diff --git a/Documentation/guides/kasan.rst b/Documentation/guides/kasan.rst index 9a40346bb88..e59202e3865 100644 --- a/Documentation/guides/kasan.rst +++ b/Documentation/guides/kasan.rst @@ -41,7 +41,7 @@ Usage To enable Generic KASAN, configure the kernel with:: CONFIG_MM_KASAN=y - CONFIG_MM_KASAN_ALL=y + CONFIG_MM_KASAN_INSTRUMENT_ALL=y CONFIG_MM_KASAN_GENERIC=y If you want to enable global variable out of bounds detection, @@ -52,7 +52,7 @@ you can add configurations based on the above:: To enable Software Tag-Based KASAN, configure the kernel with:: CONFIG_MM_KASAN=y - CONFIG_MM_KASAN_ALL=y + CONFIG_MM_KASAN_INSTRUMENT_ALL=y CONFIG_MM_KASAN_SW_TAGS=y Implementation details diff --git a/arch/arm/src/cmake/armclang.cmake b/arch/arm/src/cmake/armclang.cmake index 0f32644b661..026d6a82254 100644 --- a/arch/arm/src/cmake/armclang.cmake +++ b/arch/arm/src/cmake/armclang.cmake @@ -134,7 +134,7 @@ if(CONFIG_MM_UBSAN_TRAP_ON_ERROR) add_compile_options(-fsanitize-undefined-trap-on-error) endif() -if(CONFIG_MM_KASAN_ALL) +if(CONFIG_MM_KASAN_INSTRUMENT_ALL) add_compile_options(-fsanitize=kernel-address) endif() diff --git a/arch/arm/src/cmake/clang.cmake b/arch/arm/src/cmake/clang.cmake index 9d9cf582812..f1c58c3e6a1 100644 --- a/arch/arm/src/cmake/clang.cmake +++ b/arch/arm/src/cmake/clang.cmake @@ -135,7 +135,7 @@ if(CONFIG_MM_UBSAN_TRAP_ON_ERROR) add_compile_options(-fsanitize-undefined-trap-on-error) endif() -if(CONFIG_MM_KASAN_ALL) +if(CONFIG_MM_KASAN_INSTRUMENT_ALL) add_compile_options(-fsanitize=kernel-address) endif() diff --git a/arch/arm/src/cmake/gcc.cmake b/arch/arm/src/cmake/gcc.cmake index 914ec7ef6af..cfa25c600ba 100644 --- a/arch/arm/src/cmake/gcc.cmake +++ b/arch/arm/src/cmake/gcc.cmake @@ -149,7 +149,7 @@ if(CONFIG_MM_UBSAN_TRAP_ON_ERROR) add_compile_options(-fsanitize-undefined-trap-on-error) endif() -if(CONFIG_MM_KASAN_ALL) +if(CONFIG_MM_KASAN_INSTRUMENT_ALL) add_compile_options(-fsanitize=kernel-address) endif() diff --git a/arch/arm/src/cmake/ghs.cmake b/arch/arm/src/cmake/ghs.cmake index b1dc5f172ee..ce4a907373a 100644 --- a/arch/arm/src/cmake/ghs.cmake +++ b/arch/arm/src/cmake/ghs.cmake @@ -106,7 +106,7 @@ if(CONFIG_MM_UBSAN_TRAP_ON_ERROR) add_compile_options(-fsanitize-undefined-trap-on-error) endif() -if(CONFIG_MM_KASAN_ALL) +if(CONFIG_MM_KASAN_INSTRUMENT_ALL) add_compile_options(-fsanitize=kernel-address) endif() diff --git a/arch/arm/src/common/Toolchain.defs b/arch/arm/src/common/Toolchain.defs index 2ddcf51084d..7e9533fb96f 100644 --- a/arch/arm/src/common/Toolchain.defs +++ b/arch/arm/src/common/Toolchain.defs @@ -94,7 +94,7 @@ ifeq ($(CONFIG_MM_UBSAN_TRAP_ON_ERROR),y) ARCHOPTIMIZATION += -fsanitize-undefined-trap-on-error endif -ifeq ($(CONFIG_MM_KASAN_ALL),y) +ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif diff --git a/arch/arm64/src/Toolchain.defs b/arch/arm64/src/Toolchain.defs index 948be91c990..9282ddc9718 100644 --- a/arch/arm64/src/Toolchain.defs +++ b/arch/arm64/src/Toolchain.defs @@ -84,7 +84,7 @@ ifeq ($(CONFIG_MM_UBSAN_TRAP_ON_ERROR),y) ARCHOPTIMIZATION += -fsanitize-undefined-trap-on-error endif -ifeq ($(CONFIG_MM_KASAN_ALL),y) +ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif diff --git a/arch/arm64/src/cmake/Toolchain.cmake b/arch/arm64/src/cmake/Toolchain.cmake index f6a9c53914a..f86506374e9 100644 --- a/arch/arm64/src/cmake/Toolchain.cmake +++ b/arch/arm64/src/cmake/Toolchain.cmake @@ -113,7 +113,7 @@ if(CONFIG_MM_UBSAN_TRAP_ON_ERROR) add_compile_options(-fsanitize-undefined-trap-on-error) endif() -if(CONFIG_MM_KASAN_ALL) +if(CONFIG_MM_KASAN_INSTRUMENT_ALL) add_compile_options(-fsanitize=kernel-address) endif() diff --git a/arch/risc-v/src/cmake/Toolchain.cmake b/arch/risc-v/src/cmake/Toolchain.cmake index e3c82031fbf..a710288bb97 100644 --- a/arch/risc-v/src/cmake/Toolchain.cmake +++ b/arch/risc-v/src/cmake/Toolchain.cmake @@ -365,7 +365,7 @@ if(CONFIG_RISCV_TOOLCHAIN STREQUAL GNU_RVG) endif() -if(CONFIG_MM_KASAN_ALL) +if(CONFIG_MM_KASAN_INSTRUMENT_ALL) add_compile_options(-fsanitize=kernel-address) endif() diff --git a/arch/risc-v/src/common/Toolchain.defs b/arch/risc-v/src/common/Toolchain.defs index b5f5be1c311..3fe0ab7a407 100644 --- a/arch/risc-v/src/common/Toolchain.defs +++ b/arch/risc-v/src/common/Toolchain.defs @@ -292,7 +292,7 @@ else endif endif -ifeq ($(CONFIG_MM_KASAN_ALL),y) +ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif diff --git a/arch/sim/src/cmake/Toolchain.cmake b/arch/sim/src/cmake/Toolchain.cmake index 0674a0b1c3c..c4c0cff080a 100644 --- a/arch/sim/src/cmake/Toolchain.cmake +++ b/arch/sim/src/cmake/Toolchain.cmake @@ -103,7 +103,7 @@ if(CONFIG_SIM_ASAN) add_compile_options(-fsanitize=pointer-compare) add_compile_options(-fsanitize=pointer-subtract) add_link_options(-fsanitize=address) -elseif(CONFIG_MM_KASAN_ALL) +elseif(CONFIG_MM_KASAN_INSTRUMENT_ALL) add_compile_options(-fsanitize=kernel-address) endif() diff --git a/arch/tricore/src/common/ToolchainGnuc.defs b/arch/tricore/src/common/ToolchainGnuc.defs index 450390a4c0b..fdfc4724bec 100644 --- a/arch/tricore/src/common/ToolchainGnuc.defs +++ b/arch/tricore/src/common/ToolchainGnuc.defs @@ -72,7 +72,7 @@ ifeq ($(CONFIG_MM_UBSAN_TRAP_ON_ERROR),y) ARCHOPTIMIZATION += -fsanitize-undefined-trap-on-error endif -ifeq ($(CONFIG_MM_KASAN_ALL),y) +ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif diff --git a/arch/x86/src/common/Toolchain.defs b/arch/x86/src/common/Toolchain.defs index 4f8a6da7690..360271b71bf 100644 --- a/arch/x86/src/common/Toolchain.defs +++ b/arch/x86/src/common/Toolchain.defs @@ -55,7 +55,7 @@ NM = $(CROSSDEV)nm OBJCOPY = $(CROSSDEV)objcopy OBJDUMP = $(CROSSDEV)objdump -ifeq ($(CONFIG_MM_KASAN_ALL),y) +ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif diff --git a/arch/x86_64/src/common/Toolchain.defs b/arch/x86_64/src/common/Toolchain.defs index a31552e70d0..5661577374a 100644 --- a/arch/x86_64/src/common/Toolchain.defs +++ b/arch/x86_64/src/common/Toolchain.defs @@ -129,7 +129,7 @@ ifeq ($(CONFIG_LIBCXX),y) CXXFLAGS += -D_LIBCPP_DISABLE_AVAILABILITY endif -ifeq ($(CONFIG_MM_KASAN_ALL),y) +ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif ifeq ($(CONFIG_MM_KASAN_GLOBAL),y) diff --git a/arch/xtensa/src/cmake/Toolchain.cmake b/arch/xtensa/src/cmake/Toolchain.cmake index 7367827a074..9823706b3f0 100644 --- a/arch/xtensa/src/cmake/Toolchain.cmake +++ b/arch/xtensa/src/cmake/Toolchain.cmake @@ -85,7 +85,7 @@ add_compile_options(-mlongcalls) add_compile_options(-mtext-section-literals) -if(CONFIG_MM_KASAN_ALL) +if(CONFIG_MM_KASAN_INSTRUMENT_ALL) add_compile_options(-fsanitize=kernel-address) endif() diff --git a/arch/xtensa/src/lx6/Toolchain.defs b/arch/xtensa/src/lx6/Toolchain.defs index 8abbf82db9c..18b713d6dc2 100644 --- a/arch/xtensa/src/lx6/Toolchain.defs +++ b/arch/xtensa/src/lx6/Toolchain.defs @@ -45,7 +45,7 @@ endif ARCHCPUFLAGS = -mlongcalls -ifeq ($(CONFIG_MM_KASAN_ALL),y) +ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif diff --git a/arch/xtensa/src/lx7/Toolchain.defs b/arch/xtensa/src/lx7/Toolchain.defs index 18f1297fd94..3328478542b 100644 --- a/arch/xtensa/src/lx7/Toolchain.defs +++ b/arch/xtensa/src/lx7/Toolchain.defs @@ -45,7 +45,7 @@ endif ARCHCPUFLAGS = -mlongcalls -ifeq ($(CONFIG_MM_KASAN_ALL),y) +ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif diff --git a/boards/sim/sim/sim/scripts/Make.defs b/boards/sim/sim/sim/scripts/Make.defs index d8f7c5451e6..c56772dc043 100644 --- a/boards/sim/sim/sim/scripts/Make.defs +++ b/boards/sim/sim/sim/scripts/Make.defs @@ -89,7 +89,7 @@ endif ifeq ($(CONFIG_SIM_ASAN),y) ARCHOPTIMIZATION += -fsanitize=address -fsanitize-address-use-after-scope ARCHOPTIMIZATION += -fsanitize=pointer-compare -fsanitize=pointer-subtract -else ifeq ($(CONFIG_MM_KASAN_ALL),y) +else ifeq ($(CONFIG_MM_KASAN_INSTRUMENT_ALL),y) ARCHOPTIMIZATION += -fsanitize=kernel-address endif diff --git a/libs/libc/machine/arch_libc.c b/libs/libc/machine/arch_libc.c index 023ea07060e..af4017b2077 100644 --- a/libs/libc/machine/arch_libc.c +++ b/libs/libc/machine/arch_libc.c @@ -89,7 +89,7 @@ size_t ARCH_LIBCFUN(strnlen)(FAR const char *s, size_t maxlen); FAR char *ARCH_LIBCFUN(strrchr)(FAR const char *s, int c); #endif -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK extern void __asan_loadN(FAR void *addr, size_t size); # endif @@ -106,7 +106,7 @@ extern void __asan_storeN(FAR void *addr, size_t size); FAR void *memchr(FAR const void *s, int c, size_t n) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK __asan_loadN((FAR void *)s, n); # endif @@ -119,7 +119,7 @@ FAR void *memchr(FAR const void *s, int c, size_t n) #ifdef CONFIG_LIBC_ARCH_MEMCPY FAR void *memcpy(FAR void *dest, FAR const void *src, FAR size_t n) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_WRITES_CHECK __asan_storeN(dest, n); # endif @@ -134,7 +134,7 @@ FAR void *memcpy(FAR void *dest, FAR const void *src, FAR size_t n) #ifdef CONFIG_LIBC_ARCH_MEMCMP int memcmp(FAR const void *s1, FAR const void *s2, size_t n) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK __asan_loadN((FAR void *)s1, n); __asan_loadN((FAR void *)s2, n); @@ -147,7 +147,7 @@ int memcmp(FAR const void *s1, FAR const void *s2, size_t n) #ifdef CONFIG_LIBC_ARCH_MEMMOVE FAR void *memmove(FAR void *dest, FAR const void *src, FAR size_t n) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_WRITES_CHECK __asan_storeN(dest, n); # endif @@ -162,7 +162,7 @@ FAR void *memmove(FAR void *dest, FAR const void *src, FAR size_t n) #ifdef CONFIG_LIBC_ARCH_MEMSET FAR void *memset(FAR void *s, int c, FAR size_t n) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_WRITES_CHECK __asan_storeN(s, n); # endif @@ -174,7 +174,7 @@ FAR void *memset(FAR void *s, int c, FAR size_t n) #ifdef CONFIG_LIBC_ARCH_STRCMP int strcmp(FAR const char *s1, FAR const char *s2) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK __asan_loadN((FAR void *)s1, ARCH_LIBCFUN(strlen)(s1) + 1); __asan_loadN((FAR void *)s2, ARCH_LIBCFUN(strlen)(s2) + 1); @@ -187,7 +187,7 @@ int strcmp(FAR const char *s1, FAR const char *s2) #ifdef CONFIG_LIBC_ARCH_STRCPY FAR char *strcpy(FAR char *dest, FAR const char *src) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_WRITES_CHECK __asan_storeN(dest, ARCH_LIBCFUN(strlen)(src) + 1); # endif @@ -203,7 +203,7 @@ FAR char *strcpy(FAR char *dest, FAR const char *src) size_t strlen(FAR const char *s) { size_t ret = ARCH_LIBCFUN(strlen)(s); -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK __asan_loadN((FAR void *)s, ret + 1); # endif @@ -215,7 +215,7 @@ size_t strlen(FAR const char *s) #ifdef CONFIG_LIBC_ARCH_STRNCPY FAR char *strncpy(FAR char *dest, FAR const char *src, size_t n) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_WRITES_CHECK __asan_storeN(dest, n); # endif @@ -230,7 +230,7 @@ FAR char *strncpy(FAR char *dest, FAR const char *src, size_t n) #ifdef CONFIG_LIBC_ARCH_STRCHR FAR char *strchr(FAR const char *s, int c) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK __asan_loadN((FAR void *)s, ARCH_LIBCFUN(strlen)(s) + 1); # endif @@ -243,7 +243,7 @@ FAR char *strchr(FAR const char *s, int c) #ifdef CONFIG_LIBC_ARCH_STRCHNUL FAR char *strchrnul(FAR const char *s, int c); { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK __asan_loadN((FAR void *)s, ARCH_LIBCFUN(strlen)(s) + 1); # endif @@ -255,7 +255,7 @@ FAR char *strchrnul(FAR const char *s, int c); #ifdef CONFIG_LIBC_ARCH_STRNCMP int strncmp(FAR const char *s1, FAR const char *s2, size_t n) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK size_t size_s1 = ARCH_LIBCFUN(strnlen)(s1, n); size_t size_s2 = ARCH_LIBCFUN(strnlen)(s2, n); @@ -274,7 +274,7 @@ int strncmp(FAR const char *s1, FAR const char *s2, size_t n) size_t strnlen(FAR const char *s, size_t maxlen) { size_t ret = ARCH_LIBCFUN(strnlen)(s, maxlen); -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK __asan_loadN((FAR void *)s, ret); # endif @@ -287,7 +287,7 @@ size_t strnlen(FAR const char *s, size_t maxlen) #ifdef CONFIG_LIBC_ARCH_STRRCHR FAR char *strrchr(FAR const char *s, int c) { -# ifdef CONFIG_MM_KASAN +# ifdef CONFIG_MM_KASAN_INSTRUMENT # ifndef CONFIG_MM_KASAN_DISABLE_READS_CHECK __asan_loadN((FAR void *)s, ARCH_LIBCFUN(strlen)(s) + 1); # endif diff --git a/mm/kasan/Kconfig b/mm/kasan/Kconfig index 4a6c9764a8f..f80cfb303e7 100644 --- a/mm/kasan/Kconfig +++ b/mm/kasan/Kconfig @@ -11,6 +11,9 @@ config MM_KASAN bugs in native code. After turn on this option, Please add -fsanitize=kernel-address to CFLAGS/CXXFLAGS too. +config MM_KASAN_INSTRUMENT + bool + if MM_KASAN choice @@ -24,20 +27,23 @@ config MM_KASAN_NONE config MM_KASAN_GENERIC bool "KAsan generic mode" + select MM_KASAN_INSTRUMENT ---help--- KASan generic mode that does not require hardware support at all config MM_KASAN_SW_TAGS bool "KAsan SW tags" select ARM64_TBI + select MM_KASAN_INSTRUMENT depends on ARCH_ARM64 ---help--- KAsan based on software tags endchoice -config MM_KASAN_ALL +config MM_KASAN_INSTRUMENT_ALL bool "Enable KASan for the entire image" + depends on MM_KASAN_INSTRUMENT default y ---help--- This option activates address sanitizer for the entire image. @@ -99,7 +105,7 @@ config MM_KASAN_SKIP_ZERO_TAGS config MM_KASAN_GLOBAL bool "Enable global data check" - depends on MM_KASAN_ALL + depends on MM_KASAN_INSTRUMENT_ALL default n ---help--- This option enables KASan global data check.