From 1f4619796af5baf4b41b5723bbf708355f8597fa Mon Sep 17 00:00:00 2001
From: Justin Chadwell <justin.chadwell@arm.com>
Date: Tue, 20 Aug 2019 11:01:52 +0100
Subject: Add UBSAN support and handlers

This patch adds support for the Undefined Behaviour sanitizer. There are
two types of support offered - minimalistic trapping support which
essentially immediately crashes on undefined behaviour and full support
with full debug messages.

The full support relies on ubsan.c which has been adapted from code used
by OPTEE.

Change-Id: I417c810f4fc43dcb56db6a6a555bfd0b38440727
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
---
 Makefile | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'Makefile')

diff --git a/Makefile b/Makefile
index 43ff8d2f..043e751a 100644
--- a/Makefile
+++ b/Makefile
@@ -278,6 +278,14 @@ TF_CFLAGS		+=	$(CPPFLAGS) $(TF_CFLAGS_$(ARCH))		\
 				-ffreestanding -fno-builtin -Wall -std=gnu99	\
 				-Os -ffunction-sections -fdata-sections
 
+ifeq (${SANITIZE_UB},on)
+TF_CFLAGS		+=	-fsanitize=undefined -fno-sanitize-recover
+endif
+ifeq (${SANITIZE_UB},trap)
+TF_CFLAGS		+=	-fsanitize=undefined -fno-sanitize-recover	\
+				-fsanitize-undefined-trap-on-error
+endif
+
 GCC_V_OUTPUT		:=	$(shell $(CC) -v 2>&1)
 
 ifneq ($(findstring armlink,$(notdir $(LD))),)
@@ -313,6 +321,10 @@ ifeq ($(notdir $(CC)),armclang)
 BL_COMMON_SOURCES	+=	lib/${ARCH}/armclang_printf.S
 endif
 
+ifeq (${SANITIZE_UB},on)
+BL_COMMON_SOURCES	+=	plat/common/ubsan.c
+endif
+
 INCLUDES		+=	-Iinclude				\
 				-Iinclude/arch/${ARCH}			\
 				-Iinclude/lib/cpus/${ARCH}		\
@@ -673,6 +685,10 @@ $(eval $(call assert_numeric,ARM_ARCH_MAJOR))
 $(eval $(call assert_numeric,ARM_ARCH_MINOR))
 $(eval $(call assert_numeric,BRANCH_PROTECTION))
 
+ifeq ($(filter $(SANITIZE_UB), on off trap),)
+        $(error "Invalid value for SANITIZE_UB: can be one of on, off, trap")
+endif
+
 ################################################################################
 # Add definitions to the cpp preprocessor based on the current build options.
 # This is done after including the platform specific makefile to allow the
@@ -724,6 +740,10 @@ $(eval $(call add_define,WARMBOOT_ENABLE_DCACHE_EARLY))
 $(eval $(call add_define,BL2_AT_EL3))
 $(eval $(call add_define,BL2_IN_XIP_MEM))
 
+ifeq (${SANITIZE_UB},trap)
+        $(eval $(call add_define,MONITOR_TRAPS))
+endif
+
 # Define the EL3_PAYLOAD_BASE flag only if it is provided.
 ifdef EL3_PAYLOAD_BASE
         $(eval $(call add_define,EL3_PAYLOAD_BASE))
-- 
cgit v1.2.3