Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KASAN example #1214

Closed
SuibianP opened this issue Sep 12, 2024 · 4 comments
Closed

KASAN example #1214

SuibianP opened this issue Sep 12, 2024 · 4 comments
Assignees
@v-junyli

Comments

@SuibianP
Copy link

According to https://www.microsoft.com/en-us/security/blog/2023/01/26/introducing-kernel-sanitizers-on-microsoft-platforms/, Kernel AddressSanitizer (KASAN) is available on Windows for kernel-mode. However, there is very limited documentation as to how to use it. It would be nice to have an example detailing the way to build a driver with KASAN support.
@v-junyli
Copy link

v-junyli commented Oct 17, 2024
edited
Loading

Hi,

KASAN is not yet in the current release, it will be in the release next month (2410D), which should be out early November.

@JohnMcSandwich
Copy link
Contributor

@SuibianP - The documentation for KASAN was published today: https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/kasan.

I have a pending PR to add a KASAN demo to the samples: #1228.

@PeterGV
Copy link

PeterGV commented Nov 4, 2024

In addition to the sample, it would be extremely helpful if the documentation described, specifically, how KASAN differs from/adds to the already existing Driver Verifier (which does very efficient pool overrun checking as well as use-after-free checks) and stack overrun checking.
Why would a KM dev want to use KASAN if I already have Verifier enabled? Can they co-exist? Do they interact? What are the costs/benefits/tradeoffs.

@JakobL-MSFT
Copy link
Contributor

Huge shoutout to @JohnMcSandwich for making the KASAN scenario work for 3rd party device drivers and even providing a sample.

To provide a high-level answer to Peter's question:

  • DV and KASAN are complimentary.
  • DV is "lightweight" (as you do not need to special compile) whereas KASAN requires a special compilation
  • DV can only "see" what goes on "on the edge" of the driver whereas KASAN can intercept "inside" of a driver. (Exception to this: DV does have special treatment of memory manager / IRQL style checks where we bug check based on page violations rather than based on the specific bug in the driver itself (so bugcheck based on a symptom rather than necessarily at the immediate point of failure).
  • DV has tons of driver specific rules. KASAN is focused on generic memory checks.

I know what you really want is a more comprehensive and data driven answer. I don't have that.

I bet there are many other angles, but that's my 2 cents...

Jakob

References:

@v-junyli v-junyli self-assigned this Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@v-junyli v-junyli

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@PeterGV @SuibianP @JohnMcSandwich @JakobL-MSFT @v-junyli