Page MenuHomeFreeBSD
Differential D30126

KASAN: Disable the sanitizer in stack_capture()
ClosedPublic
Actions

Authored by markj on May 5 2021, 2:44 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Mar 26, 1:17 AM
Unknown Object (File)
Jan 14 2024, 9:01 AM
Unknown Object (File)
Jan 14 2024, 4:59 AM
Unknown Object (File)
Jan 9 2024, 12:24 PM
Unknown Object (File)
Dec 20 2023, 4:54 AM
Unknown Object (File)
Nov 15 2023, 4:07 PM
Unknown Object (File)
Nov 9 2023, 2:52 PM
Unknown Object (File)
Nov 8 2023, 9:56 PM
View All 34 Files
Subscribers
imp

Details

Reviewers
kib
dab
andrew
jhb
Commits
rG1d990fe59832: linker_set: Disable ASAN only in userspace
rG831850d8b087: stack(9): Disable KASAN in stack_capture()
rGcfad8bd24f03: cdefs: Make __nosanitizeaddress work for KASAN as well
rG2d499d505262: linker_set: Disable ASAN only in userspace
Summary

When unwinding the stack we may descend into a poisoned region of the
kernel stack. I don't see a good way to handle this except to disable
the sanitizer entirely.

Define __nosanitizeaddress depending on whether we're in the kernel or
not, since KASAN and ASAN require different attributes. Add
__nosanitizememory while I'm here.

A further complication is that clang raises an error if
no_sanitize("kernel-address") is applied to a global variable rather
than a function:

error: 'no_sanitize' attribute only applies to functions and methods

So, modify linker_set.h to apply the attribute only if we're not in the
kernel.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 39028
Build 35917: arc lint + arc unit

Event Timeline

markj created this revision.May 5 2021, 2:44 PM
Herald added a subscriber: imp. · View Herald TranscriptMay 5 2021, 2:44 PM
markj requested review of this revision.May 5 2021, 2:44 PM
Harbormaster completed remote builds in B39028: Diff 88683.May 5 2021, 2:44 PM
markj edited the summary of this revision. (Show Details)May 5 2021, 2:46 PM
kib added inline comments.May 5 2021, 4:37 PM
sys/x86/x86/stack_machdep.c
73

I have no idea what is going on there, but don't all called functions require the same handling, e.g. stack_zero? Is it happen to work because struct stack itself is 'not poisoned'?

markj added inline comments.May 5 2021, 4:49 PM
sys/x86/x86/stack_machdep.c
73

stack_zero() is fine, it's the inline dereference of the frame pointer that potentially causes problems.

kib accepted this revision.May 5 2021, 8:02 PM

Mostly on principle "I do not see anything wrong"

This revision is now accepted and ready to land.May 5 2021, 8:02 PM
andrew accepted this revision.May 6 2021, 3:16 PM
Closed by commit rG2d499d505262: linker_set: Disable ASAN only in userspace (authored by markj). · Explain WhyMay 7 2021, 6:34 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG2d499d505262: linker_set: Disable ASAN only in userspace.
markj added a commit: rGcfad8bd24f03: cdefs: Make __nosanitizeaddress work for KASAN as well.
markj added a commit: rG831850d8b087: stack(9): Disable KASAN in stack_capture().
markj added a commit: rG1d990fe59832: linker_set: Disable ASAN only in userspace.Nov 1 2021, 2:33 PM

Revision Contents
Changeset List

PathSize
sys/
sys/
8 lines
13 lines
x86/
x86/
2 lines

Diff 88683

View Options

sys/sys/cdefs.h

Loading...
View Options

sys/sys/linker_set.h

Loading...
View Options

sys/x86/x86/stack_machdep.c

Loading...