diff options
Diffstat (limited to 'lib/kasan')
| -rw-r--r-- | lib/kasan/Kconfig | 2 | ||||
| -rw-r--r-- | lib/kasan/Makefile | 1 | ||||
| -rw-r--r-- | lib/kasan/generic.c | 7 | ||||
| -rw-r--r-- | lib/kasan/report.c | 24 | ||||
| -rw-r--r-- | lib/kasan/test_kasan.c | 18 |
5 files changed, 35 insertions, 17 deletions
diff --git a/lib/kasan/Kconfig b/lib/kasan/Kconfig index 7a18cf95be..e96638304c 100644 --- a/lib/kasan/Kconfig +++ b/lib/kasan/Kconfig @@ -1,4 +1,4 @@ -source "scripts/Kconfig.include" +# SPDX-License-Identifier: GPL-2.0-only config HAVE_ARCH_KASAN bool diff --git a/lib/kasan/Makefile b/lib/kasan/Makefile index 31e9d890d5..e3f4bb61f9 100644 --- a/lib/kasan/Makefile +++ b/lib/kasan/Makefile @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: GPL-2.0-only obj-y += generic_report.o generic.o report.o common.o test_kasan.o KASAN_SANITIZE_generic_report.o := n diff --git a/lib/kasan/generic.c b/lib/kasan/generic.c index b33a6c1a6c..3709b8da9a 100644 --- a/lib/kasan/generic.c +++ b/lib/kasan/generic.c @@ -14,14 +14,13 @@ * */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include <common.h> #include "kasan.h" unsigned long kasan_shadow_start; unsigned long kasan_shadow_base; +unsigned long kasan_shadowed_end; /* * All functions below always inlined so compiler could @@ -160,6 +159,9 @@ static __always_inline bool check_memory_region_inline(unsigned long addr, if (addr < kasan_shadow_start) return true; + if (addr > kasan_shadowed_end) + return true; + if (unlikely(size == 0)) return true; @@ -180,6 +182,7 @@ void kasan_init(unsigned long membase, unsigned long memsize, { kasan_shadow_start = membase; kasan_shadow_base = shadow_base; + kasan_shadowed_end = membase + memsize - 1; kasan_unpoison_shadow((void *)membase, memsize); kasan_initialized = true; diff --git a/lib/kasan/report.c b/lib/kasan/report.c index b7b2d032ee..a9050546e7 100644 --- a/lib/kasan/report.c +++ b/lib/kasan/report.c @@ -17,7 +17,7 @@ #include <common.h> #include <linux/bitops.h> #include <linux/kernel.h> -#include <printk.h> +#include <linux/printk.h> #include <asm-generic/sections.h> #include "kasan.h" @@ -48,9 +48,9 @@ EXPORT_SYMBOL_GPL(kasan_restore_multi_shot); static void print_error_description(struct kasan_access_info *info) { - pr_err("BUG: KASAN: %s in %pS\n", + eprintf("BUG: KASAN: %s in %pS\n", get_bug_type(info), (void *)info->ip); - pr_err("%s of size %zu at addr %px\n", + eprintf("%s of size %zu at addr %px\n", info->is_write ? "Write" : "Read", info->access_size, info->access_addr); } @@ -61,12 +61,12 @@ static void start_report(unsigned long *flags) * Make sure we don't end up in loop. */ kasan_disable_current(); - pr_err("==================================================================\n"); + eprintf("==================================================================\n"); } static void end_report(unsigned long *flags) { - pr_err("==================================================================\n"); + eprintf("==================================================================\n"); kasan_enable_current(); } @@ -80,11 +80,11 @@ static inline bool kernel_or_module_addr(const void *addr) static void print_address_description(void *addr, u8 tag) { dump_stack(); - pr_err("\n"); + eprintf("\n"); if (kernel_or_module_addr(addr)) { - pr_err("The buggy address belongs to the variable:\n"); - pr_err(" %pS\n", addr); + eprintf("The buggy address belongs to the variable:\n"); + eprintf(" %pS\n", addr); } } @@ -112,7 +112,7 @@ static void print_shadow_for_address(const void *addr) SHADOW_BYTES_PER_ROW) - SHADOW_ROWS_AROUND_ADDR * SHADOW_BYTES_PER_ROW; - pr_err("Memory state around the buggy address:\n"); + eprintf("Memory state around the buggy address:\n"); for (i = -SHADOW_ROWS_AROUND_ADDR; i <= SHADOW_ROWS_AROUND_ADDR; i++) { const void *kaddr = kasan_shadow_to_mem(shadow_row); @@ -132,7 +132,7 @@ static void print_shadow_for_address(const void *addr) shadow_buf, SHADOW_BYTES_PER_ROW, 0); if (row_is_guilty(shadow_row, shadow)) - printf("%*c\n", + eprintf("%*c\n", shadow_pointer_offset(shadow_row, shadow), '^'); @@ -172,11 +172,11 @@ static void __kasan_report(unsigned long addr, size_t size, bool is_write, start_report(&flags); print_error_description(&info); - pr_err("\n"); + eprintf("\n"); if (addr_has_shadow(untagged_addr)) { print_address_description(untagged_addr, get_tag(tagged_addr)); - pr_err("\n"); + eprintf("\n"); print_shadow_for_address(info.first_bad_addr); } else { dump_stack(); diff --git a/lib/kasan/test_kasan.c b/lib/kasan/test_kasan.c index e472bb3499..bacc02b56e 100644 --- a/lib/kasan/test_kasan.c +++ b/lib/kasan/test_kasan.c @@ -38,6 +38,8 @@ static noinline void malloc_oob_right(void) return; } + OPTIMIZER_HIDE_VAR(ptr); + ptr[size] = 'x'; free(ptr); @@ -55,6 +57,8 @@ static noinline void malloc_oob_left(void) return; } + OPTIMIZER_HIDE_VAR(ptr); + *ptr = *(ptr - 1); free(ptr); } @@ -65,7 +69,7 @@ static noinline void malloc_oob_realloc_more(void) size_t size1 = 17; size_t size2 = 19; - pr_info("out-of-bounds after krealloc more\n"); + pr_info("out-of-bounds after realloc more\n"); ptr1 = malloc(size1); ptr2 = realloc(ptr1, size2); if (!ptr1 || !ptr2) { @@ -75,6 +79,8 @@ static noinline void malloc_oob_realloc_more(void) return; } + OPTIMIZER_HIDE_VAR(ptr2); + ptr2[size2] = 'x'; free(ptr2); @@ -86,7 +92,7 @@ static noinline void malloc_oob_realloc_less(void) size_t size1 = 17; size_t size2 = 15; - pr_info("out-of-bounds after krealloc less\n"); + pr_info("out-of-bounds after realloc less\n"); ptr1 = malloc(size1); ptr2 = realloc(ptr1, size2); if (!ptr1 || !ptr2) { @@ -95,6 +101,8 @@ static noinline void malloc_oob_realloc_less(void) return; } + OPTIMIZER_HIDE_VAR(ptr2); + ptr2[size2] = 'x'; free(ptr2); @@ -115,6 +123,9 @@ static noinline void malloc_oob_16(void) free(ptr2); return; } + + OPTIMIZER_HIDE_VAR(ptr1); + *ptr1 = *ptr2; free(ptr1); free(ptr2); @@ -290,6 +301,8 @@ static noinline void kasan_alloca_oob_left(void) char alloca_array[i]; char *p = alloca_array - 1; + OPTIMIZER_HIDE_VAR(p); + pr_info("out-of-bounds to left on alloca\n"); *(volatile char *)p; } @@ -474,5 +487,6 @@ static int do_kasan_test(int argc, char *argv[]) BAREBOX_CMD_START(kasan_tests) .cmd = do_kasan_test, BAREBOX_CMD_DESC("Run KAsan tests") + BAREBOX_CMD_GROUP(CMD_GRP_MISC) BAREBOX_CMD_COMPLETE(empty_complete) BAREBOX_CMD_END |