[PATCH] Do not sanitize kernel area on 32-bit targets

Yury Gribov tetra2005 at gmail.com
Wed Mar 26 02:32:07 PDT 2014


  Moved kernel bitness calculation into lit config.

Hi kcc, glider, samsonov,

http://llvm-reviews.chandlerc.com/D3119

CHANGE SINCE LAST DIFF
  http://llvm-reviews.chandlerc.com/D3119?vs=8085&id=8123#toc

Files:
  lib/asan/asan_rtl.cc
  lib/asan/asan_mapping.h
  lib/sanitizer_common/sanitizer_posix.cc
  test/asan/CMakeLists.txt
  test/asan/TestCases/Linux/kernel-area.cc
  test/asan/lit.cfg

Index: lib/asan/asan_rtl.cc
===================================================================
--- lib/asan/asan_rtl.cc
+++ lib/asan/asan_rtl.cc
@@ -565,6 +565,8 @@
     ReserveShadowMemoryRange(kHighShadowBeg, kHighShadowEnd);
     // protect the gap.
     ProtectGap(kShadowGapBeg, kShadowGapEnd - kShadowGapBeg + 1);
+    // Allow accesses to unprotected part of address space
+    CHECK(kShadowGapEnd == kHighShadowBeg - 1);
   } else if (kMidMemBeg &&
       MemoryRangeIsAvailable(shadow_start, kMidMemBeg - 1) &&
       MemoryRangeIsAvailable(kMidMemEnd + 1, kHighShadowEnd)) {
Index: lib/asan/asan_mapping.h
===================================================================
--- lib/asan/asan_mapping.h
+++ lib/asan/asan_mapping.h
@@ -43,13 +43,22 @@
 // || `[0x00007fff8000, 0x00008fff6fff]` || LowShadow  ||
 // || `[0x000000000000, 0x00007fff7fff]` || LowMem     ||
 //
-// Default Linux/i386 mapping:
+// Default Linux/i386 mapping on x86_64 machine:
 // || `[0x40000000, 0xffffffff]` || HighMem    ||
 // || `[0x28000000, 0x3fffffff]` || HighShadow ||
 // || `[0x24000000, 0x27ffffff]` || ShadowGap  ||
 // || `[0x20000000, 0x23ffffff]` || LowShadow  ||
 // || `[0x00000000, 0x1fffffff]` || LowMem     ||
 //
+// Default Linux/i386 mapping on i386 machine
+// (addresses starting with 0xc0000000 are reserved
+// for kernel and thus not sanitized):
+// || `[0x38000000, 0xbfffffff]` || HighMem    ||
+// || `[0x27000000, 0x37ffffff]` || HighShadow ||
+// || `[0x24000000, 0x26ffffff]` || ShadowGap  ||
+// || `[0x20000000, 0x23ffffff]` || LowShadow  ||
+// || `[0x00000000, 0x1fffffff]` || LowMem     ||
+//
 // Default Linux/MIPS mapping:
 // || `[0x2aaa8000, 0xffffffff]` || HighMem    ||
 // || `[0x0fffd000, 0x2aaa7fff]` || HighShadow ||
@@ -109,7 +118,8 @@
 
 #define kShadowGapBeg   (kLowShadowEnd ? kLowShadowEnd + 1 \
                                        : kZeroBaseShadowStart)
-#define kShadowGapEnd   ((kMidMemBeg ? kMidShadowBeg : kHighShadowBeg) - 1)
+#define kShadowGapEnd   ((kMidMemBeg ? kMidShadowBeg \
+                                     : MEM_TO_SHADOW(kHighShadowEnd + 1)) - 1)
 
 #define kShadowGap2Beg (kMidMemBeg ? kMidShadowEnd + 1 : 0)
 #define kShadowGap2End (kMidMemBeg ? kMidMemBeg - 1 : 0)
Index: lib/sanitizer_common/sanitizer_posix.cc
===================================================================
--- lib/sanitizer_common/sanitizer_posix.cc
+++ lib/sanitizer_common/sanitizer_posix.cc
@@ -22,6 +22,10 @@
 
 #include <sys/mman.h>
 
+#if SANITIZER_LINUX
+#include <sys/utsname.h>
+#endif
+
 namespace __sanitizer {
 
 // ------------- sanitizer_common.h
@@ -29,6 +33,19 @@
   return GetPageSize();
 }
 
+// Take care of unusable kernel area in top gigabyte
+static uptr GetKernelStartAddress() {
+#if SANITIZER_LINUX
+  // 64-bit Linux provides 32-bit apps with full address space
+  struct utsname uname_info;
+  return 0 == uname(&uname_info) && !internal_strstr(uname_info.machine, "64")
+    ? 1ULL << 30
+    : 0;
+#else
+  return 0;
+#endif  // SANITIZER_LINUX
+}
+
 uptr GetMaxVirtualAddress() {
 #if SANITIZER_WORDSIZE == 64
 # if defined(__powerpc64__)
@@ -44,8 +61,9 @@
   return (1ULL << 47) - 1;  // 0x00007fffffffffffUL;
 # endif
 #else  // SANITIZER_WORDSIZE == 32
-  // FIXME: We can probably lower this on Android?
-  return (1ULL << 32) - 1;  // 0xffffffff;
+  uptr res = (1ULL << 32) - 1;  // 0xffffffff;
+  res -= GetKernelStartAddress();
+  return res;
 #endif  // SANITIZER_WORDSIZE
 }
 
Index: test/asan/CMakeLists.txt
===================================================================
--- test/asan/CMakeLists.txt
+++ test/asan/CMakeLists.txt
@@ -1,3 +1,5 @@
+include(AddLLVM)
+
 set(ASAN_LIT_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR})
 
 set(ASAN_TESTSUITES)
Index: test/asan/TestCases/Linux/kernel-area.cc
===================================================================
--- test/asan/TestCases/Linux/kernel-area.cc
+++ test/asan/TestCases/Linux/kernel-area.cc
@@ -0,0 +1,19 @@
+// Test that kernel area is not sanitized on 32-bit machines.
+//
+// RUN: %clangxx_asan %s -o %t
+// RUN: ASAN_OPTIONS=verbosity=1 %t 2>&1 | FileCheck %s --check-prefix=CHECK-%kernel_bits
+//
+// CHECK-kernel-32-bits: || `[0x38000000, 0xbfffffff]` || HighMem    ||
+// CHECK-kernel-32-bits: || `[0x27000000, 0x37ffffff]` || HighShadow ||
+// CHECK-kernel-32-bits: || `[0x24000000, 0x26ffffff]` || ShadowGap  ||
+//
+// CHECK-kernel-64-bits: || `[0x40000000, 0xffffffff]` || HighMem    ||
+// CHECK-kernel-64-bits: || `[0x28000000, 0x3fffffff]` || HighShadow ||
+// CHECK-kernel-64-bits: || `[0x24000000, 0x27ffffff]` || ShadowGap  ||
+//
+// REQUIRES: asan-32-bits
+
+int main() {
+  return 0;
+}
+
Index: test/asan/lit.cfg
===================================================================
--- test/asan/lit.cfg
+++ test/asan/lit.cfg
@@ -60,8 +60,15 @@
 python_exec = get_required_attr(config, "python_executable")
 config.substitutions.append( ("%asan_symbolize", python_exec + " " + asan_symbolize + " ") )
 
+# Determine kernel bitness
+if config.host_arch.find('64') != -1 and config.android != "TRUE":
+  kernel_bits = '64'
+else:
+  kernel_bits = '32'
+
 # Define CHECK-%os to check for OS-dependent output.
 config.substitutions.append( ('CHECK-%os', ("CHECK-" + config.host_os)))
+config.substitutions.append( ('CHECK-%kernel_bits', ("CHECK-kernel-" + kernel_bits + "-bits")))
 
 config.available_features.add("asan-" + config.bits + "-bits")
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D3119.3.patch
Type: text/x-patch
Size: 5416 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20140326/e5abc748/attachment.bin>


More information about the llvm-commits mailing list