lib: Add ASan support to romstage on x86 arch

This patch adds ASan support to romstage on x86 architecture. A Kconfig option is added to enable ASan in romstage. Compiler flags are updated. A memory space representing the shadow region is reserved in linker section. And a function call to asan_init() is added to initialize shadow region when romstage loads. Change-Id: I67ebfb5e8d602e865b1f5c874860861ae4e54381 Signed-off-by: Harshit Sharma <harshitsharmajs@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43604 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2020-07-20 00:21:05 -07:00
parent 9c88fb8df0
commit a6ebe08333
6 changed files with 66 additions and 10 deletions
--- a/src/lib/Makefile.inc
+++ b/src/lib/Makefile.inc
@@ -7,16 +7,24 @@ ramstage-y += ubsan.c
 CFLAGS_ramstage += -fsanitize=undefined
 endif

-ifeq ($(CONFIG_ASAN_IN_RAMSTAGE),y)
-ramstage-y += asan.c
 # Ensure that asan_shadow_offset_callback patch is applied to GCC before ASan is used.
 CFLAGS_asan += -fsanitize=kernel-address --param asan-use-shadow-offset-callback=1 \
-		--param asan-stack=1 --param asan-globals=1 \
+		--param asan-stack=1 -fsanitize-address-use-after-scope \
 		--param asan-instrumentation-with-call-threshold=0 \
-		-fsanitize-address-use-after-scope \
 		--param use-after-scope-direct-emission-threshold=0
-CFLAGS_ramstage += $(CFLAGS_asan)
+
+ifeq ($(CONFIG_ASAN_IN_ROMSTAGE),y)
+romstage-y += asan.c
+CFLAGS_asan += --param asan-globals=0
+CFLAGS_romstage += $(CFLAGS_asan)
 # Allow memory access without __asan_load and __asan_store checks.
+$(obj)/romstage/lib/asan.o: CFLAGS_asan =
+endif
+
+ifeq ($(CONFIG_ASAN_IN_RAMSTAGE),y)
+ramstage-y += asan.c
+CFLAGS_asan += --param asan-globals=1
+CFLAGS_ramstage += $(CFLAGS_asan)
 $(obj)/ramstage/lib/asan.o: CFLAGS_asan =
 endif