Skip to content
Snippets Groups Projects
Forked from Linaro / linux / kernel / torvalds / linux
This fork has diverged from the upstream repository.
  • Kees Cook's avatar
    ubsan: Tighten UBSAN_BOUNDS on GCC · 2d47c695
    Kees Cook authored
    
    The use of -fsanitize=bounds on GCC will ignore some trailing arrays,
    leaving a gap in coverage. Switch to using -fsanitize=bounds-strict to
    match Clang's stricter behavior.
    
    Cc: Marco Elver <elver@google.com>
    Cc: Masahiro Yamada <masahiroy@kernel.org>
    Cc: Nathan Chancellor <nathan@kernel.org>
    Cc: Nick Desaulniers <ndesaulniers@google.com>
    Cc: Nicolas Schier <nicolas@fjasle.eu>
    Cc: Tom Rix <trix@redhat.com>
    Cc: Josh Poimboeuf <jpoimboe@kernel.org>
    Cc: Miroslav Benes <mbenes@suse.cz>
    Cc: linux-kbuild@vger.kernel.org
    Cc: llvm@lists.linux.dev
    Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    Link: https://lore.kernel.org/r/20230405022356.gonna.338-kees@kernel.org
    2d47c695
Makefile.ubsan 779 B
# SPDX-License-Identifier: GPL-2.0

# Enable available and selected UBSAN features.
ubsan-cflags-$(CONFIG_UBSAN_ALIGNMENT)		+= -fsanitize=alignment
ubsan-cflags-$(CONFIG_UBSAN_BOUNDS_STRICT)	+= -fsanitize=bounds-strict
ubsan-cflags-$(CONFIG_UBSAN_ARRAY_BOUNDS)	+= -fsanitize=array-bounds
ubsan-cflags-$(CONFIG_UBSAN_LOCAL_BOUNDS)	+= -fsanitize=local-bounds
ubsan-cflags-$(CONFIG_UBSAN_SHIFT)		+= -fsanitize=shift
ubsan-cflags-$(CONFIG_UBSAN_DIV_ZERO)		+= -fsanitize=integer-divide-by-zero
ubsan-cflags-$(CONFIG_UBSAN_UNREACHABLE)	+= -fsanitize=unreachable
ubsan-cflags-$(CONFIG_UBSAN_BOOL)		+= -fsanitize=bool
ubsan-cflags-$(CONFIG_UBSAN_ENUM)		+= -fsanitize=enum
ubsan-cflags-$(CONFIG_UBSAN_TRAP)		+= -fsanitize-undefined-trap-on-error

export CFLAGS_UBSAN := $(ubsan-cflags-y)