xref: /linux/scripts/Makefile.kasan (revision 4fc4187984e5dbd7ad63c3acf0b228fa9bf298d3) 
1# SPDX-License-Identifier: GPL-2.0
2
3ifdef CONFIG_CC_HAS_KASAN_MEMINTRINSIC_PREFIX
4# Safe for compiler to generate meminstrinsic calls in uninstrumented files.
5CFLAGS_KASAN_NOSANITIZE :=
6else
7# Don't let compiler generate memintrinsic calls in uninstrumented files
8# because they are instrumented.
9CFLAGS_KASAN_NOSANITIZE := -fno-builtin
10endif
11
12KASAN_SHADOW_OFFSET ?= $(CONFIG_KASAN_SHADOW_OFFSET)
13
14cc-param = $(call cc-option, -mllvm -$(1), $(call cc-option, --param $(1)))
15
16ifdef CONFIG_KASAN_STACK
17	stack_enable := 1
18else
19	stack_enable := 0
20endif
21
22ifdef CONFIG_KASAN_GENERIC
23
24ifdef CONFIG_KASAN_INLINE
25	# When the number of memory accesses in a function is less than this
26	# call threshold number, the compiler will use inline instrumentation.
27	# 10000 is chosen offhand as a sufficiently large number to make all
28	# kernel functions to be instrumented inline.
29	call_threshold := 10000
30else
31	call_threshold := 0
32endif
33
34# First, enable -fsanitize=kernel-address together with providing the shadow
35# mapping offset, as for GCC, -fasan-shadow-offset fails without -fsanitize
36# (GCC accepts the shadow mapping offset via -fasan-shadow-offset instead of
37# a --param like the other KASAN parameters).
38# Instead of ifdef-checking the compiler, rely on cc-option.
39CFLAGS_KASAN := $(call cc-option, -fsanitize=kernel-address \
40		-fasan-shadow-offset=$(KASAN_SHADOW_OFFSET), \
41		$(call cc-option, -fsanitize=kernel-address \
42		-mllvm -asan-mapping-offset=$(KASAN_SHADOW_OFFSET)))
43
44# Now, add other parameters enabled similarly in both GCC and Clang.
45# As some of them are not supported by older compilers, use cc-param.
46CFLAGS_KASAN += $(call cc-param,asan-instrumentation-with-call-threshold=$(call_threshold)) \
47		$(call cc-param,asan-stack=$(stack_enable)) \
48		$(call cc-param,asan-instrument-allocas=1) \
49		$(call cc-param,asan-globals=1)
50
51# Instrument memcpy/memset/memmove calls by using instrumented __asan_mem*()
52# instead. With compilers that don't support this option, compiler-inserted
53# memintrinsics won't be checked by KASAN on GENERIC_ENTRY architectures.
54CFLAGS_KASAN += $(call cc-param,asan-kernel-mem-intrinsic-prefix=1)
55
56endif # CONFIG_KASAN_GENERIC
57
58ifdef CONFIG_KASAN_SW_TAGS
59
60ifdef CONFIG_KASAN_INLINE
61	instrumentation_flags := $(call cc-param,hwasan-mapping-offset=$(KASAN_SHADOW_OFFSET))
62else
63	instrumentation_flags := $(call cc-param,hwasan-instrument-with-calls=1)
64endif
65
66CFLAGS_KASAN := -fsanitize=kernel-hwaddress \
67		$(call cc-param,hwasan-instrument-stack=$(stack_enable)) \
68		$(call cc-param,hwasan-use-short-granules=0) \
69		$(call cc-param,hwasan-inline-all-checks=0) \
70		$(instrumentation_flags)
71
72# Instrument memcpy/memset/memmove calls by using instrumented __hwasan_mem*().
73ifeq ($(call clang-min-version, 150000)$(call gcc-min-version, 130000),y)
74	CFLAGS_KASAN += $(call cc-param,hwasan-kernel-mem-intrinsic-prefix=1)
75endif
76
77endif # CONFIG_KASAN_SW_TAGS
78
79export CFLAGS_KASAN CFLAGS_KASAN_NOSANITIZE
80