Re: Compile KASAN kernel
Re: Compile KASAN kernel
- Subject: Re: Compile KASAN kernel
- From: N <email@hidden>
- Date: Thu, 15 Feb 2018 13:37:07 +0100
Dear Aaron,
I could not get a KASAN build of xnu-4570.1.46 to boot on a VMWare Fusion VM or
a real machine. I have set my boot arguments to "-v debug=0x100 kcsuffix=kasan
keepsyms=1";
in both cases, I see no log in the console, and the kernel seems to hang. Here
is a backtrace
I have obtained from a VM:
(lldb) bt
* thread #1, stop reason = signal SIGTRAP
* frame #0: 0xffffff8002a5ef51 kernel.kasan`vstart_trap_handler_14 + 1
frame #1: 0xffffff8002a4213b kernel.kasan`cpuid_fn(selector=0,
result=0xffffff8002118d90) at cpuid.c:236
frame #2: 0xffffff8002a3f567
kernel.kasan`cpuid_set_generic_info(info_p=0xffffff8004dff000) at cpuid.c:490
frame #3: 0xffffff8002a3f123 kernel.kasan`cpuid_set_info at cpuid.c:827
frame #4: 0xffffff8002a41779 kernel.kasan`cpuid_info at cpuid.c:1041
frame #5: 0xffffff8002a41ca9 kernel.kasan`cpuid_leaf7_features at
cpuid.c:1165
frame #6: 0xffffff80029f4f99
kernel.kasan`intel_entropysource(buf=0xffffff8004c7f5c8,
nbytes=0xffffff8002118e70) at random.c:168
frame #7: 0xffffff80029f4304
kernel.kasan`entropy_readall(buf=0xffffff8004c7f5b8, nbytes_persource=16) at
random.c:200
frame #8: 0xffffff80029f40ee kernel.kasan`early_random at random.c:341
frame #9: 0xffffff8002a53c07 kernel.kasan`physmap_init at i386_init.c:207
frame #10: 0xffffff8002a53551 kernel.kasan`Idle_PTs_init at i386_init.c:306
frame #11: 0xffffff8002a532c5
kernel.kasan`vstart(boot_args_start=0x000000000766a000) at i386_init.c:631
(I have modified master_boot_idt64 to have a separate vector per exception.)
I have then modified vstart to call pal_serial_init for KASAN builds as well,
hoping that I would get
some log over serial, however, I am getting the same exception:
(lldb) bt
* thread #1, stop reason = signal SIGTRAP
* frame #0: 0xffffff801a05f1f4 kernel.kasan`vstart_trap_handler_14 + 4
frame #1: 0xffffff801a05797d
kernel.kasan`ml_phys_write_data(paddr=4261634076, data=90, size=4) at
loose_ends.c:435
frame #2: 0xffffff801a057ab0
kernel.kasan`ml_phys_write_word(paddr=0x00000000fe03601c, data=90) at
loose_ends.c:484
frame #3: 0xffffff801bbe6860 kernel.kasan`mmio_uart_present at
pe_serial.c:234
frame #4: 0xffffff801bbe665f kernel.kasan`mmio_uart_probe at pe_serial.c:261
frame #5: 0xffffff801bbe6556 kernel.kasan`serial_init at pe_serial.c:383
frame #6: 0xffffff801a033699 kernel.kasan`pal_serial_init at
pal_routines.c:77
frame #7: 0xffffff801a053292
kernel.kasan`vstart(boot_args_start=0x000000001ec59000) at i386_init.c:597
Seemingly, I am getting a page fault, but I am not sure why it happens at this
stage. Unfortunately, I can debug only
the virtual machine, but I suspect the same happens on a real one.
I would be happy to hear what could be going wrong here. If needed, I can
provide any additional information.
Thank you in advance.
> On 14 Feb 2018, at 23:08, Aaron Carroll <email@hidden> wrote:
>
>
>> On Feb 14, 2018, at 12:33, Andrew Zui <email@hidden> wrote:
>>
>> Hi,
>>
>> I'm trying to pin down a memory corruption in my kext, and I found out that
>> the latest kernel supports KASAN. However, when trying to compile it I get
>> the following error:
>>
>> make[7]: *** No rule to make target
>> `xnu-4570.41.2/san/kasan-blacklist-dynamic', needed by
>> `xnu-4570.41.2/BUILD/obj/KASAN_X86_64/san/KASAN/kasan_blacklist_dynamic.h'.
>> Stop.
>>
>> I see that 'kasan_blacklist_dynamic.h' is generated via
>> 'san/tools/generate_dynamic_blacklist.py', but for it to work the script has
>> to be pointed to 'kasan-blacklist-dynamic' file, which is missing.
>>
>> Is there any workaround available? Or is this functionality only for
>> internal use?
>
> This should do the trick:
>
> $ echo '__kernel__:_ZN6OSKext8copyInfoEP7OSArray:memld' >
> san/kasan-blacklist-dynamic
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Darwin-kernel mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden