leisiji opened a new pull request, #19134:
URL: https://github.com/apache/nuttx/pull/19134
## Summary
* When CONFIG_MM_KASAN and CONFIG_BUILD_KERNEL are both enabled on
qemu-armv7a:knsh, there are three issues preventing correct build
and runtime: (1) user-space heap false positive KASAN reports,
(2) app link failure due to undefined g_global_region symbol,
(3) linker script misplaces KASAN sections causing boot failure.
* This series fixes all three issues to make KASAN work correctly
in kernel mode on QEMU ARMv7-A.
## Impact
* Is new feature added? NO
* Impact on user? NO
* Impact on build? YES — CMake post-build now strips .kasan.unused
and .kasan.global sections when CONFIG_MM_KASAN_GLOBAL is enabled.
* Impact on hardware? YES — affects boards using qemu-armv7a with
KASAN enabled in kernel build.
* Impact on documentation? NO
* Impact on security? NO
* Impact on compatibility? NO
## Testing
- Build Host: Linux x86_64, GCC
- Target: qemu-armv7a:knsh (QEMU virt, Cortex-A7)
Setup config:
```
diff --git a/boards/arm/qemu/qemu-armv7a/configs/knsh/defconfig
b/boards/arm/qemu/qemu-armv7a/configs/knsh/defconfig
index 18b086834c..1e2a1c3f96 100644
--- a/boards/arm/qemu/qemu-armv7a/configs/knsh/defconfig
+++ b/boards/arm/qemu/qemu-armv7a/configs/knsh/defconfig
@@ -91,3 +91,6 @@ CONFIG_UART1_PL011=y
CONFIG_UART1_SERIAL_CONSOLE=y
CONFIG_UART_PL011=y
CONFIG_USEC_PER_TICK=1000
+CONFIG_MM_KASAN=y
+CONFIG_MM_KASAN_INSTRUMENT_ALL=y
+CONFIG_MM_KASAN_GLOBAL=y
```
Build:
```
cmake -B build -DBOARD_CONFIG=qemu-armv7a:knsh -GNinja && cmake --build build
```
Run:
```
qemu-system-arm -semihosting -M virt -m 128 -nographic -kernel ./build/nuttx
```
Testing logs before change:
- Without commit 1 (mm/umm_heap), ls /proc triggers "detect kasan error".
- Without commit 2 (mm/kasan), app link fails with undefined g_global_region.
- Without commit 3 (boards/arm/qemu), QEMU fails to boot (LOAD segment
conflict). Log of booting failure is below
```
qemu-system-arm: Some ROM regions are overlapping
These ROM regions might have been loaded by direct user request or by
default.
They could be BIOS/firmware images, a guest kernel, initrd or some other
file loaded into guest memory.
Check whether you intended to load all this guest code, and whether it has
been built to load to the correct addresses.
The following two regions overlap (in the cpu-memory-0 address space):
./build/nuttx ELF program header segment 1 (addresses 0x0000000000000000 -
0x0000000000030000)
dtb (addresses 0x0000000000000000 - 0x0000000000100000)
The following two regions overlap (in the cpu-memory-0 address space):
dtb (addresses 0x0000000000000000 - 0x0000000000100000)
./build/nuttx ELF program header segment 2 (addresses 0x0000000000030000 -
0x0000000000034420)
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
