* [PATCH] Add support for KernelAddressSanitizer
@ 2014-07-18 11:58 Yury Gribov
2014-07-18 12:44 ` Dmitry Vyukov
2014-07-18 13:20 ` Jakub Jelinek
0 siblings, 2 replies; 11+ messages in thread
From: Yury Gribov @ 2014-07-18 11:58 UTC (permalink / raw)
To: GCC Patches
Cc: Dmitry Vyukov, Konstantin Serebryany, Andrey Ryabinin, Jakub Jelinek
[-- Attachment #1: Type: text/plain, Size: 676 bytes --]
Hi all,
This tiny patch adds support for KernelASan. KASan brings Asan error
detection capabilities to Linux kernel
(https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel).
KASan works similar to normal userspace ASan but disables some options
which are not yet supported by kernel (notably inline instrumentation,
stack/global protection and UAR). We would prefer to hide all necessary
tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of
forcing them directly in kernel's CFLAGS.
Kernel patches are currently under review in LKML
(https://lkml.org/lkml/2014/7/9/990).
Bootstrapped and regtested on x64.
Ok to commit?
-Y
[-- Attachment #2: kasan_patch-1.diff --]
[-- Type: text/x-diff, Size: 2764 bytes --]
gcc/
2014-07-18 Yury Gribov <y.gribov@samsung.com>
* doc/invoke.texi (-fsanitize=kernel-address): Describe new option.
* flag-types.h (SANITIZE_KERNEL_ADDRESS): New enum.
* opts.c (common_handle_option): Handle new option.
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index a83f6c6..70f9c2b 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -5376,6 +5376,11 @@ more details. The run-time behavior can be influenced using the
@url{https://code.google.com/p/address-sanitizer/wiki/Flags#Run-time_flags} for
a list of supported options.
+@item -fsanitize=kernel-address
+@opindex fsanitize=kernel-address
+Enable AddressSanitizer for Linux kernel.
+See @uref{http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel} for more details.
+
@item -fsanitize=thread
@opindex fsanitize=thread
Enable ThreadSanitizer, a fast data race detector.
diff --git a/gcc/flag-types.h b/gcc/flag-types.h
index 2849455..04038f6 100644
--- a/gcc/flag-types.h
+++ b/gcc/flag-types.h
@@ -231,6 +231,7 @@ enum sanitize_code {
SANITIZE_FLOAT_DIVIDE = 1 << 12,
SANITIZE_FLOAT_CAST = 1 << 13,
SANITIZE_BOUNDS = 1 << 14,
+ SANITIZE_KERNEL_ADDRESS = 1 << 15,
SANITIZE_UNDEFINED = SANITIZE_SHIFT | SANITIZE_DIVIDE | SANITIZE_UNREACHABLE
| SANITIZE_VLA | SANITIZE_NULL | SANITIZE_RETURN
| SANITIZE_SI_OVERFLOW | SANITIZE_BOOL | SANITIZE_ENUM
diff --git a/gcc/opts.c b/gcc/opts.c
index 419a074..42fef36 100644
--- a/gcc/opts.c
+++ b/gcc/opts.c
@@ -1475,6 +1475,7 @@ common_handle_option (struct gcc_options *opts,
{ "float-cast-overflow", SANITIZE_FLOAT_CAST,
sizeof "float-cast-overflow" - 1 },
{ "bounds", SANITIZE_BOUNDS, sizeof "bounds" - 1 },
+ { "kernel-address", SANITIZE_KERNEL_ADDRESS, sizeof "kernel-address" - 1 },
{ NULL, 0, 0 }
};
const char *comma;
@@ -1520,6 +1521,25 @@ common_handle_option (struct gcc_options *opts,
the null pointer checks. */
if (flag_sanitize & SANITIZE_NULL)
opts->x_flag_delete_null_pointer_checks = 0;
+
+ /* Kernel ASan implies normal ASan but does not yet support
+ all features. */
+ if (flag_sanitize & SANITIZE_KERNEL_ADDRESS)
+ {
+ flag_sanitize |= SANITIZE_ADDRESS;
+ maybe_set_param_value (PARAM_ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_GLOBALS, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_STACK, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_USE_AFTER_RETURN, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ }
break;
}
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer
2014-07-18 11:58 [PATCH] Add support for KernelAddressSanitizer Yury Gribov
@ 2014-07-18 12:44 ` Dmitry Vyukov
2014-07-18 13:20 ` Jakub Jelinek
1 sibling, 0 replies; 11+ messages in thread
From: Dmitry Vyukov @ 2014-07-18 12:44 UTC (permalink / raw)
To: Yury Gribov
Cc: GCC Patches, Konstantin Serebryany, Andrey Ryabinin, Jakub Jelinek
On Fri, Jul 18, 2014 at 3:40 PM, Yury Gribov <y.gribov@samsung.com> wrote:
> Hi all,
>
> This tiny patch adds support for KernelASan. KASan brings Asan error
> detection capabilities to Linux kernel
> (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel).
>
> KASan works similar to normal userspace ASan but disables some options which
> are not yet supported by kernel (notably inline instrumentation,
> stack/global protection and UAR). We would prefer to hide all necessary
> tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of
> forcing them directly in kernel's CFLAGS.
>
> Kernel patches are currently under review in LKML
> (https://lkml.org/lkml/2014/7/9/990).
>
> Bootstrapped and regtested on x64.
>
> Ok to commit?
Thanks for doing this, Yury.
The patch looks good to me FWIW, but please wait for Jakub or somebody
else with stronger gcc-fu.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer
2014-07-18 11:58 [PATCH] Add support for KernelAddressSanitizer Yury Gribov
2014-07-18 12:44 ` Dmitry Vyukov
@ 2014-07-18 13:20 ` Jakub Jelinek
2014-07-18 13:31 ` Dmitry Vyukov
1 sibling, 1 reply; 11+ messages in thread
From: Jakub Jelinek @ 2014-07-18 13:20 UTC (permalink / raw)
To: Yury Gribov
Cc: GCC Patches, Dmitry Vyukov, Konstantin Serebryany, Andrey Ryabinin
On Fri, Jul 18, 2014 at 03:40:15PM +0400, Yury Gribov wrote:
> This tiny patch adds support for KernelASan. KASan brings Asan error
> detection capabilities to Linux kernel
> (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel).
>
> KASan works similar to normal userspace ASan but disables some options which
> are not yet supported by kernel (notably inline instrumentation,
> stack/global protection and UAR). We would prefer to hide all necessary
> tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of
> forcing them directly in kernel's CFLAGS.
>
> Kernel patches are currently under review in LKML
> (https://lkml.org/lkml/2014/7/9/990).
I thought KAsan used different entry points (__kasan_* etc.), has that
changed?
Also, oring in SANITIZER_ADDRESS means you add -lasan to link flags, I'd
guess that for -fsanitize=kernel-address you don't want to add any libraries
at link time?
Do you error out on -fsanitize=thread -fsanitize=kernel-address ?
Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too?
Jakub
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer
2014-07-18 13:20 ` Jakub Jelinek
@ 2014-07-18 13:31 ` Dmitry Vyukov
2014-07-18 13:35 ` Yury Gribov
2014-07-18 14:05 ` Jakub Jelinek
0 siblings, 2 replies; 11+ messages in thread
From: Dmitry Vyukov @ 2014-07-18 13:31 UTC (permalink / raw)
To: Jakub Jelinek
Cc: Yury Gribov, GCC Patches, Konstantin Serebryany, Andrey Ryabinin
On Fri, Jul 18, 2014 at 4:26 PM, Jakub Jelinek <jakub@redhat.com> wrote:
> On Fri, Jul 18, 2014 at 03:40:15PM +0400, Yury Gribov wrote:
>> This tiny patch adds support for KernelASan. KASan brings Asan error
>> detection capabilities to Linux kernel
>> (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel).
>>
>> KASan works similar to normal userspace ASan but disables some options which
>> are not yet supported by kernel (notably inline instrumentation,
>> stack/global protection and UAR). We would prefer to hide all necessary
>> tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of
>> forcing them directly in kernel's CFLAGS.
>>
>> Kernel patches are currently under review in LKML
>> (https://lkml.org/lkml/2014/7/9/990).
>
> I thought KAsan used different entry points (__kasan_* etc.), has that
> changed?
Yes, we've switched to __asan_.
> Also, oring in SANITIZER_ADDRESS means you add -lasan to link flags, I'd
> guess that for -fsanitize=kernel-address you don't want to add any libraries
> at link time?
I suspect that we don't pass -fsanitize=kernel-address during linking
in kernel today. But I agree that it's better to disable any
processing during linking for now. Later we may want to do something
special during linking if -fsanitize=kernel-address is supplied.
> Do you error out on -fsanitize=thread -fsanitize=kernel-address ?
> Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too?
Yes, all these combinations are invalid.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer
2014-07-18 13:31 ` Dmitry Vyukov
@ 2014-07-18 13:35 ` Yury Gribov
2014-07-18 14:05 ` Jakub Jelinek
1 sibling, 0 replies; 11+ messages in thread
From: Yury Gribov @ 2014-07-18 13:35 UTC (permalink / raw)
To: Dmitry Vyukov, Jakub Jelinek
Cc: GCC Patches, Konstantin Serebryany, Andrey Ryabinin
>> Also, oring in SANITIZER_ADDRESS means you add -lasan to link flags, I'd
>> guess that for -fsanitize=kernel-address you don't want to add any
libraries
>> at link time?
>
> I suspect that we don't pass -fsanitize=kernel-address during linking
> in kernel today. But I agree that it's better to disable any
> processing during linking for now. Later we may want to do something
> special during linking if -fsanitize=kernel-address is supplied.
AFAIK kernel is linked directly with ld so this may not be a big issue.
>> Do you error out on -fsanitize=thread -fsanitize=kernel-address ?
>> Perhaps -fsanitize=kernel-address -fsanitize=address should be
>> invalid too?
>
> Yes, all these combinations are invalid.
Ok, I'll add these.
-Y
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer
2014-07-18 13:31 ` Dmitry Vyukov
2014-07-18 13:35 ` Yury Gribov
@ 2014-07-18 14:05 ` Jakub Jelinek
2014-07-18 14:20 ` Yury Gribov
2014-07-23 14:36 ` Yury Gribov
1 sibling, 2 replies; 11+ messages in thread
From: Jakub Jelinek @ 2014-07-18 14:05 UTC (permalink / raw)
To: Dmitry Vyukov
Cc: Yury Gribov, GCC Patches, Konstantin Serebryany, Andrey Ryabinin
On Fri, Jul 18, 2014 at 05:19:39PM +0400, Dmitry Vyukov wrote:
> On Fri, Jul 18, 2014 at 4:26 PM, Jakub Jelinek <jakub@redhat.com> wrote:
> > On Fri, Jul 18, 2014 at 03:40:15PM +0400, Yury Gribov wrote:
> >> This tiny patch adds support for KernelASan. KASan brings Asan error
> >> detection capabilities to Linux kernel
> >> (https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel).
> >>
> >> KASan works similar to normal userspace ASan but disables some options which
> >> are not yet supported by kernel (notably inline instrumentation,
> >> stack/global protection and UAR). We would prefer to hide all necessary
> >> tweaks under a user-friendly flag (-fsanitize=kernel-address) instead of
> >> forcing them directly in kernel's CFLAGS.
> >>
> >> Kernel patches are currently under review in LKML
> >> (https://lkml.org/lkml/2014/7/9/990).
> >
> > I thought KAsan used different entry points (__kasan_* etc.), has that
> > changed?
>
> Yes, we've switched to __asan_.
Ok.
> > Also, oring in SANITIZER_ADDRESS means you add -lasan to link flags, I'd
> > guess that for -fsanitize=kernel-address you don't want to add any libraries
> > at link time?
>
> I suspect that we don't pass -fsanitize=kernel-address during linking
> in kernel today. But I agree that it's better to disable any
> processing during linking for now. Later we may want to do something
> special during linking if -fsanitize=kernel-address is supplied.
>
> > Do you error out on -fsanitize=thread -fsanitize=kernel-address ?
> > Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too?
>
> Yes, all these combinations are invalid.
But you don't error out on that.
If we want to diagnose the last, IMHO we can't have just SANITIZE_ADDRESS
and SANITIZE_KERNEL_ADDRESS flags, but instead should have
SANITIZE_ADDRESS (used when we don't care about kernel vs. user asan
differences), SANITIZE_USER_ADDRESS and SANITIZE_KERNEL_ADDRESS bits.
"address" would set SANITIZE_ADDRESS | SANITIZE_USER_ADDRESS,
"kernel-address" SANITIZE_ADDRESS | SANITIZE_KERNEL_ADDRESS.
Then in sanitize_spec_function supposedly for "address" check
SANITIZE_USER_ADDRESS bit, for "kernel-address" added there
SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for the new
invalid combinations. Plus, toplev.c has e.g.:
/* Address Sanitizer needs porting to each target architecture. */
if ((flag_sanitize & SANITIZE_ADDRESS)
&& (targetm.asan_shadow_offset == NULL
|| !FRAME_GROWS_DOWNWARD))
{
warning (0, "-fsanitize=address not supported for this target");
flag_sanitize &= ~SANITIZE_ADDRESS;
}
Now, is the same really the case for SANITIZE_KERNEL_ADDRESS?
I guess we still inline the shadow memory accesses to poison/unpoison
stack in function prologue/epilogue, right? In that case without
asan_shadow_offset we can't do anything. If it was a function call instead
it would be portable to all architectures.
Jakub
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer
2014-07-18 14:05 ` Jakub Jelinek
@ 2014-07-18 14:20 ` Yury Gribov
2014-07-23 14:36 ` Yury Gribov
1 sibling, 0 replies; 11+ messages in thread
From: Yury Gribov @ 2014-07-18 14:20 UTC (permalink / raw)
To: Jakub Jelinek, Dmitry Vyukov
Cc: GCC Patches, Konstantin Serebryany, Andrey Ryabinin
> Then in sanitize_spec_function supposedly for "address" check
> SANITIZE_USER_ADDRESS bit, for "kernel-address" added there
> SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for the new
> invalid combinations.
Ok.
>Plus, toplev.c has e.g.:
> ...
> Now, is the same really the case for SANITIZE_KERNEL_ADDRESS?
This is a good point, KASan does not use asan_shadow_offset
so this check is redundant.
>I guess we still inline the shadow memory accesses to poison/unpoison
> stack in function prologue/epilogue, right? In that case without
> asan_shadow_offset we can't do anything. If it was a function call instead
> it would be portable to all architectures.
Stack is not supported by current KASan. My local version indeed does
replace
asan_shadow_offset with function call.
-Y
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] Add support for KernelAddressSanitizer
2014-07-18 14:05 ` Jakub Jelinek
2014-07-18 14:20 ` Yury Gribov
@ 2014-07-23 14:36 ` Yury Gribov
2014-07-30 14:42 ` [PATCH][PING] " Yury Gribov
1 sibling, 1 reply; 11+ messages in thread
From: Yury Gribov @ 2014-07-23 14:36 UTC (permalink / raw)
To: Jakub Jelinek, Dmitry Vyukov
Cc: GCC Patches, Konstantin Serebryany, Andrey Ryabinin
[-- Attachment #1: Type: text/plain, Size: 747 bytes --]
On 07/18/2014 05:38 PM, Jakub Jelinek wrote:
>>> Do you error out on -fsanitize=thread -fsanitize=kernel-address ?
>>> Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too?
>>
>> Yes, all these combinations are invalid.
>
> But you don't error out on that.
Ok, fixed.
> Then in sanitize_spec_function supposedly for "address" check
> SANITIZE_USER_ADDRESS bit, for "kernel-address" added there
> SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for the new
> invalid combinations.
This delayed detection until link phase (and even then was disabled if
-nostdlib was on)
so I decided to perform this check in finish_options (after passing
cmdline options).
>Plus, toplev.c has e.g.:
Fixed as well.
-Y
[-- Attachment #2: kasan_patch-2.diff --]
[-- Type: text/x-diff, Size: 7716 bytes --]
commit bd51cdb807c2cf5ada0101ca7db89076b54ed18e
Author: Yury Gribov <y.gribov@samsung.com>
Date: Tue Jul 22 11:02:03 2014 +0400
2014-07-23 Yury Gribov <y.gribov@samsung.com>
* doc/cpp.texi (__SANITIZE_ADDRESS__): Updated description.
* doc/invoke.texi (-fsanitize=kernel-address): Describe new option.
* flag-types.h (SANITIZE_USER_ADDRESS, SANITIZE_KERNEL_ADDRESS):
New enums.
* gcc.c (sanitize_spec_function): Support new option.
(SANITIZER_SPEC): Remove now redundant check.
* opts.c (common_handle_option): Support new option.
(finish_options): Check for incompatibilities.
* toplev.c (process_options): Split userspace-specific checks.
diff --git a/gcc/doc/cpp.texi b/gcc/doc/cpp.texi
index aaed739..0a6e50c 100644
--- a/gcc/doc/cpp.texi
+++ b/gcc/doc/cpp.texi
@@ -2354,8 +2354,8 @@ This macro is defined, with value 3, when @option{-fstack-protector-strong} is
in use.
@item __SANITIZE_ADDRESS__
-This macro is defined, with value 1, when @option{-fsanitize=address} is
-in use.
+This macro is defined, with value 1, when @option{-fsanitize=address}
+or @option{-fsanitize=kernel-address} are in use.
@item __TIMESTAMP__
This macro expands to a string constant that describes the date and time
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index b5e8d98..391daf8 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -5405,6 +5405,11 @@ more details. The run-time behavior can be influenced using the
@url{https://code.google.com/p/address-sanitizer/wiki/Flags#Run-time_flags} for
a list of supported options.
+@item -fsanitize=kernel-address
+@opindex fsanitize=kernel-address
+Enable AddressSanitizer for Linux kernel.
+See @uref{http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel} for more details.
+
@item -fsanitize=thread
@opindex fsanitize=thread
Enable ThreadSanitizer, a fast data race detector.
diff --git a/gcc/flag-types.h b/gcc/flag-types.h
index 2849455..bf813b6 100644
--- a/gcc/flag-types.h
+++ b/gcc/flag-types.h
@@ -214,23 +214,25 @@ enum vect_cost_model {
enum sanitize_code {
/* AddressSanitizer. */
SANITIZE_ADDRESS = 1 << 0,
+ SANITIZE_USER_ADDRESS = 1 << 1,
+ SANITIZE_KERNEL_ADDRESS = 1 << 2,
/* ThreadSanitizer. */
- SANITIZE_THREAD = 1 << 1,
+ SANITIZE_THREAD = 1 << 3,
/* LeakSanitizer. */
- SANITIZE_LEAK = 1 << 2,
+ SANITIZE_LEAK = 1 << 4,
/* UndefinedBehaviorSanitizer. */
- SANITIZE_SHIFT = 1 << 3,
- SANITIZE_DIVIDE = 1 << 4,
- SANITIZE_UNREACHABLE = 1 << 5,
- SANITIZE_VLA = 1 << 6,
- SANITIZE_NULL = 1 << 7,
- SANITIZE_RETURN = 1 << 8,
- SANITIZE_SI_OVERFLOW = 1 << 9,
- SANITIZE_BOOL = 1 << 10,
- SANITIZE_ENUM = 1 << 11,
- SANITIZE_FLOAT_DIVIDE = 1 << 12,
- SANITIZE_FLOAT_CAST = 1 << 13,
- SANITIZE_BOUNDS = 1 << 14,
+ SANITIZE_SHIFT = 1 << 5,
+ SANITIZE_DIVIDE = 1 << 6,
+ SANITIZE_UNREACHABLE = 1 << 7,
+ SANITIZE_VLA = 1 << 8,
+ SANITIZE_NULL = 1 << 9,
+ SANITIZE_RETURN = 1 << 10,
+ SANITIZE_SI_OVERFLOW = 1 << 11,
+ SANITIZE_BOOL = 1 << 12,
+ SANITIZE_ENUM = 1 << 13,
+ SANITIZE_FLOAT_DIVIDE = 1 << 14,
+ SANITIZE_FLOAT_CAST = 1 << 15,
+ SANITIZE_BOUNDS = 1 << 16,
SANITIZE_UNDEFINED = SANITIZE_SHIFT | SANITIZE_DIVIDE | SANITIZE_UNREACHABLE
| SANITIZE_VLA | SANITIZE_NULL | SANITIZE_RETURN
| SANITIZE_SI_OVERFLOW | SANITIZE_BOOL | SANITIZE_ENUM
diff --git a/gcc/gcc.c b/gcc/gcc.c
index 6cd08ea..c0fde8c 100644
--- a/gcc/gcc.c
+++ b/gcc/gcc.c
@@ -779,8 +779,7 @@ proper position among the other output files. */
#ifndef SANITIZER_SPEC
#define SANITIZER_SPEC "\
%{!nostdlib:%{!nodefaultlibs:%{%:sanitize(address):" LIBASAN_SPEC "\
- %{static:%ecannot specify -static with -fsanitize=address}\
- %{%:sanitize(thread):%e-fsanitize=address is incompatible with -fsanitize=thread}}\
+ %{static:%ecannot specify -static with -fsanitize=address}}\
%{%:sanitize(thread):" LIBTSAN_SPEC "\
%{!pie:%{!shared:%e-fsanitize=thread linking must be done with -pie or -shared}}}\
%{%:sanitize(undefined):" LIBUBSAN_SPEC "}\
@@ -8224,7 +8223,9 @@ sanitize_spec_function (int argc, const char **argv)
return NULL;
if (strcmp (argv[0], "address") == 0)
- return (flag_sanitize & SANITIZE_ADDRESS) ? "" : NULL;
+ return (flag_sanitize & SANITIZE_USER_ADDRESS) ? "" : NULL;
+ if (strcmp (argv[0], "kernel-address") == 0)
+ return (flag_sanitize & SANITIZE_KERNEL_ADDRESS) ? "" : NULL;
if (strcmp (argv[0], "thread") == 0)
return (flag_sanitize & SANITIZE_THREAD) ? "" : NULL;
if (strcmp (argv[0], "undefined") == 0)
diff --git a/gcc/opts.c b/gcc/opts.c
index 5fed6f0..4b0af82 100644
--- a/gcc/opts.c
+++ b/gcc/opts.c
@@ -869,6 +869,20 @@ finish_options (struct gcc_options *opts, struct gcc_options *opts_set,
/* The -gsplit-dwarf option requires -ggnu-pubnames. */
if (opts->x_dwarf_split_debug_info)
opts->x_debug_generate_pub_sections = 2;
+
+ /* Userspace and kernel ASan conflict with each other and with TSan. */
+
+ if ((flag_sanitize & SANITIZE_USER_ADDRESS)
+ && (flag_sanitize & SANITIZE_KERNEL_ADDRESS))
+ error_at (loc,
+ "-fsanitize=address is incompatible with "
+ "-fsanitize=kernel-address");
+
+ if ((flag_sanitize & SANITIZE_ADDRESS)
+ && (flag_sanitize & SANITIZE_THREAD))
+ error_at (loc,
+ "-fsanitize=address and -fsanitize=kernel-address "
+ "are incompatible with -fsanitize=thread");
}
#define LEFT_COLUMN 27
@@ -1454,7 +1468,10 @@ common_handle_option (struct gcc_options *opts,
size_t len;
} spec[] =
{
- { "address", SANITIZE_ADDRESS, sizeof "address" - 1 },
+ { "address", SANITIZE_ADDRESS | SANITIZE_USER_ADDRESS,
+ sizeof "address" - 1 },
+ { "kernel-address", SANITIZE_ADDRESS | SANITIZE_KERNEL_ADDRESS,
+ sizeof "kernel-address" - 1 },
{ "thread", SANITIZE_THREAD, sizeof "thread" - 1 },
{ "leak", SANITIZE_LEAK, sizeof "leak" - 1 },
{ "shift", SANITIZE_SHIFT, sizeof "shift" - 1 },
@@ -1520,6 +1537,25 @@ common_handle_option (struct gcc_options *opts,
the null pointer checks. */
if (flag_sanitize & SANITIZE_NULL)
opts->x_flag_delete_null_pointer_checks = 0;
+
+ /* Kernel ASan implies normal ASan but does not yet support
+ all features. */
+ if (flag_sanitize & SANITIZE_KERNEL_ADDRESS)
+ {
+ maybe_set_param_value (PARAM_ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_GLOBALS, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_STACK, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_USE_AFTER_RETURN, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ }
+
break;
}
diff --git a/gcc/toplev.c b/gcc/toplev.c
index 1c9befd..d82244f 100644
--- a/gcc/toplev.c
+++ b/gcc/toplev.c
@@ -1555,9 +1555,18 @@ process_options (void)
warn_stack_protect = 0;
/* Address Sanitizer needs porting to each target architecture. */
+
if ((flag_sanitize & SANITIZE_ADDRESS)
- && (targetm.asan_shadow_offset == NULL
- || !FRAME_GROWS_DOWNWARD))
+ && !FRAME_GROWS_DOWNWARD)
+ {
+ warning (0,
+ "-fsanitize=address and -fsanitize=kernel-address "
+ "are not supported for this target");
+ flag_sanitize &= ~SANITIZE_ADDRESS;
+ }
+
+ if ((flag_sanitize & SANITIZE_USER_ADDRESS)
+ && targetm.asan_shadow_offset == NULL)
{
warning (0, "-fsanitize=address not supported for this target");
flag_sanitize &= ~SANITIZE_ADDRESS;
^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH][PING] Add support for KernelAddressSanitizer
2014-07-23 14:36 ` Yury Gribov
@ 2014-07-30 14:42 ` Yury Gribov
2014-07-31 4:53 ` Jeff Law
0 siblings, 1 reply; 11+ messages in thread
From: Yury Gribov @ 2014-07-30 14:42 UTC (permalink / raw)
To: GCC Patches, Jakub Jelinek, Dmitry Vyukov, Konstantin Serebryany,
Andrey Ryabinin
[-- Attachment #1: Type: text/plain, Size: 748 bytes --]
On 07/18/2014 05:38 PM, Jakub Jelinek wrote:
>>> Do you error out on -fsanitize=thread -fsanitize=kernel-address ?
>>> Perhaps -fsanitize=kernel-address -fsanitize=address should be invalid too?
>>
>> Yes, all these combinations are invalid.
>
> But you don't error out on that.
Ok, fixed.
> Then in sanitize_spec_function supposedly for "address" check
> SANITIZE_USER_ADDRESS bit, for "kernel-address" added there
> SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for the new
> invalid combinations.
This delayed detection until link phase (and even then was disabled if
-nostdlib was on)
so I decided to perform this check in finish_options (after passing
cmdline options).
>Plus, toplev.c has e.g.:
Fixed as well.
-Y
[-- Attachment #2: kasan_patch-2.diff --]
[-- Type: text/x-diff, Size: 7717 bytes --]
commit bd51cdb807c2cf5ada0101ca7db89076b54ed18e
Author: Yury Gribov <y.gribov@samsung.com>
Date: Tue Jul 22 11:02:03 2014 +0400
2014-07-23 Yury Gribov <y.gribov@samsung.com>
* doc/cpp.texi (__SANITIZE_ADDRESS__): Updated description.
* doc/invoke.texi (-fsanitize=kernel-address): Describe new option.
* flag-types.h (SANITIZE_USER_ADDRESS, SANITIZE_KERNEL_ADDRESS):
New enums.
* gcc.c (sanitize_spec_function): Support new option.
(SANITIZER_SPEC): Remove now redundant check.
* opts.c (common_handle_option): Support new option.
(finish_options): Check for incompatibilities.
* toplev.c (process_options): Split userspace-specific checks.
diff --git a/gcc/doc/cpp.texi b/gcc/doc/cpp.texi
index aaed739..0a6e50c 100644
--- a/gcc/doc/cpp.texi
+++ b/gcc/doc/cpp.texi
@@ -2354,8 +2354,8 @@ This macro is defined, with value 3, when @option{-fstack-protector-strong} is
in use.
@item __SANITIZE_ADDRESS__
-This macro is defined, with value 1, when @option{-fsanitize=address} is
-in use.
+This macro is defined, with value 1, when @option{-fsanitize=address}
+or @option{-fsanitize=kernel-address} are in use.
@item __TIMESTAMP__
This macro expands to a string constant that describes the date and time
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index b5e8d98..391daf8 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -5405,6 +5405,11 @@ more details. The run-time behavior can be influenced using the
@url{https://code.google.com/p/address-sanitizer/wiki/Flags#Run-time_flags} for
a list of supported options.
+@item -fsanitize=kernel-address
+@opindex fsanitize=kernel-address
+Enable AddressSanitizer for Linux kernel.
+See @uref{http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel} for more details.
+
@item -fsanitize=thread
@opindex fsanitize=thread
Enable ThreadSanitizer, a fast data race detector.
diff --git a/gcc/flag-types.h b/gcc/flag-types.h
index 2849455..bf813b6 100644
--- a/gcc/flag-types.h
+++ b/gcc/flag-types.h
@@ -214,23 +214,25 @@ enum vect_cost_model {
enum sanitize_code {
/* AddressSanitizer. */
SANITIZE_ADDRESS = 1 << 0,
+ SANITIZE_USER_ADDRESS = 1 << 1,
+ SANITIZE_KERNEL_ADDRESS = 1 << 2,
/* ThreadSanitizer. */
- SANITIZE_THREAD = 1 << 1,
+ SANITIZE_THREAD = 1 << 3,
/* LeakSanitizer. */
- SANITIZE_LEAK = 1 << 2,
+ SANITIZE_LEAK = 1 << 4,
/* UndefinedBehaviorSanitizer. */
- SANITIZE_SHIFT = 1 << 3,
- SANITIZE_DIVIDE = 1 << 4,
- SANITIZE_UNREACHABLE = 1 << 5,
- SANITIZE_VLA = 1 << 6,
- SANITIZE_NULL = 1 << 7,
- SANITIZE_RETURN = 1 << 8,
- SANITIZE_SI_OVERFLOW = 1 << 9,
- SANITIZE_BOOL = 1 << 10,
- SANITIZE_ENUM = 1 << 11,
- SANITIZE_FLOAT_DIVIDE = 1 << 12,
- SANITIZE_FLOAT_CAST = 1 << 13,
- SANITIZE_BOUNDS = 1 << 14,
+ SANITIZE_SHIFT = 1 << 5,
+ SANITIZE_DIVIDE = 1 << 6,
+ SANITIZE_UNREACHABLE = 1 << 7,
+ SANITIZE_VLA = 1 << 8,
+ SANITIZE_NULL = 1 << 9,
+ SANITIZE_RETURN = 1 << 10,
+ SANITIZE_SI_OVERFLOW = 1 << 11,
+ SANITIZE_BOOL = 1 << 12,
+ SANITIZE_ENUM = 1 << 13,
+ SANITIZE_FLOAT_DIVIDE = 1 << 14,
+ SANITIZE_FLOAT_CAST = 1 << 15,
+ SANITIZE_BOUNDS = 1 << 16,
SANITIZE_UNDEFINED = SANITIZE_SHIFT | SANITIZE_DIVIDE | SANITIZE_UNREACHABLE
| SANITIZE_VLA | SANITIZE_NULL | SANITIZE_RETURN
| SANITIZE_SI_OVERFLOW | SANITIZE_BOOL | SANITIZE_ENUM
diff --git a/gcc/gcc.c b/gcc/gcc.c
index 6cd08ea..c0fde8c 100644
--- a/gcc/gcc.c
+++ b/gcc/gcc.c
@@ -779,8 +779,7 @@ proper position among the other output files. */
#ifndef SANITIZER_SPEC
#define SANITIZER_SPEC "\
%{!nostdlib:%{!nodefaultlibs:%{%:sanitize(address):" LIBASAN_SPEC "\
- %{static:%ecannot specify -static with -fsanitize=address}\
- %{%:sanitize(thread):%e-fsanitize=address is incompatible with -fsanitize=thread}}\
+ %{static:%ecannot specify -static with -fsanitize=address}}\
%{%:sanitize(thread):" LIBTSAN_SPEC "\
%{!pie:%{!shared:%e-fsanitize=thread linking must be done with -pie or -shared}}}\
%{%:sanitize(undefined):" LIBUBSAN_SPEC "}\
@@ -8224,7 +8223,9 @@ sanitize_spec_function (int argc, const char **argv)
return NULL;
if (strcmp (argv[0], "address") == 0)
- return (flag_sanitize & SANITIZE_ADDRESS) ? "" : NULL;
+ return (flag_sanitize & SANITIZE_USER_ADDRESS) ? "" : NULL;
+ if (strcmp (argv[0], "kernel-address") == 0)
+ return (flag_sanitize & SANITIZE_KERNEL_ADDRESS) ? "" : NULL;
if (strcmp (argv[0], "thread") == 0)
return (flag_sanitize & SANITIZE_THREAD) ? "" : NULL;
if (strcmp (argv[0], "undefined") == 0)
diff --git a/gcc/opts.c b/gcc/opts.c
index 5fed6f0..4b0af82 100644
--- a/gcc/opts.c
+++ b/gcc/opts.c
@@ -869,6 +869,20 @@ finish_options (struct gcc_options *opts, struct gcc_options *opts_set,
/* The -gsplit-dwarf option requires -ggnu-pubnames. */
if (opts->x_dwarf_split_debug_info)
opts->x_debug_generate_pub_sections = 2;
+
+ /* Userspace and kernel ASan conflict with each other and with TSan. */
+
+ if ((flag_sanitize & SANITIZE_USER_ADDRESS)
+ && (flag_sanitize & SANITIZE_KERNEL_ADDRESS))
+ error_at (loc,
+ "-fsanitize=address is incompatible with "
+ "-fsanitize=kernel-address");
+
+ if ((flag_sanitize & SANITIZE_ADDRESS)
+ && (flag_sanitize & SANITIZE_THREAD))
+ error_at (loc,
+ "-fsanitize=address and -fsanitize=kernel-address "
+ "are incompatible with -fsanitize=thread");
}
#define LEFT_COLUMN 27
@@ -1454,7 +1468,10 @@ common_handle_option (struct gcc_options *opts,
size_t len;
} spec[] =
{
- { "address", SANITIZE_ADDRESS, sizeof "address" - 1 },
+ { "address", SANITIZE_ADDRESS | SANITIZE_USER_ADDRESS,
+ sizeof "address" - 1 },
+ { "kernel-address", SANITIZE_ADDRESS | SANITIZE_KERNEL_ADDRESS,
+ sizeof "kernel-address" - 1 },
{ "thread", SANITIZE_THREAD, sizeof "thread" - 1 },
{ "leak", SANITIZE_LEAK, sizeof "leak" - 1 },
{ "shift", SANITIZE_SHIFT, sizeof "shift" - 1 },
@@ -1520,6 +1537,25 @@ common_handle_option (struct gcc_options *opts,
the null pointer checks. */
if (flag_sanitize & SANITIZE_NULL)
opts->x_flag_delete_null_pointer_checks = 0;
+
+ /* Kernel ASan implies normal ASan but does not yet support
+ all features. */
+ if (flag_sanitize & SANITIZE_KERNEL_ADDRESS)
+ {
+ maybe_set_param_value (PARAM_ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_GLOBALS, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_STACK, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ maybe_set_param_value (PARAM_ASAN_USE_AFTER_RETURN, 0,
+ opts->x_param_values,
+ opts_set->x_param_values);
+ }
+
break;
}
diff --git a/gcc/toplev.c b/gcc/toplev.c
index 1c9befd..d82244f 100644
--- a/gcc/toplev.c
+++ b/gcc/toplev.c
@@ -1555,9 +1555,18 @@ process_options (void)
warn_stack_protect = 0;
/* Address Sanitizer needs porting to each target architecture. */
+
if ((flag_sanitize & SANITIZE_ADDRESS)
- && (targetm.asan_shadow_offset == NULL
- || !FRAME_GROWS_DOWNWARD))
+ && !FRAME_GROWS_DOWNWARD)
+ {
+ warning (0,
+ "-fsanitize=address and -fsanitize=kernel-address "
+ "are not supported for this target");
+ flag_sanitize &= ~SANITIZE_ADDRESS;
+ }
+
+ if ((flag_sanitize & SANITIZE_USER_ADDRESS)
+ && targetm.asan_shadow_offset == NULL)
{
warning (0, "-fsanitize=address not supported for this target");
flag_sanitize &= ~SANITIZE_ADDRESS;
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH][PING] Add support for KernelAddressSanitizer
2014-07-30 14:42 ` [PATCH][PING] " Yury Gribov
@ 2014-07-31 4:53 ` Jeff Law
2014-07-31 13:36 ` Yury Gribov
0 siblings, 1 reply; 11+ messages in thread
From: Jeff Law @ 2014-07-31 4:53 UTC (permalink / raw)
To: Yury Gribov, GCC Patches, Jakub Jelinek, Dmitry Vyukov,
Konstantin Serebryany, Andrey Ryabinin
On 07/30/14 08:34, Yury Gribov wrote:
> On 07/18/2014 05:38 PM, Jakub Jelinek wrote:
>>>> Do you error out on -fsanitize=thread -fsanitize=kernel-address ?
>>>> Perhaps -fsanitize=kernel-address -fsanitize=address should be
>>>> invalid too?
>>>
>>> Yes, all these combinations are invalid.
>>
>> But you don't error out on that.
>
> Ok, fixed.
>
>> Then in sanitize_spec_function supposedly for "address" check
>> SANITIZE_USER_ADDRESS bit, for "kernel-address" added there
>> SANITIZE_KERNEL_ADDRESS, add all the incompatibility diagnostics for
>> the new
>> invalid combinations.
>
> This delayed detection until link phase (and even then was disabled if
> -nostdlib was on)
> so I decided to perform this check in finish_options (after passing
> cmdline options).
>
>> Plus, toplev.c has e.g.:
>
> Fixed as well.
This is fine. Thanks,
Jeff
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH][PING] Add support for KernelAddressSanitizer
2014-07-31 4:53 ` Jeff Law
@ 2014-07-31 13:36 ` Yury Gribov
0 siblings, 0 replies; 11+ messages in thread
From: Yury Gribov @ 2014-07-31 13:36 UTC (permalink / raw)
To: Jeff Law, GCC Patches, Jakub Jelinek, Dmitry Vyukov,
Konstantin Serebryany, Andrey Ryabinin
On 07/31/2014 08:49 AM, Jeff Law wrote:
> This is fine. Thanks,
Commited in r213367.
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2014-07-31 13:35 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-07-18 11:58 [PATCH] Add support for KernelAddressSanitizer Yury Gribov
2014-07-18 12:44 ` Dmitry Vyukov
2014-07-18 13:20 ` Jakub Jelinek
2014-07-18 13:31 ` Dmitry Vyukov
2014-07-18 13:35 ` Yury Gribov
2014-07-18 14:05 ` Jakub Jelinek
2014-07-18 14:20 ` Yury Gribov
2014-07-23 14:36 ` Yury Gribov
2014-07-30 14:42 ` [PATCH][PING] " Yury Gribov
2014-07-31 4:53 ` Jeff Law
2014-07-31 13:36 ` Yury Gribov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).