lib: Add ASan stub

Add a Kconfig option to enable address sanitizer on x86 architecture. Create ASan dummy functions. And add relevant gcc flags to compile ramstage with ASan. Change-Id: I6d87e48b6786f02dd46ea74e702f294082fd8891 Signed-off-by: Harshit Sharma <harshitsharmajs@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/42271 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2020-06-09 20:25:16 -07:00 · 2020-06-09 20:25:16 -07:00 · 2bcaba0fd4
parent 693f4a4179
commit 2bcaba0fd4
3 changed files with 59 additions and 0 deletions
--- a/src/Kconfig
+++ b/src/Kconfig
@ -270,6 +270,19 @@ config UBSAN
 	  say N because it adds a small performance penalty and may abort
 	  on code that happens to work in spite of the UB.

+config ASAN_IN_RAMSTAGE
+	bool "Address sanitizer support"
+	depends on ARCH_X86
+	default n
+	help
+	  Enable address sanitizer - runtime memory debugger,
+	  designed to find out-of-bounds accesses and use-after-scope bugs.
+
+	  This feature consumes up to 1/8 of available memory and brings about
+	  ~1.5x performance slowdown.
+
+	  If unsure, say N.
+
 choice
 	prompt "Stage Cache for ACPI S3 resume"
 	default NO_STAGE_CACHE if !HAVE_ACPI_RESUME
--- a/src/lib/Makefile.inc
+++ b/src/lib/Makefile.inc
@ -7,6 +7,18 @@ ramstage-y += ubsan.c
 CFLAGS_ramstage += -fsanitize=undefined
 endif

+ifeq ($(CONFIG_ASAN_IN_RAMSTAGE),y)
+ramstage-y += asan.c
+CFLAGS_asan += -fsanitize=kernel-address \
+		--param asan-stack=1 --param asan-globals=1 \
+		--param asan-instrumentation-with-call-threshold=0 \
+		-fsanitize-address-use-after-scope \
+		--param use-after-scope-direct-emission-threshold=0
+CFLAGS_ramstage += $(CFLAGS_asan)
+# Allow memory access without __asan_load and __asan_store checks.
+$(obj)/ramstage/lib/asan.o: CFLAGS_asan =
+endif
+
 decompressor-y += decompressor.c
 $(call src-to-obj,decompressor,$(dir)/decompressor.c): $(objcbfs)/bootblock.lz4
 $(call src-to-obj,decompressor,$(dir)/decompressor.c): CCACHE_EXTRAFILES=$(objcbfs)/bootblock.lz4
--- a/src/lib/asan.c
+++ b/src/lib/asan.c
@ -0,0 +1,34 @@
+#include <stddef.h>
+
+#pragma GCC diagnostic ignored "-Wmissing-prototypes"
+
+#define DEFINE_ASAN_LOAD_STORE(size)                        \
+	void __asan_load##size(unsigned long addr)              \
+	{}                                                      \
+	void __asan_load##size##_noabort(unsigned long addr)    \
+	{}                                                      \
+	void __asan_store##size(unsigned long addr)             \
+	{}                                                      \
+	void __asan_store##size##_noabort(unsigned long addr)   \
+	{}
+
+DEFINE_ASAN_LOAD_STORE(1);
+DEFINE_ASAN_LOAD_STORE(2);
+DEFINE_ASAN_LOAD_STORE(4);
+DEFINE_ASAN_LOAD_STORE(8);
+DEFINE_ASAN_LOAD_STORE(16);
+
+void __asan_loadN(unsigned long addr, size_t size)
+{}
+
+void __asan_loadN_noabort(unsigned long addr, size_t size)
+{}
+
+void __asan_storeN(unsigned long addr, size_t size)
+{}
+
+void __asan_storeN_noabort(unsigned long addr, size_t size)
+{}
+
+void __asan_handle_no_return(void)
+{}