Module Name: src Committed By: maxv Date: Sat Jun 15 06:40:34 UTC 2019
Modified Files: src/sys/arch/amd64/conf: GENERIC src/sys/arch/evbarm/conf: GENERIC64 src/sys/conf: files src/sys/kern: subr_asan.c Log Message: Add KASAN_PANIC, an option to turn KASAN warning into kernel panics, requested by Siddharth. While here clarify a little. To generate a diff of this commit: cvs rdiff -u -r1.528 -r1.529 src/sys/arch/amd64/conf/GENERIC cvs rdiff -u -r1.98 -r1.99 src/sys/arch/evbarm/conf/GENERIC64 cvs rdiff -u -r1.1236 -r1.1237 src/sys/conf/files cvs rdiff -u -r1.9 -r1.10 src/sys/kern/subr_asan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/arch/amd64/conf/GENERIC diff -u src/sys/arch/amd64/conf/GENERIC:1.528 src/sys/arch/amd64/conf/GENERIC:1.529 --- src/sys/arch/amd64/conf/GENERIC:1.528 Fri May 24 14:28:48 2019 +++ src/sys/arch/amd64/conf/GENERIC Sat Jun 15 06:40:34 2019 @@ -1,4 +1,4 @@ -# $NetBSD: GENERIC,v 1.528 2019/05/24 14:28:48 nonaka Exp $ +# $NetBSD: GENERIC,v 1.529 2019/06/15 06:40:34 maxv Exp $ # # GENERIC machine description file # @@ -22,7 +22,7 @@ include "arch/amd64/conf/std.amd64" options INCLUDE_CONFIG_FILE # embed config file in kernel binary -#ident "GENERIC-$Revision: 1.528 $" +#ident "GENERIC-$Revision: 1.529 $" maxusers 64 # estimated number of users @@ -123,10 +123,12 @@ options KDTRACE_HOOKS # kernel DTrace h # Kernel Address Sanitizer (kASan). You need to disable SVS to use it. # The quarantine is optional and can help KASAN find more use-after-frees. -#makeoptions KASAN=1 # Kernel Address Sanitizer -#options KASAN -#no options SVS -#options POOL_QUARANTINE +# Use KASAN_PANIC if you want panics instead of warnings. +#makeoptions KASAN=1 # mandatory +#options KASAN # mandatory +#no options SVS # mandatory +#options POOL_QUARANTINE # optional +#options KASAN_PANIC # optional # Kernel Info Leak Detector. #makeoptions KLEAK=1 Index: src/sys/arch/evbarm/conf/GENERIC64 diff -u src/sys/arch/evbarm/conf/GENERIC64:1.98 src/sys/arch/evbarm/conf/GENERIC64:1.99 --- src/sys/arch/evbarm/conf/GENERIC64:1.98 Thu Jun 13 13:35:41 2019 +++ src/sys/arch/evbarm/conf/GENERIC64 Sat Jun 15 06:40:34 2019 @@ -1,5 +1,5 @@ # -# $NetBSD: GENERIC64,v 1.98 2019/06/13 13:35:41 jmcneill Exp $ +# $NetBSD: GENERIC64,v 1.99 2019/06/15 06:40:34 maxv Exp $ # # GENERIC ARM (aarch64) kernel # @@ -132,9 +132,13 @@ options INCLUDE_CONFIG_FILE #options EARLYCONS=thunderx, CONSADDR=0x87e024000000 #options EARLYCONS=virt -# Kernel Address Sanitizer (kASan). -#makeoptions KASAN=1 # Kernel Address Sanitizer -#options KASAN +# Kernel Address Sanitizer (kASan). The quarantine is optional and can +# help KASAN find more use-after-frees. Use KASAN_PANIC if you want panics +# instead of warnings. +#makeoptions KASAN=1 # mandatory +#options KASAN # mandatory +#options POOL_QUARANTINE # optional +#options KASAN_PANIC # optional makeoptions DEBUG="-g" # compile full symbol table makeoptions COPY_SYMTAB=1 Index: src/sys/conf/files diff -u src/sys/conf/files:1.1236 src/sys/conf/files:1.1237 --- src/sys/conf/files:1.1236 Fri May 17 03:34:26 2019 +++ src/sys/conf/files Sat Jun 15 06:40:34 2019 @@ -1,4 +1,4 @@ -# $NetBSD: files,v 1.1236 2019/05/17 03:34:26 ozaki-r Exp $ +# $NetBSD: files,v 1.1237 2019/06/15 06:40:34 maxv Exp $ # @(#)files.newconf 7.5 (Berkeley) 5/10/93 version 20171118 @@ -30,6 +30,7 @@ defparam opt_syslimits.h CHILD_MAX OPEN_ defflag opt_diagnostic.h _DIAGNOSTIC defflag GPROF defflag KASAN +defflag opt_kasan.h KASAN_PANIC defflag KLEAK defflag KCOV defflag opt_pool.h POOL_QUARANTINE Index: src/sys/kern/subr_asan.c diff -u src/sys/kern/subr_asan.c:1.9 src/sys/kern/subr_asan.c:1.10 --- src/sys/kern/subr_asan.c:1.9 Sat May 4 17:19:10 2019 +++ src/sys/kern/subr_asan.c Sat Jun 15 06:40:34 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: subr_asan.c,v 1.9 2019/05/04 17:19:10 maxv Exp $ */ +/* $NetBSD: subr_asan.c,v 1.10 2019/06/15 06:40:34 maxv Exp $ */ /* * Copyright (c) 2018 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: subr_asan.c,v 1.9 2019/05/04 17:19:10 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: subr_asan.c,v 1.10 2019/06/15 06:40:34 maxv Exp $"); #include <sys/param.h> #include <sys/device.h> @@ -43,6 +43,12 @@ __KERNEL_RCSID(0, "$NetBSD: subr_asan.c, #include <uvm/uvm.h> +#ifdef KASAN_PANIC +#define REPORT panic +#else +#define REPORT printf +#endif + /* ASAN constants. Part of the compiler ABI. */ #define KASAN_SHADOW_SCALE_SHIFT 3 #define KASAN_SHADOW_SCALE_SIZE (1UL << KASAN_SHADOW_SCALE_SHIFT) @@ -185,7 +191,7 @@ static void kasan_report(unsigned long addr, size_t size, bool write, unsigned long pc, uint8_t code) { - printf("ASan: Unauthorized Access In %p: Addr %p [%zu byte%s, %s," + REPORT("ASan: Unauthorized Access In %p: Addr %p [%zu byte%s, %s," " %s]\n", (void *)pc, (void *)addr, size, (size > 1 ? "s" : ""), (write ? "write" : "read"), kasan_code_name(code));