Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/arch/aarch64 Track the stack with kASan on aarch64. Same...
details: https://anonhg.NetBSD.org/src/rev/0bded4e02b0d
branches: trunk
changeset: 445667:0bded4e02b0d
user: maxv <maxv%NetBSD.org@localhost>
date: Thu Nov 08 08:28:07 2018 +0000
description:
Track the stack with kASan on aarch64. Same principle as on amd64. Illegal
accesses occurring there are now detected.
Originally written by me, but reworked by ryo@, thanks.
diffstat:
sys/arch/aarch64/aarch64/cpuswitch.S | 12 ++++++++-
sys/arch/aarch64/aarch64/locore.S | 9 +++++-
sys/arch/aarch64/conf/Makefile.aarch64 | 5 ++-
sys/arch/aarch64/include/asan.h | 41 ++++++++++++++++++++++++++++-----
4 files changed, 54 insertions(+), 13 deletions(-)
diffs (193 lines):
diff -r f8d237480012 -r 0bded4e02b0d sys/arch/aarch64/aarch64/cpuswitch.S
--- a/sys/arch/aarch64/aarch64/cpuswitch.S Thu Nov 08 08:27:54 2018 +0000
+++ b/sys/arch/aarch64/aarch64/cpuswitch.S Thu Nov 08 08:28:07 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cpuswitch.S,v 1.5 2018/10/12 01:28:57 ryo Exp $ */
+/* $NetBSD: cpuswitch.S,v 1.6 2018/11/08 08:28:07 maxv Exp $ */
/*-
* Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -35,8 +35,9 @@
#include "opt_compat_netbsd32.h"
#include "opt_ddb.h"
+#include "opt_kasan.h"
-RCSID("$NetBSD: cpuswitch.S,v 1.5 2018/10/12 01:28:57 ryo Exp $")
+RCSID("$NetBSD: cpuswitch.S,v 1.6 2018/11/08 08:28:07 maxv Exp $")
/*
* At IPL_SCHED:
@@ -140,6 +141,13 @@
#endif
str x0, [x3, #CI_CURLWP] /* curcpu()->ci_curlwp = softlwp; */
+#ifdef KASAN
+ /* clear the new stack */
+ stp x0, xzr, [sp, #-16]!
+ bl _C_LABEL(kasan_softint)
+ ldp x0, xzr, [sp], #16
+#endif
+
/* onto new stack */
ldr x4, [x0, #L_MD_UTF]
sub sp, x4, #TF_SIZE /* new sp := softlwp->l_md_utf - 1 */
diff -r f8d237480012 -r 0bded4e02b0d sys/arch/aarch64/aarch64/locore.S
--- a/sys/arch/aarch64/aarch64/locore.S Thu Nov 08 08:27:54 2018 +0000
+++ b/sys/arch/aarch64/aarch64/locore.S Thu Nov 08 08:28:07 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: locore.S,v 1.30 2018/10/18 09:01:51 skrll Exp $ */
+/* $NetBSD: locore.S,v 1.31 2018/11/08 08:28:07 maxv Exp $ */
/*
* Copyright (c) 2017 Ryo Shimizu <ryo%nerv.org@localhost>
@@ -32,13 +32,14 @@
#include "opt_cpuoptions.h"
#include "opt_ddb.h"
#include "opt_fdt.h"
+#include "opt_kasan.h"
#include "opt_multiprocessor.h"
#include <aarch64/asm.h>
#include <aarch64/hypervisor.h>
#include "assym.h"
-RCSID("$NetBSD: locore.S,v 1.30 2018/10/18 09:01:51 skrll Exp $")
+RCSID("$NetBSD: locore.S,v 1.31 2018/11/08 08:28:07 maxv Exp $")
/*#define DEBUG_LOCORE /* debug print */
@@ -180,6 +181,10 @@
msr tpidr_el1, x0 /* curcpu is cpu_info[0] */
DPRINTREG("curcpu = ", x0);
+#ifdef KASAN
+ ADDR x0, lwp0uspace
+ bl _C_LABEL(kasan_early_init)
+#endif
mov fp, #0 /* trace back starts here */
PRINT("initarm\n")
diff -r f8d237480012 -r 0bded4e02b0d sys/arch/aarch64/conf/Makefile.aarch64
--- a/sys/arch/aarch64/conf/Makefile.aarch64 Thu Nov 08 08:27:54 2018 +0000
+++ b/sys/arch/aarch64/conf/Makefile.aarch64 Thu Nov 08 08:28:07 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.aarch64,v 1.13 2018/11/01 20:34:49 maxv Exp $
+# $NetBSD: Makefile.aarch64,v 1.14 2018/11/08 08:28:07 maxv Exp $
# Makefile for NetBSD
#
@@ -41,7 +41,8 @@
.if ${KASAN:U0} > 0 && ${HAVE_GCC:U0} > 0
KASANFLAGS= -fsanitize=kernel-address \
- --param asan-globals=1
+ --param asan-globals=1 --param asan-stack=1 \
+ -fasan-shadow-offset=0xDFFF208000000000
.for f in subr_asan.c
KASANFLAGS.${f}= # empty
.endfor
diff -r f8d237480012 -r 0bded4e02b0d sys/arch/aarch64/include/asan.h
--- a/sys/arch/aarch64/include/asan.h Thu Nov 08 08:27:54 2018 +0000
+++ b/sys/arch/aarch64/include/asan.h Thu Nov 08 08:28:07 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: asan.h,v 1.2 2018/11/02 08:18:18 skrll Exp $ */
+/* $NetBSD: asan.h,v 1.3 2018/11/08 08:28:07 maxv Exp $ */
/*
* Copyright (c) 2018 The NetBSD Foundation, Inc.
@@ -36,6 +36,7 @@
#include <aarch64/vmparam.h>
#include <aarch64/cpufunc.h>
#include <aarch64/armreg.h>
+#include <aarch64/machdep.h>
#define __MD_VIRTUAL_SHIFT 48 /* 49bit address space, cut half */
#define __MD_CANONICAL_BASE 0xFFFF000000000000
@@ -44,6 +45,8 @@
#define KASAN_MD_SHADOW_START (AARCH64_KSEG_END)
#define KASAN_MD_SHADOW_END (KASAN_MD_SHADOW_START + __MD_SHADOW_SIZE)
+static bool __md_early __read_mostly = true;
+
static inline int8_t *
kasan_md_addr_to_shad(const void *addr)
{
@@ -64,7 +67,10 @@
{
paddr_t pa;
- pmap_alloc_pdp(pmap_kernel(), &pa);
+ if (__predict_false(__md_early))
+ pa = (paddr_t)bootpage_alloc();
+ else
+ pmap_alloc_pdp(pmap_kernel(), &pa);
return pa;
}
@@ -78,7 +84,11 @@
size_t idx;
l0pa = reg_ttbr1_el1_read();
- l0 = (void *)AARCH64_PA_TO_KVA(l0pa);
+ if (__predict_false(__md_early)) {
+ l0 = (void *)KERN_PHYSTOV(l0pa);
+ } else {
+ l0 = (void *)AARCH64_PA_TO_KVA(l0pa);
+ }
idx = l0pde_index(va);
pde = l0[idx];
@@ -88,7 +98,11 @@
} else {
pa = l0pde_pa(pde);
}
- l1 = (void *)AARCH64_PA_TO_KVA(pa);
+ if (__predict_false(__md_early)) {
+ l1 = (void *)KERN_PHYSTOV(pa);
+ } else {
+ l1 = (void *)AARCH64_PA_TO_KVA(pa);
+ }
idx = l1pde_index(va);
pde = l1[idx];
@@ -98,7 +112,11 @@
} else {
pa = l1pde_pa(pde);
}
- l2 = (void *)AARCH64_PA_TO_KVA(pa);
+ if (__predict_false(__md_early)) {
+ l2 = (void *)KERN_PHYSTOV(pa);
+ } else {
+ l2 = (void *)AARCH64_PA_TO_KVA(pa);
+ }
idx = l2pde_index(va);
pde = l2[idx];
@@ -108,7 +126,11 @@
} else {
pa = l2pde_pa(pde);
}
- l3 = (void *)AARCH64_PA_TO_KVA(pa);
+ if (__predict_false(__md_early)) {
+ l3 = (void *)KERN_PHYSTOV(pa);
+ } else {
+ l3 = (void *)AARCH64_PA_TO_KVA(pa);
+ }
idx = l3pte_index(va);
pde = l3[idx];
@@ -120,7 +142,12 @@
}
}
-#define kasan_md_early_init(a) __nothing
+static void
+kasan_md_early_init(void *stack)
+{
+ kasan_shadow_map(stack, USPACE);
+ __md_early = false;
+}
static void
kasan_md_init(void)
Home |
Main Index |
Thread Index |
Old Index