platform_build_soong/rust/sanitize.go

323 lines
9.0 KiB
Go

// Copyright 2020 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package rust
import (
"android/soong/android"
"android/soong/cc"
"android/soong/rust/config"
"fmt"
"github.com/google/blueprint"
)
type SanitizeProperties struct {
// enable AddressSanitizer, HWAddressSanitizer, and others.
Sanitize struct {
Address *bool `android:"arch_variant"`
Hwaddress *bool `android:"arch_variant"`
Fuzzer *bool `android:"arch_variant"`
Never *bool `android:"arch_variant"`
}
SanitizerEnabled bool `blueprint:"mutated"`
SanitizeDep bool `blueprint:"mutated"`
// Used when we need to place libraries in their own directory, such as ASAN.
InSanitizerDir bool `blueprint:"mutated"`
}
var fuzzerFlags = []string{
"-C passes='sancov'",
"--cfg fuzzing",
"-C llvm-args=-sanitizer-coverage-level=3",
"-C llvm-args=-sanitizer-coverage-trace-compares",
"-C llvm-args=-sanitizer-coverage-inline-8bit-counters",
"-C llvm-args=-sanitizer-coverage-trace-geps",
"-C llvm-args=-sanitizer-coverage-prune-blocks=0",
// Sancov breaks with lto
// TODO: Remove when https://bugs.llvm.org/show_bug.cgi?id=41734 is resolved and sancov works with LTO
"-C lto=no",
}
var asanFlags = []string{
"-Z sanitizer=address",
}
var hwasanFlags = []string{
"-Z sanitizer=hwaddress",
"-C target-feature=+tagged-globals",
}
func boolPtr(v bool) *bool {
if v {
return &v
} else {
return nil
}
}
func init() {
}
func (sanitize *sanitize) props() []interface{} {
return []interface{}{&sanitize.Properties}
}
func (sanitize *sanitize) begin(ctx BaseModuleContext) {
s := sanitize.Properties.Sanitize
// TODO:(b/178369775)
// For now sanitizing is only supported on devices
if ctx.Os() == android.Android && Bool(s.Fuzzer) {
sanitize.Properties.SanitizerEnabled = true
}
if ctx.Os() == android.Android && Bool(s.Address) {
sanitize.Properties.SanitizerEnabled = true
}
// HWASan requires AArch64 hardware feature (top-byte-ignore).
if ctx.Arch().ArchType != android.Arm64 {
s.Hwaddress = nil
}
if ctx.Os() == android.Android && Bool(s.Hwaddress) {
sanitize.Properties.SanitizerEnabled = true
}
}
type sanitize struct {
Properties SanitizeProperties
}
func (sanitize *sanitize) flags(ctx ModuleContext, flags Flags, deps PathDeps) (Flags, PathDeps) {
if !sanitize.Properties.SanitizerEnabled {
return flags, deps
}
if Bool(sanitize.Properties.Sanitize.Fuzzer) {
flags.RustFlags = append(flags.RustFlags, fuzzerFlags...)
if ctx.Arch().ArchType == android.Arm64 {
flags.RustFlags = append(flags.RustFlags, hwasanFlags...)
} else {
flags.RustFlags = append(flags.RustFlags, asanFlags...)
}
}
if Bool(sanitize.Properties.Sanitize.Address) {
flags.RustFlags = append(flags.RustFlags, asanFlags...)
}
if Bool(sanitize.Properties.Sanitize.Hwaddress) {
flags.RustFlags = append(flags.RustFlags, hwasanFlags...)
}
return flags, deps
}
func (sanitize *sanitize) deps(ctx BaseModuleContext, deps Deps) Deps {
return deps
}
func rustSanitizerRuntimeMutator(mctx android.BottomUpMutatorContext) {
if mod, ok := mctx.Module().(*Module); ok && mod.sanitize != nil {
if !mod.Enabled() {
return
}
variations := mctx.Target().Variations()
var depTag blueprint.DependencyTag
var deps []string
if mod.IsSanitizerEnabled(cc.Asan) ||
(mod.IsSanitizerEnabled(cc.Fuzzer) && mctx.Arch().ArchType != android.Arm64) {
variations = append(variations,
blueprint.Variation{Mutator: "link", Variation: "shared"})
depTag = cc.SharedDepTag()
deps = []string{config.LibclangRuntimeLibrary(mod.toolchain(mctx), "asan")}
} else if mod.IsSanitizerEnabled(cc.Hwasan) ||
(mod.IsSanitizerEnabled(cc.Fuzzer) && mctx.Arch().ArchType == android.Arm64) {
// TODO(b/180495975): HWASan for static Rust binaries isn't supported yet.
if binary, ok := mod.compiler.(*binaryDecorator); ok {
if Bool(binary.Properties.Static_executable) {
mctx.ModuleErrorf("HWASan is not supported for static Rust executables yet.")
}
}
if mod.StaticallyLinked() {
variations = append(variations,
blueprint.Variation{Mutator: "link", Variation: "static"})
depTag = cc.StaticDepTag(false)
deps = []string{config.LibclangRuntimeLibrary(mod.toolchain(mctx), "hwasan_static")}
} else {
variations = append(variations,
blueprint.Variation{Mutator: "link", Variation: "shared"})
depTag = cc.SharedDepTag()
deps = []string{config.LibclangRuntimeLibrary(mod.toolchain(mctx), "hwasan")}
}
}
mctx.AddFarVariationDependencies(variations, depTag, deps...)
}
}
func (sanitize *sanitize) SetSanitizer(t cc.SanitizerType, b bool) {
sanitizerSet := false
switch t {
case cc.Fuzzer:
sanitize.Properties.Sanitize.Fuzzer = boolPtr(b)
sanitizerSet = true
case cc.Asan:
sanitize.Properties.Sanitize.Address = boolPtr(b)
sanitizerSet = true
case cc.Hwasan:
sanitize.Properties.Sanitize.Hwaddress = boolPtr(b)
sanitizerSet = true
default:
panic(fmt.Errorf("setting unsupported sanitizerType %d", t))
}
if b && sanitizerSet {
sanitize.Properties.SanitizerEnabled = true
}
}
// Check if the sanitizer is explicitly disabled (as opposed to nil by
// virtue of not being set).
func (sanitize *sanitize) isSanitizerExplicitlyDisabled(t cc.SanitizerType) bool {
if sanitize == nil {
return false
}
if Bool(sanitize.Properties.Sanitize.Never) {
return true
}
sanitizerVal := sanitize.getSanitizerBoolPtr(t)
return sanitizerVal != nil && *sanitizerVal == false
}
// There isn't an analog of the method above (ie:isSanitizerExplicitlyEnabled)
// because enabling a sanitizer either directly (via the blueprint) or
// indirectly (via a mutator) sets the bool ptr to true, and you can't
// distinguish between the cases. It isn't needed though - both cases can be
// treated identically.
func (sanitize *sanitize) isSanitizerEnabled(t cc.SanitizerType) bool {
if sanitize == nil || !sanitize.Properties.SanitizerEnabled {
return false
}
sanitizerVal := sanitize.getSanitizerBoolPtr(t)
return sanitizerVal != nil && *sanitizerVal == true
}
func (sanitize *sanitize) getSanitizerBoolPtr(t cc.SanitizerType) *bool {
switch t {
case cc.Fuzzer:
return sanitize.Properties.Sanitize.Fuzzer
case cc.Asan:
return sanitize.Properties.Sanitize.Address
case cc.Hwasan:
return sanitize.Properties.Sanitize.Hwaddress
default:
return nil
}
}
func (sanitize *sanitize) AndroidMk(ctx AndroidMkContext, entries *android.AndroidMkEntries) {
// Add a suffix for hwasan rlib libraries to allow surfacing both the sanitized and
// non-sanitized variants to make without a name conflict.
if entries.Class == "RLIB_LIBRARIES" || entries.Class == "STATIC_LIBRARIES" {
if sanitize.isSanitizerEnabled(cc.Hwasan) {
entries.SubName += ".hwasan"
}
}
}
func (mod *Module) SanitizerSupported(t cc.SanitizerType) bool {
if mod.Host() {
return false
}
switch t {
case cc.Fuzzer:
return true
case cc.Asan:
return true
case cc.Hwasan:
return true
default:
return false
}
}
func (mod *Module) IsSanitizerEnabled(t cc.SanitizerType) bool {
return mod.sanitize.isSanitizerEnabled(t)
}
func (mod *Module) IsSanitizerExplicitlyDisabled(t cc.SanitizerType) bool {
if mod.Host() {
return true
}
// TODO(b/178365482): Rust/CC interop doesn't work just yet; don't sanitize rust_ffi modules until
// linkage issues are resolved.
if lib, ok := mod.compiler.(libraryInterface); ok {
if lib.shared() || lib.static() {
return true
}
}
return mod.sanitize.isSanitizerExplicitlyDisabled(t)
}
func (mod *Module) SanitizeDep() bool {
return mod.sanitize.Properties.SanitizeDep
}
func (mod *Module) SetSanitizer(t cc.SanitizerType, b bool) {
if !Bool(mod.sanitize.Properties.Sanitize.Never) {
mod.sanitize.SetSanitizer(t, b)
}
}
func (mod *Module) SetSanitizeDep(b bool) {
mod.sanitize.Properties.SanitizeDep = b
}
func (mod *Module) StaticallyLinked() bool {
if lib, ok := mod.compiler.(libraryInterface); ok {
return lib.rlib() || lib.static()
} else if binary, ok := mod.compiler.(*binaryDecorator); ok {
return Bool(binary.Properties.Static_executable)
}
return false
}
func (mod *Module) SetInSanitizerDir() {
mod.sanitize.Properties.InSanitizerDir = true
}
func (mod *Module) SanitizeNever() bool {
return Bool(mod.sanitize.Properties.Sanitize.Never)
}
var _ cc.PlatformSanitizeable = (*Module)(nil)
func IsSanitizableDependencyTag(tag blueprint.DependencyTag) bool {
switch t := tag.(type) {
case dependencyTag:
return t.library
default:
return cc.IsSanitizableDependencyTag(tag)
}
}
func (m *Module) SanitizableDepTagChecker() cc.SantizableDependencyTagChecker {
return IsSanitizableDependencyTag
}