[PATCH] Do not sanitize kernel area on 32-bit targets
Yury Gribov
tetra2005 at gmail.com
Wed Mar 26 08:36:17 PDT 2014
Updates based on feedback from maintainers.
Hi kcc, glider, samsonov,
http://llvm-reviews.chandlerc.com/D3119
CHANGE SINCE LAST DIFF
http://llvm-reviews.chandlerc.com/D3119?vs=8123&id=8133#toc
Files:
lib/sanitizer_common/sanitizer_posix.cc
lib/asan/asan_mapping.h
lib/asan/asan_rtl.cc
test/asan/lit.cfg
test/asan/TestCases/Linux/kernel-area.cc
Index: lib/sanitizer_common/sanitizer_posix.cc
===================================================================
--- lib/sanitizer_common/sanitizer_posix.cc
+++ lib/sanitizer_common/sanitizer_posix.cc
@@ -22,13 +22,30 @@
#include <sys/mman.h>
+#if SANITIZER_LINUX
+#include <sys/utsname.h>
+#endif
+
namespace __sanitizer {
// ------------- sanitizer_common.h
uptr GetMmapGranularity() {
return GetPageSize();
}
+// Take care of unusable kernel area in top gigabyte
+static uptr GetKernelStartAddress() {
+#if SANITIZER_LINUX
+ // 64-bit Linux provides 32-bit apps with full address space
+ struct utsname uname_info;
+ return 0 == uname(&uname_info) && !internal_strstr(uname_info.machine, "64")
+ ? 1ULL << 30
+ : 0;
+#else
+ return 0;
+#endif // SANITIZER_LINUX
+}
+
uptr GetMaxVirtualAddress() {
#if SANITIZER_WORDSIZE == 64
# if defined(__powerpc64__)
@@ -44,8 +61,9 @@
return (1ULL << 47) - 1; // 0x00007fffffffffffUL;
# endif
#else // SANITIZER_WORDSIZE == 32
- // FIXME: We can probably lower this on Android?
- return (1ULL << 32) - 1; // 0xffffffff;
+ uptr res = (1ULL << 32) - 1; // 0xffffffff;
+ res -= GetKernelStartAddress();
+ return res;
#endif // SANITIZER_WORDSIZE
}
Index: lib/asan/asan_mapping.h
===================================================================
--- lib/asan/asan_mapping.h
+++ lib/asan/asan_mapping.h
@@ -43,13 +43,22 @@
// || `[0x00007fff8000, 0x00008fff6fff]` || LowShadow ||
// || `[0x000000000000, 0x00007fff7fff]` || LowMem ||
//
-// Default Linux/i386 mapping:
+// Default Linux/i386 mapping on x86_64 machine:
// || `[0x40000000, 0xffffffff]` || HighMem ||
// || `[0x28000000, 0x3fffffff]` || HighShadow ||
// || `[0x24000000, 0x27ffffff]` || ShadowGap ||
// || `[0x20000000, 0x23ffffff]` || LowShadow ||
// || `[0x00000000, 0x1fffffff]` || LowMem ||
//
+// Default Linux/i386 mapping on i386 machine
+// (addresses starting with 0xc0000000 are reserved
+// for kernel and thus not sanitized):
+// || `[0x38000000, 0xbfffffff]` || HighMem ||
+// || `[0x27000000, 0x37ffffff]` || HighShadow ||
+// || `[0x24000000, 0x26ffffff]` || ShadowGap ||
+// || `[0x20000000, 0x23ffffff]` || LowShadow ||
+// || `[0x00000000, 0x1fffffff]` || LowMem ||
+//
// Default Linux/MIPS mapping:
// || `[0x2aaa8000, 0xffffffff]` || HighMem ||
// || `[0x0fffd000, 0x2aaa7fff]` || HighShadow ||
Index: lib/asan/asan_rtl.cc
===================================================================
--- lib/asan/asan_rtl.cc
+++ lib/asan/asan_rtl.cc
@@ -565,6 +565,7 @@
ReserveShadowMemoryRange(kHighShadowBeg, kHighShadowEnd);
// protect the gap.
ProtectGap(kShadowGapBeg, kShadowGapEnd - kShadowGapBeg + 1);
+ CHECK_EQ(kShadowGapEnd, kHighShadowBeg - 1);
} else if (kMidMemBeg &&
MemoryRangeIsAvailable(shadow_start, kMidMemBeg - 1) &&
MemoryRangeIsAvailable(kMidMemEnd + 1, kHighShadowEnd)) {
Index: test/asan/lit.cfg
===================================================================
--- test/asan/lit.cfg
+++ test/asan/lit.cfg
@@ -60,8 +60,15 @@
python_exec = get_required_attr(config, "python_executable")
config.substitutions.append( ("%asan_symbolize", python_exec + " " + asan_symbolize + " ") )
+# Determine kernel bitness
+if config.host_arch.find('64') != -1 and config.android != "TRUE":
+ kernel_bits = '64'
+else:
+ kernel_bits = '32'
+
# Define CHECK-%os to check for OS-dependent output.
config.substitutions.append( ('CHECK-%os', ("CHECK-" + config.host_os)))
+config.substitutions.append( ('CHECK-%kernel_bits', ("CHECK-kernel-" + kernel_bits + "-bits")))
config.available_features.add("asan-" + config.bits + "-bits")
Index: test/asan/TestCases/Linux/kernel-area.cc
===================================================================
--- test/asan/TestCases/Linux/kernel-area.cc
+++ test/asan/TestCases/Linux/kernel-area.cc
@@ -0,0 +1,19 @@
+// Test that kernel area is not sanitized on 32-bit machines.
+//
+// RUN: %clangxx_asan %s -o %t
+// RUN: ASAN_OPTIONS=verbosity=1 %t 2>&1 | FileCheck %s --check-prefix=CHECK-%kernel_bits
+//
+// CHECK-kernel-32-bits: || `[0x38000000, 0xbfffffff]` || HighMem ||
+// CHECK-kernel-32-bits: || `[0x27000000, 0x37ffffff]` || HighShadow ||
+// CHECK-kernel-32-bits: || `[0x24000000, 0x26ffffff]` || ShadowGap ||
+//
+// CHECK-kernel-64-bits: || `[0x40000000, 0xffffffff]` || HighMem ||
+// CHECK-kernel-64-bits: || `[0x28000000, 0x3fffffff]` || HighShadow ||
+// CHECK-kernel-64-bits: || `[0x24000000, 0x27ffffff]` || ShadowGap ||
+//
+// REQUIRES: asan-32-bits
+
+int main() {
+ return 0;
+}
+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D3119.4.patch
Type: text/x-patch
Size: 4614 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20140326/b9e97a27/attachment.bin>
More information about the llvm-commits
mailing list