It's been two months since I have started working on Kernel Address Sanitizer as a part of GSoC'18 and I would like to update everyone on what all I have managed to complete during the second coding period.
I finished successfully building and booting a basic kernel with KASan function stubs by the end of the
first coding period. I started by copying the entire code for KASan from Linux and making it build in NetBSD. The features that I have managed to port are
- The __asan functions which are inserted in the code by the compiler
- The basic checking and poisoning framework
- Poisoning of a lwp's stack.
- Basic report infrastructure - (Allocator cache based functions have not been done)
I have also managed to learn more about memory management in the Linux kernel to understand the KASan code (Referring to Linux code and Professional Linux kernel architecture book).
I am currently working on getting the shadow memory region allocated during boot time. We are proceeding in a different route by using high-level allocator functions instead of changing the page tables directly(The Linux way!! ). We believe that this would help in making the code more machine independent and also reduce the code size.
There is a lot of work that remains to be done. This will require me to go much deeper into the Linux and the NetBSD kernel, and I will also try to help in improving documentation as I do the same. Features that we plan to work on immediately are :
- Fixing Licensing issues
- Allocator hooks and functions
- Quarantine list for page allocation
- Boot to a shell with KASan
- Write ATF tests for KASan
Most of this would not have been possible without the suggestions and guidance provided by Kamil. Many thanks to the NetBSD community who have been supportive throughout.
--