| # Copyright 2018 The ChromiumOS Authors |
| # Distributed under the terms of the GNU General Public License v2. |
| |
| # @ECLASS: cros-sanitizers.eclass |
| # @MAINTAINER: |
| # ChromeOS toolchain team <[email protected]> |
| # @DESCRIPTION: |
| # Ebuild helper functions for sanitizer builds on Chrome OS. |
| |
| if [[ -z ${_CROS_SANITIZER_ECLASS} ]]; then |
| _CROS_SANITIZER_ECLASS=1 |
| |
| inherit flag-o-matic toolchain-funcs |
| |
| IUSE="asan cfi cfi_diag cfi_recover coverage fuzzer msan thinlto tsan ubsan" |
| REQUIRED_USE=" |
| cfi? ( thinlto ) |
| cfi_diag? ( cfi ) |
| cfi_recover? ( cfi_diag ) |
| " |
| |
| # @ECLASS-VARIABLE: CROS_SANITIZER_CFI_FEATURES |
| # @DESCRIPTION: |
| # Array of cfi features to enable when calling cfi-setup-env. |
| CROS_SANITIZER_CFI_FEATURES=( |
| "derived-cast" |
| "icall" |
| "vcall" |
| "unrelated-cast" |
| ) |
| |
| # @ECLASS-VARIABLE: CROS_SANITIZER_CFI_IGNORE |
| # @PRE_INHERIT |
| # @DESCRIPTION: |
| # A path to a file to use as the ignore-list for CFI at build time. |
| # The default is "${FILESDIR}/cfi-ignore.txt" |
| : "${CROS_SANITIZER_CFI_IGNORE:=}" |
| |
| # @ECLASS-VARIABLE: CROS_SANITIZER_DISABLE_LIBCXX_HARDENING |
| # @PRE_INHERIT |
| # @DESCRIPTION: |
| # Set to a nonempty value to disable libcxx hardening. |
| # TODO(b/380266764): remove this once there are no more opt-outs. |
| : "${CROS_SANITIZER_DISABLE_LIBCXX_HARDENING:=}" |
| |
| # @FUNCTION: _bazel_checks |
| # @INTERNAL |
| # @DESCRIPTION: |
| # Checks to make sure the sanitizer flags will be honored. |
| # |
| # Sanitizer flags need to be set before bazel_setup_bazelrc is called or bazel |
| # will not see them. |
| _bazel_checks() { |
| if [[ -n "${BAZEL_BAZELRC}" ]] && [[ -f "${BAZEL_BAZELRC}" ]]; then |
| die "Please setup sanitizers before bazel_setup_bazelrc is called." |
| fi |
| } |
| |
| # @FUNCTION: sanitizer-add-blocklist |
| # @DESCRIPTION: |
| # Add blocklist files to the sanitizer build flags. |
| sanitizer-add-blocklist() { |
| if [[ $# -gt 1 ]]; then |
| die "More than one argument passed." |
| fi |
| _bazel_checks |
| |
| # Search blocklist files in source and files directories. |
| local files_list=( |
| "${FILESDIR}/sanitizer_blocklist.txt" |
| "${S}/sanitizer_blocklist.txt" |
| ) |
| # If a sanitizer name is passed, then search ${sanitizer}_blocklist.txt. |
| if [[ $# -eq 1 ]]; then |
| files_list+=( |
| "${FILESDIR}/$1_blocklist.txt" |
| "${S}/$1_blocklist.txt" |
| ) |
| fi |
| |
| for blocklist_file in "${files_list[@]}"; do |
| if [[ -f "${blocklist_file}" ]]; then |
| local blocklist_arg="-fsanitize-blacklist=${blocklist_file}" |
| append-flags "${blocklist_arg}" |
| fi |
| done |
| } |
| |
| cros-sanitizers-enable-libcxx-hardening() { |
| append-cppflags "-D_LIBCPP_HARDENING_MODE=_LIBCPP_HARDENING_MODE_EXTENSIVE" |
| } |
| |
| # Determines whether a sanitizer that we do not deploy to production builds |
| # (primarily due to overhead and/or security concerns) is enabled. Primarily, |
| # this intends to target sanitizer builders and local dev builds that opt into |
| # extensive sanitization. |
| _cros-sanitizers-is-non-production-sanitizer-enabled() { |
| use asan || use tsan || use msan || use ubsan |
| } |
| |
| # @FUNCTION: asan-setup-env |
| # @DESCRIPTION: |
| # Build a package with address sanitizer flags. |
| asan-setup-env() { |
| _bazel_checks |
| use asan || return 0 |
| if ! tc-is-clang; then |
| die "ASAN is only supported for clang" |
| fi |
| local asan_flags=( |
| "-fsanitize=address" |
| ) |
| append-flags "${asan_flags[@]}" |
| append-ldflags "${asan_flags[@]}" |
| sanitizer-add-blocklist "asan" |
| } |
| |
| # @FUNCTION: cfi-setup-env |
| # @DESCRIPTION: |
| # Build a package with LTO-based cfi if USE=cfi. Note that if USE=cfi_diag is |
| # set additional debugging information is printed and if USE=cfi_recover is set |
| # execution is allowed to continue past a violation. |
| cfi-setup-env() { |
| _bazel_checks |
| use cfi || return 0 |
| local flags=( |
| "-fvisibility=default" |
| ) |
| local lflags=() |
| if use thinlto ; then |
| flags+=( "-flto=thin" ) |
| lflags+=( "-Wl,--lto-O0" ) |
| else |
| die "LTO is required for CFI" |
| fi |
| local feature |
| for feature in "${CROS_SANITIZER_CFI_FEATURES[@]}"; do |
| case "${feature}" in |
| "derived-cast" | "icall" | "vcall" | "unrelated-cast") |
| flags+=( "-fsanitize=cfi-${feature}" ) |
| ;; |
| *) |
| die "${feature} is not a supported CFI feature" |
| ;; |
| esac |
| done |
| |
| local default_ignore="${FILESDIR}/cfi-ignore.txt" |
| if [[ -z "${CROS_SANITIZER_CFI_IGNORE}" ]]; then |
| # If this isn't set apply the default if it exists. |
| if [[ -f "${default_ignore}" ]]; then |
| einfo "Applying default CFI ignore list: '${default_ignore}'" |
| flags+=( "-fsanitize-ignorelist=${default_ignore}" ) |
| fi |
| elif [[ -f "${CROS_SANITIZER_CFI_IGNORE}" ]] ; then |
| flags+=( "-fsanitize-ignorelist=${CROS_SANITIZER_CFI_IGNORE}" ) |
| else |
| die "CFI ignore list '${CROS_SANITIZER_CFI_IGNORE}' not found." |
| fi |
| use cfi_diag && flags+=( "-fno-sanitize-trap=cfi" ) |
| use cfi_recover && flags+=( "-fsanitize-recover=cfi" ) |
| append-flags "${flags[@]}" |
| append-ldflags "${flags[@]}" "${lflags[@]}" |
| } |
| |
| # @FUNCTION: coverage-setup-env |
| # @DESCRIPTION: |
| # Build a package with coverage flags. |
| coverage-setup-env() { |
| _bazel_checks |
| use coverage || return 0 |
| if tc-is-clang; then |
| # Add a CROS_CODE_COVERAGE_ENABLED flag so users can detect coverage at |
| # compile-time. Unfortunately, Clang does not provide a |
| # `__has_feature` for the kind of code coverage we use |
| # (`__has_feature(coverage_sanitizer)` is for something different). |
| append-cppflags -DCROS_CODE_COVERAGE_ENABLED=1 |
| local flags=( |
| "-fprofile-instr-generate" |
| "-fcoverage-mapping" |
| ) |
| append-flags "${flags[@]}" |
| append-ldflags "${flags[@]}" |
| fi |
| } |
| |
| # @FUNCTION: msan-setup-env |
| # @DESCRIPTION: |
| # Build a package with memory sanitizer flags. |
| msan-setup-env() { |
| _bazel_checks |
| use msan || return 0 |
| # msan does not work with FORTIFY enabled. |
| local both=( "-fsanitize=memory" ) |
| local cflags_only=( "-fsanitize-memory-track-origins" ) |
| append-cppflags "-U_FORTIFY_SOURCE" |
| append-flags "${both[@]}" "${cflags_only[@]}" |
| append-ldflags "${both[@]}" |
| sanitizer-add-blocklist "msan" |
| } |
| |
| # @FUNCTION: tsan-setup-env |
| # @DESCRIPTION: |
| # Build a package with thread sanitizer flags. |
| tsan-setup-env() { |
| _bazel_checks |
| use tsan || return 0 |
| local tsan_flags=( |
| "-fsanitize=thread" |
| ) |
| append-flags "${tsan_flags[@]}" |
| append-ldflags "${tsan_flags[@]}" |
| sanitizer-add-blocklist "tsan" |
| } |
| |
| # @FUNCTION: ubsan-setup-env |
| # @DESCRIPTION: |
| # Build a package with undefined behavior sanitizer flags. |
| ubsan-setup-env() { |
| _bazel_checks |
| use ubsan || return 0 |
| # Flags for normal ubsan builds. |
| # TODO: Use same flags as fuzzer builds. |
| local flags=( |
| "-fsanitize=alignment,array-bounds,pointer-overflow,shift" |
| "-fsanitize=integer-divide-by-zero,float-divide-by-zero" |
| "-fsanitize=signed-integer-overflow,vla-bound" |
| "-fno-sanitize=vptr" |
| "-fno-sanitize-recover=all" |
| ) |
| # Use different flags for fuzzer ubsan builds. |
| if use fuzzer; then |
| flags=( |
| "-fsanitize=alignment,array-bounds,function,pointer-overflow" |
| "-fsanitize=integer-divide-by-zero,float-divide-by-zero" |
| "-fsanitize=signed-integer-overflow,shift,vla-bound,vptr" |
| "-fno-sanitize-recover=all" |
| "-frtti" |
| ) |
| fi |
| append-flags "${flags[@]}" |
| append-ldflags "${flags[@]}" |
| append-cppflags -DCHROMEOS_UBSAN_BUILD |
| sanitizer-add-blocklist "ubsan" |
| } |
| |
| # @FUNCTION: sanitizers-setup-env |
| # @DESCRIPTION: |
| # Build a package with required sanitizer flags. |
| sanitizers-setup-env() { |
| if [[ -z "${CROS_SANITIZER_DISABLE_LIBCXX_HARDENING}" ]] && _cros-sanitizers-is-non-production-sanitizer-enabled; then |
| cros-sanitizers-enable-libcxx-hardening |
| fi |
| asan-setup-env |
| cfi-setup-env |
| coverage-setup-env |
| if [[ $(type -t fuzzer-setup-env) == "function" ]] ; then |
| # Only run this if we've inherited cros-fuzzer.eclass. |
| fuzzer-setup-env |
| fi |
| msan-setup-env |
| tsan-setup-env |
| ubsan-setup-env |
| } |
| |
| # @FUNCTION: cros-rust-setup-sanitizers |
| # @DESCRIPTION: |
| # Sets up sanitizer flags for rust. |
| cros-rust-setup-sanitizers() { |
| _bazel_checks |
| local rust_san_flags=( "${RUSTFLAGS[@]}" ) |
| use asan && rust_san_flags+=( -Zsanitizer=address ) |
| if use cfi ; then |
| ewarn "CFI with mixed Rust and C/C++ is not supported by the toolchain team." |
| ewarn "(i.e. use at your own risk)." |
| rust_san_flags+=( -Zsplit-lto-unit -Clinker-plugin-lto=yes ) |
| fi |
| use lsan && rust_san_flags+=( -Zsanitizer=leak ) |
| use msan && rust_san_flags+=( -Zsanitizer=memory ) |
| use tsan && rust_san_flags+=( -Zsanitizer=thread ) |
| export RUSTFLAGS="${rust_san_flags[*]}" |
| } |
| |
| # @FUNCTION: use_sanitizers |
| # @DESCRIPTION: |
| # Checks whether sanitizers are being used. |
| # Also returns a true/false value when passed as arguments. |
| # Usage: use_sanitizers [trueVal] [falseVal] |
| use_sanitizers() { |
| if use asan || use coverage || use fuzzer || use msan || use tsan || use ubsan; then |
| [[ "$#" -eq 2 ]] && echo "$1" |
| return 0 |
| fi |
| |
| [[ "$#" -eq 2 ]] && echo "$2" |
| return 1 |
| } |
| |
| fi |
