Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/share/man/man7 kernel_sanitizers.7



details:   https://anonhg.NetBSD.org/src/rev/d90f8ee42fc8
branches:  trunk
changeset: 1011229:d90f8ee42fc8
user:      maxv <maxv%NetBSD.org@localhost>
date:      Tue Jun 23 16:08:46 2020 +0000

description:
kernel_sanitizers.7

diffstat:

 distrib/sets/lists/man/mi          |    5 +-
 share/man/man7/Makefile            |    5 +-
 share/man/man7/kernel_sanitizers.7 |  146 +++++++++++++++++++++++++++++++++++++
 3 files changed, 153 insertions(+), 3 deletions(-)

diffs (202 lines):

diff -r 8b0c38cd9502 -r d90f8ee42fc8 distrib/sets/lists/man/mi
--- a/distrib/sets/lists/man/mi Tue Jun 23 14:35:59 2020 +0000
+++ b/distrib/sets/lists/man/mi Tue Jun 23 16:08:46 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.1692 2020/06/15 01:57:30 christos Exp $
+# $NetBSD: mi,v 1.1693 2020/06/23 16:08:46 maxv Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@@ -2333,6 +2333,7 @@
 ./usr/share/man/cat7/hier.0                    man-reference-catman    .cat
 ./usr/share/man/cat7/hostname.0                        man-reference-catman    .cat
 ./usr/share/man/cat7/intro.0                   man-reference-catman    .cat
+./usr/share/man/cat7/kernel_sanitizers.7       man-reference-catman    .cat
 ./usr/share/man/cat7/kyua-atf-interface.0      man-kyua-catman         kyua,.cat
 ./usr/share/man/cat7/kyua-build-root.0         man-kyua-catman         kyua,.cat
 ./usr/share/man/cat7/kyua-plain-interface.0    man-kyua-catman         kyua,.cat
@@ -5439,6 +5440,7 @@
 ./usr/share/man/html7/hier.html                        man-reference-htmlman   html
 ./usr/share/man/html7/hostname.html            man-reference-htmlman   html
 ./usr/share/man/html7/intro.html               man-reference-htmlman   html
+./usr/share/man/html7/kernel_sanitizers.7      man-reference-htmlman   html
 ./usr/share/man/html7/kyua-atf-interface.html  man-kyua-htmlman        kyua,html
 ./usr/share/man/html7/kyua-build-root.html     man-kyua-htmlman        kyua,html
 ./usr/share/man/html7/kyua-plain-interface.html        man-kyua-htmlman        kyua,html
@@ -8515,6 +8517,7 @@
 ./usr/share/man/man7/hier.7                    man-reference-man       .man
 ./usr/share/man/man7/hostname.7                        man-reference-man       .man
 ./usr/share/man/man7/intro.7                   man-reference-man       .man
+./usr/share/man/man7/kernel_sanitizers.7       man-reference-man       .man
 ./usr/share/man/man7/kyua-atf-interface.7      man-kyua-man            kyua,.man
 ./usr/share/man/man7/kyua-build-root.7         man-kyua-man            kyua,.man
 ./usr/share/man/man7/kyua-plain-interface.7    man-kyua-man            kyua,.man
diff -r 8b0c38cd9502 -r d90f8ee42fc8 share/man/man7/Makefile
--- a/share/man/man7/Makefile   Tue Jun 23 14:35:59 2020 +0000
+++ b/share/man/man7/Makefile   Tue Jun 23 16:08:46 2020 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.34 2020/02/26 07:31:51 riastradh Exp $
+#      $NetBSD: Makefile,v 1.35 2020/06/23 16:08:46 maxv Exp $
 #      @(#)Makefile    8.1 (Berkeley) 6/5/93
 
 .include <bsd.init.mk>
@@ -6,7 +6,8 @@
 # missing: eqnchar.7 man.7 ms.7 term.7
 
 MAN=   ascii.7 c.7 environ.7 glob.7 groups.7 hier.7 hostname.7 intro.7 \
-       mailaddr.7 module.7 nls.7 operator.7 orders.7 pkgsrc.7 release.7 \
+       kernel_sanitizers.7 mailaddr.7 module.7 nls.7 operator.7 orders.7 \
+       pkgsrc.7 release.7 \
        rfc6056.7 security.7 script.7 setuid.7 signal.7 src.7 sticky.7 \
        symlink.7 sysctl.7 tests.7 users.7
 
diff -r 8b0c38cd9502 -r d90f8ee42fc8 share/man/man7/kernel_sanitizers.7
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/share/man/man7/kernel_sanitizers.7        Tue Jun 23 16:08:46 2020 +0000
@@ -0,0 +1,146 @@
+.\"    $NetBSD: kernel_sanitizers.7,v 1.1 2020/06/23 16:08:46 maxv Exp $
+.\"
+.\" Copyright (c) 2020 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Maxime Villard.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd June 22, 2020
+.Dt kernel_sanitizers 7
+.Os
+.Sh NAME
+.Nm kernel_sanitizers
+.Nd
+.Nx
+Kernel Sanitizers
+.Sh DESCRIPTION
+Kernel Sanitizers are powerful kernel bug detection features that can
+automatically discover several classes of bugs at run time while the kernel
+executes.
+.Pp
+.Nx
+supports four kernel sanitizers.
+They are not mutually compatible, and only one can be enabled at a time, via
+compilation options.
+.Sh KUBSAN
+Kernel Undefined Behavior Sanitizer, specializes in finding several types of
+undefined behaviors, such a misaligned accesses and integer overflows.
+.Ss Runtime cost
+Heavy runtime checks.
+.Ss Used components
+Compiler instrumentation and an entirely MI runtime.
+.Ss Supported architectures
+aarch64 (gcc), amd64 (gcc).
+[Theoretically supported on all other architectures with no MD change required]
+.Ss Files
+.Pp
+.Bl -tag -width XXXX -compact
+.It Pa src/common/lib/libc/misc/
+Core KUBSAN code. MI.
+.El
+.Sh KASAN
+Kernel Address Sanitizer, specializes in finding memory corruptions such as
+buffer overflows and use-after-frees.
+.Pp
+.Ss Runtime cost
+Heavy runtime checks, and ~12.5% increase in memory consumption.
+.Ss Used components
+Shadow memory, compiler instrumentation, special kernel wrappers, and
+light MD infrastructure.
+.Ss Supported architectures
+aarch64 (gcc), amd64 (gcc, llvm).
+.Pp
+KASAN is made of six sub-features that perform memory validation:
+.Bd -literal
+          +-----------------------------------------------------+
+          |                SUPPORTED SUB-FEATURE                |
++---------+------+-------+---------+-----------+---------+------+
+|  PORT   | HEAP | STACK | ATOMICS | BUS_SPACE | BUS_DMA | VLAs |
++---------+------+-------+---------+-----------+---------+------+
+| amd64   | Yes  | Yes   | Yes     | Yes       | Yes     | Yes  |
++---------+------+-------+---------+-----------+---------+------+
+| aarch64 | Yes  | Yes   | Yes     | No        | Yes     | Yes  |
++---------+------+-------+---------+-----------+---------+------+
+.Ed
+.Pp
+An architecture is allowed to have only partial support.
+.Ss Files
+.Bl -tag -width XXXX -compact
+.It Pa src/sys/kern/subr_asan.c
+Core KASAN code. MI.
+.It Pa src/sys/sys/asan.h
+Main KASAN header. MI.
+.It Pa src/sys/arch/{port}/include/asan.h
+Port-specific KASAN code. MD.
+.El
+.Pp
+Each new port of KASAN should respect the existing naming conventions, and
+should introduce only one MD header file.
+.Sh KCSAN
+Kernel Concurrency Sanitizer, specializes in finding memory races.
+.Ss Runtime cost
+Medium runtime checks.
+.Ss Used components
+Compiler instrumentation, special kernel wrappers, and light MD infrastructure.
+.Ss Supported architectures
+amd64 (gcc).
+.Ss Files
+.Bl -tag -width XXXX -compact
+.It Pa src/sys/kern/subr_csan.c
+Core KCSAN code. MI.
+.It Pa src/sys/sys/csan.h
+Main KCSAN header. MI.
+.It Pa src/sys/arch/{port}/include/csan.h
+Port-specific KCSAN code. MD.
+.El
+.Pp
+Each new port of KCSAN should respect the existing naming conventions, and
+should introduce only one MD header file.
+.Sh KMSAN
+Kernel Memory Sanitizer, specializes in finding uninitialized memory.
+.Ss Runtime cost
+Heavy runtime checks, and ~100% increase in memory consumption.
+.Ss Used components
+Shadow memory, compiler instrumentation, special kernel wrappers, and heavy MD
+infrastructure.
+.Ss Supported architectures
+amd64 (llvm).
+.Ss Files
+.Bl -tag -width XXXX -compact
+.It Pa src/sys/kern/subr_msan.c
+Core KMSAN code. MI.
+.It Pa src/sys/sys/msan.h
+Main KMSAN header. MI.
+.It Pa src/sys/arch/{port}/include/msan.h
+Port-specific KMSAN code. MD.
+.El
+.Pp
+Each new port of KMSAN should respect the existing naming conventions, and
+should introduce only one MD header file.
+.Sh AUTHORS
+Support for KUBSAN was developed by
+.An Kamil Rytarowski .
+Support for KASAN, KCSAN and KMSAN was developed by
+.An Maxime Villard .



Home | Main Index | Thread Index | Old Index