svn commit: r367577 - in head: share/mk sys/conf tools/build/options

Brooks Davis brooks at FreeBSD.org
Tue Nov 10 19:15:15 UTC 2020 

Author: brooks
Date: Tue Nov 10 19:15:13 2020
New Revision: 367577
URL: https://svnweb.freebsd.org/changeset/base/367577

Log:
  Support initializing stack variables on function entry
  
  There are two options:
   - WITH_INIT_ALL_ZERO: Zero all variables on the stack.
   - WITH_INIT_ALL_PATTERN: Initialize variables with well-defined patterns.
  
  The exact pattern are a compiler implementation detail and vary by type.
  They are somewhat documented in the LLVM commit message:
  https://reviews.llvm.org/rL349442
  I've used WITH_INIT_ALL_* to match Microsoft's InitAll feature rather
  than naming them after the LLVM specific compiler flags.
  
  In a range of consumer products, options like these are used in
  both debug and production builds with debugs builds using patterns
  (intended to provoke crashes on use of uninitialized values) and
  production using zeros (deemed more likely to lead to harmless
  misbehavior or NULL-pointer dereferences).
  
  Reviewed by:	emaste
  Obtained from:	CheriBSD
  Sponsored by:	DARPA
  Differential Revision:	https://reviews.freebsd.org/D27131

Added:
  head/tools/build/options/WITH_INIT_ALL_PATTERN   (contents, props changed)
  head/tools/build/options/WITH_INIT_ALL_ZERO   (contents, props changed)
Modified:
  head/share/mk/bsd.compiler.mk
  head/share/mk/bsd.lib.mk
  head/share/mk/bsd.opts.mk
  head/share/mk/bsd.prog.mk
  head/sys/conf/kern.mk

Modified: head/share/mk/bsd.compiler.mk
==============================================================================
--- head/share/mk/bsd.compiler.mk	Tue Nov 10 19:09:35 2020	(r367576)
+++ head/share/mk/bsd.compiler.mk	Tue Nov 10 19:15:13 2020	(r367577)
@@ -24,6 +24,7 @@
 # - c++11:     supports full (or nearly full) C++11 programming environment.
 # - retpoline: supports the retpoline speculative execution vulnerability
 #              mitigation.
+# - init-all:  supports stack variable initialization.
 #
 # These variables with an X_ prefix will also be provided if XCC is set.
 #
@@ -214,7 +215,7 @@ ${X_}COMPILER_FEATURES=		c++11 c++14
 ${X_}COMPILER_FEATURES+=	c++17
 .endif
 .if ${${X_}COMPILER_TYPE} == "clang"
-${X_}COMPILER_FEATURES+=	retpoline
+${X_}COMPILER_FEATURES+=	retpoline init-all
 .endif
 
 .else

Modified: head/share/mk/bsd.lib.mk
==============================================================================
--- head/share/mk/bsd.lib.mk	Tue Nov 10 19:09:35 2020	(r367576)
+++ head/share/mk/bsd.lib.mk	Tue Nov 10 19:15:13 2020	(r367577)
@@ -85,6 +85,25 @@ LDFLAGS+= -Wl,-zretpolineplt
 .endif
 .endif
 
+# Initialize stack variables on function entry
+.if ${MK_INIT_ALL_ZERO} == "yes"
+.if ${COMPILER_FEATURES:Minit-all}
+CFLAGS+= -ftrivial-auto-var-init=zero \
+    -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
+CXXFLAGS+= -ftrivial-auto-var-init=zero \
+    -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
+.else
+.warning InitAll (zeros) requested but not support by compiler
+.endif
+.elif ${MK_INIT_ALL_PATTERN} == "yes"
+.if ${COMPILER_FEATURES:Minit-all}
+CFLAGS+= -ftrivial-auto-var-init=pattern
+CXXFLAGS+= -ftrivial-auto-var-init=pattern
+.else
+.warning InitAll (pattern) requested but not support by compiler
+.endif
+.endif
+
 .if ${MK_DEBUG_FILES} != "no" && empty(DEBUG_FLAGS:M-g) && \
     empty(DEBUG_FLAGS:M-gdwarf*)
 CFLAGS+= ${DEBUG_FILES_CFLAGS}

Modified: head/share/mk/bsd.opts.mk
==============================================================================
--- head/share/mk/bsd.opts.mk	Tue Nov 10 19:09:35 2020	(r367576)
+++ head/share/mk/bsd.opts.mk	Tue Nov 10 19:15:13 2020	(r367577)
@@ -71,6 +71,8 @@ __DEFAULT_NO_OPTIONS = \
     BIND_NOW \
     CCACHE_BUILD \
     CTF \
+    INIT_ALL_PATTERN \
+    INIT_ALL_ZERO \
     INSTALL_AS_USER \
     PIE \
     RETPOLINE \
@@ -84,6 +86,10 @@ __DEFAULT_DEPENDENT_OPTIONS = \
 
 
 .include <bsd.mkopt.mk>
+
+.if ${MK_INIT_ALL_PATTERN} == "yes" && ${MK_INIT_ALL_ZERO} == "yes"
+.error WITH_INIT_ALL_PATTERN and WITH_INIT_ALL_ZERO are mutually exclusive.
+.endif
 
 #
 # Supported NO_* options (if defined, MK_* will be forced to "no",

Modified: head/share/mk/bsd.prog.mk
==============================================================================
--- head/share/mk/bsd.prog.mk	Tue Nov 10 19:09:35 2020	(r367576)
+++ head/share/mk/bsd.prog.mk	Tue Nov 10 19:15:13 2020	(r367577)
@@ -60,6 +60,25 @@ LDFLAGS+= -Wl,-zretpolineplt
 .endif
 .endif
 
+# Initialize stack variables on function entry
+.if ${MK_INIT_ALL_ZERO} == "yes"
+.if ${COMPILER_FEATURES:Minit-all}
+CFLAGS+= -ftrivial-auto-var-init=zero \
+    -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
+CXXFLAGS+= -ftrivial-auto-var-init=zero \
+    -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
+.else
+.warning InitAll (zeros) requested but not support by compiler
+.endif
+.elif ${MK_INIT_ALL_PATTERN} == "yes"
+.if ${COMPILER_FEATURES:Minit-all}
+CFLAGS+= -ftrivial-auto-var-init=pattern
+CXXFLAGS+= -ftrivial-auto-var-init=pattern
+.else
+.warning InitAll (pattern) requested but not support by compiler
+.endif
+.endif
+
 .if ${MACHINE_CPUARCH} == "riscv" && ${LINKER_FEATURES:Mriscv-relaxations} == ""
 CFLAGS += -mno-relax
 .endif

Modified: head/sys/conf/kern.mk
==============================================================================
--- head/sys/conf/kern.mk	Tue Nov 10 19:09:35 2020	(r367576)
+++ head/sys/conf/kern.mk	Tue Nov 10 19:15:13 2020	(r367577)
@@ -228,6 +228,24 @@ CFLAGS+=	-mretpoline
 .endif
 
 #
+# Initialize stack variables on function entry
+#
+.if ${MK_INIT_ALL_ZERO} == "yes"
+.if ${COMPILER_FEATURES:Minit-all}
+CFLAGS+= -ftrivial-auto-var-init=zero \
+    -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
+.else
+.warning InitAll (zeros) requested but not support by compiler
+.endif
+.elif ${MK_INIT_ALL_PATTERN} == "yes"
+.if ${COMPILER_FEATURES:Minit-all}
+CFLAGS+= -ftrivial-auto-var-init=pattern
+.else
+.warning InitAll (pattern) requested but not support by compiler
+.endif
+.endif
+
+#
 # Add -gdwarf-2 when compiling -g. The default starting in clang v3.4
 # and gcc 4.8 is to generate DWARF version 4. However, our tools don't
 # cope well with DWARF 4, so force it to genereate DWARF2, which they

Added: head/tools/build/options/WITH_INIT_ALL_PATTERN
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/tools/build/options/WITH_INIT_ALL_PATTERN	Tue Nov 10 19:15:13 2020	(r367577)
@@ -0,0 +1,5 @@
+.\" $FreeBSD$
+Set to build the base system or kernel with stack variables initialized to
+.Pq compiler defined
+debugging patterns on function entry.
+This option requires the clang compiler.

Added: head/tools/build/options/WITH_INIT_ALL_ZERO
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/tools/build/options/WITH_INIT_ALL_ZERO	Tue Nov 10 19:15:13 2020	(r367577)
@@ -0,0 +1,4 @@
+.\" $FreeBSD$
+Set to build the base system or kernel with stack variables initialized
+to zero on function entry.
+This option requires that the clang compiler be used.

More information about the svn-src-head mailing list