From patchwork Thu May 17 06:17:06 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahiro Yamada X-Patchwork-Id: 136091 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1877608lji; Wed, 16 May 2018 23:19:35 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrwa0htIKFnXHROL0JGmvMGAoh6Q3JbORMA0kO7OabYKgIPaIlRbaM9w96OMALb1xSPiRBS X-Received: by 2002:a62:c103:: with SMTP id i3-v6mr3988390pfg.148.1526537975768; Wed, 16 May 2018 23:19:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526537975; cv=none; d=google.com; s=arc-20160816; b=g/Byh3Hcs0vf70R95/hAjYFkXo7+/1YCsrmah7zWwkMUIfaUF91CYDlYFRq9AX+YkS JDb21Ia6wlSSaEUu1m6FMYmH7r26OErLImQpcOX72gBR8VVC80/yQRhgWr2TL0neF31J 0embD9L/wUo3txKGW30gxZOVy9972Opryj5W108xObVE+gwCvdYDH6B9yWduCbQQNiDe Riy8nCuV1XIb9kvzb2zccCCD8eUrMdBREHnqX0ZDTeuDgpTGWWPEFR01eVEb9ZhQr9Fc 8ggyi4H80y8zl2r0uNGzkCXWcq4vAlCNC8t4FnF5G/qEFDB2TIPrzJXA+8DFswnUyuY8 0QYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:dkim-filter :arc-authentication-results; bh=7pABYw1WB6Eb6gh2Lj5g9j7I8sOuxtbCdlbgkCPCzx4=; b=mufEonGLmkTR7Uixl1Ea33ikhh+WWjZiYsdWxbewAlCAf+z4EViprRHKUc6Ccv4ye9 4g5JgOmVTByWe+8q2chITc0zXStMEf9r2/oYIuw+xxRiysMXYczZjC6hIt6qIfy6N9MY 3NUMDI2q3vAo+ryTBBEZ89Y8ym+DLWCnv7N0dMR8tOY78zhDvQPhgEhhKbnksO66741Y L1tx5DJjCBYR1PhyoOFojU+MEZ/zatOEAi/tnltZpNTqDzpVBl6WFpJ95qNdFp9j1AUp HkGyp2LhxRus25KyyZjZM2XPw357kVjWqIR4TwXOXvpdtRgKcvTQ8BrWQlsaDzy9rJTn 0sCQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=1oSSsjAS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g11-v6si4561765pfk.187.2018.05.16.23.19.35; Wed, 16 May 2018 23:19:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=1oSSsjAS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752226AbeEQGTV (ORCPT + 29 others); Thu, 17 May 2018 02:19:21 -0400 Received: from conuserg-10.nifty.com ([210.131.2.77]:24992 "EHLO conuserg-10.nifty.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750825AbeEQGTQ (ORCPT ); Thu, 17 May 2018 02:19:16 -0400 Received: from pug.e01.socionext.com (p14092-ipngnfx01kyoto.kyoto.ocn.ne.jp [153.142.97.92]) (authenticated) by conuserg-10.nifty.com with ESMTP id w4H6HbUP002841; Thu, 17 May 2018 15:18:04 +0900 DKIM-Filter: OpenDKIM Filter v2.10.3 conuserg-10.nifty.com w4H6HbUP002841 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nifty.com; s=dec2015msa; t=1526537885; bh=7pABYw1WB6Eb6gh2Lj5g9j7I8sOuxtbCdlbgkCPCzx4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=1oSSsjAShI+FWyjrWF8sV4YJbe3V7GWXy1HcVJiRmCNrl6cGwJst1lYd+2LlDfn/U piZ+YJWYMBOyN48Hhc2Lx02JQTNzXSX14GwA7q7jyjq8wG/nfLswpmj7soJaQtNW1k jekdFX5dz5B3FMxiDndwxVR6JRrJq1v1idELTHoJRKpZBYF+JERlaM0iB3V0Jm2GH/ RB5tD5Y0+/bgQBSVHT42qXjkb9pDzMt+WkzS4feQ4Rxbd4tVvNCY35RLQIcaYvCSrv L02YXC45eCpX/dyQyySG2cX8CZSTYGTVK3fm1LLy59J4ds5u1KvuQkEmc4SljAUvFZ mxbIBPkh1cj2w== X-Nifty-SrcIP: [153.142.97.92] From: Masahiro Yamada To: linux-kbuild@vger.kernel.org Cc: Linus Torvalds , Sam Ravnborg , Ulf Magnusson , "Luis R . Rodriguez" , linux-kernel@vger.kernel.org, Nicholas Piggin , Kees Cook , Emese Revfy , x86@kernel.org, Masahiro Yamada Subject: [PATCH v4 27/31] kcov: test compiler capability in Kconfig and correct dependency Date: Thu, 17 May 2018 15:17:06 +0900 Message-Id: <1526537830-22606-28-git-send-email-yamada.masahiro@socionext.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1526537830-22606-1-git-send-email-yamada.masahiro@socionext.com> References: <1526537830-22606-1-git-send-email-yamada.masahiro@socionext.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org As Documentation/kbuild/kconfig-language.txt notes, 'select' should be be used with care - it forces a lower limit of another symbol, ignoring the dependency. Currently, KCOV can select GCC_PLUGINS even if arch does not select HAVE_GCC_PLUGINS. This could cause the unmet direct dependency. Now that Kconfig can test compiler capability, let's handle this in a more sophisticated way. There are two ways to enable KCOV; use the compiler that natively supports -fsanitize-coverage=trace-pc, or build the SANCOV plugin if the compiler has ability to build GCC plugins. Hence, the correct dependency for KCOV is: depends on CC_HAS_SANCOV_TRACE_PC || GCC_PLUGINS You do not need to build the SANCOV plugin if the compiler already supports -fsanitize-coverage=trace-pc. Hence, the select should be: select GCC_PLUGIN_SANCOV if !CC_HAS_SANCOV_TRACE_PC With this, GCC_PLUGIN_SANCOV is selected only when necessary, so scripts/Makefile.gcc-plugins can be cleaner. I also cleaned up Kconfig and scripts/Makefile.kcov as well. Signed-off-by: Masahiro Yamada --- Changes in v4: None Changes in v3: - Replace the previous 'select -> imply' patch with a new approach Changes in v2: - Drop depends on GCC_VERSION Makefile | 2 +- lib/Kconfig.debug | 11 +++++++---- scripts/Makefile.gcc-plugins | 6 +----- scripts/Makefile.kcov | 10 ++++++---- 4 files changed, 15 insertions(+), 14 deletions(-) -- 2.7.4 Reviewed-by: Kees Cook diff --git a/Makefile b/Makefile index 12c222d..b5c1301 100644 --- a/Makefile +++ b/Makefile @@ -623,7 +623,7 @@ all: vmlinux KBUILD_CFLAGS += $(call cc-option,-fno-PIE) KBUILD_AFLAGS += $(call cc-option,-fno-PIE) CFLAGS_GCOV := -fprofile-arcs -ftest-coverage -fno-tree-loop-im $(call cc-disable-warning,maybe-uninitialized,) -export CFLAGS_GCOV CFLAGS_KCOV +export CFLAGS_GCOV # The arch Makefile can set ARCH_{CPP,A,C}FLAGS to override the default # values of the respective KBUILD_* variables diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index c40c7b7..bba2298 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -736,12 +736,15 @@ config ARCH_HAS_KCOV only for x86_64. KCOV requires testing on other archs, and most likely disabling of instrumentation for some early boot code. +config CC_HAS_SANCOV_TRACE_PC + def_bool $(cc-option, -fsanitize-coverage=trace-pc) + config KCOV bool "Code coverage for fuzzing" depends on ARCH_HAS_KCOV + depends on CC_HAS_SANCOV_TRACE_PC || GCC_PLUGINS select DEBUG_FS - select GCC_PLUGINS if !COMPILE_TEST - select GCC_PLUGIN_SANCOV if !COMPILE_TEST + select GCC_PLUGIN_SANCOV if !CC_HAS_SANCOV_TRACE_PC help KCOV exposes kernel code coverage information in a form suitable for coverage-guided fuzzing (randomized testing). @@ -755,7 +758,7 @@ config KCOV config KCOV_ENABLE_COMPARISONS bool "Enable comparison operands collection by KCOV" depends on KCOV - default n + depends on $(cc-option, -fsanitize-coverage=trace-cmp) help KCOV also exposes operands of every comparison in the instrumented code along with operand sizes and PCs of the comparison instructions. @@ -765,7 +768,7 @@ config KCOV_ENABLE_COMPARISONS config KCOV_INSTRUMENT_ALL bool "Instrument all code by default" depends on KCOV - default y if KCOV + default y help If you are doing generic system call fuzzing (like e.g. syzkaller), then you will want to instrument the whole kernel and you should diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins index 7f5c862..0ce3802 100644 --- a/scripts/Makefile.gcc-plugins +++ b/scripts/Makefile.gcc-plugins @@ -14,16 +14,12 @@ ifdef CONFIG_GCC_PLUGINS endif ifdef CONFIG_GCC_PLUGIN_SANCOV - ifeq ($(strip $(CFLAGS_KCOV)),) # It is needed because of the gcc-plugin.sh and gcc version checks. gcc-plugin-$(CONFIG_GCC_PLUGIN_SANCOV) += sancov_plugin.so - ifneq ($(PLUGINCC),) - CFLAGS_KCOV := $(SANCOV_PLUGIN) - else + ifeq ($(PLUGINCC),) $(warning warning: cannot use CONFIG_KCOV: -fsanitize-coverage=trace-pc is not supported by compiler) endif - endif endif gcc-plugin-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += structleak_plugin.so diff --git a/scripts/Makefile.kcov b/scripts/Makefile.kcov index 5cc7203..d71ba73 100644 --- a/scripts/Makefile.kcov +++ b/scripts/Makefile.kcov @@ -1,7 +1,9 @@ ifdef CONFIG_KCOV -CFLAGS_KCOV := $(call cc-option,-fsanitize-coverage=trace-pc,) -ifeq ($(CONFIG_KCOV_ENABLE_COMPARISONS),y) -CFLAGS_KCOV += $(call cc-option,-fsanitize-coverage=trace-cmp,) -endif + +kcov-flags-$(CONFIG_CC_HAS_SANCOV_TRACE_PC) += -fsanitize-coverage=trace-pc +kcov-flags-$(CONFIG_KCOV_ENABLE_COMPARISONS) += -fsanitize-coverage=trace-cmp +kcov-flags-$(CONFIG_GCC_PLUGIN_SANKOV) += -fplugin=$(objtree)/scripts/gcc-plugins/sancov_plugin.so + +export CFLAGS_KCOV := $(kcov-flags-y) endif