v-junyli
commented
1 month ago Hi,
KASAN is not yet in the current release, it will be in the release next month (2410D), which should be out early November.
Closed SuibianP closed 1 week ago
v-junyli
commented
1 month ago Hi,
KASAN is not yet in the current release, it will be in the release next month (2410D), which should be out early November.
JohnMcSandwich
commented
3 weeks ago @SuibianP - The documentation for KASAN was published today: https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/kasan.
I have a pending PR to add a KASAN demo to the samples: https://github.com/microsoft/Windows-driver-samples/pull/1228.
PeterGV
commented
3 weeks ago In addition to the sample, it would be extremely helpful if the documentation described, specifically, how KASAN differs from/adds to the already existing Driver Verifier (which does very efficient pool overrun checking as well as use-after-free checks) and stack overrun checking. Why would a KM dev want to use KASAN if I already have Verifier enabled? Can they co-exist? Do they interact? What are the costs/benefits/tradeoffs.
JakobL-MSFT
commented
2 weeks ago Huge shoutout to @JohnMcSandwich for making the KASAN scenario work for 3rd party device drivers and even providing a sample.
To provide a high-level answer to Peter's question:
I know what you really want is a more comprehensive and data driven answer. I don't have that.
I bet there are many other angles, but that's my 2 cents...
Jakob
References:
According to https://www.microsoft.com/en-us/security/blog/2023/01/26/introducing-kernel-sanitizers-on-microsoft-platforms/, Kernel AddressSanitizer (KASAN) is available on Windows for kernel-mode. However, there is very limited documentation as to how to use it. It would be nice to have an example detailing the way to build a driver with KASAN support.