Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 1 Nov 2021 14:32:58 GMT
From:      Mark Johnston <markj@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 65f3c07b9899 - stable/13 - amd64: Add MD bits for KASAN
Message-ID:  <202111011432.1A1EWwg0021291@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=65f3c07b989942897fbc8991ad3887ab4e1440a2

commit 65f3c07b989942897fbc8991ad3887ab4e1440a2
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-04-13 21:39:35 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-11-01 14:02:41 +0000

    amd64: Add MD bits for KASAN
    
    - Initialize KASAN before executing SYSINITs.
    - Add a GENERIC-KASAN kernel config, akin to GENERIC-KCSAN.
    - Increase the kernel stack size if KASAN is enabled.  Some of the
      ASAN instrumentation increases stack usage and it's enough to
      trigger stack overflows in ZFS.
    - Mark the trapframe as valid in interrupt handlers if it is
      assigned to td_intr_frame.  Otherwise, an interrupt in a function
      which creates a poisoned alloca region can trigger false positives.
    
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit f115c0612131d8f939f6f357f57bdd85bd6a59de)
---
 sys/amd64/amd64/machdep.c    | 3 +++
 sys/amd64/conf/GENERIC-KASAN | 7 +++++++
 sys/amd64/include/param.h    | 4 ++++
 sys/x86/isa/atpic.c          | 4 ++++
 sys/x86/x86/local_apic.c     | 7 +++++++
 5 files changed, 25 insertions(+)

diff --git a/sys/amd64/amd64/machdep.c b/sys/amd64/amd64/machdep.c
index 512fee0de7df..0e2e0e9db9e8 100644
--- a/sys/amd64/amd64/machdep.c
+++ b/sys/amd64/amd64/machdep.c
@@ -58,6 +58,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/param.h>
 #include <sys/proc.h>
 #include <sys/systm.h>
+#include <sys/asan.h>
 #include <sys/bio.h>
 #include <sys/buf.h>
 #include <sys/bus.h>
@@ -1605,6 +1606,8 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
 #endif
 	thread0.td_critnest = 0;
 
+	kasan_init();
+
 	TSEXIT();
 
 	/* Location of kernel stack for locore */
diff --git a/sys/amd64/conf/GENERIC-KASAN b/sys/amd64/conf/GENERIC-KASAN
new file mode 100644
index 000000000000..8d5703141e86
--- /dev/null
+++ b/sys/amd64/conf/GENERIC-KASAN
@@ -0,0 +1,7 @@
+# $FreeBSD$
+
+include GENERIC
+
+ident   GENERIC-KASAN
+
+options 	KASAN
diff --git a/sys/amd64/include/param.h b/sys/amd64/include/param.h
index 93ee524e1de2..cf1d2bd0a586 100644
--- a/sys/amd64/include/param.h
+++ b/sys/amd64/include/param.h
@@ -134,8 +134,12 @@
 #define	IOPERM_BITMAP_SIZE	(IOPAGES * PAGE_SIZE + 1)
 
 #ifndef	KSTACK_PAGES
+#ifdef KASAN
+#define	KSTACK_PAGES	6
+#else
 #define	KSTACK_PAGES	4	/* pages of kstack (with pcb) */
 #endif
+#endif
 #define	KSTACK_GUARD_PAGES 1	/* pages of kstack guard; 0 disables */
 
 /*
diff --git a/sys/x86/isa/atpic.c b/sys/x86/isa/atpic.c
index 07d63b041d0b..28c10ee7009f 100644
--- a/sys/x86/isa/atpic.c
+++ b/sys/x86/isa/atpic.c
@@ -37,6 +37,7 @@ __FBSDID("$FreeBSD$");
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/asan.h>
 #include <sys/bus.h>
 #include <sys/interrupt.h>
 #include <sys/kernel.h>
@@ -522,6 +523,9 @@ atpic_handle_intr(u_int vector, struct trapframe *frame)
 {
 	struct intsrc *isrc;
 
+	/* The frame may have been written into a poisoned region. */
+	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+
 	KASSERT(vector < NUM_ISA_IRQS, ("unknown int %u\n", vector));
 	isrc = &atintrs[vector].at_intsrc;
 
diff --git a/sys/x86/x86/local_apic.c b/sys/x86/x86/local_apic.c
index ab19a6c7bc69..715ae7734e29 100644
--- a/sys/x86/x86/local_apic.c
+++ b/sys/x86/x86/local_apic.c
@@ -43,6 +43,7 @@ __FBSDID("$FreeBSD$");
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/asan.h>
 #include <sys/bus.h>
 #include <sys/kernel.h>
 #include <sys/lock.h>
@@ -1299,6 +1300,9 @@ lapic_handle_intr(int vector, struct trapframe *frame)
 {
 	struct intsrc *isrc;
 
+	/* The frame may have been written into a poisoned region. */
+	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+
 	isrc = intr_lookup_source(apic_idt_to_irq(PCPU_GET(apic_id),
 	    vector));
 	intr_execute_handlers(isrc, frame);
@@ -1314,6 +1318,9 @@ lapic_handle_timer(struct trapframe *frame)
 	/* Send EOI first thing. */
 	lapic_eoi();
 
+	/* The frame may have been written into a poisoned region. */
+	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+
 #if defined(SMP) && !defined(SCHED_ULE)
 	/*
 	 * Don't do any accounting for the disabled HTT cores, since it



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202111011432.1A1EWwg0021291>