git: f2963b530e17 - main - kasan: disable kasan_mark() after a violation
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 27 Sep 2022 16:01:30 UTC
The branch main has been updated by kevans:
URL: https://cgit.FreeBSD.org/src/commit/?id=f2963b530e17c5eff66bc5f4860b1cd224d3d033
commit f2963b530e17c5eff66bc5f4860b1cd224d3d033
Author: Mitchell Horne <mhorne@FreeBSD.org>
AuthorDate: 2022-09-27 16:01:02 +0000
Commit: Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2022-09-27 16:01:21 +0000
kasan: disable kasan_mark() after a violation
Specifically, when we receive a violation and we're configured to panic,
kasan_enabled gets unset before we descend into panic(). At this point,
there's no longer any reason to allow marking as kasan_shadow_check() is
disabled -- we have some inherent risk of faulting or panicking if the
system's in a bad enough state with no benefit.
Reviewed by: markj
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D36742
---
sys/kern/subr_asan.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sys/kern/subr_asan.c b/sys/kern/subr_asan.c
index d82b25e33257..e727c1d03dd7 100644
--- a/sys/kern/subr_asan.c
+++ b/sys/kern/subr_asan.c
@@ -257,6 +257,9 @@ kasan_mark(const void *addr, size_t size, size_t redzsize, uint8_t code)
size_t i, n, redz;
int8_t *shad;
+ if (__predict_false(!kasan_enabled))
+ return;
+
if ((vm_offset_t)addr >= DMAP_MIN_ADDRESS &&
(vm_offset_t)addr < DMAP_MAX_ADDRESS)
return;