kasan

- The kernel address sanitizer (KASan) is an important new development tool for ensuring that the kernel is not accessing memory that it shouldn't.

However, it's currently part of kasan and is more oriented towards debugging than hardening.

(however, kasan kernels aren't shipped by default, you can build from source though) However, no idea if Kernel Debug Kit ships with prebuilt kasan kernel and drivers.

XNU definitely supports kasan on macOS, since quite some years.

You can also use KASan via the MTE backend using setprop, but that's not designed for hardening right now and it's not clear it will ever be.

I see a kernel.kasan inside the latest KDK.

There likely needs to be a separate MTE implementation for the kernel that's not part of KASan, which we haven't done yet for GrapheneOS either so MTE hardening is currently a userspace feature.

The current kernel KASan MTE backend is inadequate for usage of MTE as a hardening feature so we either need to make our own implementation there too or convince others to do it and it's likely not going to be the latter.

OS bugs are more likely to have the side effect of violating language invariants (which eg KASan, UBSan and KCSan often detect), or violating protocols (so you can stress-test eg a TCP implementation and detect the bug), or it can violate API invariants (so you can use some API-level stress test like stress-ng to detect the bug.) All of these tools are much less complex than the software under test.

Subsystems affected by this patch series: slub, memcg, gup, kasan, pagealloc, hugetlb, vmscan, tools, mempolicy, memblock, hugetlbfs, thp, mmap, kconfig * More MM work.

With mm subsystems: slab-generic, slub, debug, pagecache, gup, swap, memcg, pagemap, memory-failure, vmalloc, kasan" * More mm/ work, plenty more to come.