MTE globals needs four pieces:
1. (done) clang/llvm to produce objfiles with MTE globals metadata
2. (in flight, https://reviews.llvm.org/D152921) lld to process the metadata in the objfiles, and produce information in each DSO describing the global variables that need to be tagged (alongside some other stuff).
3. (this patch) android to handle the new sanitizer
4. (not yet sent) bionic's libc/linker to interpret the information in each DSO, and tag the global variables.
Because #2 will take some time to come through the toolchain rolls, and #3 and #4 can be landed asynchronously, we can land this ahead of time. Should make my life easier by preventing constant rebases.
Bug: N/A
Test: Build {libc, libm, libc++, libm, and libnetd} in internal master
with these patches and an experimental compiler with the lld support.
Also, `SANITIZE_TARGET=memtag_globals m` here with in-tree compiler
without lld support.
Change-Id: Ie7882d474d4d776232de3a3d571a82274df14bf0
We pass mcpu=cortex-a55 for our build, which increases BB to the point
where the LLVM default of 32 is not enough. This caused worse coverage
for use-after-scope detection, and increased stack usage.
Test: build oriole_hwasan
Bug: 229654778
Change-Id: I6ddb47d7224a9c6ddbf2641c043e3430d330c5a9
We don't built clang sanitizer runtimes for host arm64 yet,
disable sanitizer that need them when building for linux_musl arm64.
Test: builds
Change-Id: Id4fcb7f9743ac30121157b2294eb60216eaff7b3
Environment variables HWASAN_INCLUDE_PATHS and
PRODUCT_HWASAN_INCLUDE_PATHS can be used to enable HWASan for multiple
modules, by just adding the module directory to the env variable.
Bug: b/271948407
Test: Set specific module directory to above env variable and check the
assembly codes of output elf files after building, finding hwasan
related symbols inside.
Change-Id: Ic49b515830c4469ca5fa94f547b26c0fb602fc54
We're trying to switch from x18 to gp for shadow call stack, ideally
without breaking anything, so let's disable shadow call stack while we
rearrange things behind the scenes...
Bug: http://b/277909695
Test: treehugger
Change-Id: Ic1a6bceaf0ab20dc66e1903747ebb668232a253a
libc_hwasan is a new library in the runtime apex that lives in
bionic/hwasan/libc.so and is symlinked to /system/lib64/hwasan/libc.so.
This is chosen by the linker if an app or binary requires HWASan
support.
Bug: 276930343
Change-Id: If331744ad84241ad99a41805ea3110d37cf9b0af
Mostly exporting variables to Bazel, but also allowlisting a BUILD
file.
Bug: 251217226
Test: Unit tests
Change-Id: Id87015a3cd5d970700c4058ec989bb0c14c36bcb
Use static asan runtimes for musl binaries to match glibc binaries.
The static asan runtime also requires libclang_rt.asan_cxx.a. Unlike
most other runtimes the asan runtimes need to expose the symbols
from the runtime to allow intercepting calls to malloc, new etc.
Test: m USE_HOST_MUSL=true aidl_unittests && out/host/linux-x86/testcases/aidl_unittests/x86_64/aidl_unittests
Test: sanitize_test.go
Change-Id: I93da03b1c447fbb01f37262e7a465f165c2d5a18
The dependencies on static runtimes are getting compilicated, as they
vary on whether or not they should hide or export symbols from the
runtime. Instead of setting flags to try to add the right static
runtime later, add them as dependencies immediately with a call to
addStaticDeps.
Test: sanitize_test.go
Change-Id: I5fb3ee29b31ce99d8feac262fcf71d19396dc68d
We pass mcpu=cortex-a55 for our build, which increases BB to the point
where the LLVM default of 32 is not enough.
I ran a fullmte build and did not see any slowdown.
Bug: 229654778
Change-Id: Ifbd1e5427101b2f2f39c067ba3ea4d5cb4a3ba0d
To match the scudo allocator's always return zero allocation behavior,
set the max malloc fill size larger than the largest size class.
Currently, the largest is 65552, so set the max to 128KB to avoid
needing to change this in the future.
Test: Run test that verifies allocations returned are zero and it passes.
Change-Id: Ie9f0b0d54f846008b1c6d5dc6e55c7031262d29e
vendor_snapshot_object modules do not provide sanitizers.
Avoid sanitizer mutation for these modules.
Bug: 234772527
Test: build against the vsdk with SANITIZE_TARGET=hwaddress
Change-Id: Ib4fe4def673aa77a4321f47c09393adcb2fa2964
When generating vsdk snapshot with SANITIZE_TARGET=hwaddress option,
include hwasan static libraries to the vendor snapshot.
Bug: 234772527
Test: build against the vsdk with SANITIZE_TARGET=hwaddress
Change-Id: I6fdecefaa8557b5c968745487a3ed7c959e682f9
Building for riscv64 fails with link errors on __thread variables.
Set -fno-emulated-tls to fix it.
Bug: 254713216
Test: lunch aosp_riscv64-userdebug && m ALLOW_MISSING_DEPENDENCIES=true ndk_sysroot
Change-Id: I3dca81dfd277d681b6c868a5e8385e3a37335a5f
Building with LTO and CFI enabled for riscv64 causes link failures:
ld.lld: error: lto.tmp: cannot link object files with different floating-point ABI
ld.lld: error: undefined symbol: guard variable for android::hardware::BufferedTextOutput::getBuffer() const::ts
Disable them for now.
Test: lunch aosp_riscv64-userdebug && m ALLOW_MISSING_DEPENDENCIES=true ndk_sysroot
Change-Id: I3489952abebeeb3f4de664fd3e436232aac298d7
Using a dynamic libclang_rt.ubsan_standalone runtime causes
problems when dalvikvm dlopen's libart.so:
JniInvocation E 10-19 18:25:55 1159447 1159447] Failed to dlopen libart.so: Error relocating /mnt/disks/build-disk/src/android/master/out/host/linux-x86/lib64/libclang_rt.ubsan_standalone-x86_64.so: (null): initial-exec TLS resolves to dynamic definition in /mnt/disks/build-disk/src/android/master/out/host/linux-x86/lib64/libclang_rt.ubsan_standalone-x86_64.so
This seems to be caused by a thread local variable with an
explicit initial-exec TLS model in libclang_rt.ubsan_standalone,
which is then rejected by musl's dynamic loader. Switching to
a static libclang_rt.ubsan_standalone matches what we are doing
for glibc and fixes musl.
Bug: 190084016
Test: m USE_HOST_MUSL=true out/target/common/obj/JAVA_LIBRARIES/ahat-test-dump_intermediates/test-dump-base.hprof
Change-Id: I3e50eae6c22b684fc7bb0ccdfe0379f41d246319
unwinding through tagged frames is fixed in upstream and cherry-picked
onto Android toolchain in https://r.android.com/2251926. until then, we
can disable stack tagging for code that uses exception, so we can get
some coverage before the toolchain update.
Test: stack_tagging_helper exception_cleanup from https://r.android.com/2175188
fails with assertion "GetTag(&y) !=
GetTag(__builtin_frame_address(0))" as expected
Bug: 174878242
Change-Id: I1597b21f64a92874dbccb64ffebbef7bb9bf8214
