Poison, Redzones, and Shadows: A Deep Dive Inside KASAN
Poison, redzones and shadows: inside KASAN
I explore the internals of KASAN, the Kernel Address Sanitizer, a vital tool for catching memory errors like buffer overflows in the Linux kernel. We examine how compiler instrumentation and shadow memory work together to track valid accesses, the performance trade-offs involved, and how to set up a safe virtualized environment to test these mechanisms.
"Even if the presence of Rust is slowly increasing in the Linux kernel code base, the project largely remains written in C, and while this is the de facto language to write low level code, it unfortunately also comes with a significant ability of making mistakes."