On Tue, Dec 14, 2021 at 5:36 PM Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > On Tue, Dec 14, 2021 at 05:20:07PM +0100, Alexander Potapenko wrote: > > KernelMemorySanitizer (KMSAN) is a detector of errors related to uses of > > uninitialized memory. It relies on compile-time Clang instrumentation > > (similar to MSan in the userspace [1]) and tracks the state of every bit > > of kernel memory, being able to report an error if uninitialized value is > > used in a condition, dereferenced, or escapes to userspace, USB or DMA. > > Why is USB unique here? syzkaller just happens to be good at fuzzing USB drivers, so it was fairly easy to implement and test USB support for KMSAN. This should give the maintainers of other buses an idea of how this could be done :) What about serial data? i2c? spi? w1? We > have a lot of different I/O bus types :) We hope to cover those after KMSAN hits upstream. > > And how is DMA checked given that the kernel shouldn't be seeing dma > memory? Before writing a buffer to DMA, that buffer's contents are checked by KMSAN. If there are uninitialized bytes, those will be reported. After reading a buffer from DMA, it is marked as initialized to avoid false positives. We do not track DMA memory itself. > thanks, > > greg k-h -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
