ANDROID: disable CONFIG_UBSAN_SIGNED_WRAP
After updating Clang to r536225 it started to sanitize signed integer overflow/underflow despite "-fwrapv" compiler flag. The "-fwrapv" flag is designed to treat signed integer as two’s complement unsigned integer with defined overflow/underflow. Sanitizing signed integer overflow in Linux kernel might be useful to spot bugs, however there are cases where overflow is intended, for example, `atomic_long_t` type and such cases can't be annotated to not trigger UBSAN. UBSAN was initially enabled for Android only for bounds sanitizer. Also we need to have UBSAN_TRAP to have kernel panic on out-of-bounds arrays access to harden the kernel. This change disables CONFIG_UBSAN_SIGNED_WRAP to make UBSAN function as bounds sanitizer only and don't trigger on signed integer wraps. Bug: 375156207 Bug: 354745907 Change-Id: I968edf7c8761505b6484cb4a46f6e948c39d7bab Signed-off-by: Aleksei Vetrov <vvvvvv@google.com>
This commit is contained in:
@@ -723,6 +723,7 @@ CONFIG_HEADERS_INSTALL=y
|
||||
# CONFIG_SECTION_MISMATCH_WARN_ONLY is not set
|
||||
CONFIG_MAGIC_SYSRQ=y
|
||||
CONFIG_UBSAN=y
|
||||
# CONFIG_UBSAN_SIGNED_WRAP is not set
|
||||
# CONFIG_UBSAN_BOOL is not set
|
||||
# CONFIG_UBSAN_ENUM is not set
|
||||
CONFIG_PAGE_OWNER=y
|
||||
|
||||
@@ -666,6 +666,7 @@ CONFIG_HEADERS_INSTALL=y
|
||||
# CONFIG_SECTION_MISMATCH_WARN_ONLY is not set
|
||||
CONFIG_MAGIC_SYSRQ=y
|
||||
CONFIG_UBSAN=y
|
||||
# CONFIG_UBSAN_SIGNED_WRAP is not set
|
||||
# CONFIG_UBSAN_BOOL is not set
|
||||
# CONFIG_UBSAN_ENUM is not set
|
||||
CONFIG_PAGE_OWNER=y
|
||||
|
||||
Reference in New Issue
Block a user