertisingCommand(GetArbitraryBytes(&dataProvider));

        break;

      case 12:

        devNullHci->injectLeScanningCommand(GetArbitraryBytes(&dataProvider));

        fuzzClient->injectLeScanningCommand(GetArbitraryBytes(&dataProvider));

        break;

    }

  }