* [PATCH] Add support for KernelAddressSanitizer @ 2014-07-18 11:58 Yury Gribov 2014-07-18 12:44 ` Dmitry Vyukov 2014-07-18 13:20 ` Jakub Jelinek 0 siblings, 2 replies; 11+ messages in thread From: Yury Gribov @ 2014-07-18 11:58 UTC (permalink / raw) To: GCC Patches Cc: Dmitry Vyukov, Konstantin Serebryany, Andrey Ryabinin, Jakub Jelinek [-- Attachment #1: Type: text/plain, Size: 676 bytes --] Hi all, This tiny patch adds support for KernelASan. KASan brings Asan error detection capabilities to Linux kernel (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel). KASan works similar to normal userspace ASan but disables some options which are not yet supported by kernel (notably inline instrumentation, stack/global protection and UAR). We would prefer to hide all necessary tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of forcing them directly in kernel's CFLAGS. Kernel patches are currently under review in LKML (https://lkml.org/lkml/2014/7/9/990). Bootstrapped and regtested on x64. Ok to commit? -Y [-- Attachment #2: kasan_patch-1.diff --] [-- Type: text/x-diff, Size: 2764 bytes --] gcc/ 2014-07-18 Yury Gribov <y.gribov@samsung.com> * doc/invoke.texi (-fsanitize=kernel-address): Describe new option. * flag-types.h (SANITIZE_KERNEL_ADDRESS): New enum. * opts.c (common_handle_option): Handle new option. diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index a83f6c6..70f9c2b 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -5376,6 +5376,11 @@ more details. The run-time behavior can be influenced using the @url{https://code.google.com/p/address-sanitizer/wiki/Flags#Run-time_flags} for a list of supported options. +@item -fsanitize=kernel-address +@opindex fsanitize=kernel-address +Enable AddressSanitizer for Linux kernel. +See @uref{http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel} for more details. + @item -fsanitize=thread @opindex fsanitize=thread Enable ThreadSanitizer, a fast data race detector. diff --git a/gcc/flag-types.h b/gcc/flag-types.h index 2849455..04038f6 100644 --- a/gcc/flag-types.h +++ b/gcc/flag-types.h @@ -231,6 +231,7 @@ enum sanitize_code { SANITIZE_FLOAT_DIVIDE = 1 << 12, SANITIZE_FLOAT_CAST = 1 << 13, SANITIZE_BOUNDS = 1 << 14, + SANITIZE_KERNEL_ADDRESS = 1 << 15, SANITIZE_UNDEFINED = SANITIZE_SHIFT | SANITIZE_DIVIDE | SANITIZE_UNREACHABLE | SANITIZE_VLA | SANITIZE_NULL | SANITIZE_RETURN | SANITIZE_SI_OVERFLOW | SANITIZE_BOOL | SANITIZE_ENUM diff --git a/gcc/opts.c b/gcc/opts.c index 419a074..42fef36 100644 --- a/gcc/opts.c +++ b/gcc/opts.c @@ -1475,6 +1475,7 @@ common_handle_option (struct gcc_options *opts, { "float-cast-overflow", SANITIZE_FLOAT_CAST, sizeof "float-cast-overflow" - 1 }, { "bounds", SANITIZE_BOUNDS, sizeof "bounds" - 1 }, + { "kernel-address", SANITIZE_KERNEL_ADDRESS, sizeof "kernel-address" - 1 }, { NULL, 0, 0 } }; const char *comma; @@ -1520,6 +1521,25 @@ common_handle_option (struct gcc_options *opts, the null pointer checks. */ if (flag_sanitize & SANITIZE_NULL) opts->x_flag_delete_null_pointer_checks = 0; + + /* Kernel ASan implies normal ASan but does not yet support + all features. */ + if (flag_sanitize & SANITIZE_KERNEL_ADDRESS) + { + flag_sanitize |= SANITIZE_ADDRESS; + maybe_set_param_value (PARAM_ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_GLOBALS, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_STACK, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_USE_AFTER_RETURN, 0, + opts->x_param_values, + opts_set->x_param_values); + } break; } ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer 2014-07-18 11:58 [PATCH] Add support for KernelAddressSanitizer Yury Gribov @ 2014-07-18 12:44 ` Dmitry Vyukov 2014-07-18 13:20 ` Jakub Jelinek 1 sibling, 0 replies; 11+ messages in thread From: Dmitry Vyukov @ 2014-07-18 12:44 UTC (permalink / raw) To: Yury Gribov Cc: GCC Patches, Konstantin Serebryany, Andrey Ryabinin, Jakub Jelinek On Fri, Jul 18, 2014 at 3:40 PM, Yury Gribov <y.gribov@samsung.com> wrote: > Hi all, > > This tiny patch adds support for KernelASan. KASan brings Asan error > detection capabilities to Linux kernel > (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel). > > KASan works similar to normal userspace ASan but disables some options which > are not yet supported by kernel (notably inline instrumentation, > stack/global protection and UAR). We would prefer to hide all necessary > tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of > forcing them directly in kernel's CFLAGS. > > Kernel patches are currently under review in LKML > (https://lkml.org/lkml/2014/7/9/990). > > Bootstrapped and regtested on x64. > > Ok to commit? Thanks for doing this, Yury. The patch looks good to me FWIW, but please wait for Jakub or somebody else with stronger gcc-fu. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer 2014-07-18 11:58 [PATCH] Add support for KernelAddressSanitizer Yury Gribov 2014-07-18 12:44 ` Dmitry Vyukov @ 2014-07-18 13:20 ` Jakub Jelinek 2014-07-18 13:31 ` Dmitry Vyukov 1 sibling, 1 reply; 11+ messages in thread From: Jakub Jelinek @ 2014-07-18 13:20 UTC (permalink / raw) To: Yury Gribov Cc: GCC Patches, Dmitry Vyukov, Konstantin Serebryany, Andrey Ryabinin On Fri, Jul 18, 2014 at 03:40:15PM +0400, Yury Gribov wrote: > This tiny patch adds support for KernelASan. KASan brings Asan error > detection capabilities to Linux kernel > (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel). > > KASan works similar to normal userspace ASan but disables some options which > are not yet supported by kernel (notably inline instrumentation, > stack/global protection and UAR). We would prefer to hide all necessary > tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of > forcing them directly in kernel's CFLAGS. > > Kernel patches are currently under review in LKML > (https://lkml.org/lkml/2014/7/9/990). I thought KAsan used different entry points (__kasan_* etc.), has that changed? Also, oring in SANITIZER_ADDRESS means you add -lasan to link flags, I'd guess that for -fsanitize=kernel-address you don't want to add any libraries at link time? Do you error out on -fsanitize=thread -fsanitize=kernel-address ? Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too? Jakub ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer 2014-07-18 13:20 ` Jakub Jelinek @ 2014-07-18 13:31 ` Dmitry Vyukov 2014-07-18 13:35 ` Yury Gribov 2014-07-18 14:05 ` Jakub Jelinek 0 siblings, 2 replies; 11+ messages in thread From: Dmitry Vyukov @ 2014-07-18 13:31 UTC (permalink / raw) To: Jakub Jelinek Cc: Yury Gribov, GCC Patches, Konstantin Serebryany, Andrey Ryabinin On Fri, Jul 18, 2014 at 4:26 PM, Jakub Jelinek <jakub@redhat.com> wrote: > On Fri, Jul 18, 2014 at 03:40:15PM +0400, Yury Gribov wrote: >> This tiny patch adds support for KernelASan. KASan brings Asan error >> detection capabilities to Linux kernel >> (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel). >> >> KASan works similar to normal userspace ASan but disables some options which >> are not yet supported by kernel (notably inline instrumentation, >> stack/global protection and UAR). We would prefer to hide all necessary >> tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of >> forcing them directly in kernel's CFLAGS. >> >> Kernel patches are currently under review in LKML >> (https://lkml.org/lkml/2014/7/9/990). > > I thought KAsan used different entry points (__kasan_* etc.), has that > changed? Yes, we've switched to __asan_. > Also, oring in SANITIZER_ADDRESS means you add -lasan to link flags, I'd > guess that for -fsanitize=kernel-address you don't want to add any libraries > at link time? I suspect that we don't pass -fsanitize=kernel-address during linking in kernel today. But I agree that it's better to disable any processing during linking for now. Later we may want to do something special during linking if -fsanitize=kernel-address is supplied. > Do you error out on -fsanitize=thread -fsanitize=kernel-address ? > Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too? Yes, all these combinations are invalid. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer 2014-07-18 13:31 ` Dmitry Vyukov @ 2014-07-18 13:35 ` Yury Gribov 2014-07-18 14:05 ` Jakub Jelinek 1 sibling, 0 replies; 11+ messages in thread From: Yury Gribov @ 2014-07-18 13:35 UTC (permalink / raw) To: Dmitry Vyukov, Jakub Jelinek Cc: GCC Patches, Konstantin Serebryany, Andrey Ryabinin >> Also, oring in SANITIZER_ADDRESS means you add -lasan to link flags, I'd >> guess that for -fsanitize=kernel-address you don't want to add any libraries >> at link time? > > I suspect that we don't pass -fsanitize=kernel-address during linking > in kernel today. But I agree that it's better to disable any > processing during linking for now. Later we may want to do something > special during linking if -fsanitize=kernel-address is supplied. AFAIK kernel is linked directly with ld so this may not be a big issue. >> Do you error out on -fsanitize=thread -fsanitize=kernel-address ? >> Perhaps -fsanitize=kernel-address -fsanitize=address should be >> invalid too? > > Yes, all these combinations are invalid. Ok, I'll add these. -Y ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer 2014-07-18 13:31 ` Dmitry Vyukov 2014-07-18 13:35 ` Yury Gribov @ 2014-07-18 14:05 ` Jakub Jelinek 2014-07-18 14:20 ` Yury Gribov 2014-07-23 14:36 ` Yury Gribov 1 sibling, 2 replies; 11+ messages in thread From: Jakub Jelinek @ 2014-07-18 14:05 UTC (permalink / raw) To: Dmitry Vyukov Cc: Yury Gribov, GCC Patches, Konstantin Serebryany, Andrey Ryabinin On Fri, Jul 18, 2014 at 05:19:39PM +0400, Dmitry Vyukov wrote: > On Fri, Jul 18, 2014 at 4:26 PM, Jakub Jelinek <jakub@redhat.com> wrote: > > On Fri, Jul 18, 2014 at 03:40:15PM +0400, Yury Gribov wrote: > >> This tiny patch adds support for KernelASan. KASan brings Asan error > >> detection capabilities to Linux kernel > >> (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel). > >> > >> KASan works similar to normal userspace ASan but disables some options which > >> are not yet supported by kernel (notably inline instrumentation, > >> stack/global protection and UAR). We would prefer to hide all necessary > >> tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of > >> forcing them directly in kernel's CFLAGS. > >> > >> Kernel patches are currently under review in LKML > >> (https://lkml.org/lkml/2014/7/9/990). > > > > I thought KAsan used different entry points (__kasan_* etc.), has that > > changed? > > Yes, we've switched to __asan_. Ok. > > Also, oring in SANITIZER_ADDRESS means you add -lasan to link flags, I'd > > guess that for -fsanitize=kernel-address you don't want to add any libraries > > at link time? > > I suspect that we don't pass -fsanitize=kernel-address during linking > in kernel today. But I agree that it's better to disable any > processing during linking for now. Later we may want to do something > special during linking if -fsanitize=kernel-address is supplied. > > > Do you error out on -fsanitize=thread -fsanitize=kernel-address ? > > Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too? > > Yes, all these combinations are invalid. But you don't error out on that. If we want to diagnose the last, IMHO we can't have just SANITIZE_ADDRESS and SANITIZE_KERNEL_ADDRESS flags, but instead should have SANITIZE_ADDRESS (used when we don't care about kernel vs. user asan differences), SANITIZE_USER_ADDRESS and SANITIZE_KERNEL_ADDRESS bits. "address" would set SANITIZE_ADDRESS | SANITIZE_USER_ADDRESS, "kernel-address" SANITIZE_ADDRESS | SANITIZE_KERNEL_ADDRESS. Then in sanitize_spec_function supposedly for "address" check SANITIZE_USER_ADDRESS bit, for "kernel-address" added there SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for the new invalid combinations. Plus, toplev.c has e.g.: /* Address Sanitizer needs porting to each target architecture. */ if ((flag_sanitize & SANITIZE_ADDRESS) && (targetm.asan_shadow_offset == NULL || !FRAME_GROWS_DOWNWARD)) { warning (0, "-fsanitize=address not supported for this target"); flag_sanitize &= ~SANITIZE_ADDRESS; } Now, is the same really the case for SANITIZE_KERNEL_ADDRESS? I guess we still inline the shadow memory accesses to poison/unpoison stack in function prologue/epilogue, right? In that case without asan_shadow_offset we can't do anything. If it was a function call instead it would be portable to all architectures. Jakub ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer 2014-07-18 14:05 ` Jakub Jelinek @ 2014-07-18 14:20 ` Yury Gribov 2014-07-23 14:36 ` Yury Gribov 1 sibling, 0 replies; 11+ messages in thread From: Yury Gribov @ 2014-07-18 14:20 UTC (permalink / raw) To: Jakub Jelinek, Dmitry Vyukov Cc: GCC Patches, Konstantin Serebryany, Andrey Ryabinin > Then in sanitize_spec_function supposedly for "address" check > SANITIZE_USER_ADDRESS bit, for "kernel-address" added there > SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for the new > invalid combinations. Ok. >Plus, toplev.c has e.g.: > ... > Now, is the same really the case for SANITIZE_KERNEL_ADDRESS? This is a good point, KASan does not use asan_shadow_offset so this check is redundant. >I guess we still inline the shadow memory accesses to poison/unpoison > stack in function prologue/epilogue, right? In that case without > asan_shadow_offset we can't do anything. If it was a function call instead > it would be portable to all architectures. Stack is not supported by current KASan. My local version indeed does replace asan_shadow_offset with function call. -Y ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer 2014-07-18 14:05 ` Jakub Jelinek 2014-07-18 14:20 ` Yury Gribov @ 2014-07-23 14:36 ` Yury Gribov 2014-07-30 14:42 ` [PATCH][PING] " Yury Gribov 1 sibling, 1 reply; 11+ messages in thread From: Yury Gribov @ 2014-07-23 14:36 UTC (permalink / raw) To: Jakub Jelinek, Dmitry Vyukov Cc: GCC Patches, Konstantin Serebryany, Andrey Ryabinin [-- Attachment #1: Type: text/plain, Size: 747 bytes --] On 07/18/2014 05:38 PM, Jakub Jelinek wrote: >>> Do you error out on -fsanitize=thread -fsanitize=kernel-address ? >>> Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too? >> >> Yes, all these combinations are invalid. > > But you don't error out on that. Ok, fixed. > Then in sanitize_spec_function supposedly for "address" check > SANITIZE_USER_ADDRESS bit, for "kernel-address" added there > SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for the new > invalid combinations. This delayed detection until link phase (and even then was disabled if -nostdlib was on) so I decided to perform this check in finish_options (after passing cmdline options). >Plus, toplev.c has e.g.: Fixed as well. -Y [-- Attachment #2: kasan_patch-2.diff --] [-- Type: text/x-diff, Size: 7716 bytes --] commit bd51cdb807c2cf5ada0101ca7db89076b54ed18e Author: Yury Gribov <y.gribov@samsung.com> Date: Tue Jul 22 11:02:03 2014 +0400 2014-07-23 Yury Gribov <y.gribov@samsung.com> * doc/cpp.texi (__SANITIZE_ADDRESS__): Updated description. * doc/invoke.texi (-fsanitize=kernel-address): Describe new option. * flag-types.h (SANITIZE_USER_ADDRESS, SANITIZE_KERNEL_ADDRESS): New enums. * gcc.c (sanitize_spec_function): Support new option. (SANITIZER_SPEC): Remove now redundant check. * opts.c (common_handle_option): Support new option. (finish_options): Check for incompatibilities. * toplev.c (process_options): Split userspace-specific checks. diff --git a/gcc/doc/cpp.texi b/gcc/doc/cpp.texi index aaed739..0a6e50c 100644 --- a/gcc/doc/cpp.texi +++ b/gcc/doc/cpp.texi @@ -2354,8 +2354,8 @@ This macro is defined, with value 3, when @option{-fstack-protector-strong} is in use. @item __SANITIZE_ADDRESS__ -This macro is defined, with value 1, when @option{-fsanitize=address} is -in use. +This macro is defined, with value 1, when @option{-fsanitize=address} +or @option{-fsanitize=kernel-address} are in use. @item __TIMESTAMP__ This macro expands to a string constant that describes the date and time diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index b5e8d98..391daf8 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -5405,6 +5405,11 @@ more details. The run-time behavior can be influenced using the @url{https://code.google.com/p/address-sanitizer/wiki/Flags#Run-time_flags} for a list of supported options. +@item -fsanitize=kernel-address +@opindex fsanitize=kernel-address +Enable AddressSanitizer for Linux kernel. +See @uref{http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel} for more details. + @item -fsanitize=thread @opindex fsanitize=thread Enable ThreadSanitizer, a fast data race detector. diff --git a/gcc/flag-types.h b/gcc/flag-types.h index 2849455..bf813b6 100644 --- a/gcc/flag-types.h +++ b/gcc/flag-types.h @@ -214,23 +214,25 @@ enum vect_cost_model { enum sanitize_code { /* AddressSanitizer. */ SANITIZE_ADDRESS = 1 << 0, + SANITIZE_USER_ADDRESS = 1 << 1, + SANITIZE_KERNEL_ADDRESS = 1 << 2, /* ThreadSanitizer. */ - SANITIZE_THREAD = 1 << 1, + SANITIZE_THREAD = 1 << 3, /* LeakSanitizer. */ - SANITIZE_LEAK = 1 << 2, + SANITIZE_LEAK = 1 << 4, /* UndefinedBehaviorSanitizer. */ - SANITIZE_SHIFT = 1 << 3, - SANITIZE_DIVIDE = 1 << 4, - SANITIZE_UNREACHABLE = 1 << 5, - SANITIZE_VLA = 1 << 6, - SANITIZE_NULL = 1 << 7, - SANITIZE_RETURN = 1 << 8, - SANITIZE_SI_OVERFLOW = 1 << 9, - SANITIZE_BOOL = 1 << 10, - SANITIZE_ENUM = 1 << 11, - SANITIZE_FLOAT_DIVIDE = 1 << 12, - SANITIZE_FLOAT_CAST = 1 << 13, - SANITIZE_BOUNDS = 1 << 14, + SANITIZE_SHIFT = 1 << 5, + SANITIZE_DIVIDE = 1 << 6, + SANITIZE_UNREACHABLE = 1 << 7, + SANITIZE_VLA = 1 << 8, + SANITIZE_NULL = 1 << 9, + SANITIZE_RETURN = 1 << 10, + SANITIZE_SI_OVERFLOW = 1 << 11, + SANITIZE_BOOL = 1 << 12, + SANITIZE_ENUM = 1 << 13, + SANITIZE_FLOAT_DIVIDE = 1 << 14, + SANITIZE_FLOAT_CAST = 1 << 15, + SANITIZE_BOUNDS = 1 << 16, SANITIZE_UNDEFINED = SANITIZE_SHIFT | SANITIZE_DIVIDE | SANITIZE_UNREACHABLE | SANITIZE_VLA | SANITIZE_NULL | SANITIZE_RETURN | SANITIZE_SI_OVERFLOW | SANITIZE_BOOL | SANITIZE_ENUM diff --git a/gcc/gcc.c b/gcc/gcc.c index 6cd08ea..c0fde8c 100644 --- a/gcc/gcc.c +++ b/gcc/gcc.c @@ -779,8 +779,7 @@ proper position among the other output files. */ #ifndef SANITIZER_SPEC #define SANITIZER_SPEC "\ %{!nostdlib:%{!nodefaultlibs:%{%:sanitize(address):" LIBASAN_SPEC "\ - %{static:%ecannot specify -static with -fsanitize=address}\ - %{%:sanitize(thread):%e-fsanitize=address is incompatible with -fsanitize=thread}}\ + %{static:%ecannot specify -static with -fsanitize=address}}\ %{%:sanitize(thread):" LIBTSAN_SPEC "\ %{!pie:%{!shared:%e-fsanitize=thread linking must be done with -pie or -shared}}}\ %{%:sanitize(undefined):" LIBUBSAN_SPEC "}\ @@ -8224,7 +8223,9 @@ sanitize_spec_function (int argc, const char **argv) return NULL; if (strcmp (argv[0], "address") == 0) - return (flag_sanitize & SANITIZE_ADDRESS) ? "" : NULL; + return (flag_sanitize & SANITIZE_USER_ADDRESS) ? "" : NULL; + if (strcmp (argv[0], "kernel-address") == 0) + return (flag_sanitize & SANITIZE_KERNEL_ADDRESS) ? "" : NULL; if (strcmp (argv[0], "thread") == 0) return (flag_sanitize & SANITIZE_THREAD) ? "" : NULL; if (strcmp (argv[0], "undefined") == 0) diff --git a/gcc/opts.c b/gcc/opts.c index 5fed6f0..4b0af82 100644 --- a/gcc/opts.c +++ b/gcc/opts.c @@ -869,6 +869,20 @@ finish_options (struct gcc_options *opts, struct gcc_options *opts_set, /* The -gsplit-dwarf option requires -ggnu-pubnames. */ if (opts->x_dwarf_split_debug_info) opts->x_debug_generate_pub_sections = 2; + + /* Userspace and kernel ASan conflict with each other and with TSan. */ + + if ((flag_sanitize & SANITIZE_USER_ADDRESS) + && (flag_sanitize & SANITIZE_KERNEL_ADDRESS)) + error_at (loc, + "-fsanitize=address is incompatible with " + "-fsanitize=kernel-address"); + + if ((flag_sanitize & SANITIZE_ADDRESS) + && (flag_sanitize & SANITIZE_THREAD)) + error_at (loc, + "-fsanitize=address and -fsanitize=kernel-address " + "are incompatible with -fsanitize=thread"); } #define LEFT_COLUMN 27 @@ -1454,7 +1468,10 @@ common_handle_option (struct gcc_options *opts, size_t len; } spec[] = { - { "address", SANITIZE_ADDRESS, sizeof "address" - 1 }, + { "address", SANITIZE_ADDRESS | SANITIZE_USER_ADDRESS, + sizeof "address" - 1 }, + { "kernel-address", SANITIZE_ADDRESS | SANITIZE_KERNEL_ADDRESS, + sizeof "kernel-address" - 1 }, { "thread", SANITIZE_THREAD, sizeof "thread" - 1 }, { "leak", SANITIZE_LEAK, sizeof "leak" - 1 }, { "shift", SANITIZE_SHIFT, sizeof "shift" - 1 }, @@ -1520,6 +1537,25 @@ common_handle_option (struct gcc_options *opts, the null pointer checks. */ if (flag_sanitize & SANITIZE_NULL) opts->x_flag_delete_null_pointer_checks = 0; + + /* Kernel ASan implies normal ASan but does not yet support + all features. */ + if (flag_sanitize & SANITIZE_KERNEL_ADDRESS) + { + maybe_set_param_value (PARAM_ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_GLOBALS, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_STACK, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_USE_AFTER_RETURN, 0, + opts->x_param_values, + opts_set->x_param_values); + } + break; } diff --git a/gcc/toplev.c b/gcc/toplev.c index 1c9befd..d82244f 100644 --- a/gcc/toplev.c +++ b/gcc/toplev.c @@ -1555,9 +1555,18 @@ process_options (void) warn_stack_protect = 0; /* Address Sanitizer needs porting to each target architecture. */ + if ((flag_sanitize & SANITIZE_ADDRESS) - && (targetm.asan_shadow_offset == NULL - || !FRAME_GROWS_DOWNWARD)) + && !FRAME_GROWS_DOWNWARD) + { + warning (0, + "-fsanitize=address and -fsanitize=kernel-address " + "are not supported for this target"); + flag_sanitize &= ~SANITIZE_ADDRESS; + } + + if ((flag_sanitize & SANITIZE_USER_ADDRESS) + && targetm.asan_shadow_offset == NULL) { warning (0, "-fsanitize=address not supported for this target"); flag_sanitize &= ~SANITIZE_ADDRESS; ^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH][PING] Add support for KernelAddressSanitizer 2014-07-23 14:36 ` Yury Gribov @ 2014-07-30 14:42 ` Yury Gribov 2014-07-31 4:53 ` Jeff Law 0 siblings, 1 reply; 11+ messages in thread From: Yury Gribov @ 2014-07-30 14:42 UTC (permalink / raw) To: GCC Patches, Jakub Jelinek, Dmitry Vyukov, Konstantin Serebryany, Andrey Ryabinin [-- Attachment #1: Type: text/plain, Size: 748 bytes --] On 07/18/2014 05:38 PM, Jakub Jelinek wrote: >>> Do you error out on -fsanitize=thread -fsanitize=kernel-address ? >>> Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too? >> >> Yes, all these combinations are invalid. > > But you don't error out on that. Ok, fixed. > Then in sanitize_spec_function supposedly for "address" check > SANITIZE_USER_ADDRESS bit, for "kernel-address" added there > SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for the new > invalid combinations. This delayed detection until link phase (and even then was disabled if -nostdlib was on) so I decided to perform this check in finish_options (after passing cmdline options). >Plus, toplev.c has e.g.: Fixed as well. -Y [-- Attachment #2: kasan_patch-2.diff --] [-- Type: text/x-diff, Size: 7717 bytes --] commit bd51cdb807c2cf5ada0101ca7db89076b54ed18e Author: Yury Gribov <y.gribov@samsung.com> Date: Tue Jul 22 11:02:03 2014 +0400 2014-07-23 Yury Gribov <y.gribov@samsung.com> * doc/cpp.texi (__SANITIZE_ADDRESS__): Updated description. * doc/invoke.texi (-fsanitize=kernel-address): Describe new option. * flag-types.h (SANITIZE_USER_ADDRESS, SANITIZE_KERNEL_ADDRESS): New enums. * gcc.c (sanitize_spec_function): Support new option. (SANITIZER_SPEC): Remove now redundant check. * opts.c (common_handle_option): Support new option. (finish_options): Check for incompatibilities. * toplev.c (process_options): Split userspace-specific checks. diff --git a/gcc/doc/cpp.texi b/gcc/doc/cpp.texi index aaed739..0a6e50c 100644 --- a/gcc/doc/cpp.texi +++ b/gcc/doc/cpp.texi @@ -2354,8 +2354,8 @@ This macro is defined, with value 3, when @option{-fstack-protector-strong} is in use. @item __SANITIZE_ADDRESS__ -This macro is defined, with value 1, when @option{-fsanitize=address} is -in use. +This macro is defined, with value 1, when @option{-fsanitize=address} +or @option{-fsanitize=kernel-address} are in use. @item __TIMESTAMP__ This macro expands to a string constant that describes the date and time diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index b5e8d98..391daf8 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -5405,6 +5405,11 @@ more details. The run-time behavior can be influenced using the @url{https://code.google.com/p/address-sanitizer/wiki/Flags#Run-time_flags} for a list of supported options. +@item -fsanitize=kernel-address +@opindex fsanitize=kernel-address +Enable AddressSanitizer for Linux kernel. +See @uref{http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel} for more details. + @item -fsanitize=thread @opindex fsanitize=thread Enable ThreadSanitizer, a fast data race detector. diff --git a/gcc/flag-types.h b/gcc/flag-types.h index 2849455..bf813b6 100644 --- a/gcc/flag-types.h +++ b/gcc/flag-types.h @@ -214,23 +214,25 @@ enum vect_cost_model { enum sanitize_code { /* AddressSanitizer. */ SANITIZE_ADDRESS = 1 << 0, + SANITIZE_USER_ADDRESS = 1 << 1, + SANITIZE_KERNEL_ADDRESS = 1 << 2, /* ThreadSanitizer. */ - SANITIZE_THREAD = 1 << 1, + SANITIZE_THREAD = 1 << 3, /* LeakSanitizer. */ - SANITIZE_LEAK = 1 << 2, + SANITIZE_LEAK = 1 << 4, /* UndefinedBehaviorSanitizer. */ - SANITIZE_SHIFT = 1 << 3, - SANITIZE_DIVIDE = 1 << 4, - SANITIZE_UNREACHABLE = 1 << 5, - SANITIZE_VLA = 1 << 6, - SANITIZE_NULL = 1 << 7, - SANITIZE_RETURN = 1 << 8, - SANITIZE_SI_OVERFLOW = 1 << 9, - SANITIZE_BOOL = 1 << 10, - SANITIZE_ENUM = 1 << 11, - SANITIZE_FLOAT_DIVIDE = 1 << 12, - SANITIZE_FLOAT_CAST = 1 << 13, - SANITIZE_BOUNDS = 1 << 14, + SANITIZE_SHIFT = 1 << 5, + SANITIZE_DIVIDE = 1 << 6, + SANITIZE_UNREACHABLE = 1 << 7, + SANITIZE_VLA = 1 << 8, + SANITIZE_NULL = 1 << 9, + SANITIZE_RETURN = 1 << 10, + SANITIZE_SI_OVERFLOW = 1 << 11, + SANITIZE_BOOL = 1 << 12, + SANITIZE_ENUM = 1 << 13, + SANITIZE_FLOAT_DIVIDE = 1 << 14, + SANITIZE_FLOAT_CAST = 1 << 15, + SANITIZE_BOUNDS = 1 << 16, SANITIZE_UNDEFINED = SANITIZE_SHIFT | SANITIZE_DIVIDE | SANITIZE_UNREACHABLE | SANITIZE_VLA | SANITIZE_NULL | SANITIZE_RETURN | SANITIZE_SI_OVERFLOW | SANITIZE_BOOL | SANITIZE_ENUM diff --git a/gcc/gcc.c b/gcc/gcc.c index 6cd08ea..c0fde8c 100644 --- a/gcc/gcc.c +++ b/gcc/gcc.c @@ -779,8 +779,7 @@ proper position among the other output files. */ #ifndef SANITIZER_SPEC #define SANITIZER_SPEC "\ %{!nostdlib:%{!nodefaultlibs:%{%:sanitize(address):" LIBASAN_SPEC "\ - %{static:%ecannot specify -static with -fsanitize=address}\ - %{%:sanitize(thread):%e-fsanitize=address is incompatible with -fsanitize=thread}}\ + %{static:%ecannot specify -static with -fsanitize=address}}\ %{%:sanitize(thread):" LIBTSAN_SPEC "\ %{!pie:%{!shared:%e-fsanitize=thread linking must be done with -pie or -shared}}}\ %{%:sanitize(undefined):" LIBUBSAN_SPEC "}\ @@ -8224,7 +8223,9 @@ sanitize_spec_function (int argc, const char **argv) return NULL; if (strcmp (argv[0], "address") == 0) - return (flag_sanitize & SANITIZE_ADDRESS) ? "" : NULL; + return (flag_sanitize & SANITIZE_USER_ADDRESS) ? "" : NULL; + if (strcmp (argv[0], "kernel-address") == 0) + return (flag_sanitize & SANITIZE_KERNEL_ADDRESS) ? "" : NULL; if (strcmp (argv[0], "thread") == 0) return (flag_sanitize & SANITIZE_THREAD) ? "" : NULL; if (strcmp (argv[0], "undefined") == 0) diff --git a/gcc/opts.c b/gcc/opts.c index 5fed6f0..4b0af82 100644 --- a/gcc/opts.c +++ b/gcc/opts.c @@ -869,6 +869,20 @@ finish_options (struct gcc_options *opts, struct gcc_options *opts_set, /* The -gsplit-dwarf option requires -ggnu-pubnames. */ if (opts->x_dwarf_split_debug_info) opts->x_debug_generate_pub_sections = 2; + + /* Userspace and kernel ASan conflict with each other and with TSan. */ + + if ((flag_sanitize & SANITIZE_USER_ADDRESS) + && (flag_sanitize & SANITIZE_KERNEL_ADDRESS)) + error_at (loc, + "-fsanitize=address is incompatible with " + "-fsanitize=kernel-address"); + + if ((flag_sanitize & SANITIZE_ADDRESS) + && (flag_sanitize & SANITIZE_THREAD)) + error_at (loc, + "-fsanitize=address and -fsanitize=kernel-address " + "are incompatible with -fsanitize=thread"); } #define LEFT_COLUMN 27 @@ -1454,7 +1468,10 @@ common_handle_option (struct gcc_options *opts, size_t len; } spec[] = { - { "address", SANITIZE_ADDRESS, sizeof "address" - 1 }, + { "address", SANITIZE_ADDRESS | SANITIZE_USER_ADDRESS, + sizeof "address" - 1 }, + { "kernel-address", SANITIZE_ADDRESS | SANITIZE_KERNEL_ADDRESS, + sizeof "kernel-address" - 1 }, { "thread", SANITIZE_THREAD, sizeof "thread" - 1 }, { "leak", SANITIZE_LEAK, sizeof "leak" - 1 }, { "shift", SANITIZE_SHIFT, sizeof "shift" - 1 }, @@ -1520,6 +1537,25 @@ common_handle_option (struct gcc_options *opts, the null pointer checks. */ if (flag_sanitize & SANITIZE_NULL) opts->x_flag_delete_null_pointer_checks = 0; + + /* Kernel ASan implies normal ASan but does not yet support + all features. */ + if (flag_sanitize & SANITIZE_KERNEL_ADDRESS) + { + maybe_set_param_value (PARAM_ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_GLOBALS, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_STACK, 0, + opts->x_param_values, + opts_set->x_param_values); + maybe_set_param_value (PARAM_ASAN_USE_AFTER_RETURN, 0, + opts->x_param_values, + opts_set->x_param_values); + } + break; } diff --git a/gcc/toplev.c b/gcc/toplev.c index 1c9befd..d82244f 100644 --- a/gcc/toplev.c +++ b/gcc/toplev.c @@ -1555,9 +1555,18 @@ process_options (void) warn_stack_protect = 0; /* Address Sanitizer needs porting to each target architecture. */ + if ((flag_sanitize & SANITIZE_ADDRESS) - && (targetm.asan_shadow_offset == NULL - || !FRAME_GROWS_DOWNWARD)) + && !FRAME_GROWS_DOWNWARD) + { + warning (0, + "-fsanitize=address and -fsanitize=kernel-address " + "are not supported for this target"); + flag_sanitize &= ~SANITIZE_ADDRESS; + } + + if ((flag_sanitize & SANITIZE_USER_ADDRESS) + && targetm.asan_shadow_offset == NULL) { warning (0, "-fsanitize=address not supported for this target"); flag_sanitize &= ~SANITIZE_ADDRESS; ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH][PING] Add support for KernelAddressSanitizer 2014-07-30 14:42 ` [PATCH][PING] " Yury Gribov @ 2014-07-31 4:53 ` Jeff Law 2014-07-31 13:36 ` Yury Gribov 0 siblings, 1 reply; 11+ messages in thread From: Jeff Law @ 2014-07-31 4:53 UTC (permalink / raw) To: Yury Gribov, GCC Patches, Jakub Jelinek, Dmitry Vyukov, Konstantin Serebryany, Andrey Ryabinin On 07/30/14 08:34, Yury Gribov wrote: > On 07/18/2014 05:38 PM, Jakub Jelinek wrote: >>>> Do you error out on -fsanitize=thread -fsanitize=kernel-address ? >>>> Perhaps -fsanitize=kernel-address -fsanitize=address should be >>>> invalid too? >>> >>> Yes, all these combinations are invalid. >> >> But you don't error out on that. > > Ok, fixed. > >> Then in sanitize_spec_function supposedly for "address" check >> SANITIZE_USER_ADDRESS bit, for "kernel-address" added there >> SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for >> the new >> invalid combinations. > > This delayed detection until link phase (and even then was disabled if > -nostdlib was on) > so I decided to perform this check in finish_options (after passing > cmdline options). > >> Plus, toplev.c has e.g.: > > Fixed as well. This is fine. Thanks, Jeff ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH][PING] Add support for KernelAddressSanitizer 2014-07-31 4:53 ` Jeff Law @ 2014-07-31 13:36 ` Yury Gribov 0 siblings, 0 replies; 11+ messages in thread From: Yury Gribov @ 2014-07-31 13:36 UTC (permalink / raw) To: Jeff Law, GCC Patches, Jakub Jelinek, Dmitry Vyukov, Konstantin Serebryany, Andrey Ryabinin On 07/31/2014 08:49 AM, Jeff Law wrote: > This is fine. Thanks, Commited in r213367. ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2014-07-31 13:35 UTC | newest] Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2014-07-18 11:58 [PATCH] Add support for KernelAddressSanitizer Yury Gribov 2014-07-18 12:44 ` Dmitry Vyukov 2014-07-18 13:20 ` Jakub Jelinek 2014-07-18 13:31 ` Dmitry Vyukov 2014-07-18 13:35 ` Yury Gribov 2014-07-18 14:05 ` Jakub Jelinek 2014-07-18 14:20 ` Yury Gribov 2014-07-23 14:36 ` Yury Gribov 2014-07-30 14:42 ` [PATCH][PING] " Yury Gribov 2014-07-31 4:53 ` Jeff Law 2014-07-31 13:36 ` Yury Gribov
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).