From mboxrd@z Thu Jan 1 00:00:00 1970 Subject: Re: [edk2-devel] Question about UEFI, AddressSanitizer and MMU mappings To: Pedro Falcato ,devel@edk2.groups.io From: "Vitaly Cheptsov" X-Originating-Location: Moscow, RU (77.37.166.174) X-Originating-Platform: Mac Safari 15.4 User-Agent: GROUPS.IO Web Poster MIME-Version: 1.0 Date: Sat, 26 Mar 2022 11:30:48 -0700 References: In-Reply-To: Message-ID: <20985.1648319448324224181@groups.io> Content-Type: multipart/alternative; boundary="rWfFYWj8mGKpnGhYOoyR" --rWfFYWj8mGKpnGhYOoyR Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, I have some experience porting LLVM Sanitizers and am very interested in th= is project coming live to UEFI as well. I had success with both entirely st= atic shadow memory allocation and dynamic on-demand allocation. For ASan in= the UEFI=C2=A0my personal idea would be trying to avoid page-fault allocat= ion of the shadow memory, but rather adapting the allocators to not only al= locate the "origin" memory but also "shadow memory" with a known shift and = base (which are configurable now). The parts that seem difficult to me are concurrency and trying to make ASan= work in whitelist mode (i.e. forbidding all accesses that are not greenlig= hted), but otherwise it should be rather straight-forward if we do not incl= ude fake stack in the task and focus on DXE at first.=C2=A0All in all, I ca= n be a co-mentor in this task and am ready to help as needed. Best wishes, Vitaly --rWfFYWj8mGKpnGhYOoyR Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello,

I have some experience porting LLVM Sanitizers and am ver= y interested in this project coming live to UEFI as well. I had success wit= h both entirely static shadow memory allocation and dynamic on-demand alloc= ation. For ASan in the UEFI my personal idea would be trying to avoid = page-fault allocation of the shadow memory, but rather adapting the allocat= ors to not only allocate the "origin" memory but also "shadow memory" with = a known shift and base (which are configurable now).

The parts t= hat seem difficult to me are concurrency and trying to make ASan work in wh= itelist mode (i.e. forbidding all accesses that are not greenlighted), but = otherwise it should be rather straight-forward if we do not include fake st= ack in the task and focus on DXE at first. All in all, I can be a co-m= entor in this task and am ready to help as needed.

Best wishes,<= br />Vitaly --rWfFYWj8mGKpnGhYOoyR--