libutils: asan: skip global unpoison for bget-backed globals

Track ASan user-region type at map time and mark bget pool backing ranges
as ASAN_REG_MEM_POOL.

Global registration currently unpoisons

libutils: asan: skip global unpoison for bget-backed globals

Track ASan user-region type at map time and mark bget pool backing ranges
as ASAN_REG_MEM_POOL.

Global registration currently unpoisons globals via asan_tag_access().
For globals used as bget pool backing storage, this overwrites the initial
pool shadow state (ASAN_HEAP_RED_ZONE, heap-free) and breaks expected
allocator poisoning semantics.

Skip global unpoison for globals that contain a memory-pool backing range,
while keeping normal redzone handling for those globals. Update ASan
mapping call sites to pass region type (STACK, ELF, MEM_POOL, NO_TYPE).

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: asan: improve report output

Add optional shadow dump in TRACE_DEBUG builds for better ASan diagnostics.
Also expand the shadow bytes printed around the faulting address.

Signed-off-by: Al

libutils: asan: improve report output

Add optional shadow dump in TRACE_DEBUG builds for better ASan diagnostics.
Also expand the shadow bytes printed around the faulting address.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

asan: support trusted applications

Add CFG_TA_SANITIZE_KADDRESS and enable -fsanitize=kernel-address for TAs.
Extend ASan to map shadow regions in user space. Shadow memory for trusted
applications

asan: support trusted applications

Add CFG_TA_SANITIZE_KADDRESS and enable -fsanitize=kernel-address for TAs.
Extend ASan to map shadow regions in user space. Shadow memory for trusted
applications is now mapped during ldelf loading. CFG_TA_SANITIZE_KADDRESS
acts as a global flag and propagates to all internal and external TAs.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

asan: add ldelf support and user shadow mapping infrastructure

This commit enables ASan support in ldelf and introduces infrastructure
for mapping ASan shadow regions in user space. With these chang

asan: add ldelf support and user shadow mapping infrastructure

This commit enables ASan support in ldelf and introduces infrastructure
for mapping ASan shadow regions in user space. With these changes,
ASan built with CFG_CORE_SANITIZE_KADDRESS is no longer limited to
the core and can also operate in ldelf.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: asan: support multiple shadow regions

Replace the single shadow range with a list of shadowed virtual regions.
Access validation is performed per-region: an access is considered inside
sha

libutils: asan: support multiple shadow regions

Replace the single shadow range with a list of shadowed virtual regions.
Access validation is performed per-region: an access is considered inside
shadow memory only if it is fully contained within a single registered
region. The access is considered out of shadow memory if it does not
intersect any registered shadow region.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: move ASan runtime and tests from core to libutils

This patch relocates the ASan runtime and its self-tests from the core
to libutils/ext. While ASan is still only enabled for the TEE core,

libutils: move ASan runtime and tests from core to libutils

This patch relocates the ASan runtime and its self-tests from the core
to libutils/ext. While ASan is still only enabled for the TEE core, this
refactoring removes core-specific placement and makes the code
available to other components.

The main benefit is that ASan support and the test helpers can now be
potentially reused by ldelf and TAs in the future, instead of being
tied to the core build. The existing ASan core behaviour is unchanged.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...