mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 05:37:34 +00:00
Kernel: Add initial basic support for KASAN
This commit adds minimal support for compiler-instrumentation based memory access sanitization. Currently we only support detection of kmalloc redzone accesses, and kmalloc use-after-free accesses. Support for inline checks (for improved performance), and for stack use-after-return and use-after-return detection is left for future PRs.
This commit is contained in:
parent
7ad7ae7000
commit
f7a1f28d7f
10 changed files with 538 additions and 63 deletions
|
@ -722,11 +722,15 @@ if (ENABLE_KERNEL_UNDEFINED_SANITIZER)
|
|||
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=undefined")
|
||||
endif()
|
||||
|
||||
# Kernel Address Sanitize (KASAN) implementation is still a work in progress, this option
|
||||
# is not currently meant to be used, besides when developing Kernel ASAN support.
|
||||
#
|
||||
if (ENABLE_KERNEL_ADDRESS_SANITIZER)
|
||||
add_compile_options(-fsanitize=kernel-address)
|
||||
if(CMAKE_CXX_COMPILER_ID MATCHES "Clang$")
|
||||
# TODO: Support inline KASAN for improved performance
|
||||
add_compile_options("SHELL:-mllvm -asan-instrumentation-with-call-threshold=0")
|
||||
# TODO: Support KASAN stack poisoning (inline) for use-after-return and use-after-scope detection
|
||||
add_compile_options("SHELL:-mllvm -asan-stack=0")
|
||||
endif()
|
||||
set_source_files_properties(Security/AddressSanitizer.cpp PROPERTIES COMPILE_FLAGS "-fno-sanitize=kernel-address")
|
||||
add_link_options(-fsanitize=kernel-address)
|
||||
endif()
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue