diff options
author | Harshit Sharma <harshitsharmajs@gmail.com> | 2020-06-09 20:25:16 -0700 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2020-08-21 07:35:07 +0000 |
commit | 2bcaba0fd4f61493a02f11ad01d0677164e2e86e (patch) | |
tree | 8e9a40326efc6917611e99e79874fd536060d54a | |
parent | 693f4a417984849cdb68d176ca162f477275ac3f (diff) |
lib: Add ASan stub
Add a Kconfig option to enable address sanitizer on x86 architecture.
Create ASan dummy functions. And add relevant gcc flags to compile
ramstage with ASan.
Change-Id: I6d87e48b6786f02dd46ea74e702f294082fd8891
Signed-off-by: Harshit Sharma <harshitsharmajs@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42271
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
-rw-r--r-- | src/Kconfig | 13 | ||||
-rw-r--r-- | src/lib/Makefile.inc | 12 | ||||
-rw-r--r-- | src/lib/asan.c | 34 |
3 files changed, 59 insertions, 0 deletions
diff --git a/src/Kconfig b/src/Kconfig index a4c2fa6010..1540c567e4 100644 --- a/src/Kconfig +++ b/src/Kconfig @@ -270,6 +270,19 @@ config UBSAN say N because it adds a small performance penalty and may abort on code that happens to work in spite of the UB. +config ASAN_IN_RAMSTAGE + bool "Address sanitizer support" + depends on ARCH_X86 + default n + help + Enable address sanitizer - runtime memory debugger, + designed to find out-of-bounds accesses and use-after-scope bugs. + + This feature consumes up to 1/8 of available memory and brings about + ~1.5x performance slowdown. + + If unsure, say N. + choice prompt "Stage Cache for ACPI S3 resume" default NO_STAGE_CACHE if !HAVE_ACPI_RESUME diff --git a/src/lib/Makefile.inc b/src/lib/Makefile.inc index 72d4f2414c..0b4342764f 100644 --- a/src/lib/Makefile.inc +++ b/src/lib/Makefile.inc @@ -7,6 +7,18 @@ ramstage-y += ubsan.c CFLAGS_ramstage += -fsanitize=undefined endif +ifeq ($(CONFIG_ASAN_IN_RAMSTAGE),y) +ramstage-y += asan.c +CFLAGS_asan += -fsanitize=kernel-address \ + --param asan-stack=1 --param asan-globals=1 \ + --param asan-instrumentation-with-call-threshold=0 \ + -fsanitize-address-use-after-scope \ + --param use-after-scope-direct-emission-threshold=0 +CFLAGS_ramstage += $(CFLAGS_asan) +# Allow memory access without __asan_load and __asan_store checks. +$(obj)/ramstage/lib/asan.o: CFLAGS_asan = +endif + decompressor-y += decompressor.c $(call src-to-obj,decompressor,$(dir)/decompressor.c): $(objcbfs)/bootblock.lz4 $(call src-to-obj,decompressor,$(dir)/decompressor.c): CCACHE_EXTRAFILES=$(objcbfs)/bootblock.lz4 diff --git a/src/lib/asan.c b/src/lib/asan.c new file mode 100644 index 0000000000..e4a1012e13 --- /dev/null +++ b/src/lib/asan.c @@ -0,0 +1,34 @@ +#include <stddef.h> + +#pragma GCC diagnostic ignored "-Wmissing-prototypes" + +#define DEFINE_ASAN_LOAD_STORE(size) \ + void __asan_load##size(unsigned long addr) \ + {} \ + void __asan_load##size##_noabort(unsigned long addr) \ + {} \ + void __asan_store##size(unsigned long addr) \ + {} \ + void __asan_store##size##_noabort(unsigned long addr) \ + {} + +DEFINE_ASAN_LOAD_STORE(1); +DEFINE_ASAN_LOAD_STORE(2); +DEFINE_ASAN_LOAD_STORE(4); +DEFINE_ASAN_LOAD_STORE(8); +DEFINE_ASAN_LOAD_STORE(16); + +void __asan_loadN(unsigned long addr, size_t size) +{} + +void __asan_loadN_noabort(unsigned long addr, size_t size) +{} + +void __asan_storeN(unsigned long addr, size_t size) +{} + +void __asan_storeN_noabort(unsigned long addr, size_t size) +{} + +void __asan_handle_no_return(void) +{} |