CVS commit: src/sys

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys
From: "Maxime Villard" <maxv%netbsd.org@localhost>
Date: Mon, 20 Aug 2018 15:04:52 +0000

Module Name:    src
Committed By:   maxv
Date:           Mon Aug 20 15:04:52 UTC 2018

Modified Files:
        src/sys/arch/amd64/amd64: machdep.c
        src/sys/arch/amd64/conf: GENERIC Makefile.amd64 files.amd64
            kern.ldscript
        src/sys/arch/amd64/include: pmap.h types.h
        src/sys/arch/x86/include: pmap.h
        src/sys/arch/x86/x86: pmap.c
        src/sys/conf: files
        src/sys/kern: kern_malloc.c subr_kmem.c
        src/sys/lib/libkern: libkern.h
        src/sys/sys: Makefile
Added Files:
        src/sys/arch/amd64/amd64: asan.c
        src/sys/sys: asan.h

Log Message:
Add support for kASan on amd64. Written by me, with some parts inspired
from Siddharth Muralee's initial work. This feature can detect several
kinds of memory bugs, and it's an excellent feature.

It can be enabled by uncommenting these three lines in GENERIC:

        #makeoptions    KASAN=1         # Kernel Address Sanitizer
        #options        KASAN
        #no options     SVS

The kernel is compiled without SVS, without DMAP and without PCPU area.
A shadow area is created at boot time, and it can cover the upper 128TB
of the address space. This area is populated gradually as we allocate
memory. With this design the memory consumption is kept at its lowest
level.

The compiler calls the __asan_* functions each time a memory access is
done. We verify whether this access is legal by looking at the shadow
area.

We declare our own special memcpy/memset/etc functions, because the
compiler's builtins don't add the __asan_* instrumentation.

Initially all the mappings are marked as valid. During dynamic
allocations, we add a redzone, which we mark as invalid. Any access on
it will trigger a kASan error message. Additionally, the compiler adds
a redzone on global variables, and we mark these redzones as invalid too.
The illegal-access detection works with a 1-byte granularity.

For now, we cover three areas:

        - global variables
        - kmem_alloc-ated areas
        - malloc-ated areas

More will come, but that's a good start.


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 src/sys/arch/amd64/amd64/asan.c
cvs rdiff -u -r1.314 -r1.315 src/sys/arch/amd64/amd64/machdep.c
cvs rdiff -u -r1.503 -r1.504 src/sys/arch/amd64/conf/GENERIC
cvs rdiff -u -r1.71 -r1.72 src/sys/arch/amd64/conf/Makefile.amd64
cvs rdiff -u -r1.105 -r1.106 src/sys/arch/amd64/conf/files.amd64
cvs rdiff -u -r1.26 -r1.27 src/sys/arch/amd64/conf/kern.ldscript
cvs rdiff -u -r1.54 -r1.55 src/sys/arch/amd64/include/pmap.h
cvs rdiff -u -r1.56 -r1.57 src/sys/arch/amd64/include/types.h
cvs rdiff -u -r1.84 -r1.85 src/sys/arch/x86/include/pmap.h
cvs rdiff -u -r1.303 -r1.304 src/sys/arch/x86/x86/pmap.c
cvs rdiff -u -r1.1203 -r1.1204 src/sys/conf/files
cvs rdiff -u -r1.147 -r1.148 src/sys/kern/kern_malloc.c
cvs rdiff -u -r1.68 -r1.69 src/sys/kern/subr_kmem.c
cvs rdiff -u -r1.127 -r1.128 src/sys/lib/libkern/libkern.h
cvs rdiff -u -r1.166 -r1.167 src/sys/sys/Makefile
cvs rdiff -u -r0 -r1.1 src/sys/sys/asan.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/share/man/man9
Next by Date: CVS commit: src/sys/arch/aarch64/aarch64
Previous by Thread: CVS commit: src/share/man/man9
Next by Thread: CVS commit: src/sys/arch/aarch64/aarch64
Indexes:

Home | Main Index | Thread Index | Old Index