[PATCH] lib: sbi: KASan implementation for OpenSBI
Samuel Holland
samuel.holland at sifive.com
Wed Jan 14 11:08:15 PST 2026
Hi Marcos,
On 2026-01-14 12:43 PM, Marcos Oduardo wrote:
> From: marcos <marcos.oduardo at gmail.com>
>
> KASan (Kernel Address Sanitizer) is a tool implemented using compiler
> instrumentation at runtime that allows checking for memory management
> bugs such as heap OOB access, stack overflow or global OOB write.
> Compiling and testing the OpenSBI firmware against KASan will print a
> message in the console highlighting the memory access that caused the
> bug and its address.
>
> Support for this implementation involves two main components:
> 1. The KASan implementation hooks: Custom malloc, memset, memcpy to
> check for bugs and the handlers when finding a bug.
> 2. A test suite to verify correct operation at runtime.
>
> KASan needs to keep a copy of the sanitized memory region. This copy is
> named shadowmap, and each byte of this map corresponds to 8 bytes of
> real memory. KASan keeps a record of the state of each address and
> checks each memory access performed by OpenSBI.
>
> In addition, this patch increases FW_PAYLOAD_OFFSET to accommodate the
> memory overhead when both KASan and UBSan are enabled simultaneously,
> ensuring that the OpenSBI binary fits within the limits.
>
> Users may compile OpenSBI with the KASan instrumentation by adding the
> flag ENABLEKASAN=y to the make command. To compile with the tests, add
> the flag ENABLEKASANTESTS=y.
>
> Note that the implementation of KASan adds a certain overhead caused by
> the checks performed at runtime and the shadowmap loaded in memory;
> therefore, it is only expected to be used in development builds, never
> in production. If ENABLEKASAN is not set, tests won't be compiled even
> if the ENABLEKASANTESTS flag is enabled.
>
> Signed-off-by: Marcos Oduardo <marcos.oduardo at gmail.com>
> ---
> Makefile | 32 ++++
> firmware/fw_base.S | 4 +-
> firmware/fw_base.ldS | 9 +-
> include/sbi/sbi_heap.h | 22 ++-
> include/sbi/sbi_kasan.h | 35 ++++
> include/sbi/sbi_kasan_test.h | 24 +++
> include/sbi/sbi_string.h | 13 +-
> include/sbi/sbi_types.h | 1 +
> lib/sbi/objects.mk | 3 +
> lib/sbi/sbi_heap.c | 5 +-
> lib/sbi/sbi_init.c | 19 ++
> lib/sbi/sbi_kasan.c | 343 +++++++++++++++++++++++++++++++++++
> lib/sbi/sbi_kasan_test.c | 60 ++++++
> lib/sbi/sbi_string.c | 55 +++++-
> platform/generic/objects.mk | 5 +-
> 15 files changed, 616 insertions(+), 14 deletions(-)
> create mode 100644 include/sbi/sbi_kasan.h
> create mode 100644 include/sbi/sbi_kasan_test.h
> create mode 100644 lib/sbi/sbi_kasan.c
> create mode 100644 lib/sbi/sbi_kasan_test.c
...
> diff --git a/include/sbi/sbi_kasan.h b/include/sbi/sbi_kasan.h
> new file mode 100644
> index 00000000..2a3c027a
> --- /dev/null
> +++ b/include/sbi/sbi_kasan.h
> @@ -0,0 +1,35 @@
> +/*
> + * Copyright 2024 Google LLC
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * version 2 as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + */
This looks like it would be a very useful feature, but you have added several
files under a license that is not compatible with the remainder of the OpenSBI
project, which uses the BSD-2-Clause license. I don't think this patch can be
reviewed in its current state.
Regards,
Samuel
More information about the opensbi
mailing list