kernel_sanitizers(7)
- NetBSD Manual Pages
KERNEL_SANITIZER... NetBSD Miscellaneous Information ManualKERNEL_SANITIZER...
NAME
kernel_sanitizers -- NetBSD Kernel Sanitizers
DESCRIPTION
Kernel Sanitizers are powerful kernel bug detection features that can
automatically discover several classes of bugs at run time while the ker-
nel executes.
NetBSD supports four kernel sanitizers. They are not mutually compati-
ble, and only one can be enabled at a time, via compilation options.
KUBSAN
Kernel Undefined Behavior Sanitizer, specializes in finding several types
of undefined behaviors, such a misaligned accesses and integer overflows.
Runtime cost
Heavy runtime checks.
Used components
Compiler instrumentation and an entirely MI runtime.
Supported architectures
aarch64 (gcc), amd64 (gcc), arm (gcc). [Theoretically supported on all
other architectures with no MD change required]
Files
src/common/lib/libc/misc/ubsan.c
Core KUBSAN code. MI.
KASAN
Kernel Address Sanitizer, specializes in finding memory corruptions such
as buffer overflows and use-after-frees.
Runtime cost
Heavy runtime checks, and ~12.5% increase in memory consumption.
Used components
Shadow memory, compiler instrumentation, special kernel wrappers, and
light MD infrastructure.
Supported architectures
aarch64 (gcc), amd64 (gcc, llvm), arm (gcc).
KASAN is made of six sub-features that perform memory validation:
+-----------------------------------------------------+
| SUPPORTED SUB-FEATURE |
+---------+------+-------+---------+-----------+---------+------+
| PORT | HEAP | STACK | ATOMICS | BUS_SPACE | BUS_DMA | VLAs |
+---------+------+-------+---------+-----------+---------+------+
| amd64 | Yes | Yes | Yes | Yes | Yes | Yes |
+---------+------+-------+---------+-----------+---------+------+
| aarch64 | Yes | Yes | Yes | No | Yes | Yes |
+---------+------+-------+---------+-----------+---------+------+
| arm | Yes | Yes | Yes | No | Yes | Yes |
+---------+------+-------+---------+-----------+---------+------+
An architecture is allowed to have only partial support.
Files
src/sys/kern/subr_asan.c
Core KASAN code. MI.
src/sys/sys/asan.h
Main KASAN header. MI.
src/sys/arch/{port}/include/asan.h
Port-specific KASAN code. MD.
Each new port of KASAN should respect the existing naming conventions,
and should introduce only one MD header file.
KCSAN
Kernel Concurrency Sanitizer, specializes in finding memory races.
Runtime cost
Medium runtime checks.
Used components
Compiler instrumentation, special kernel wrappers, and light MD infra-
structure.
Supported architectures
amd64 (gcc).
Files
src/sys/kern/subr_csan.c
Core KCSAN code. MI.
src/sys/sys/csan.h
Main KCSAN header. MI.
src/sys/arch/{port}/include/csan.h
Port-specific KCSAN code. MD.
Each new port of KCSAN should respect the existing naming conventions,
and should introduce only one MD header file.
KMSAN
Kernel Memory Sanitizer, specializes in finding uninitialized memory.
Runtime cost
Heavy runtime checks, and ~200% increase in memory consumption.
Used components
Double shadow memory, compiler instrumentation, special kernel wrappers,
and heavy MD infrastructure.
Supported architectures
amd64 (llvm).
Files
src/sys/kern/subr_msan.c
Core KMSAN code. MI.
src/sys/sys/msan.h
Main KMSAN header. MI.
src/sys/arch/{port}/include/msan.h
Port-specific KMSAN code. MD.
Each new port of KMSAN should respect the existing naming conventions,
and should introduce only one MD header file.
AUTHORS
Support for KUBSAN was developed by Kamil Rytarowski. Support for KASAN,
KCSAN and KMSAN was developed by Maxime Villard. Support for KASAN on
ARM was developed by Nick Hudson.
NetBSD 10.99 July 12, 2020 NetBSD 10.99
Powered by man-cgi (2021-06-01).
Maintained for NetBSD
by Kimmo Suominen.
Based on man-cgi by Panagiotis Christias.