KASAN backport to Linux 2.6 kernel

Kuthonuzo Luruo

unread,

Sep 12, 2016, 12:11:22 AM9/12/16

to cyber...@gmail.com, syzkaller, kasan-dev, Andrey Ryabinin, kuthonu...@hpe.com

Attached is a patch that backports KASAN from Linux 4.x to Linux 2.6.32.71.

Minimally tested on QEMU/KVM; boot-tested on an HPE ProLiant DL380.

Applies on top of Linux 2.6.32.71 + the following files that provide
compiler-related definitions:
- include/linux/compiler-gcc.h
- include/linux/compiler.h

(I used the ones from Linux 4.4).

Build with gcc 5.3 and CONFIG_SLUB.

Kuthonuzo

linux-2.6.32.71-kasan.patch

Dmitry Vyukov

unread,

Sep 21, 2016, 3:03:45 AM9/21/16

to Kuthonuzo Luruo, cyber...@gmail.com, syzkaller, kasan-dev, Andrey Ryabinin, Kuthonuzo Luruo

Oh, the legendary 2.6.32!
Were you able to find any bugs in it?

Kuthonuzo Luruo

unread,

Sep 21, 2016, 5:22:32 AM9/21/16

to Dmitry Vyukov, CC crazy, syzkaller, kasan-dev, Andrey Ryabinin, Kuthonuzo Luruo

Just booting it suffices to catch some bugs ;-), eg., [***]. But we're
using KASAN mostly on an internal filesystems project.

Thanks to KASAN developers and the AddressSanitizer project!

Kuthonuzo

[***]
BUG: KASAN: use-after-free in __scsi_scan_target+0xd74/0x10d0 at addr
ffff8802b5e38e20
BUG: KASAN: stack-out-of-bounds in idr_for_each+0x21e/0x270 at addr
ffff88029a62fb80
BUG: KASAN: stack-out-of-bounds in idr_remove_all+0x24e/0x2a0 at addr
ffff88029a62fb80

Dmitry Vyukov

unread,

Sep 22, 2016, 8:36:15 AM9/22/16

to Kuthonuzo Luruo, CC crazy, syzkaller, kasan-dev, Andrey Ryabinin, Kuthonuzo Luruo

Nice!

proline jung

unread,

Apr 5, 2017, 3:19:43 AM4/5/17

to syzkaller

Thank you for providing patch.

I applied your patch on kernel 2.6.32.71 and build, but follow error occurred.

if you know this error, please advice for me. and could I know about your compile environment? (Host os, kernel config, etc..)

In file included from include/linux/compiler.h:40:0,

from include/linux/stddef.h:4,

from include/linux/posix_types.h:4,

from include/linux/types.h:14,

from include/linux/page-flags.h:8,

from kernel/bounds.c:9:

include/linux/compiler-gcc.h:86:30: fatal error: linux/compiler-gcc5.h: No such file or directory

2016년 9월 12일 월요일 오후 1시 11분 22초 UTC+9, Kuthonuzo Luruo 님의 말:

Dmitry Vyukov

unread,

Apr 6, 2017, 8:56:49 AM4/6/17

to proline jung, syzkaller, kasan-dev

+kasan-dev again

Try to simply copy linux/compiler-gcc4.h to linux/compiler-gcc5.h.

Message has been deleted

proline jung

unread,

May 1, 2017, 8:47:55 PM5/1/17

to syzkaller

thanks.

I fixed almost error, but I can't fix it. anyone have idea for this error?

my compile system is ubuntu 14.04, gcc 5.4.1, kernel 2.6.32.71

follow is error..

lib/stackdepot.c: In function ‘init_stack_slab’:

/opt/linux-2.6.32.71/arch/x86/include/asm/system.h:471:4: error: implicit declaration of function ‘compiletime_assert_atomic_type’ [-Werror=implicit-function-declaration]

compiletime_assert_atomic_type(*p); \

^

lib/stackdepot.c:86:6: note: in expansion of macro ‘smp_load_acquire’

if (smp_load_acquire(&next_slab_inited))

^

cc1: some warnings being treated as errors

make[1]: *** [lib/stackdepot.o] Error 1

make: *** [lib] Error 2

Dmitry Vyukov

unread,

May 2, 2017, 2:01:18 AM5/2/17

to proline jung, kasan-dev

+kasan-dev
-syzkaller to bcc

What is type of next_slab_inited?
How is compiletime_assert_atomic_type defined?

> --
> You received this message because you are subscribed to the Google Groups
> "syzkaller" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to syzkaller+...@googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.

Reply all

Reply to author

Forward