1: Sanitizers for NetBSD
2:
3: # Current status
4:
5: Summary of the current status of sanitizers on a NetBSD host.
6:
7: # What are sanitizers?
8:
9: Sanitizer is a programming tool that detects computer program bugs such as buffer overflows, signed integer overflow, uninitialized memory read etc.
10:
11: Sanitizers are developed in LLVM, and a downstream port exists to GCC.
12:
13: # Types of sanitizers
14:
15: There are various types of sanitizers.
16:
17: A sanitizer is composed of an instrumentation part builtin into a compiler's code generation part.
18:
19: The instrumentation part emitted by a compiler requires a runtime library, that is shipped with compiler-rt.
20:
21: * Undefined Behavior Sanitizer (UBSan)
22: * Undefined Behavior with minimal runtime (UBSan_minimal)
23: * Address Sanitizer (ASan)
24: * Hardware Assisted Address Sanitizer (HWASan)
25: * Thread Sanitizer (TSan)
26: * Memory Sanitizer (MSan)
27: * Efficiency Sanitizer (ESan)
28: * Data Flow Sanitizer (DFSan)
29: * Leak Sanitizer (LSan)
30:
31: Additionally there are the following features shipped together with sanitizers:
32:
33: * profile
34: * SafeStack
35: * Control Flow Integrity
36: * Scudo Hardened Allocator
37: * XRay
38: * libFuzzer
39: * ShadowCallStack
40:
41: The compiler-rt package ships with libBlocksRuntime, builtins etc.
42:
43: As a NetBSD specific extension, there is a micro-UBSan runtime developed and maintained in the NetBSD source code.
44: It is designed to function inside libc (uUBSan - usermode-UBSan) and inside the kernel (kUBSan - kernel-UBSan).
45:
46: # Types of runtimes
47:
48: There are two types of sanitizer runtimes:
49:
50: * dynamically linked ones (default in GCC)
51: * statically linked ones (default in Clang)
52:
53: Base GCC/NetBSD works with the former, upstream HEAD version of LLVM/NetBSD works with the latter.
54:
55: Both compilers should support both of them, but the other options (GCC/NetBSD & static runtime, LLVM/NetBSD & dynamic runtime) are to be done.
56:
57: # Sanitizers in NetBSD
58:
59: Sanitizers in NetBSD are shipped with the following options:
60:
61: * together with the toolchain with the default compiler runtime (default),
62: * together with the MKSANITIZER option (build the userland with the default compiler sanitizer),
63: * together with the MKLIBCSANITIZER option (build the userland with a homegrown sanitizer runtime),
64: * together with the NetBSD kernel (build the kernel with a homegrown kernel sanitizer runtime).
65:
66: MKSANITIZER blog entry:
67:
68: http://blog.netbsd.org/tnf/entry/mksanitizer_bug_detector_software_integration
69:
70: MKLIBCSANITIZER and kernel sanitizer blog entry:
71:
72: http://blog.netbsd.org/tnf/entry/introduction_to_%C2%B5ubsan_a_clean
73:
74: # Support in NetBSD
75:
76: Currently the main focus is with LLVM and GCC.
77:
78: Generic TODO:
79:
80: * switch syscall(2)/__syscall(2) to libc calls
81: * upstream local patches / rebase to newly developed support in LLVM available in GCC 8.x and newer
82: * develop missing interceptors such as fts(3) (mostly MSan-centric)
83: * FILE and DIR sanitization (needed by at least: ESan, MSan)
84: * improve the framework for ioctl(2) database and handle special cases when a part of a struct can be uninitialized and passed to the kernel (MSan)
85: * finish StopTheWorld() and upstream to LLVM
86: * port to !x86
87: * fixes with the signal code
88: * pkgsrc integration
89: * finish the support of float128 for Clang/LLVM/libstdc++/libgcc
90: * LLVM fixes for shared (dlopen(3)-powered) runtime
91: * fix other bugs.
92:
93: ## GCC
94:
95: The GCC compiler assumed the version in distribution.
96:
97: ### GCC with the default runtime
98:
99: Name | NetBSD status
100: ----------|---------------------------------
101: UBSan | mostly works with all ports
102: ASan | mostly works with amd64 and i386
103: LSan | might work with amd64 and i386
104:
105: ### GCC with MKSANITIZER
106:
107: Untested.
108:
109: ### GCC with MKLIBCSANITIZER
110:
111: Name | NetBSD status
112: ----------|---------------------------------
113: UBSan | works with micro-UBSan
114:
115: ### GCC with kernel sanitizers
116:
117: Name | NetBSD status
118: ----------|---------------------------------
119: UBSan | works with micro-UBSan
120:
121: ## LLVM
122:
123: The LLVM support is available only with the HEAD version of the toolchain and not shipped in the base distribution.
124:
125: ### LLVM with the default runtime
126:
127: Name | NetBSD status
128: ----------|---------------------------------
129: UBSan | mostly works with all LLVM ports
130: ASan | mostly works with amd64 and i386
131: MSan | mostly works with amd64
132: TSan | mostly works with amd64
133:
134: ### LLVM with MKSANITIZER
135:
136: Name | NetBSD status
137: ----------|---------------------------------
138: UBSan | mostly works with all LLVM ports
139: ASan | mostly works with amd64 and i386
140:
141: ### LLVM with MKLIBCSANITIZER
142:
143: Name | NetBSD status
144: ----------|---------------------------------
145: UBSan | works with micro-UBSan
146:
147: ### LLVM with kernel sanitizers
148:
149: Name | NetBSD status
150: ----------|---------------------------------
151: UBSan | works with micro-UBSan
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb
![[BACK]](/icons/back.gif){kind=icon}
Return to sanitizers.mdwn CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [NetBSD Developer Wiki] / wikisrc / users / kamil