Build a Fake Phone, Find Real Bugs: Qualcomm GPU Emulation and Fuzzing with LibAFL QEMU
Romain Malmain
39th Chaos Communication Congress (39C3): Power Cycles · Day 3 · Saal Ground
This talk, presented by Romain Malmain at 39C3, delves into the intricate process of building a comprehensive emulated Android phone environment, specifically targeting the Qualcomm GPU kernel driver for security research. Malmain, a PhD student at EURECOM who undertook this work during a three-month internship at Qualcomm, highlights the journey from traditional, resource-intensive on-device fuzzing to a more scalable and efficient emulation-based approach. The core objective was to create a virtual testing ground that accurately mimics the complex interactions between the Android kernel and Qualcomm's proprietary GPU hardware, enabling more effective vulnerability discovery.