d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

kasan: disable kasan_mark() after a violation

Browse Source 
Specifically, when we receive a violation and we're configured to panic,
kasan_enabled gets unset before we descend into panic().  At this point,
there's no longer any reason to allow marking as kasan_shadow_check() is
disabled -- we have some inherent risk of faulting or panicking if the
system's in a bad enough state with no benefit.

Reviewed by:	markj
Sponsored by:	Juniper Networks, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D36742
This commit is contained in:
Mitchell Horne 2022-09-27 11:01:02 -05:00 committed by Kyle Evans
parent 27d673fbbb
commit f2963b530e
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sys/kern/subr_asan.c
View File

@ -257,6 +257,9 @@ kasan_mark(const void *addr, size_t size, size_t redzsize, uint8_t code)
size_t i, n, redz; size_t i, n, redz;
int8_t *shad; int8_t *shad;
if (__predict_false(!kasan_enabled))
return;
if ((vm_offset_t)addr >= DMAP_MIN_ADDRESS && if ((vm_offset_t)addr >= DMAP_MIN_ADDRESS &&
(vm_offset_t)addr < DMAP_MAX_ADDRESS) (vm_offset_t)addr < DMAP_MAX_ADDRESS)
return; return;