Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src Add support for KASAN on ARMv[67]



details:   https://anonhg.NetBSD.org/src/rev/7f7eca2df285
branches:  trunk
changeset: 1011771:7f7eca2df285
user:      skrll <skrll%NetBSD.org@localhost>
date:      Fri Jul 10 12:25:08 2020 +0000

description:
Add support for KASAN on ARMv[67]

Thanks to maxv for many pointers and reviews.

diffstat:

 share/man/man7/kernel_sanitizers.7        |   10 +-
 sys/arch/arm/altera/cycv_platform.c       |    6 +-
 sys/arch/arm/amlogic/meson_platform.c     |    6 +-
 sys/arch/arm/arm/armv6_start.S            |   12 +-
 sys/arch/arm/arm/bootconfig.c             |    6 +-
 sys/arch/arm/arm/cpufunc.c                |    6 +-
 sys/arch/arm/arm32/arm32_boot.c           |    7 +-
 sys/arch/arm/arm32/arm32_kvminit.c        |   53 +++++-
 sys/arch/arm/arm32/arm32_machdep.c        |    6 +-
 sys/arch/arm/arm32/cpuswitch.S            |   10 +-
 sys/arch/arm/arm32/pmap.c                 |   12 +-
 sys/arch/arm/broadcom/bcm283x_platform.c  |   14 +-
 sys/arch/arm/conf/Makefile.arm            |   21 ++-
 sys/arch/arm/imx/fdt/imx6_platform.c      |    6 +-
 sys/arch/arm/include/arm32/param.h        |    9 +-
 sys/arch/arm/include/arm32/vmparam.h      |   34 +++-
 sys/arch/arm/include/asan.h               |  262 ++++++++++++++++++++++++++++++
 sys/arch/arm/nvidia/tegra_platform.c      |    6 +-
 sys/arch/arm/rockchip/rk_platform.c       |    6 +-
 sys/arch/arm/samsung/exynos_platform.c    |    6 +-
 sys/arch/arm/sunxi/sunxi_platform.c       |    6 +-
 sys/arch/arm/ti/am3_platform.c            |    7 +-
 sys/arch/arm/ti/omap3_platform.c          |    6 +-
 sys/arch/arm/vexpress/vexpress_platform.c |    6 +-
 sys/arch/arm/virt/virt_platform.c         |    6 +-
 sys/arch/arm/xilinx/zynq_platform.c       |    6 +-
 sys/arch/evbarm/beagle/beagle_machdep.c   |    6 +-
 sys/arch/evbarm/conf/GENERIC              |   10 +-
 sys/arch/evbarm/conf/ldscript.evbarm      |   17 +-
 sys/arch/evbarm/imx7/imx7_machdep.c       |    6 +-
 sys/arch/evbarm/include/asan.h            |    6 +-
 sys/arch/evbarm/zynq/zynq_machdep.c       |    6 +-
 32 files changed, 503 insertions(+), 83 deletions(-)

diffs (truncated from 1363 to 300 lines):

diff -r c1ab7b784d0a -r 7f7eca2df285 share/man/man7/kernel_sanitizers.7
--- a/share/man/man7/kernel_sanitizers.7        Fri Jul 10 12:14:58 2020 +0000
+++ b/share/man/man7/kernel_sanitizers.7        Fri Jul 10 12:25:08 2020 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: kernel_sanitizers.7,v 1.3 2020/06/30 16:22:55 maxv Exp $
+.\"    $NetBSD: kernel_sanitizers.7,v 1.4 2020/07/10 12:25:11 skrll Exp $
 .\"
 .\" Copyright (c) 2020 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -27,7 +27,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd June 30, 2020
+.Dd July 10, 2020
 .Dt KERNEL_SANITIZERS 7
 .Os
 .Sh NAME
@@ -67,7 +67,7 @@
 Shadow memory, compiler instrumentation, special kernel wrappers, and
 light MD infrastructure.
 .Ss Supported architectures
-aarch64 (gcc), amd64 (gcc, llvm).
+aarch64 (gcc), amd64 (gcc, llvm), arm (gcc).
 .Pp
 KASAN is made of six sub-features that perform memory validation:
 .Bd -literal
@@ -80,6 +80,8 @@
 +---------+------+-------+---------+-----------+---------+------+
 | aarch64 | Yes  | Yes   | Yes     | No        | Yes     | Yes  |
 +---------+------+-------+---------+-----------+---------+------+
+| arm     | Yes  | Yes   | Yes     | No        | Yes     | Yes  |
++---------+------+-------+---------+-----------+---------+------+
 .Ed
 .Pp
 An architecture is allowed to have only partial support.
@@ -151,3 +153,5 @@
 .An Kamil Rytarowski .
 Support for KASAN, KCSAN and KMSAN was developed by
 .An Maxime Villard .
+Support for KASAN on ARM was developed by
+.An Nick Hudson .
diff -r c1ab7b784d0a -r 7f7eca2df285 sys/arch/arm/altera/cycv_platform.c
--- a/sys/arch/arm/altera/cycv_platform.c       Fri Jul 10 12:14:58 2020 +0000
+++ b/sys/arch/arm/altera/cycv_platform.c       Fri Jul 10 12:25:08 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cycv_platform.c,v 1.12 2020/02/15 08:16:10 skrll Exp $ */
+/* $NetBSD: cycv_platform.c,v 1.13 2020/07/10 12:25:08 skrll Exp $ */
 
 /* This file is in the public domain. */
 
@@ -7,7 +7,7 @@
 #include "opt_multiprocessor.h"
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cycv_platform.c,v 1.12 2020/02/15 08:16:10 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cycv_platform.c,v 1.13 2020/07/10 12:25:08 skrll Exp $");
 
 #define        _ARM32_BUS_DMA_PRIVATE
 #include <sys/param.h>
@@ -34,7 +34,7 @@
 
 void cycv_platform_early_putchar(char);
 
-void
+void __noasan
 cycv_platform_early_putchar(char c) {
 #ifdef CONSADDR
 #define CONSADDR_VA (CONSADDR - CYCV_PERIPHERAL_BASE + CYCV_PERIPHERAL_VBASE)
diff -r c1ab7b784d0a -r 7f7eca2df285 sys/arch/arm/amlogic/meson_platform.c
--- a/sys/arch/arm/amlogic/meson_platform.c     Fri Jul 10 12:14:58 2020 +0000
+++ b/sys/arch/arm/amlogic/meson_platform.c     Fri Jul 10 12:25:08 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: meson_platform.c,v 1.14 2020/06/20 15:48:19 skrll Exp $ */
+/* $NetBSD: meson_platform.c,v 1.15 2020/07/10 12:25:08 skrll Exp $ */
 
 /*-
  * Copyright (c) 2019 Jared McNeill <jmcneill%invisible.ca@localhost>
@@ -33,7 +33,7 @@
 #include "arml2cc.h"
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: meson_platform.c,v 1.14 2020/06/20 15:48:19 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: meson_platform.c,v 1.15 2020/07/10 12:25:08 skrll Exp $");
 
 #include <sys/param.h>
 #include <sys/bus.h>
@@ -156,7 +156,7 @@
 
 void meson_platform_early_putchar(char);
 
-void
+void __noasan
 meson_platform_early_putchar(char c)
 {
 #ifdef CONSADDR
diff -r c1ab7b784d0a -r 7f7eca2df285 sys/arch/arm/arm/armv6_start.S
--- a/sys/arch/arm/arm/armv6_start.S    Fri Jul 10 12:14:58 2020 +0000
+++ b/sys/arch/arm/arm/armv6_start.S    Fri Jul 10 12:25:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: armv6_start.S,v 1.19 2020/07/09 11:40:54 skrll Exp $   */
+/*     $NetBSD: armv6_start.S,v 1.20 2020/07/10 12:25:08 skrll Exp $   */
 
 /*-
  * Copyright (c) 2012, 2017, 2018 The NetBSD Foundation, Inc.
@@ -34,6 +34,7 @@
 #include "opt_cpuoptions.h"
 #include "opt_cputypes.h"
 #include "opt_fdt.h"
+#include "opt_kasan.h"
 #include "opt_multiprocessor.h"
 
 #include <sys/cdefs.h>
@@ -466,6 +467,10 @@
        b       armv7_mmuinit
 
 generic_vstartv7:
+#ifdef KASAN
+       ldr     r0, =start_stacks_bottom
+       bl      _C_LABEL(kasan_early_init)
+#endif
 
        /* r0 = &cpu_info_store[0] */
        movw    r0, #:lower16:cpu_info_store
@@ -513,6 +518,11 @@
        b       armv6_mmuinit
 
 generic_vstartv6:
+#ifdef KASAN
+       ldr     r0, =start_stacks_bottom
+       bl      _C_LABEL(kasan_early_init)
+#endif
+
        VPRINTF("go\n\r")
 
        /*
diff -r c1ab7b784d0a -r 7f7eca2df285 sys/arch/arm/arm/bootconfig.c
--- a/sys/arch/arm/arm/bootconfig.c     Fri Jul 10 12:14:58 2020 +0000
+++ b/sys/arch/arm/arm/bootconfig.c     Fri Jul 10 12:25:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bootconfig.c,v 1.11 2017/06/01 02:45:05 chs Exp $      */
+/*     $NetBSD: bootconfig.c,v 1.12 2020/07/10 12:25:08 skrll Exp $    */
 
 /*
  * Copyright (c) 1994-1998 Mark Brinicombe.
@@ -40,7 +40,7 @@
 
 #include <sys/param.h>
 
-__KERNEL_RCSID(0, "$NetBSD: bootconfig.c,v 1.11 2017/06/01 02:45:05 chs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bootconfig.c,v 1.12 2020/07/10 12:25:08 skrll Exp $");
 
 #include <sys/systm.h>
 #include <sys/kmem.h>
@@ -58,7 +58,7 @@
  * will return ptr of "moo milk=1", *not* "moo"
  */
 
-int
+int __noasan
 get_bootconf_option(char *opts, const char *opt, int type, void *result)
 {
        char *ptr;
diff -r c1ab7b784d0a -r 7f7eca2df285 sys/arch/arm/arm/cpufunc.c
--- a/sys/arch/arm/arm/cpufunc.c        Fri Jul 10 12:14:58 2020 +0000
+++ b/sys/arch/arm/arm/cpufunc.c        Fri Jul 10 12:25:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: cpufunc.c,v 1.176 2020/02/05 07:37:35 skrll Exp $      */
+/*     $NetBSD: cpufunc.c,v 1.177 2020/07/10 12:25:08 skrll Exp $      */
 
 /*
  * arm7tdmi support code Copyright (c) 2001 John Fremlin
@@ -49,7 +49,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cpufunc.c,v 1.176 2020/02/05 07:37:35 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cpufunc.c,v 1.177 2020/07/10 12:25:08 skrll Exp $");
 
 #include "opt_arm_start.h"
 #include "opt_compat_netbsd.h"
@@ -2372,7 +2372,7 @@
 
 static u_int parse_cpu_options(char *, struct cpu_option *, u_int);
 
-static u_int
+static u_int __noasan
 parse_cpu_options(char *args, struct cpu_option *optlist, u_int cpuctrl)
 {
        int integer;
diff -r c1ab7b784d0a -r 7f7eca2df285 sys/arch/arm/arm32/arm32_boot.c
--- a/sys/arch/arm/arm32/arm32_boot.c   Fri Jul 10 12:14:58 2020 +0000
+++ b/sys/arch/arm/arm32/arm32_boot.c   Fri Jul 10 12:25:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: arm32_boot.c,v 1.38 2020/06/06 09:03:59 skrll Exp $    */
+/*     $NetBSD: arm32_boot.c,v 1.39 2020/07/10 12:25:09 skrll Exp $    */
 
 /*
  * Copyright (c) 2002, 2003, 2005  Genetec Corporation.  All rights reserved.
@@ -122,7 +122,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(1, "$NetBSD: arm32_boot.c,v 1.38 2020/06/06 09:03:59 skrll Exp $");
+__KERNEL_RCSID(1, "$NetBSD: arm32_boot.c,v 1.39 2020/07/10 12:25:09 skrll Exp $");
 
 #include "opt_arm_debug.h"
 #include "opt_cputypes.h"
@@ -132,6 +132,7 @@
 
 #include <sys/param.h>
 
+#include <sys/asan.h>
 #include <sys/atomic.h>
 #include <sys/cpu.h>
 #include <sys/device.h>
@@ -296,6 +297,8 @@
        VPRINTF("pmap ");
        pmap_bootstrap(kvm_base, kvm_base + kvm_size);
 
+       kasan_init();
+
 #ifdef __HAVE_MEMORY_DISK__
        md_root_setconf(memory_disk, sizeof memory_disk);
 #endif
diff -r c1ab7b784d0a -r 7f7eca2df285 sys/arch/arm/arm32/arm32_kvminit.c
--- a/sys/arch/arm/arm32/arm32_kvminit.c        Fri Jul 10 12:14:58 2020 +0000
+++ b/sys/arch/arm/arm32/arm32_kvminit.c        Fri Jul 10 12:25:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: arm32_kvminit.c,v 1.63 2020/07/03 06:33:39 skrll Exp $ */
+/*     $NetBSD: arm32_kvminit.c,v 1.64 2020/07/10 12:25:09 skrll Exp $ */
 
 /*
  * Copyright (c) 2002, 2003, 2005  Genetec Corporation.  All rights reserved.
@@ -127,10 +127,11 @@
 #include "opt_multiprocessor.h"
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: arm32_kvminit.c,v 1.63 2020/07/03 06:33:39 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: arm32_kvminit.c,v 1.64 2020/07/10 12:25:09 skrll Exp $");
 
 #include <sys/param.h>
 
+#include <sys/asan.h>
 #include <sys/bus.h>
 #include <sys/device.h>
 #include <sys/kernel.h>
@@ -178,6 +179,16 @@
 /* Page tables for mapping kernel VM */
 #define KERNEL_L2PT_VMDATA_NUM 8       /* start with 32MB of KVM */
 
+#ifdef KASAN
+vaddr_t kasan_kernelstart;
+vaddr_t kasan_kernelsize;
+
+#define        KERNEL_L2PT_KASAN_NUM   howmany(VM_KERNEL_KASAN_SIZE, L2_S_SEGSIZE)
+pv_addr_t kasan_l2pt[KERNEL_L2PT_KASAN_NUM];
+#else
+#define KERNEL_L2PT_KASAN_NUM  0
+#endif
+
 u_long kern_vtopdiff __attribute__((__section__(".data")));
 
 void
@@ -463,6 +474,7 @@
        kernel_size -= (bmi->bmi_kernelstart & -L2_S_SEGSIZE);
        kernel_size += L1_TABLE_SIZE;
        kernel_size += PAGE_SIZE * KERNEL_L2PT_VMDATA_NUM;
+       kernel_size += PAGE_SIZE * KERNEL_L2PT_KASAN_NUM;
        if (map_vectors_p) {
                kernel_size += PAGE_SIZE;       /* L2PT for VECTORS */
        }
@@ -560,6 +572,18 @@
                add_pages(bmi, &vmdata_l2pt[idx]);
        }
 
+#ifdef KASAN
+       /*
+        * Now allocate L2 pages for the KASAN shadow map l2pt VA space.
+        */
+       VPRINTF(" kasan");
+       for (size_t idx = 0; idx < KERNEL_L2PT_KASAN_NUM; ++idx) {
+               valloc_pages(bmi, &kasan_l2pt[idx], 1,
+                   VM_PROT_READ | VM_PROT_WRITE, PTE_PAGETABLE, true);
+               add_pages(bmi, &kasan_l2pt[idx]);
+       }
+
+#endif
        /*
         * If someone wanted a L2 page for I/O, allocate it now.
         */
@@ -600,6 +624,11 @@
        msgbufphys = msgbuf.pv_pa;
        msgbufaddr = (void *)msgbuf.pv_va;
 
+#ifdef KASAN
+       kasan_kernelstart = KERNEL_BASE;
+       kasan_kernelsize = (msgbuf.pv_va + round_page(MSGBUFSIZE)) - KERNEL_BASE;
+#endif
+



Home | Main Index | Thread Index | Old Index