Re: [PATCH] lib: sbi: KASan implementation for OpenSBI

[Samuel Holland <samuel.holland@sifive.com>]

Hi Marcos,

On 2026-01-14 12:43 PM, Marcos Oduardo wrote:
> From: marcos <marcos.oduardo@gmail.com>
> 
> KASan (Kernel Address Sanitizer) is a tool implemented using compiler
> instrumentation at runtime that allows checking for memory management
> bugs such as heap OOB access, stack overflow or global OOB write.
> Compiling and testing the OpenSBI firmware against KASan will print a
> message in the console highlighting the memory access that caused the
> bug and its address.
> 
> Support for this implementation involves two main components:
> 1. The KASan implementation hooks: Custom malloc, memset, memcpy to
>    check for bugs and the handlers when finding a bug.
> 2. A test suite to verify correct operation at runtime.
> 
> KASan needs to keep a copy of the sanitized memory region. This copy is
> named shadowmap, and each byte of this map corresponds to 8 bytes of
> real memory. KASan keeps a record of the state of each address and
> checks each memory access performed by OpenSBI.
> 
> In addition, this patch increases FW_PAYLOAD_OFFSET to accommodate the
> memory overhead when both KASan and UBSan are enabled simultaneously,
> ensuring that the OpenSBI binary fits within the limits.
> 
> Users may compile OpenSBI with the KASan instrumentation by adding the
> flag ENABLEKASAN=y to the make command. To compile with the tests, add
> the flag ENABLEKASANTESTS=y.
> 
> Note that the implementation of KASan adds a certain overhead caused by
> the checks performed at runtime and the shadowmap loaded in memory;
> therefore, it is only expected to be used in development builds, never
> in production. If ENABLEKASAN is not set, tests won't be compiled even
> if the ENABLEKASANTESTS flag is enabled.
> 
> Signed-off-by: Marcos Oduardo <marcos.oduardo@gmail.com>
> ---
>  Makefile                     |  32 ++++
>  firmware/fw_base.S           |   4 +-
>  firmware/fw_base.ldS         |   9 +-
>  include/sbi/sbi_heap.h       |  22 ++-
>  include/sbi/sbi_kasan.h      |  35 ++++
>  include/sbi/sbi_kasan_test.h |  24 +++
>  include/sbi/sbi_string.h     |  13 +-
>  include/sbi/sbi_types.h      |   1 +
>  lib/sbi/objects.mk           |   3 +
>  lib/sbi/sbi_heap.c           |   5 +-
>  lib/sbi/sbi_init.c           |  19 ++
>  lib/sbi/sbi_kasan.c          | 343 +++++++++++++++++++++++++++++++++++
>  lib/sbi/sbi_kasan_test.c     |  60 ++++++
>  lib/sbi/sbi_string.c         |  55 +++++-
>  platform/generic/objects.mk  |   5 +-
>  15 files changed, 616 insertions(+), 14 deletions(-)
>  create mode 100644 include/sbi/sbi_kasan.h
>  create mode 100644 include/sbi/sbi_kasan_test.h
>  create mode 100644 lib/sbi/sbi_kasan.c
>  create mode 100644 lib/sbi/sbi_kasan_test.c
...
> diff --git a/include/sbi/sbi_kasan.h b/include/sbi/sbi_kasan.h
> new file mode 100644
> index 00000000..2a3c027a
> --- /dev/null
> +++ b/include/sbi/sbi_kasan.h
> @@ -0,0 +1,35 @@
> +/*
> + * Copyright 2024 Google LLC
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * version 2 as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + */

This looks like it would be a very useful feature, but you have added several
files under a license that is not compatible with the remainder of the OpenSBI
project, which uses the BSD-2-Clause license. I don't think this patch can be
reviewed in its current state.

Regards,
Samuel


-- 
opensbi mailing list
opensbi@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/opensbi