This is the mail archive of the
mailing list for the GCC project.
Re: [Patch 0/X] [WIP][RFC][libsanitizer] Introduce HWASAN to GCC
- From: Matthew Malcomson <Matthew dot Malcomson at arm dot com>
- To: Martin Liška <mliska at suse dot cz>, "gcc-patches at gcc dot gnu dot org" <gcc-patches at gcc dot gnu dot org>
- Cc: "dodji at redhat dot com" <dodji at redhat dot com>, nd <nd at arm dot com>, "kcc at google dot com" <kcc at google dot com>, "jakub at redhat dot com" <jakub at redhat dot com>, "dvyukov at google dot com" <dvyukov at google dot com>
- Date: Wed, 11 Sep 2019 16:37:21 +0000
- Subject: Re: [Patch 0/X] [WIP][RFC][libsanitizer] Introduce HWASAN to GCC
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YtCtTmCc1JP4QjzSzvO8yfYnlPQhEyn+MlSXHKzUo1w=; b=JDPAGeIC5kqemKwM0prrVFKWxXMwRqkauS8Y79nBs9twkayXGTmHoVwqHhWldpjiWA8itRKjcsme2rkig0V0tPQe2NX7CwHrYswQORqRdfmrUnFQ5od8nkjlYOPNcXv6XD0Mx8+NtRrY2GHnjrhLUdjicrGsVyhjzd2Uvg+aTH5PaZZeQAvJyglO/xsvJaR2bOpEkdR6KnZpdghM7p4AHQwmiPmhx/HfjaSbdNXDQaPrAFQgfypkx7HmpgOvbnR6G5N6xcrdzMp5JYdylo9YrzkqrwoXE/aoRpXtj2e8O7rtqe8CF/HvF8IUDXm09kAbkvwxEA4TBPg4wqFqnJH4GA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hHF55PgULoxiHSjYgCW5lxppW2aZDfrKhII04sjCzEMT8zkswqwdmfSoT4hojOlCcrGPtb1wD2nO7G0fzznglbK+wwPdiCC9g8CHXPWIlNzmdvXhVvJUVlpbtZ8awiQZxRyHODZs3yZw+Z6Ge5NUxqDCNsv9CsS5NT9LNcihzO68j5IhvhFsyepSuixl0bhodwL0gsOPJ0/D2CcFWnqk1DTh2caJz44P+hTLFKiTdD1ejdHNSwH6AV1cZK9uYnOHsYH9SA7+1MzvxZipdFTgxEJjIv/zBRMF+AlsaTn0kmNyl8f+lFlVdTcZ4vdl6xPrJF8uIVk8umfvGmVW/W8tNg==
- Original-authentication-results: spf=none (sender IP is ) smtp.mailfrom=Matthew dot Malcomson at arm dot com;
- References: <firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org> <email@example.com>
On 11/09/19 12:53, Martin Liška wrote:
> On 9/9/19 5:54 PM, Matthew Malcomson wrote:
>> On 09/09/19 11:47, Martin Liška wrote:
>>> On 9/6/19 4:46 PM, Matthew Malcomson wrote:
>> As I understand it, `hwasan-abi=interceptor` vs `platform` is about
>> adding such MTE emulation for "application code" or "platform code (e.g.
>> kernel)" respectively.
> Hm, are you sure? Clang also uses -fsanitize=kernel-hwaddress which should
> be equivalent to kernel-address for -fsanitize=address.
I'm not at all sure it's to do with the kernel ;-}
Here's the commit that adds the flag.
From the commit message it seems the point is to distinguish between
running on runtimes that natively support HWASAN (named the "platform"
abi) and those where functions like malloc and pthread_create have to be
intercepted (named the "interceptor" abi).
I had assumed that targeting the kernel would be in the "platform"
group, but it could easily not be the case.
Considering the message form the below commit it seems that this is more
targeted at instrumenting things like libc https://reviews.llvm.org/D50922.
I'm currently working on writing down the questions I plan to ask the
developers of HWASAN in LLVM, I'll put this on the list :-)
>> There's an even more fundamental problem of accesses within the
>> instrumented binary -- I haven't yet figured out how to remove the tag
>> before accesses on architectures without the AArch64 TBI feature.
> Which should platforms like x86_64, right?
As yet I haven't gotten anything working for architectures without TBI
(everything except AArch64).
This particular problem was one I was hoping for suggestions around (my
first of the questions in my cover letter).
>>>> The current patch series is far from complete, but I'm posting the current state
>>>> to provide something to discuss at the Cauldron next week.
>>>> In its current state, this sanitizer only works on AArch64 with a custom kernel
>>>> to allow tagged pointers in system calls. This is discussed in the below link
>>>> https://source.android.com/devices/tech/debug/hwasan -- the custom kernel allows
>>>> tagged pointers in syscalls.
>>> Can you be please more specific. Is the MTE in upstream linux kernel? If so,
>>> starting from which version?
>> I find I can only make complicated statements remotely clear in bullet
>> points ;-)
>> What I was trying to say was:
>> - HWASAN from this patch series requires AArch64 TBI.
>> (I have not handled architectures without TBI)
>> - The upstream kernel does not accept tagged pointers in syscalls.
>> (programs that use TBI must currently clear tags before passing
>> pointers to the kernel)
> I know that in case of ASAN, the libasan provides wrappers (interceptors) for various glibc
> functions that are often system calls. Similar wrappers are probably used in HWASAN
> and so that one can create the memory pointer tags.
>> - This patch series doesn't include any way to avoid passing tagged
>> pointers to syscalls.
> I bet LLVM has the same problem so I would expect a handling in the interceptors.
I'm pretty sure this problem hasn't been solved with interceptors.
The android page describing hwasan specifically mentions the requirement
of a Linux kernel accepting tagged pointers, and I believe this is the
most supported environment.
"HWASan requires the Linux kernel to accept tagged pointers in system
Also, there are surprisingly few interceptors defined in libhwasan.
>> - Hence on order to test the sanitizer I'm using a kernel that has been
>> patched to accept tagged pointers in many syscalls.
>> - The link to the android.com site is just another source describing the
>> same requirement.
>> The support for the relaxed ABI (of accepting tagged pointers in various
>> syscalls in the kernel) is being discussed on the kernel mailing list,
>> the latest patchset I know of is here:
> Thanks for pointer.