From patchwork Mon May 28 09:22:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahiro Yamada X-Patchwork-Id: 137050 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp2593253lji; Mon, 28 May 2018 02:26:15 -0700 (PDT) X-Google-Smtp-Source: AB8JxZq2MtV/nucaIYmYnJ5eJz6goY8vfU2PpLr4s1Rysm/mSHuBvftXDNB51Tf2daRH/fQsLE9Z X-Received: by 2002:a62:3b5d:: with SMTP id i90-v6mr12602363pfa.24.1527499575644; Mon, 28 May 2018 02:26:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527499575; cv=none; d=google.com; s=arc-20160816; b=OLRO2wB2jjLo0UHYb+G9hZ0WyDDPQ+ERnUQxEUYy4qIGPCdFvwwFoJXKIQfjcNmhxJ 7jB8PO4QCcjvg0Ks+PyamLvKNdnz4UlqHblTVTqEG4LMSO21Q2I5bIMEE33oX7/jWGu+ 6wPnVBJ8ut9Sd4YkjT++cQWVptEVD35FeWBxBcFT8UoSdfZJoA8nvzEQACCX8DK3CP1Z 6fobNupvDKtZ7rlc/HgAXs+JlsqH5rWdE5FArdG0M8euqN4DbfVtxlddpl847OZcQ0n+ 4ntMb1MLkC+CKfgtnbxnIP2xeeMInILDkfWgJ/LLuUQhJduHiyjkXxeUxgs2RstIZzRA Us6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:dkim-filter :arc-authentication-results; bh=OPJmIjNNla4WZnf4QzbMQRQHdJ5YNsNSuOB1/RvnfEA=; b=xptkNx0RKbQeaUTXN7cHFEvFduJSzNstszx8f9Tj/xA56l0KzRCb0BMWYup6QZe9wk gqhD2vSpKOCjEGVEfi0C5ewbskFfZ9Tk9mCPtp51k7lvtYy2u5zfZsCNWLApHE0V2GW0 ix3Peq2uJRw7nM2PicALA/mh/MHNP/46HGkVHeBdW4xtltX14AqNm/cqphL5Vnyo6fQG gIcHSkZN7PoSKglql6S6wRteUHDposY4sat1wcg2fSCnrRHWWC39ukWIfZdyH/lv70Fs RSmTpbZKnoUlSlYBybXmjReSlcyWFLRnVHGHhw1T8PjlZ6YCUa3ZShojnb9EION0VTOd aI9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=sZDy1H3P; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b74-v6si4850506pfb.189.2018.05.28.02.26.15; Mon, 28 May 2018 02:26:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=sZDy1H3P; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933925AbeE1J0N (ORCPT + 30 others); Mon, 28 May 2018 05:26:13 -0400 Received: from conuserg-10.nifty.com ([210.131.2.77]:23137 "EHLO conuserg-10.nifty.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933643AbeE1JZI (ORCPT ); Mon, 28 May 2018 05:25:08 -0400 Received: from grover.sesame (FL1-125-199-20-195.osk.mesh.ad.jp [125.199.20.195]) (authenticated) by conuserg-10.nifty.com with ESMTP id w4S9MIni027506; Mon, 28 May 2018 18:22:41 +0900 DKIM-Filter: OpenDKIM Filter v2.10.3 conuserg-10.nifty.com w4S9MIni027506 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nifty.com; s=dec2015msa; t=1527499361; bh=OPJmIjNNla4WZnf4QzbMQRQHdJ5YNsNSuOB1/RvnfEA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=sZDy1H3PrcE2RxWtc6E1Utf2mxJghVbQSf6wloiv+p4WOvDY0wQ0Fo8BCHT1YGVlb wVS/UCD0pMure0nYw7zmiLlEC/9aw02ML4MgbSKd4aj6nh/NPHJ7b/iqBWV0gtkDB5 sXCEjERP5dT4nJ9HORO0bQKcRs5H90rwsKsrxDfDKLtwWtklrXzefmLg3QH/b7ItJJ mapM2jKUq/jQMTgVTyx4ENZFRRq2odiZpv3n27G95UvxpqKafPQ3XzzHWbKHa7/Kcf rkyKo/IDxsFLomPLHzdYnF4Ti5Jr24ZsVibDlZv47znimRNyNeNfOXE0tLYmvO8YpJ 8RQNaqDIH4LBQ== X-Nifty-SrcIP: [125.199.20.195] From: Masahiro Yamada To: linux-kbuild@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Kees Cook , Nicholas Piggin , "Luis R . Rodriguez" , Randy Dunlap , Ulf Magnusson , Sam Ravnborg , Linus Torvalds , Masahiro Yamada Subject: [PATCH v5 27/31] kcov: test compiler capability in Kconfig and correct dependency Date: Mon, 28 May 2018 18:22:04 +0900 Message-Id: <1527499328-13213-28-git-send-email-yamada.masahiro@socionext.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1527499328-13213-1-git-send-email-yamada.masahiro@socionext.com> References: <1527499328-13213-1-git-send-email-yamada.masahiro@socionext.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org As Documentation/kbuild/kconfig-language.txt notes, 'select' should be be used with care - it forces a lower limit of another symbol, ignoring the dependency. Currently, KCOV can select GCC_PLUGINS even if arch does not select HAVE_GCC_PLUGINS. This could cause the unmet direct dependency. Now that Kconfig can test compiler capability, let's handle this in a more sophisticated way. There are two ways to enable KCOV; use the compiler that natively supports -fsanitize-coverage=trace-pc, or build the SANCOV plugin if the compiler has ability to build GCC plugins. Hence, the correct dependency for KCOV is: depends on CC_HAS_SANCOV_TRACE_PC || GCC_PLUGINS You do not need to build the SANCOV plugin if the compiler already supports -fsanitize-coverage=trace-pc. Hence, the select should be: select GCC_PLUGIN_SANCOV if !CC_HAS_SANCOV_TRACE_PC With this, GCC_PLUGIN_SANCOV is selected only when necessary, so scripts/Makefile.gcc-plugins can be cleaner. I also cleaned up Kconfig and scripts/Makefile.kcov as well. Signed-off-by: Masahiro Yamada Reviewed-by: Kees Cook --- Changes in v5: None Changes in v4: None Changes in v3: - Replace the previous 'select -> imply' patch with a new approach Changes in v2: - Drop depends on GCC_VERSION Makefile | 2 +- lib/Kconfig.debug | 11 +++++++---- scripts/Makefile.gcc-plugins | 6 +----- scripts/Makefile.kcov | 10 ++++++---- 4 files changed, 15 insertions(+), 14 deletions(-) -- 2.7.4 diff --git a/Makefile b/Makefile index 80e0800..4b5a17a 100644 --- a/Makefile +++ b/Makefile @@ -626,7 +626,7 @@ all: vmlinux CFLAGS_GCOV := -fprofile-arcs -ftest-coverage \ $(call cc-option,-fno-tree-loop-im) \ $(call cc-disable-warning,maybe-uninitialized,) -export CFLAGS_GCOV CFLAGS_KCOV +export CFLAGS_GCOV # The arch Makefile can set ARCH_{CPP,A,C}FLAGS to override the default # values of the respective KBUILD_* variables diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index c40c7b7..b76cab2 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -736,12 +736,15 @@ config ARCH_HAS_KCOV only for x86_64. KCOV requires testing on other archs, and most likely disabling of instrumentation for some early boot code. +config CC_HAS_SANCOV_TRACE_PC + def_bool $(cc-option,-fsanitize-coverage=trace-pc) + config KCOV bool "Code coverage for fuzzing" depends on ARCH_HAS_KCOV + depends on CC_HAS_SANCOV_TRACE_PC || GCC_PLUGINS select DEBUG_FS - select GCC_PLUGINS if !COMPILE_TEST - select GCC_PLUGIN_SANCOV if !COMPILE_TEST + select GCC_PLUGIN_SANCOV if !CC_HAS_SANCOV_TRACE_PC help KCOV exposes kernel code coverage information in a form suitable for coverage-guided fuzzing (randomized testing). @@ -755,7 +758,7 @@ config KCOV config KCOV_ENABLE_COMPARISONS bool "Enable comparison operands collection by KCOV" depends on KCOV - default n + depends on $(cc-option,-fsanitize-coverage=trace-cmp) help KCOV also exposes operands of every comparison in the instrumented code along with operand sizes and PCs of the comparison instructions. @@ -765,7 +768,7 @@ config KCOV_ENABLE_COMPARISONS config KCOV_INSTRUMENT_ALL bool "Instrument all code by default" depends on KCOV - default y if KCOV + default y help If you are doing generic system call fuzzing (like e.g. syzkaller), then you will want to instrument the whole kernel and you should diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins index 7f5c862..0ce3802 100644 --- a/scripts/Makefile.gcc-plugins +++ b/scripts/Makefile.gcc-plugins @@ -14,16 +14,12 @@ ifdef CONFIG_GCC_PLUGINS endif ifdef CONFIG_GCC_PLUGIN_SANCOV - ifeq ($(strip $(CFLAGS_KCOV)),) # It is needed because of the gcc-plugin.sh and gcc version checks. gcc-plugin-$(CONFIG_GCC_PLUGIN_SANCOV) += sancov_plugin.so - ifneq ($(PLUGINCC),) - CFLAGS_KCOV := $(SANCOV_PLUGIN) - else + ifeq ($(PLUGINCC),) $(warning warning: cannot use CONFIG_KCOV: -fsanitize-coverage=trace-pc is not supported by compiler) endif - endif endif gcc-plugin-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += structleak_plugin.so diff --git a/scripts/Makefile.kcov b/scripts/Makefile.kcov index 5cc7203..d71ba73 100644 --- a/scripts/Makefile.kcov +++ b/scripts/Makefile.kcov @@ -1,7 +1,9 @@ ifdef CONFIG_KCOV -CFLAGS_KCOV := $(call cc-option,-fsanitize-coverage=trace-pc,) -ifeq ($(CONFIG_KCOV_ENABLE_COMPARISONS),y) -CFLAGS_KCOV += $(call cc-option,-fsanitize-coverage=trace-cmp,) -endif + +kcov-flags-$(CONFIG_CC_HAS_SANCOV_TRACE_PC) += -fsanitize-coverage=trace-pc +kcov-flags-$(CONFIG_KCOV_ENABLE_COMPARISONS) += -fsanitize-coverage=trace-cmp +kcov-flags-$(CONFIG_GCC_PLUGIN_SANKOV) += -fplugin=$(objtree)/scripts/gcc-plugins/sancov_plugin.so + +export CFLAGS_KCOV := $(kcov-flags-y) endif