| # |
| # Copyright (c) 2019, Google, Inc. All rights reserved |
| # |
| # Permission is hereby granted, free of charge, to any person obtaining |
| # a copy of this software and associated documentation files |
| # (the "Software"), to deal in the Software without restriction, |
| # including without limitation the rights to use, copy, modify, merge, |
| # publish, distribute, sublicense, and/or sell copies of the Software, |
| # and to permit persons to whom the Software is furnished to do so, |
| # subject to the following conditions: |
| # |
| # The above copyright notice and this permission notice shall be |
| # included in all copies or substantial portions of the Software. |
| # |
| # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, |
| # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
| # IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY |
| # CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, |
| # TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE |
| # SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| # |
| |
| # Including this file in your project will enable UBSan. |
| # |
| # Modules other than the kernel wishing to use UBSan must link in this |
| # runtime by adding it to MODULE_DEPS, conditional on the UBSAN_ENABLED |
| # variable (which sindicates whether UBSan is on for the build). |
| # |
| # Userspace apps do not need to worry about this as this runtime is already |
| # being pulled in by libc when needed. |
| # |
| # By default, UBSan will be in hard-fail mode. This means that if a UBSan |
| # violation is encountered, the module involved will attempt to terminate |
| # itself (panic, nullderef, etc.). |
| # To avoid this behavior set UBSAN_HARD_FAIL to false *before* including |
| # enable.mk |
| # |
| # Modules wishing to opt out of UBSan can do so by adding |
| # the contents of UBSAN_DISABLE to their MODULE_CFLAGS/MODULE_CPPFLAGS or by |
| # adding to trusty/kernel/lib/ubsan/exemptlist. |
| # |
| # Example reasons to do this include: |
| # * Contexts which cannot easily support the ubsan runtime (e.g. test-runner) |
| # * External code that is comparatively difficult to change (e.g. boringssl) |
| # * Code which is highly sensitive to modification (e.g. crypto or performance |
| # code) and is already thoroughly tested. |
| # |
| # If the code is trusty-owned, please consider either making the code UBSan |
| # clean or using an __attribute__ decorator on a limited function with an |
| # appropriate comment explaining why rather than disabling UBSan. |
| # |
| # The syntax for suppression is |
| # __attribute__((no_sanitize("specific-sanitizer"))) |
| # |
| # Please *DO NOT* use __attribute__((no_sanitize("undefined"))), as which |
| # sanitizers it disables may expand with compiler revisions and makes it |
| # harder for a reader to figure out which sanitizer is expected to generate |
| # a false-positive in that code. |
| |
| UBSAN_SANITIZERS := \ |
| alignment \ |
| bool \ |
| builtin \ |
| bounds \ |
| enum \ |
| float-cast-overflow \ |
| float-divide-by-zero \ |
| implicit-unsigned-integer-truncation \ |
| implicit-signed-integer-truncation \ |
| implicit-integer-sign-change \ |
| integer-divide-by-zero \ |
| pointer-overflow \ |
| return \ |
| shift \ |
| signed-integer-overflow \ |
| unreachable \ |
| unsigned-integer-overflow \ |
| vla-bound \ |
| |
| # object-size only works at higher than -O0 and so is not enabled |
| # |
| # non-null sanitizers are not enabled because we are not using the annotations |
| # |
| # C++ sanitizers requiring full language features (e.g. RTTI or stdlib) are |
| # not enabled |
| |
| UBSAN_ENABLE := \ |
| $(foreach san,$(UBSAN_SANITIZERS),-fsanitize=$(san)) \ |
| -fsanitize-blacklist=trusty/kernel/lib/ubsan/exemptlist \ |
| |
| UBSAN_DISABLE := \ |
| $(foreach san,$(UBSAN_SANITIZERS),-fno-sanitize=$(san)) |
| |
| GLOBAL_COMPILEFLAGS += $(UBSAN_ENABLE) -DUBSAN_ENABLED |
| |
| ifneq ($(UBSAN_HARD_FAIL),false) |
| GLOBAL_COMPILEFLAGS += -DUBSAN_HARD_FAIL |
| endif |
| |
| MODULES += trusty/kernel/lib/ubsan |
| UBSAN_ENABLED := true |