Add UBSAN support and handlers
This patch adds support for the Undefined Behaviour sanitizer. There are
two types of support offered - minimalistic trapping support which
essentially immediately crashes on undefined behaviour and full support
with full debug messages.
The full support relies on ubsan.c which has been adapted from code used
by OPTEE.
Change-Id: I417c810f4fc43dcb56db6a6a555bfd0b38440727
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
diff --git a/Makefile b/Makefile
index 43ff8d2..043e751 100644
--- a/Makefile
+++ b/Makefile
@@ -278,6 +278,14 @@
-ffreestanding -fno-builtin -Wall -std=gnu99 \
-Os -ffunction-sections -fdata-sections
+ifeq (${SANITIZE_UB},on)
+TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover
+endif
+ifeq (${SANITIZE_UB},trap)
+TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover \
+ -fsanitize-undefined-trap-on-error
+endif
+
GCC_V_OUTPUT := $(shell $(CC) -v 2>&1)
ifneq ($(findstring armlink,$(notdir $(LD))),)
@@ -313,6 +321,10 @@
BL_COMMON_SOURCES += lib/${ARCH}/armclang_printf.S
endif
+ifeq (${SANITIZE_UB},on)
+BL_COMMON_SOURCES += plat/common/ubsan.c
+endif
+
INCLUDES += -Iinclude \
-Iinclude/arch/${ARCH} \
-Iinclude/lib/cpus/${ARCH} \
@@ -673,6 +685,10 @@
$(eval $(call assert_numeric,ARM_ARCH_MINOR))
$(eval $(call assert_numeric,BRANCH_PROTECTION))
+ifeq ($(filter $(SANITIZE_UB), on off trap),)
+ $(error "Invalid value for SANITIZE_UB: can be one of on, off, trap")
+endif
+
################################################################################
# Add definitions to the cpp preprocessor based on the current build options.
# This is done after including the platform specific makefile to allow the
@@ -724,6 +740,10 @@
$(eval $(call add_define,BL2_AT_EL3))
$(eval $(call add_define,BL2_IN_XIP_MEM))
+ifeq (${SANITIZE_UB},trap)
+ $(eval $(call add_define,MONITOR_TRAPS))
+endif
+
# Define the EL3_PAYLOAD_BASE flag only if it is provided.
ifdef EL3_PAYLOAD_BASE
$(eval $(call add_define,EL3_PAYLOAD_BASE))