amd64: Add MD bits for KASAN

- Initialize KASAN before executing SYSINITs. - Add a GENERIC-KASAN kernel config, akin to GENERIC-KCSAN. - Increase the kernel stack size if KASAN is enabled. Some of the ASAN instrumentation increases stack usage and it's enough to trigger stack overflows in ZFS. - Mark the trapframe as valid in interrupt handlers if it is assigned to td_intr_frame. Otherwise, an interrupt in a function which creates a poisoned alloca region can trigger false positives. MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29455
2021-04-13 17:39:35 -04:00 · 2021-04-13 17:39:35 -04:00 · f115c06121
commit f115c06121
parent 6faf45b34b
5 changed files with 25 additions and 0 deletions
--- a/sys/amd64/amd64/machdep.c
+++ b/sys/amd64/amd64/machdep.c
@ -58,6 +58,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/param.h>
 #include <sys/proc.h>
 #include <sys/systm.h>
+#include <sys/asan.h>
 #include <sys/bio.h>
 #include <sys/buf.h>
 #include <sys/bus.h>
@ -1916,6 +1917,8 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
 #endif
 	thread0.td_critnest = 0;

+	kasan_init();
+
 	TSEXIT();

 	/* Location of kernel stack for locore */
--- a/sys/amd64/conf/GENERIC-KASAN
+++ b/sys/amd64/conf/GENERIC-KASAN
@ -0,0 +1,7 @@
+# $FreeBSD$
+
+include GENERIC
+
+ident   GENERIC-KASAN
+
+options 	KASAN
--- a/sys/amd64/include/param.h
+++ b/sys/amd64/include/param.h
@ -134,8 +134,12 @@
 #define	IOPERM_BITMAP_SIZE	(IOPAGES * PAGE_SIZE + 1)

 #ifndef	KSTACK_PAGES
+#ifdef KASAN
+#define	KSTACK_PAGES	6
+#else
 #define	KSTACK_PAGES	4	/* pages of kstack (with pcb) */
 #endif
+#endif
 #define	KSTACK_GUARD_PAGES 1	/* pages of kstack guard; 0 disables */

 /*
--- a/sys/x86/isa/atpic.c
+++ b/sys/x86/isa/atpic.c
@ -37,6 +37,7 @@ __FBSDID("$FreeBSD$");

 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/asan.h>
 #include <sys/bus.h>
 #include <sys/interrupt.h>
 #include <sys/kernel.h>
@ -522,6 +523,9 @@ atpic_handle_intr(u_int vector, struct trapframe *frame)
 {
 	struct intsrc *isrc;

+	/* The frame may have been written into a poisoned region. */
+	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+
 	KASSERT(vector < NUM_ISA_IRQS, ("unknown int %u\n", vector));
 	isrc = &atintrs[vector].at_intsrc;

--- a/sys/x86/x86/local_apic.c
+++ b/sys/x86/x86/local_apic.c
@ -43,6 +43,7 @@ __FBSDID("$FreeBSD$");

 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/asan.h>
 #include <sys/bus.h>
 #include <sys/kernel.h>
 #include <sys/lock.h>
@ -1299,6 +1300,9 @@ lapic_handle_intr(int vector, struct trapframe *frame)
 {
 	struct intsrc *isrc;

+	/* The frame may have been written into a poisoned region. */
+	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+
 	isrc = intr_lookup_source(apic_idt_to_irq(PCPU_GET(apic_id),
 	    vector));
 	intr_execute_handlers(isrc, frame);
@ -1314,6 +1318,9 @@ lapic_handle_timer(struct trapframe *frame)
 	/* Send EOI first thing. */
 	lapic_eoi();

+	/* The frame may have been written into a poisoned region. */
+	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+
 #if defined(SMP) && !defined(SCHED_ULE)
 	/*
 	 * Don't do any accounting for the disabled HTT cores, since it