From 447f5b1ea9fd2a619f66763d8dcbdd5d0377025b Mon Sep 17 00:00:00 2001
From: Ivan Lozano <ivanlozano@google.com>
Date: Wed, 26 Jul 2023 13:34:55 -0400
Subject: [PATCH] rust: Add SCS sanitizer option.

SCS has been supported in Rust since 1.64.0.

This adds SCS as a sanitizer option in Rust.

Bug: 168914033
Test: Built module with sanitize: { scs: true }
Change-Id: Ibdc116a335339af6d0b0d6dd0bb82c0358fa9087
---
 cc/sanitize.go        | 22 +++++++++++-----------
 cc/vendor_snapshot.go |  2 +-
 rust/sanitize.go      | 25 ++++++++++++++++++++++++-
 3 files changed, 36 insertions(+), 13 deletions(-)

diff --git a/cc/sanitize.go b/cc/sanitize.go
index 626005b44..098960721 100644
--- a/cc/sanitize.go
+++ b/cc/sanitize.go
@@ -100,7 +100,7 @@ const (
 	Hwasan
 	tsan
 	intOverflow
-	scs
+	Scs
 	Fuzzer
 	Memtag_heap
 	Memtag_stack
@@ -113,7 +113,7 @@ var Sanitizers = []SanitizerType{
 	Hwasan,
 	tsan,
 	intOverflow,
-	scs,
+	Scs,
 	Fuzzer,
 	Memtag_heap,
 	Memtag_stack,
@@ -134,7 +134,7 @@ func (t SanitizerType) variationName() string {
 		return "intOverflow"
 	case cfi:
 		return "cfi"
-	case scs:
+	case Scs:
 		return "scs"
 	case Memtag_heap:
 		return "memtag_heap"
@@ -168,7 +168,7 @@ func (t SanitizerType) name() string {
 		return "integer_overflow"
 	case cfi:
 		return "cfi"
-	case scs:
+	case Scs:
 		return "shadow-call-stack"
 	case Fuzzer:
 		return "fuzzer"
@@ -179,7 +179,7 @@ func (t SanitizerType) name() string {
 
 func (t SanitizerType) registerMutators(ctx android.RegisterMutatorsContext) {
 	switch t {
-	case cfi, Hwasan, Asan, tsan, Fuzzer, scs:
+	case cfi, Hwasan, Asan, tsan, Fuzzer, Scs:
 		sanitizer := &sanitizerSplitMutator{t}
 		ctx.TopDown(t.variationName()+"_markapexes", sanitizer.markSanitizableApexesMutator)
 		ctx.Transition(t.variationName(), sanitizer)
@@ -216,7 +216,7 @@ func (*Module) SanitizerSupported(t SanitizerType) bool {
 		return true
 	case cfi:
 		return true
-	case scs:
+	case Scs:
 		return true
 	case Fuzzer:
 		return true
@@ -1022,7 +1022,7 @@ func (s *sanitize) getSanitizerBoolPtr(t SanitizerType) *bool {
 		return s.Properties.SanitizeMutated.Integer_overflow
 	case cfi:
 		return s.Properties.SanitizeMutated.Cfi
-	case scs:
+	case Scs:
 		return s.Properties.SanitizeMutated.Scs
 	case Memtag_heap:
 		return s.Properties.SanitizeMutated.Memtag_heap
@@ -1043,7 +1043,7 @@ func (sanitize *sanitize) isUnsanitizedVariant() bool {
 		!sanitize.isSanitizerEnabled(Hwasan) &&
 		!sanitize.isSanitizerEnabled(tsan) &&
 		!sanitize.isSanitizerEnabled(cfi) &&
-		!sanitize.isSanitizerEnabled(scs) &&
+		!sanitize.isSanitizerEnabled(Scs) &&
 		!sanitize.isSanitizerEnabled(Memtag_heap) &&
 		!sanitize.isSanitizerEnabled(Memtag_stack) &&
 		!sanitize.isSanitizerEnabled(Memtag_globals) &&
@@ -1080,7 +1080,7 @@ func (sanitize *sanitize) SetSanitizer(t SanitizerType, b bool) {
 		sanitize.Properties.SanitizeMutated.Integer_overflow = bPtr
 	case cfi:
 		sanitize.Properties.SanitizeMutated.Cfi = bPtr
-	case scs:
+	case Scs:
 		sanitize.Properties.SanitizeMutated.Scs = bPtr
 	case Memtag_heap:
 		sanitize.Properties.SanitizeMutated.Memtag_heap = bPtr
@@ -1340,7 +1340,7 @@ func (s *sanitizerSplitMutator) Mutate(mctx android.BottomUpMutatorContext, vari
 
 		oneMakeVariation := false
 		if c.StaticallyLinked() || c.Header() {
-			if s.sanitizer != cfi && s.sanitizer != scs && s.sanitizer != Hwasan {
+			if s.sanitizer != cfi && s.sanitizer != Scs && s.sanitizer != Hwasan {
 				// These sanitizers export only one variation to Make. For the rest,
 				// Make targets can depend on both the sanitized and non-sanitized
 				// versions.
@@ -1350,7 +1350,7 @@ func (s *sanitizerSplitMutator) Mutate(mctx android.BottomUpMutatorContext, vari
 			// Shared library. These are the sanitizers that do propagate through shared
 			// library dependencies and therefore can cause multiple variations of a
 			// shared library to be built.
-			if s.sanitizer != cfi && s.sanitizer != Hwasan && s.sanitizer != scs && s.sanitizer != Asan {
+			if s.sanitizer != cfi && s.sanitizer != Hwasan && s.sanitizer != Scs && s.sanitizer != Asan {
 				oneMakeVariation = true
 			}
 		}
diff --git a/cc/vendor_snapshot.go b/cc/vendor_snapshot.go
index 9ea337b8d..2421e2408 100644
--- a/cc/vendor_snapshot.go
+++ b/cc/vendor_snapshot.go
@@ -95,7 +95,7 @@ func isSnapshotAware(cfg android.DeviceConfig, m LinkableInterface, inProprietar
 		if sanitizable.SanitizePropDefined() {
 			// scs exports both sanitized and unsanitized variants for static and header
 			// Always use unsanitized variant of it.
-			if !sanitizable.Shared() && sanitizable.IsSanitizerEnabled(scs) {
+			if !sanitizable.Shared() && sanitizable.IsSanitizerEnabled(Scs) {
 				return false
 			}
 			// cfi and hwasan also export both variants. But for static, we capture both.
diff --git a/rust/sanitize.go b/rust/sanitize.go
index 0f7cf6e5f..fd67bc419 100644
--- a/rust/sanitize.go
+++ b/rust/sanitize.go
@@ -32,6 +32,7 @@ type SanitizeProperties struct {
 	Sanitize struct {
 		Address   *bool `android:"arch_variant"`
 		Hwaddress *bool `android:"arch_variant"`
+		Scs       *bool `android:"arch_variant"`
 
 		// Memory-tagging, only available on arm64
 		// if diag.memtag unset or false, enables async memory tagging
@@ -75,6 +76,9 @@ var fuzzerFlags = []string{
 var asanFlags = []string{
 	"-Z sanitizer=address",
 }
+var scsFlags = []string{
+	"-Z sanitizer=shadow-call-stack",
+}
 
 // See cc/sanitize.go's hwasanGlobalOptions for global hwasan options.
 var hwasanFlags = []string{
@@ -208,9 +212,14 @@ func (sanitize *sanitize) begin(ctx BaseModuleContext) {
 		s.Memtag_heap = nil
 	}
 
+	// SCS is only implemented on AArch64/riscv64.
+	if (ctx.Arch().ArchType != android.Arm64 && ctx.Arch().ArchType != android.Riscv64) || !ctx.toolchain().Bionic() {
+		s.Scs = nil
+	}
+
 	// TODO:(b/178369775)
 	// For now sanitizing is only supported on devices
-	if ctx.Os() == android.Android && (Bool(s.Hwaddress) || Bool(s.Address) || Bool(s.Memtag_heap) || Bool(s.Fuzzer)) {
+	if ctx.Os() == android.Android && (Bool(s.Hwaddress) || Bool(s.Address) || Bool(s.Memtag_heap) || Bool(s.Fuzzer) || Bool(s.Scs)) {
 		sanitize.Properties.SanitizerEnabled = true
 	}
 }
@@ -229,7 +238,10 @@ func (sanitize *sanitize) flags(ctx ModuleContext, flags Flags, deps PathDeps) (
 		flags.RustFlags = append(flags.RustFlags, hwasanFlags...)
 	} else if Bool(sanitize.Properties.Sanitize.Address) {
 		flags.RustFlags = append(flags.RustFlags, asanFlags...)
+	} else if Bool(sanitize.Properties.Sanitize.Scs) {
+		flags.RustFlags = append(flags.RustFlags, scsFlags...)
 	}
+
 	return flags, deps
 }
 
@@ -311,6 +323,9 @@ func (sanitize *sanitize) SetSanitizer(t cc.SanitizerType, b bool) {
 	case cc.Memtag_heap:
 		sanitize.Properties.Sanitize.Memtag_heap = boolPtr(b)
 		sanitizerSet = true
+	case cc.Scs:
+		sanitize.Properties.Sanitize.Scs = boolPtr(b)
+		sanitizerSet = true
 	default:
 		panic(fmt.Errorf("setting unsupported sanitizerType %d", t))
 	}
@@ -372,6 +387,8 @@ func (sanitize *sanitize) getSanitizerBoolPtr(t cc.SanitizerType) *bool {
 		return sanitize.Properties.Sanitize.Hwaddress
 	case cc.Memtag_heap:
 		return sanitize.Properties.Sanitize.Memtag_heap
+	case cc.Scs:
+		return sanitize.Properties.Sanitize.Scs
 	default:
 		return nil
 	}
@@ -384,6 +401,10 @@ func (sanitize *sanitize) AndroidMk(ctx AndroidMkContext, entries *android.Andro
 		if sanitize.isSanitizerEnabled(cc.Hwasan) {
 			entries.SubName += ".hwasan"
 		}
+		if sanitize.isSanitizerEnabled(cc.Scs) {
+			entries.SubName += ".scs"
+		}
+
 	}
 }
 
@@ -404,6 +425,8 @@ func (mod *Module) SanitizerSupported(t cc.SanitizerType) bool {
 		return true
 	case cc.Memtag_heap:
 		return true
+	case cc.Scs:
+		return true
 	default:
 		return false
 	}