Page MenuHomeFreeBSD

malloc: Add state transitions for KASAN
ClosedPublic

Authored by markj on Mar 27 2021, 11:29 PM.

Details

Summary


- Reuse some REDZONE bits to keep track of the requested and allocated
sizes, and use that to provide red zones.
- As in UMA, disable memory trashing to avoid unnecessary CPU overhead.

Diff Detail

Repository
R10 FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

andrew added inline comments.
sys/kern/kern_malloc.c
610

Is this #ifdef needed?

911

Does this address space become invalid via another means in both of these paths?

1023

This doesn't look right

markj added inline comments.
sys/kern/kern_malloc.c
911

For UMA, the region will immediately be marked invalid, so this call isn't really accomplishing anything. Note that in zfree() it is required since we are zeroing the entire allocation, including the redzone.

For kmem_*, the region will be marked valid (for future users of the KVA) and unmapped. I think I added this kasan_mark() call before adding state transitions to kmem_*, so I marked the region valid here. Again, it is not necessary now, but is still needed in the zfree() case.

1023

Oops, indeed...

markj marked an inline comment as done.
  • Drop unneeded ifdef.
  • Fix a harmless bug in the realloc() modification.
  • Drop unintended vm_kern.c diff.
This revision was not accepted when it landed; it landed in state Needs Review.Tue, Apr 13, 9:43 PM
This revision was automatically updated to reflect the committed changes.