On Tue, Aug 13, 2024 at 1:29 AM Matthew Maurer <mmaurer@xxxxxxxxxx> wrote:
>
> Rust supports KASAN via LLVM, but prior to this patch, the flags aren't
> set properly.
>
> Suggested-by: Miguel Ojeda <ojeda@xxxxxxxxxx>
> Signed-off-by: Matthew Maurer <mmaurer@xxxxxxxxxx>
> ---
> scripts/Makefile.kasan | 51 +++++++++++++++++++++++----------
> scripts/Makefile.lib | 3 ++
> scripts/generate_rust_target.rs | 1 +
> 3 files changed, 40 insertions(+), 15 deletions(-)
>
> diff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan
> index 390658a2d5b7..bfd37be9cc45 100644
> --- a/scripts/Makefile.kasan
> +++ b/scripts/Makefile.kasan
> @@ -12,6 +12,9 @@ endif
> KASAN_SHADOW_OFFSET ?= $(CONFIG_KASAN_SHADOW_OFFSET)
>
> cc-param = $(call cc-option, -mllvm -$(1), $(call cc-option, --param $(1)))
> +rustc-param = $(call rustc-option, -Cllvm-args=-$(1),)
> +
> +check-args = $(foreach arg,$(2),$(call $(1),$(arg)))
>
> ifdef CONFIG_KASAN_STACK
> stack_enable := 1
> @@ -28,6 +31,7 @@ else
> endif
>
> CFLAGS_KASAN_MINIMAL := -fsanitize=kernel-address
> +RUSTFLAGS_KASAN_MINIMAL := -Zsanitizer=kernel-address -Zsanitizer-recover=kernel-address
>
> # -fasan-shadow-offset fails without -fsanitize
> CFLAGS_KASAN_SHADOW := $(call cc-option, -fsanitize=kernel-address \
> @@ -35,44 +39,61 @@ CFLAGS_KASAN_SHADOW := $(call cc-option, -fsanitize=kernel-address \
> $(call cc-option, -fsanitize=kernel-address \
> -mllvm -asan-mapping-offset=$(KASAN_SHADOW_OFFSET)))
>
> +# The minimum supported `rustc` version has a minimum supported LLVM
> +# version late enough that we can assume support for -asan-mapping-offset
> +RUSTFLAGS_KASAN_SHADOW := $(RUSTFLAGS_KASAN_MINIMAL) \
> + -Cllvm-args=-asan-mapping-offset=$(KASAN_SHADOW_OFFSET)
> +
> +KASAN_PARAMS :=
> +
> ifeq ($(strip $(CFLAGS_KASAN_SHADOW)),)
> CFLAGS_KASAN := $(CFLAGS_KASAN_MINIMAL)
> + # We still need to consider this case for Rust because we want Rust code
> + # to match the behavior of possibly old C compilers when linked together.
> + ifdef CONFIG_RUST
> + RUSTFLAGS_KASAN := $(RUSTFLAGS_KASAN_MINIMAL)
> + endif
Eh, this is getting ugly. I sent a patch that simplifies the KASAN
Makefile, please rebase your changes on top of it.
> else
> - # Now add all the compiler specific options that are valid standalone
> - CFLAGS_KASAN := $(CFLAGS_KASAN_SHADOW) \
> - $(call cc-param,asan-globals=1) \
> - $(call cc-param,asan-instrumentation-with-call-threshold=$(call_threshold)) \
> - $(call cc-param,asan-instrument-allocas=1)
> + KASAN_PARAMS += asan-globals=1 asan-instrumentation-with-call-threshold=$(call_threshold) asan-instrument-allocas=1
> + CFLAGS_KASAN := $(CFLAGS_KASAN_SHADOW)
> + ifdef CONFIG_RUST
> + RUSTFLAGS_KASAN := $(RUSTFLAGS_KASAN_SHADOW)
> + endif
> endif
>
> -CFLAGS_KASAN += $(call cc-param,asan-stack=$(stack_enable))
> +KASAN_PARAMS += asan-stack=$(stack_enable)
>
> # Instrument memcpy/memset/memmove calls by using instrumented __asan_mem*()
> # instead. With compilers that don't support this option, compiler-inserted
> # memintrinsics won't be checked by KASAN on GENERIC_ENTRY architectures.
> -CFLAGS_KASAN += $(call cc-param,asan-kernel-mem-intrinsic-prefix=1)
> +KASAN_PARAMS += asan-kernel-mem-intrinsic-prefix=1
>
> endif # CONFIG_KASAN_GENERIC
>
> ifdef CONFIG_KASAN_SW_TAGS
>
> ifdef CONFIG_KASAN_INLINE
> - instrumentation_flags := $(call cc-param,hwasan-mapping-offset=$(KASAN_SHADOW_OFFSET))
> + KASAN_PARAMS += hwasan-mapping-offset=$(KASAN_SHADOW_OFFSET)
> else
> - instrumentation_flags := $(call cc-param,hwasan-instrument-with-calls=1)
> + KASAN_PARAMS += hwasan-instrument-with-calls=1
> endif
>
> -CFLAGS_KASAN := -fsanitize=kernel-hwaddress \
> - $(call cc-param,hwasan-instrument-stack=$(stack_enable)) \
> - $(call cc-param,hwasan-use-short-granules=0) \
> - $(call cc-param,hwasan-inline-all-checks=0) \
> - $(instrumentation_flags)
> +KASAN_PARAMS += hwasan-instrument-stack=$(stack_enable) hwasan-use-short-granules=0 hwasan-inline-all-checks=0 $(instrumentation_params)
What are instrumentation_params? instrumentation_flags? They are not
defined in the Makefile anymore.
> +CFLAGS_KASAN := -fsanitize=kernel-hwaddress
>
> # Instrument memcpy/memset/memmove calls by using instrumented __hwasan_mem*().
> ifeq ($(call clang-min-version, 150000)$(call gcc-min-version, 130000),y)
> CFLAGS_KASAN += $(call cc-param,hwasan-kernel-mem-intrinsic-prefix=1)
> endif
>
> +ifdef CONFIG_RUST
> + RUSTFLAGS_KASAN := -Zsanitizer=kernel-hwaddress -Zsanitizer-recover=kernel-hwaddress
> +endif
Let's change the order of the definitions to:
1. CFLAGS_KASAN
2. RUSTFLAGS_KASAN
3. KASAN_PARAMS
> +
> endif # CONFIG_KASAN_SW_TAGS
>
> -export CFLAGS_KASAN CFLAGS_KASAN_NOSANITIZE
> +# Add all as-supported KASAN LLVM parameters requested by the configuration
> +CFLAGS_KASAN += $(call check-args, cc-param, $(KASAN_PARAMS))
> +RUSTFLAGS_KASAN += $(call check-args, rustc-param, $(KASAN_PARAMS))
> +
> +export CFLAGS_KASAN CFLAGS_KASAN_NOSANITIZE RUSTFLAGS_KASAN
> diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
> index fe3668dc4954..27999da3d382 100644
> --- a/scripts/Makefile.lib
> +++ b/scripts/Makefile.lib
> @@ -167,6 +167,9 @@ ifneq ($(CONFIG_KASAN_HW_TAGS),y)
> _c_flags += $(if $(patsubst n%,, \
> $(KASAN_SANITIZE_$(target-stem).o)$(KASAN_SANITIZE)$(is-kernel-object)), \
> $(CFLAGS_KASAN), $(CFLAGS_KASAN_NOSANITIZE))
> +_rust_flags += $(if $(patsubst n%,, \
> + $(KASAN_SANITIZE_$(target-stem).o)$(KASAN_SANITIZE)$(is-kernel-object)), \
> + $(RUSTFLAGS_KASAN))
> endif
> endif
>
> diff --git a/scripts/generate_rust_target.rs b/scripts/generate_rust_target.rs
> index 8a0644c0beed..1a4d468c575f 100644
> --- a/scripts/generate_rust_target.rs
> +++ b/scripts/generate_rust_target.rs
> @@ -187,6 +187,7 @@ fn main() {
> }
> ts.push("features", features);
> ts.push("llvm-target", "x86_64-linux-gnu");
> + ts.push("supported-sanitizers", ["kernel-address"]);
> ts.push("target-pointer-width", "64");
> } else if cfg.has("X86_32") {
> // This only works on UML, as i386 otherwise needs regparm support in rustc
> --
> 2.46.0.76.ge559c4bf1a-goog
>
