Re: [PATCH v2 4/5] kasan: support LLVM-style asan parameters

From: Andrey Ryabinin
Date: Thu Nov 30 2017 - 11:33:34 EST

Next message: Mark Brown: "Re: [PATCH v2 5/8] ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
Previous message: Greg Kroah-Hartman: "Re: [GIT PULL] hash addresses printed with %p"
In reply to: Dmitry Vyukov: "Re: [PATCH v2 4/5] kasan: support LLVM-style asan parameters"
Next in thread: Paul Lawrence: "[PATCH v2 2/5] kasan: Add tests for alloca poisonong"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/30/2017 12:50 AM, Paul Lawrence wrote:
> Use cc-option to figure out whether the compiler's sanitizer uses
> LLVM-style parameters ("-mllvm -asan-foo=bar") or GCC-style parameters
> ("--param asan-foo=bar").
>
> Signed-off-by: Greg Hackmann <ghackmann@xxxxxxxxxx>
> Signed-off-by: Paul Lawrence <paullawrence@xxxxxxxxxx>
>
> ---
> scripts/Makefile.kasan | 39 +++++++++++++++++++++++++++------------
> 1 file changed, 27 insertions(+), 12 deletions(-)
>

It looks rather messy. Try the following patch.
Note, that I didn't add asan-instrument-allocas=1 because it has nothing to do
with LLVM-style params support.
asan-instrument-allocas should probably be in the patch that adds alloca() support.

From: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
Subject: [PATCH] kasan/Makefile: Support LLVM style asan parameters.

LLVM doesn't understand GCC-style paramters ("--param asan-foo=bar"),
thus we currently we don't use inline/globals/stack instrumentation
when building the kernel with clang.

Add support for LLVM-style parameters ("-mllvm -asan-foo=bar") to
enable all KASAN features.

Signed-off-by: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
---
scripts/Makefile.kasan | 29 ++++++++++++++++++-----------
1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan
index 1ce7115aa499..2af5977c394d 100644
--- a/scripts/Makefile.kasan
+++ b/scripts/Makefile.kasan
@@ -10,10 +10,7 @@ KASAN_SHADOW_OFFSET ?= $(CONFIG_KASAN_SHADOW_OFFSET)

CFLAGS_KASAN_MINIMAL := -fsanitize=kernel-address

-CFLAGS_KASAN := $(call cc-option, -fsanitize=kernel-address \
- -fasan-shadow-offset=$(KASAN_SHADOW_OFFSET) \
- --param asan-stack=1 --param asan-globals=1 \
- --param asan-instrumentation-with-call-threshold=$(call_threshold))
+cc-param = $(call cc-option, --param $(1)) $(call cc-option, -mllvm -$(1))

ifeq ($(call cc-option, $(CFLAGS_KASAN_MINIMAL) -Werror),)
ifneq ($(CONFIG_COMPILE_TEST),y)
@@ -21,13 +18,23 @@ ifeq ($(call cc-option, $(CFLAGS_KASAN_MINIMAL) -Werror),)
-fsanitize=kernel-address is not supported by compiler)
endif
else
- ifeq ($(CFLAGS_KASAN),)
- ifneq ($(CONFIG_COMPILE_TEST),y)
- $(warning CONFIG_KASAN: compiler does not support all options.\
- Trying minimal configuration)
- endif
- CFLAGS_KASAN := $(CFLAGS_KASAN_MINIMAL)
- endif
+ # -fasan-shadow-offset fails without -fsanitize
+ CFLAGS_KASAN_SHADOW := $(call cc-option, -fsanitize=kernel-address \
+ -fasan-shadow-offset=$(KASAN_SHADOW_OFFSET), \
+ $(call cc-option, -fsanitize=kernel-address \
+ -mllvm -asan-mapping-offset=$(KASAN_SHADOW_OFFSET)))
+
+ ifeq ($(CFLAGS_KASAN_SHADOW),)
+ CFLAGS_KASAN := $(CFLAGS_KASAN_MINIMAL)
+ else
+ # Now add all the compiler specific options that are valid standalone
+ CFLAGS_KASAN := $(CFLAGS_KASAN_SHADOW) \
+ $(call cc-param,asan-globals=1) \
+ $(call cc-param,asan-instrumentation-with-call-threshold=$(call_threshold)) \
+ $(call cc-param,asan-stack=1) \
+ $(call cc-param,asan-use-after-scope=1)
+ endif
+
endif

CFLAGS_KASAN += $(call cc-option, -fsanitize-address-use-after-scope)
--
2.13.6

Next message: Mark Brown: "Re: [PATCH v2 5/8] ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
Previous message: Greg Kroah-Hartman: "Re: [GIT PULL] hash addresses printed with %p"
In reply to: Dmitry Vyukov: "Re: [PATCH v2 4/5] kasan: support LLVM-style asan parameters"
Next in thread: Paul Lawrence: "[PATCH v2 2/5] kasan: Add tests for alloca poisonong"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]