Commit Graph

89 Commits (e03579253a17afa9ea65dcbe5fae9dd4c583f99e)

Author SHA1 Message Date
Daniel Micay 3c274731ba Revert "use safe_flag for -fstack-clash-protection"
This reverts commit 4171bd164e.
2023-11-14 16:19:33 -05:00
Daniel Micay 4171bd164e use safe_flag for -fstack-clash-protection 2023-11-08 14:21:04 -05:00
Daniel Micay 2d302f7d85 enable -Wundef 2023-06-10 14:58:33 -04:00
Daniel Micay 8f3281ed6a enable strict prototypes warning 2023-06-10 14:18:27 -04:00
Christian Göttsche af866a7faa support versioned Clang
make CC=clang-14
    clang-14  -std=c17 -O3 -flto -fPIC -fvisibility=hidden -fno-plt -fstack-clash-protection -fstack-protector-strong -pipe -Wall -Wcast-qual -Wextra -Wfloat-equal -Wformat=2 -Winit-self -Wmissing-format-attribute -Wmissing-noreturn -Wmissing-prototypes -Wnull-dereference -Wpointer-arith -Wshadow -Wstrict-prototypes -Wundef -Wunused -Wwrite-strings -Wcast-align=strict -Wcast-qual -Wwrite-strings -Werror -march=native -Wmissing-prototypes  -D_GNU_SOURCE -I include -DCONFIG_SEAL_METADATA=false -DZERO_ON_FREE=true -DWRITE_AFTER_FREE_CHECK=true -DSLOT_RANDOMIZE=true -DSLAB_CANARY=true -DSLAB_QUARANTINE_RANDOM_LENGTH=1 -DSLAB_QUARANTINE_QUEUE_LENGTH=1 -DCONFIG_EXTENDED_SIZE_CLASSES=true -DCONFIG_LARGE_SIZE_CLASSES=true -DGUARD_SLABS_INTERVAL=1 -DGUARD_SIZE_DIVISOR=2 -DREGION_QUARANTINE_RANDOM_LENGTH=256 -DREGION_QUARANTINE_QUEUE_LENGTH=1024 -DREGION_QUARANTINE_SKIP_THRESHOLD=33554432  -DFREE_SLABS_QUARANTINE_RANDOM_LENGTH=32 -DCONFIG_CLASS_REGION_SIZE=34359738368  -DN_ARENA=4 -DCONFIG_STATS=false  -c -o out/chacha.o chacha.c
    error: unknown warning option '-Wcast-align=strict'; did you mean '-Wcast-align'? [-Werror,-Wunknown-warning-option]
    make: *** [Makefile:114: out/chacha.o] Error 1
2023-06-10 14:18:27 -04:00
Daniel Micay 6038030d0b no need to check for -fstack-clash-protection
This is supported by the compiler versions listed as minimum
requirements in the README.
2023-02-17 13:07:26 -05:00
Daniel Micay 4d23fa37ad enable Intel CET support 2023-02-17 13:07:26 -05:00
Daniel Micay cd9b875297 reorganize compiler switches 2023-02-17 13:07:24 -05:00
Daniel Micay 8f38bbdee6 add configuration for self-init
This needs to be disabled for compatibility with the exploit protection
compatibility mode on GrapheneOS. hardened_malloc shouldn't be trying to
initialize itself when exploit protection compatibility mode is enabled.
This has to be handled in our Bionic integration instead.
2022-09-14 03:41:31 -04:00
jvoisin 04a86566c3 Don't depend on gcc_s 2022-01-28 14:59:58 -05:00
jvoisin 3fa30842ed Use $(MAKE) instead of make in Makefiles
This will pass the correct flags to the make
invocations.
2022-01-17 16:21:00 -05:00
Daniel Micay e814cf4f5c enable linking optimization for GNU linker 2022-01-16 12:18:00 -05:00
Daniel Micay 705211ef49 define UBSan flags for SHARED_FLAGS to reuse it 2022-01-16 11:50:55 -05:00
Daniel Micay 189d3362d5 enable sized deallocation ABI for consistency 2022-01-16 11:49:51 -05:00
Daniel Micay 17891d743e switch from c11 to c17 standard 2022-01-12 10:20:47 -05:00
Daniel Micay b3372e1576 add configuration template system 2022-01-10 04:47:01 -05:00
Daniel Micay 3696f071a4 use SLAB_CANARY for conditional checks 2022-01-03 02:17:04 -05:00
jvoisin 3878f4a5f4 Don't ignore the return value of the testsuite 2022-01-02 00:55:21 -05:00
Daniel Micay 75e26afdb6 remove legacy safe_flag check for -fno-plt
This is supported by the minimum versions of the dependencies.
2021-12-30 19:17:33 -05:00
jvoisin 06192ae499 `make clean` is now thorough 2021-12-26 16:28:03 -05:00
Daniel Micay 4ccd6f16df always enable C++17
The safe_flag check doesn't work properly for C++ flags with Clang so
this wasn't getting enabled despite the conditional compilation being
removed from the code, leading to breaking Clang builds.
2021-12-26 16:26:38 -05:00
Daniel Micay 3b72a4f810 set C / C++ standard parameter for clang-tidy 2021-09-30 11:05:47 -04:00
Daniel Micay db21ecd529 use longer default region quarantine random array 2021-03-18 06:27:46 -04:00
Daniel Micay b9ebf47c7c explicitly use python3 to run tests 2020-09-19 09:40:56 -04:00
Daniel Micay 1cba254452 move external API to include directory 2020-09-14 05:52:53 -04:00
Daniel Micay cf55ac0f6d disable annoying Clang warning from avoiding ifdef 2020-04-30 18:14:40 -04:00
rwarr627 ec6854c71b added test rule 2020-04-11 15:08:30 -04:00
Daniel Micay 74eb614f16 inherit base CXXFLAGS from the environment too 2019-09-26 14:50:58 -04:00
Daniel Micay 5b3d59ec7d Makefile: split long line for SHARED_FLAGS 2019-08-18 08:41:12 -04:00
Daniel Micay 58b56f10ea avoid -shared-libgcc due to old Clang versions 2019-08-18 04:53:51 -04:00
Daniel Micay abece7656b add enabled-by-default option to use -Werror 2019-08-18 02:28:23 -04:00
Daniel Micay c70745ab15 Makefile: add check target depending on tidy 2019-08-18 02:20:06 -04:00
Daniel Micay 8133444f43 move clang-tidy configuration to .clang-tidy 2019-08-18 02:12:18 -04:00
Daniel Micay 8f9f2521a0 disable sanitizer recovery in UBSan debug builds
This makes it harder to miss that an error occurred and avoids spamming
output. There should never be a single error, so it doesn't make sense
to gather as many errors as possible when a single error is already a
serious issue that would need to be fixed.
2019-08-18 02:00:13 -04:00
Daniel Micay d8ebdea05f handle CONFIG_SEAL_METADATA option like the others 2019-08-18 01:56:20 -04:00
Daniel Micay 8d2df1deb8 use CC as CXX to make sure LTO is compatible 2019-08-18 01:28:59 -04:00
Daniel Micay 1bc201c4c1 use -Wcast-align if -Wcast-align=strict is missing 2019-08-18 01:15:54 -04:00
Daniel Micay cc8c4459e1 make safe_flag treat unknown warnings as missing 2019-08-18 01:15:54 -04:00
Patrick Schleizer 75e86914aa respect existing CFLAGS, CPPFLAGS and LDFLAGS 2019-07-29 13:52:55 -04:00
Daniel Micay 90d12fb340 override local default to -fstack-protector-strong
This is a no-op on a toolchain compiled with the basic mitigations
enabled by default, so this is generally a no-op anywhere this project
is likely to be deployed. SSP has a very low performance cost so there's
little reason to avoid it, even though it also has zero value for this
code in practice. It would be great if one of the more modern approaches
was widely adopted, but unfortunately SSP is as good as it gets for
portable options. It doesn't provide any protection against external
writes to the stack data which is all that's really needed here.

ShadowCallStack is a great option for arm64, but it's substantially more
difficult to protect return addresses well on x86_64 due to the design of
the ISA and ABI.
2019-07-19 11:53:55 -04:00
Daniel Micay 77743e5a36 use -fstack-clash-protection for completeness
This is a no-op for the current code and will likely remain that way so
there's no benefit but also no performance cost.
2019-07-19 11:18:49 -04:00
Daniel Micay bb65d088dc drop default class region size to 32GiB 2019-06-19 01:00:22 -04:00
Daniel Micay 5449f4a94e use safe_flag for -fno-plt
This isn't supported by the ancient Clang release in Debian Stable.
2019-06-06 07:33:39 -04:00
Daniel Micay 6c31f6710a support extended range of small size classes 2019-04-10 08:31:51 -04:00
Daniel Micay 1b34fd4a69 enable 4 arenas by default 2019-04-10 08:12:59 -04:00
Daniel Micay cef7368b3c disable unusable readability-magic-numbers lint
This wouldn't be worth using even if it had a whole bunch of heuristics
like ignoring expressions in static_assert, ignoring repeated patterns
like assigning different things to sequential array indexes, etc.
2019-04-09 00:58:06 -04:00
Daniel Micay 295bfbde94 disable bugprone-too-small-loop-variable lint
This has too many false positives since it doesn't permit comparisons
against constants where the compiler can verify it doesn't overflow.
2019-04-09 00:55:16 -04:00
Daniel Micay ef90f404a6 add sanity check for stats option 2019-04-07 09:06:03 -04:00
Daniel Micay e0891c8cfc implement the option of large size classes
This extends the size class scheme used for slab allocations to large
allocations. This drastically improves performance for many real world
programs using incremental realloc growth instead of using proper growth
factors. There are 4 size classes for every doubling in size, resulting
in a worst case of ~20% extra virtual memory being reserved and a huge
increase in performance for pathological cases. For example, growing
from 4MiB to 8MiB by calling realloc in increments of 32 bytes will only
need to do work beyond looking up the size 4 times instead of 1024 times
with 4096 byte granularity.
2019-04-07 08:52:17 -04:00
Daniel Micay 350d0e5fd2 add real mallinfo implementation for Android
Android Q uses the mallinfo implementation in the ART GC:

c220f98180
1575267302
2019-04-06 20:54:26 -04:00