Kernel: Expose sysctl 'ubsan_is_deadly' to panic the Kernel on UB

This makes it easier to find UB, for example when fuzzing the Kernel. This can be enabled by default, thanks to @boricj's work in 32e1354b9b.
2024-10-07 00:19:27 +00:00 · 2021-03-04 22:07:23 +01:00 · 2021-03-04 22:07:23 +01:00 · 00131d244e
parent a0362d827c
commit 00131d244e
3 changed files with 14 additions and 1 deletions
--- a/Kernel/FileSystem/ProcFS.cpp
+++ b/Kernel/FileSystem/ProcFS.cpp
@ -59,6 +59,7 @@
 #include <Kernel/Scheduler.h>
 #include <Kernel/StdLib.h>
 #include <Kernel/TTY/TTY.h>
+#include <Kernel/UBSanitizer.h>
 #include <Kernel/VM/AnonymousVMObject.h>
 #include <Kernel/VM/MemoryManager.h>
 #include <LibC/errno_numbers.h>
@ -994,6 +995,7 @@ void ProcFS::add_sys_string(String&& name, Lockable<String>& var, Function<void(
 bool ProcFS::initialize()
 {
    static Lockable<bool>* kmalloc_stack_helper;
+    static Lockable<bool>* ubsan_deadly_helper;

    if (kmalloc_stack_helper == nullptr) {
        kmalloc_stack_helper = new Lockable<bool>();
@ -1001,6 +1003,11 @@ bool ProcFS::initialize()
        ProcFS::add_sys_bool("kmalloc_stacks", *kmalloc_stack_helper, [] {
            g_dump_kmalloc_stacks = kmalloc_stack_helper->resource();
        });
+        ubsan_deadly_helper = new Lockable<bool>();
+        ubsan_deadly_helper->resource() = UBSanitizer::g_ubsan_is_deadly;
+        ProcFS::add_sys_bool("ubsan_is_deadly", *ubsan_deadly_helper, [] {
+            UBSanitizer::g_ubsan_is_deadly = ubsan_deadly_helper->resource();
+        });
    }
    return true;
 }
--- a/Kernel/UBSanitizer.cpp
+++ b/Kernel/UBSanitizer.cpp
@ -26,22 +26,26 @@

 #include <AK/Format.h>
 #include <Kernel/KSyms.h>
+#include <Kernel/Panic.h>
 #include <Kernel/UBSanitizer.h>

 using namespace Kernel;
 using namespace Kernel::UBSanitizer;

+bool Kernel::UBSanitizer::g_ubsan_is_deadly { true };
+
 extern "C" {

 static void print_location(const SourceLocation& location)
 {
    if (!location.filename()) {
        dbgln("KUBSAN: in unknown file");
-
    } else {
        dbgln("KUBSAN: at {}, line {}, column: {}", location.filename(), location.line(), location.column());
    }
    dump_backtrace();
+    if (g_ubsan_is_deadly)
+        PANIC("UB is configured to be deadly.");
 }

 void __ubsan_handle_load_invalid_value(const InvalidValueData&, ValueHandle);
--- a/Kernel/UBSanitizer.h
+++ b/Kernel/UBSanitizer.h
@ -30,6 +30,8 @@

 namespace Kernel::UBSanitizer {

+extern bool g_ubsan_is_deadly;
+
 typedef void* ValueHandle;

 class SourceLocation {