Support enabling overflow sanitization by path.

Handle paths variable provided from Make about where integer overflow
sanitization should be enabled by default, and prepare to enable minimal
runtime diagnostics for integer overflow sanitizers in userdebug/eng builds.

This provides Soong support for on-by-default paths from Make for
integer overflow sanitization.

Bug: 30969751
Bug: 63927620
Test: Include paths passed from Make are being sanitized.
Test: Compilation succeeds with and without diagnostics enabled.
Test: See Make patch for further test notes.

Change-Id: I803a75646cc27ef5b4b5b74b8eb2981c39f8a6a3
This commit is contained in:
Ivan Lozano 2018-01-09 09:57:19 -08:00
parent 2e020842dc
commit 17df3c1b76
3 changed files with 29 additions and 1 deletions

View file

@ -712,6 +712,13 @@ func (c *config) CFIDisabledForPath(path string) bool {
return PrefixInList(path, *c.ProductVariables.CFIExcludePaths) return PrefixInList(path, *c.ProductVariables.CFIExcludePaths)
} }
func (c *config) IntegerOverflowEnabledForPath(path string) bool {
if c.ProductVariables.IntegerOverflowIncludePaths == nil {
return false
}
return PrefixInList(path, *c.ProductVariables.IntegerOverflowIncludePaths)
}
func (c *config) CFIEnabledForPath(path string) bool { func (c *config) CFIEnabledForPath(path string) bool {
if c.ProductVariables.CFIIncludePaths == nil { if c.ProductVariables.CFIIncludePaths == nil {
return false return false

View file

@ -167,6 +167,7 @@ type productVariables struct {
MinimizeJavaDebugInfo *bool `json:",omitempty"` MinimizeJavaDebugInfo *bool `json:",omitempty"`
IntegerOverflowExcludePaths *[]string `json:",omitempty"` IntegerOverflowExcludePaths *[]string `json:",omitempty"`
IntegerOverflowIncludePaths *[]string `json:",omitempty"`
EnableCFI *bool `json:",omitempty"` EnableCFI *bool `json:",omitempty"`
CFIExcludePaths *[]string `json:",omitempty"` CFIExcludePaths *[]string `json:",omitempty"`

View file

@ -232,6 +232,14 @@ func (sanitize *sanitize) begin(ctx BaseModuleContext) {
} }
} }
// Enable Integer Overflow for all components in the include paths
if !ctx.Host() && ctx.Config().IntegerOverflowEnabledForPath(ctx.ModuleDir()) && s.Integer_overflow == nil {
s.Integer_overflow = boolPtr(true)
if inList("integer_overflow", ctx.Config().SanitizeDeviceDiag()) {
s.Diag.Integer_overflow = boolPtr(true)
}
}
// CFI needs gold linker, and mips toolchain does not have one. // CFI needs gold linker, and mips toolchain does not have one.
if !ctx.Config().EnableCFI() || ctx.Arch().ArchType == android.Mips || ctx.Arch().ArchType == android.Mips64 { if !ctx.Config().EnableCFI() || ctx.Arch().ArchType == android.Mips || ctx.Arch().ArchType == android.Mips64 {
s.Cfi = nil s.Cfi = nil
@ -417,6 +425,7 @@ func (sanitize *sanitize) flags(ctx ModuleContext, flags Flags) Flags {
sanitizers = append(sanitizers, "unsigned-integer-overflow") sanitizers = append(sanitizers, "unsigned-integer-overflow")
sanitizers = append(sanitizers, "signed-integer-overflow") sanitizers = append(sanitizers, "signed-integer-overflow")
flags.CFlags = append(flags.CFlags, intOverflowCflags...) flags.CFlags = append(flags.CFlags, intOverflowCflags...)
if Bool(sanitize.Properties.Sanitize.Diag.Integer_overflow) { if Bool(sanitize.Properties.Sanitize.Diag.Integer_overflow) {
diagSanitizers = append(diagSanitizers, "unsigned-integer-overflow") diagSanitizers = append(diagSanitizers, "unsigned-integer-overflow")
diagSanitizers = append(diagSanitizers, "signed-integer-overflow") diagSanitizers = append(diagSanitizers, "signed-integer-overflow")
@ -424,6 +433,8 @@ func (sanitize *sanitize) flags(ctx ModuleContext, flags Flags) Flags {
} }
} }
diagSanitizeArgs := "-fno-sanitize-trap=" + strings.Join(diagSanitizers, ",")
if len(sanitizers) > 0 { if len(sanitizers) > 0 {
sanitizeArg := "-fsanitize=" + strings.Join(sanitizers, ",") sanitizeArg := "-fsanitize=" + strings.Join(sanitizers, ",")
flags.CFlags = append(flags.CFlags, sanitizeArg) flags.CFlags = append(flags.CFlags, sanitizeArg)
@ -436,10 +447,19 @@ func (sanitize *sanitize) flags(ctx ModuleContext, flags Flags) Flags {
} else { } else {
flags.CFlags = append(flags.CFlags, "-fsanitize-trap=all", "-ftrap-function=abort") flags.CFlags = append(flags.CFlags, "-fsanitize-trap=all", "-ftrap-function=abort")
} }
// Specific settings for userdebug and eng builds
if Bool(ctx.Config().ProductVariables.Debuggable) {
// TODO(ivanlozano): uncomment after switch to clang-4536805.
// Run integer overflow sanitizers with the minimal runtime diagnostics.
if strings.Contains(sanitizeArg, "integer") && !strings.Contains(diagSanitizeArgs, "integer") && !Bool(sanitize.Properties.Sanitize.Address) {
//flags.CFlags = append(flags.CFlags, "-fsanitize-minimal-runtime")
}
}
} }
if len(diagSanitizers) > 0 { if len(diagSanitizers) > 0 {
flags.CFlags = append(flags.CFlags, "-fno-sanitize-trap="+strings.Join(diagSanitizers, ",")) flags.CFlags = append(flags.CFlags, diagSanitizeArgs)
} }
// FIXME: enable RTTI if diag + (cfi or vptr) // FIXME: enable RTTI if diag + (cfi or vptr)