10–14 Jun 2025
University of Ottawa
EST timezone

Improvements to FreeBSD KASAN

Not scheduled
50m
Desmarais Building (DMS) (University of Ottawa)

Desmarais Building (DMS)

University of Ottawa

55 Laurier Ave E. Ottawa, ON, K1N 6N5
Lecture 50 min Development

Description

KASAN is a kernel sanitizer commonly combined with fuzzing techniques to detect memory corruption bugs, some of which could lead to security compromise. Currently, FreeBSD's KASAN can only detect a subset of temporal safety vulnerabilities due to the lack of a delayed freeing mechanism of freed items. Furthermore, the effectiveness of detecting spatial safety vulnerabilities is also limited because FreeBSD's KASAN does not add redzone padding around UMA allocations.

In this talk, I will present my current work on improving the effectiveness of KASAN by extending it with a quarantining mechanism and injecting redzones around UMA allocations. The development was done on CheriBSD, a fork of FreeBSD with CHERI support, to explore the synergy between CHERI and KASAN. I plan to upstream the relevant improvements to FreeBSD.

One-line summary This talk discusses improvements to FreeBSD KASAN to address current weaknesses.

Primary author

Zhuo Ying Jiang Li (University of Cambridge)

Presentation materials

There are no materials yet.