[GWP-ASan] Integrate GWP-ASan into bionc's malloc() (using hooks).
This patch introduces GWP-ASan - a sampled allocator framework that
finds use-after-free and heap-buffer-overflow bugs in production
environments.
GWP-ASan is being introduced in an always-disabled mode. This means that
GWP-ASan will be permanently disabled until a further patch turns on
support. As such, there should be no visible functional change for the
time being.
GWP-ASan requires -fno-emulated-tls wherever it's linked from. We
intentionally link GWP-ASan into libc so that it's part of the initial
set of libraries, and thus has static TLS storage (so we can use
Initial-Exec TLS instead of Global-Dynamic). As a benefit, this reduces
overhead for a sampled process.
GWP-ASan is always initialised via. a call to
mallopt(M_INITIALIZE_GWP_ASAN, which must be done before a process is
multithreaded).
More information about GWP-ASan can be found in the upstream
documentation: http://llvm.org/docs/GwpAsan.html
Bug: 135634846
Test: atest bionic
Change-Id: Ib9bd33337d17dab39ac32f4536bff71bd23498b0
diff --git a/libc/Android.bp b/libc/Android.bp
index 84b4b12..147c2bb 100644
--- a/libc/Android.bp
+++ b/libc/Android.bp
@@ -47,6 +47,9 @@
// Clang's exit-time destructor registration hides __dso_handle, but
// __dso_handle needs to have default visibility on ARM32. See b/73485611.
"-Wexit-time-destructors",
+
+ // GWP-ASan requires platform TLS.
+ "-fno-emulated-tls",
]
// Define some common cflags
@@ -62,6 +65,8 @@
"bionic/libc/async_safe/include",
],
+ header_libs: ["gwp_asan_headers"],
+
stl: "none",
system_shared_libs: [],
sanitize: {
@@ -111,6 +116,7 @@
"libjemalloc5",
"libc_jemalloc_wrapper",
],
+ header_libs: ["gwp_asan_headers"],
}
// Functions not implemented by jemalloc directly, or that need to
@@ -1391,6 +1397,7 @@
],
ramdisk_available: false,
srcs: libc_common_src_files + [
+ "bionic/gwp_asan_wrappers.cpp",
"bionic/heap_tagging.cpp",
"bionic/malloc_common.cpp",
"bionic/malloc_limit.cpp",
@@ -1418,6 +1425,7 @@
],
whole_static_libs: [
+ "gwp_asan",
"libc_bionic_ndk",
"libc_bootstrap",
"libc_fortify",
@@ -1597,6 +1605,7 @@
srcs: [
"arch-common/bionic/crtbegin_so.c",
"arch-common/bionic/crtbrand.S",
+ "bionic/gwp_asan_wrappers.cpp",
"bionic/heap_tagging.cpp",
"bionic/icu.cpp",
"bionic/malloc_common.cpp",
@@ -1614,6 +1623,7 @@
filegroup {
name: "libc_sources_static",
srcs: [
+ "bionic/gwp_asan_wrappers.cpp",
"bionic/heap_tagging.cpp",
"bionic/malloc_common.cpp",
"bionic/malloc_limit.cpp",
@@ -1648,6 +1658,7 @@
srcs: [ ":libc_sources_static" ],
cflags: ["-DLIBC_STATIC"],
whole_static_libs: [
+ "gwp_asan",
"libc_init_static",
"libc_common_static",
"libc_unwind_static",
@@ -1656,6 +1667,7 @@
shared: {
srcs: [ ":libc_sources_shared" ],
whole_static_libs: [
+ "gwp_asan",
"libc_init_dynamic",
"libc_common_shared",
],
@@ -2504,6 +2516,7 @@
cc_defaults {
name: "libc_scudo_wrapper_defaults",
srcs: [
+ "bionic/gwp_asan_wrappers.cpp",
"bionic/heap_tagging.cpp",
"bionic/malloc_common.cpp",
"bionic/malloc_common_dynamic.cpp",
@@ -2512,12 +2525,21 @@
"bionic/scudo_wrapper.cpp",
"bionic/__set_errno.cpp",
],
- cflags: ["-DUSE_SCUDO"],
+ cflags: [
+ "-DUSE_SCUDO",
+ "-fno-emulated-tls", // Required for GWP-ASan.
+ ],
shared_libs: ["libscudo_wrapper"],
- header_libs: ["libc_headers"],
+ header_libs: [
+ "libc_headers",
+ "gwp_asan_headers",
+ ],
- static_libs: ["libasync_safe"],
+ static_libs: [
+ "libasync_safe",
+ "gwp_asan",
+ ],
arch: {
arm: {