This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [Patch 0/X] [WIP][RFC][libsanitizer] Introduce HWASAN to GCC

From: Matthew Malcomson <Matthew dot Malcomson at arm dot com>
To: Martin Liška <mliska at suse dot cz>, "gcc-patches at gcc dot gnu dot org" <gcc-patches at gcc dot gnu dot org>
Cc: "dodji at redhat dot com" <dodji at redhat dot com>, nd <nd at arm dot com>, "kcc at google dot com" <kcc at google dot com>, "jakub at redhat dot com" <jakub at redhat dot com>, "dvyukov at google dot com" <dvyukov at google dot com>
Date: Wed, 23 Oct 2019 11:01:15 +0000
Subject: Re: [Patch 0/X] [WIP][RFC][libsanitizer] Introduce HWASAN to GCC
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XVCkrcUZxZPFXuY9CvlJahRCyWDP+LCXhCBs6I17Gxw=; b=OO/0HhJSJetdakK0KQI5aZObMjFV2XfqWN6VD93pGhdiqCFeea69kzAxcjo2H9XkYFj0A7HCcVpHcGtbSJSsronh2HnVoH5e7iTuDDQ2NfDhtuzXrBoZVO0nhzCfQPtD4nVaRiNNuuSWNw8MZaV+tK2PFdLQyVncdQql4S01mNsauJwEEJimbZkHBdbgN5ZkAfxALZeT/Uf2hTzkvuiIVnIRJ45ipbQYOGiqp3D+fvf3zEe65PqYjmHgaB/PO+2AsZjqHNzHpJcg04g1iGnE/9SU/J58sc06MDeaFzBwe9M+d5M0qD9XPDb+lzzpin8m1XDJLZGp1ovHvOrQY+ONRA==
Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Mqq9/k3PQzhSIQnfTFLyo7jlYpUVtMTeTtbWStUc0xMtgeaAWibmVcYVJ2OfxCApNCONtHdUD7awBeQKWhn+MxfI+0cccJ9EmDbE00i6HKvEnPkuEk/BCNloc+WE79Z94iIYPq2CjKPmtKd8ZItrgYsd3aOIazubfTTP3hiwxM+r/B/jQqUsu+4sMxhc8U6HCIcGpe/EorDMnaySszfqhJ912IGpTxadvLnjavCssBb7RvXSC0ixGnCFbdO4/Axzgah2l+rK15D7YzPzTEOqd81Il4rghSRT706IFM0FEUa4M8hSEsH5WFmHd0DUehqZmhrlrQw+93lY56RoTTC2kA==
Original-authentication-results: spf=none (sender IP is ) smtp.mailfrom=Matthew dot Malcomson at arm dot com;
References: <156778058239.16148.17480879484406897649.scripted-patch-series@arm.com> <9f0727e1-1e6b-ae5f-f854-52557afe0a2b@suse.cz>

Hi Martin,

I'm getting close to putting up a patch series that I believe could go 
in before stage1 close.

I currently have to do testing on sanitizing the kernel, and track down 
a bootstrap comparison diff in the code handling shadow-stack cleanup 
during exception unwinding.

I just thought I'd answer these questions below to see if there's 
anything I extra could to do to make reviewing easier.

On 23/09/19 09:02, Martin Liška wrote:
> Hi.
> 
> As mentioned in the next email thread, there are main objectives
> that will help me to make a proper patch review:
> 
> 1) Make first libsanitizer merge from trunk, it will remove the need
>     of the backports that you made. Plus I will be able to apply the
>     patchset on the current master.
Done
> 2) I would exclude the setjmp/longjmp - these should be upstreamed first
>     in libsanitizer.

Will exclude in the patch series, upstreaming under progress 
(https://reviews.llvm.org/D69045)

> 3) I would like to see a two HWASAN options that will clearly separate the
>     2 supported modes: TBI without MTE and MTE. Here I would appreciate to have
>     a compiler farm machine with TBI which we can use for testing.

I went back and looked at clang to see that it uses 
`-fsanitize=hwaddress` and `-fsanitize=memtag`, which are completely 
different options.

I'm now doing the same, with the two sanitizers just using similar code 
paths.

In fact, I'm not going to have the MTE instrumentation ready by the end 
of stage1, so my aim is to just put the `-fsanitize=hwaddress` sanitizer 
in, but send some outline code to the mailing list to demonstrate how 
`-fsanitize=memtag` would fit in.

## w.r.t. a compiler farm machine with TBI

Any AArch64 machine has this feature.  However in order to use the 
sanitizer the kernel needs to allow "tagged pointers" in syscalls.

The kernel has allowed these tagged pointers in syscalls (once it's been 
turned on with a relevant prctl) in mainline since 5.4-rc1 (i.e. the 
start of this month).

My testing has been on a virtual machine with a mainline kernel built 
from source.

Given that I'm not sure how you want to proceed.
Could we set up a virtual machine on the compiler farm?

> 4) About the BUILTIN expansion: you provided a patch for couple of them. My question
>     is whether the list is complete?

The list of BUILTINs was nowhere near complete at the time I posted the 
RFC patches.

Since then I've added features and correspondingly added BUILTINs.

Now I believe I've added all the BUILTIN's into sanitizer.def this 
sanitizer will need.

> 5) I would appreciate the patch set to be split into less logical parts, e.g.
>     libsanitizer changes; option introduction; stack variable handling (colour/uncolour/alignment);
>     hwasan pass and other GIMPLE-related changes; RTL hooks, new RTL instructions and expansion changes.
> 

Will do!

> Thank you,
> Martin
>     
>

Follow-Ups:
- Re: [Patch 0/X] [WIP][RFC][libsanitizer] Introduce HWASAN to GCC
  - From: Martin Liška

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]