Re: [PATCH v2] kasan: simplify and clarify Makefile

From: Marco Elver
Date: Thu Aug 22 2024 - 09:53:29 EST


On Wed, 14 Aug 2024 at 18:11, <andrey.konovalov@xxxxxxxxx> wrote:
>
> From: Andrey Konovalov <andreyknvl@xxxxxxxxx>
>
> When KASAN support was being added to the Linux kernel, GCC did not yet
> support all of the KASAN-related compiler options. Thus, the KASAN
> Makefile had to probe the compiler for supported options.
>
> Nowadays, the Linux kernel GCC version requirement is 5.1+, and thus we
> don't need the probing of the -fasan-shadow-offset parameter: it exists in
> all 5.1+ GCCs.
>
> Simplify the KASAN Makefile to drop CFLAGS_KASAN_MINIMAL.
>
> Also add a few more comments and unify the indentation.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@xxxxxxxxx>

Acked-by: Marco Elver <elver@xxxxxxxxxx>

Just in case, did you test SW and HW tags modes as well?

> ---
>
> Changes v1->v2:
> - Comments fixes based on Miguel Ojeda's feedback.
> ---
> scripts/Makefile.kasan | 45 +++++++++++++++++++++---------------------
> 1 file changed, 23 insertions(+), 22 deletions(-)
>
> diff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan
> index 390658a2d5b74..aab4154af00a7 100644
> --- a/scripts/Makefile.kasan
> +++ b/scripts/Makefile.kasan
> @@ -22,30 +22,31 @@ endif
> ifdef CONFIG_KASAN_GENERIC
>
> ifdef CONFIG_KASAN_INLINE
> + # When the number of memory accesses in a function is less than this
> + # call threshold number, the compiler will use inline instrumentation.
> + # 10000 is chosen offhand as a sufficiently large number to make all
> + # kernel functions to be instrumented inline.
> call_threshold := 10000
> else
> call_threshold := 0
> endif
>
> -CFLAGS_KASAN_MINIMAL := -fsanitize=kernel-address
> -
> -# -fasan-shadow-offset fails without -fsanitize
> -CFLAGS_KASAN_SHADOW := $(call cc-option, -fsanitize=kernel-address \
> - -fasan-shadow-offset=$(KASAN_SHADOW_OFFSET), \
> - $(call cc-option, -fsanitize=kernel-address \
> - -mllvm -asan-mapping-offset=$(KASAN_SHADOW_OFFSET)))
> -
> -ifeq ($(strip $(CFLAGS_KASAN_SHADOW)),)
> - CFLAGS_KASAN := $(CFLAGS_KASAN_MINIMAL)
> -else
> - # Now add all the compiler specific options that are valid standalone
> - CFLAGS_KASAN := $(CFLAGS_KASAN_SHADOW) \
> - $(call cc-param,asan-globals=1) \
> - $(call cc-param,asan-instrumentation-with-call-threshold=$(call_threshold)) \
> - $(call cc-param,asan-instrument-allocas=1)
> -endif
> -
> -CFLAGS_KASAN += $(call cc-param,asan-stack=$(stack_enable))
> +# First, enable -fsanitize=kernel-address together with providing the shadow
> +# mapping offset, as for GCC, -fasan-shadow-offset fails without -fsanitize
> +# (GCC accepts the shadow mapping offset via -fasan-shadow-offset instead of
> +# a --param like the other KASAN parameters).
> +# Instead of ifdef-checking the compiler, rely on cc-option.
> +CFLAGS_KASAN := $(call cc-option, -fsanitize=kernel-address \
> + -fasan-shadow-offset=$(KASAN_SHADOW_OFFSET), \
> + $(call cc-option, -fsanitize=kernel-address \
> + -mllvm -asan-mapping-offset=$(KASAN_SHADOW_OFFSET)))
> +
> +# Now, add other parameters enabled similarly in both GCC and Clang.
> +# As some of them are not supported by older compilers, use cc-param.
> +CFLAGS_KASAN += $(call cc-param,asan-instrumentation-with-call-threshold=$(call_threshold)) \
> + $(call cc-param,asan-stack=$(stack_enable)) \
> + $(call cc-param,asan-instrument-allocas=1) \
> + $(call cc-param,asan-globals=1)
>
> # Instrument memcpy/memset/memmove calls by using instrumented __asan_mem*()
> # instead. With compilers that don't support this option, compiler-inserted
> @@ -57,9 +58,9 @@ endif # CONFIG_KASAN_GENERIC
> ifdef CONFIG_KASAN_SW_TAGS
>
> ifdef CONFIG_KASAN_INLINE
> - instrumentation_flags := $(call cc-param,hwasan-mapping-offset=$(KASAN_SHADOW_OFFSET))
> + instrumentation_flags := $(call cc-param,hwasan-mapping-offset=$(KASAN_SHADOW_OFFSET))
> else
> - instrumentation_flags := $(call cc-param,hwasan-instrument-with-calls=1)
> + instrumentation_flags := $(call cc-param,hwasan-instrument-with-calls=1)
> endif
>
> CFLAGS_KASAN := -fsanitize=kernel-hwaddress \
> @@ -70,7 +71,7 @@ CFLAGS_KASAN := -fsanitize=kernel-hwaddress \
>
> # Instrument memcpy/memset/memmove calls by using instrumented __hwasan_mem*().
> ifeq ($(call clang-min-version, 150000)$(call gcc-min-version, 130000),y)
> -CFLAGS_KASAN += $(call cc-param,hwasan-kernel-mem-intrinsic-prefix=1)
> + CFLAGS_KASAN += $(call cc-param,hwasan-kernel-mem-intrinsic-prefix=1)
> endif
>
> endif # CONFIG_KASAN_SW_TAGS
> --
> 2.25.1
>