From nobody Tue Nov 12 19:04:24 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Xnwnh6PBnz5cxLc;
	Tue, 12 Nov 2024 19:04:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Xnwnh5qyLz40rB;
	Tue, 12 Nov 2024 19:04:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1731438264;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=f2VI0FEur3VihcRFfa7kdorEA1z7f3SN7ISUmGerhBw=;
	b=Lr8zIchtmD29j8uEmFEtqZ5ElW/ucKIQlNB7W4Xfn8ZhCv3CfxLG9/02Pst/sywZNBkZry
	kYwKZJrO5XeFn7qlsUppJCnfit9GELEfk3T4iMPesg+vfscSU3xrOo7ukt8w1rYXG17HB5
	+g0Maw6fQOWYh/W0nTbmW75QNwsrMJCdSAbU2GoU+Htz5hTpYasqUqGXuA0/2ZT9LBqB7j
	FQVxzyMZUO0UrC46n5AJYtldOkWcYLHaa/NzQyHvhbLHZIV2WnJN+N/Ja0J1we2RPehSpF
	VH1sIOjQNtq9njOFAwfcaTcxG7rSTHAv5VCU+hhlhn90lt4hZ/tXRC93cdc50w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1731438264;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=f2VI0FEur3VihcRFfa7kdorEA1z7f3SN7ISUmGerhBw=;
	b=ENEz6BZ1Hdh4nvN7TNFCn+pnN4ogw/ODuxSsfmr0KBI+7JshBbWUcMP5m5gn0kSgeuA9hc
	VoLw5G8HhzZvo1nOLXVGk4JGobtnIk2JBPMdO4+zV0uT2h8pLSV0VZFjDTvTHGhPnWz000
	juER14ESlvlLf83f7kW5YFKv6e1rmEPi637EdBHAkOgu8+EGBawVUgGG24gioU7H1dkYqP
	Et3+ZwIDwFlNFrG2L9eF8nhFunvZYdmSeCzQjZqVccPa2yHrY5B3+H/DOiZcBz0Iy10vV/
	AbXFJcg0oVBvWfzaJd7kDGeO/i800lWUu/y0yPNatFlleJRFOh8iyRUoHgZ4FA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1731438264; a=rsa-sha256; cv=none;
	b=cgk3KN43NVlnQw+aqWvne7NHtmyzZtKfUtGSpNtkY40m3YL40AerfqdyxN379+NFfw+iHc
	IboBpU7kUUViplk+8+Y1nPXIJaCSGyj50kmy0WMdHNqjD/CoCfvYKfOU4BhLffdEyI04DF
	RIWrli6aJ430sBg4HhVWputC/MgGDyKtFnps402s0Ap7UNLR6u+3QQPZN+yjx/opxijgTK
	pPRsPSD4TbdLlw8zz+xtQ1HG1PTOiOwJnwopzxufX+caUG6QE/qeSaEnVGP1vtX19jkFPO
	1puje9n3Bais1CT8aAZlUIFa1X1DHxMmtxFyLn04ZI6zQdFATyuk/94eGVD7kQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Xnwnh5L7yzMfr;
	Tue, 12 Nov 2024 19:04:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4ACJ4OX3018138;
	Tue, 12 Nov 2024 19:04:24 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4ACJ4OZO018135;
	Tue, 12 Nov 2024 19:04:24 GMT
	(envelope-from git)
Date: Tue, 12 Nov 2024 19:04:24 GMT
Message-Id: <202411121904.4ACJ4OZO018135@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Ka Ho Ng <khng@FreeBSD.org>
Subject: git: 6e3875ebcf0e - main - sys: move SAN and COVERAGE
  options handling to kern.mk
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: khng
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 6e3875ebcf0e768332735f8306bf4625b30ab61c
Auto-Submitted: auto-generated

The branch main has been updated by khng:

URL: https://cgit.FreeBSD.org/src/commit/?id=6e3875ebcf0e768332735f8306bf4625b30ab61c

commit 6e3875ebcf0e768332735f8306bf4625b30ab61c
Author:     Ka Ho Ng <khng@FreeBSD.org>
AuthorDate: 2024-11-10 04:07:14 +0000
Commit:     Ka Ho Ng <khng@FreeBSD.org>
CommitDate: 2024-11-12 19:04:13 +0000

    sys: move SAN and COVERAGE options handling to kern.mk
    
    This allows the flags to be picked up more easily when building external
    modules.
    
    Sponsored by: Juniper Networks, Inc.
    Reviewed by:    markj (earlier)
    Differential Revision:  https://reviews.freebsd.org/D45563
---
 sys/conf/kern.mk      | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++
 sys/conf/kern.post.mk |  4 ---
 sys/conf/kern.pre.mk  | 64 -----------------------------------------
 sys/conf/kmod.mk      |  6 ++--
 4 files changed, 84 insertions(+), 70 deletions(-)

diff --git a/sys/conf/kern.mk b/sys/conf/kern.mk
index 2f451f9286a6..5d07a1d9ad3c 100644
--- a/sys/conf/kern.mk
+++ b/sys/conf/kern.mk
@@ -247,6 +247,86 @@ CFLAGS+=	-fstack-protector
 CFLAGS+=	-mretpoline
 .endif
 
+#
+# Kernel Address SANitizer support
+#
+.if !empty(KASAN_ENABLED)
+SAN_CFLAGS+=	-DSAN_NEEDS_INTERCEPTORS -DSAN_INTERCEPTOR_PREFIX=kasan \
+		-fsanitize=kernel-address
+.if ${COMPILER_TYPE} == "clang"
+SAN_CFLAGS+=	-mllvm -asan-stack=true \
+		-mllvm -asan-instrument-dynamic-allocas=true \
+		-mllvm -asan-globals=true \
+		-mllvm -asan-use-after-scope=true \
+		-mllvm -asan-instrumentation-with-call-threshold=0 \
+		-mllvm -asan-instrument-byval=false
+.endif
+
+.if ${MACHINE_CPUARCH} == "aarch64"
+# KASAN/ARM64 TODO: -asan-mapping-offset is calculated from:
+#	   (VM_KERNEL_MIN_ADDRESS >> KASAN_SHADOW_SCALE_SHIFT) + $offset = KASAN_MIN_ADDRESS
+#
+#	This is different than amd64, where we have a different
+#	KASAN_MIN_ADDRESS, and this offset value should eventually be
+#	upstreamed similar to: https://reviews.llvm.org/D98285
+#
+.if ${COMPILER_TYPE} == "clang"
+SAN_CFLAGS+=	-mllvm -asan-mapping-offset=0xdfff208000000000
+.else
+SAN_CFLAGS+=	-fasan-shadow-offset=0xdfff208000000000
+.endif
+.elif ${MACHINE_CPUARCH} == "amd64" && \
+      ${COMPILER_TYPE} == "clang" && ${COMPILER_VERSION} >= 180000
+# Work around https://github.com/llvm/llvm-project/issues/87923, which leads to
+# an assertion failure compiling dtrace.c with asan enabled.
+SAN_CFLAGS+=	-mllvm -asan-use-stack-safety=0
+.endif
+.endif # !empty(KASAN_ENABLED)
+
+#
+# Kernel Concurrency SANitizer support
+#
+.if !empty(KCSAN_ENABLED)
+SAN_CFLAGS+=	-DSAN_NEEDS_INTERCEPTORS -DSAN_INTERCEPTOR_PREFIX=kcsan \
+		-fsanitize=thread
+.endif
+
+#
+# Kernel Memory SANitizer support
+#
+.if !empty(KMSAN_ENABLED)
+# Disable -fno-sanitize-memory-param-retval until interceptors have been
+# updated to work properly with it.
+MSAN_CFLAGS+=	-DSAN_NEEDS_INTERCEPTORS -DSAN_INTERCEPTOR_PREFIX=kmsan \
+		-fsanitize=kernel-memory
+.if ${COMPILER_TYPE} == "clang" && ${COMPILER_VERSION} >= 160000
+MSAN_CFLAGS+=	-fno-sanitize-memory-param-retval
+.endif
+SAN_CFLAGS+=	${MSAN_CFLAGS}
+.endif # !empty(KMSAN_ENABLED)
+
+#
+# Kernel Undefined Behavior SANitizer support
+#
+.if !empty(KUBSAN_ENABLED)
+SAN_CFLAGS+=	-fsanitize=undefined
+.endif
+
+#
+# Generic Kernel Coverage support
+#
+.if !empty(COVERAGE_ENABLED)
+.if ${COMPILER_TYPE} == "clang" || \
+    (${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} >= 80100)
+SAN_CFLAGS+=	-fsanitize-coverage=trace-pc,trace-cmp
+.else
+SAN_CFLAGS+=	-fsanitize-coverage=trace-pc
+.endif
+.endif # !empty(COVERAGE_ENABLED)
+
+# Add the sanitizer C flags
+CFLAGS+=	${SAN_CFLAGS}
+
 #
 # Initialize stack variables on function entry
 #
diff --git a/sys/conf/kern.post.mk b/sys/conf/kern.post.mk
index 5f6ec2db498d..59e51c394a35 100644
--- a/sys/conf/kern.post.mk
+++ b/sys/conf/kern.post.mk
@@ -37,10 +37,6 @@ MKMODULESENV+=	WITH_CTF="${WITH_CTF}"
 MKMODULESENV+=	KCSAN_ENABLED="yes"
 .endif
 
-.if defined(SAN_CFLAGS)
-MKMODULESENV+=	SAN_CFLAGS="${SAN_CFLAGS}"
-.endif
-
 .if defined(GCOV_CFLAGS)
 MKMODULESENV+=	GCOV_CFLAGS="${GCOV_CFLAGS}"
 .endif
diff --git a/sys/conf/kern.pre.mk b/sys/conf/kern.pre.mk
index d0a66ceceae2..6ad9d209c70a 100644
--- a/sys/conf/kern.pre.mk
+++ b/sys/conf/kern.pre.mk
@@ -93,73 +93,9 @@ ASM_CFLAGS= -x assembler-with-cpp -DLOCORE ${CFLAGS} ${ASM_CFLAGS.${.IMPSRC:T}}
 COMPAT_FREEBSD32_ENABLED!= grep COMPAT_FREEBSD32 opt_global.h || true ; echo
 
 KASAN_ENABLED!=	grep KASAN opt_global.h || true ; echo
-.if !empty(KASAN_ENABLED)
-SAN_CFLAGS+=	-DSAN_NEEDS_INTERCEPTORS -DSAN_INTERCEPTOR_PREFIX=kasan \
-		-fsanitize=kernel-address
-.if ${COMPILER_TYPE} == "clang"
-SAN_CFLAGS+=	-mllvm -asan-stack=true \
-		-mllvm -asan-instrument-dynamic-allocas=true \
-		-mllvm -asan-globals=true \
-		-mllvm -asan-use-after-scope=true \
-		-mllvm -asan-instrumentation-with-call-threshold=0 \
-		-mllvm -asan-instrument-byval=false
-.endif
-
-.if ${MACHINE_CPUARCH} == "aarch64"
-# KASAN/ARM64 TODO: -asan-mapping-offset is calculated from:
-#	   (VM_KERNEL_MIN_ADDRESS >> KASAN_SHADOW_SCALE_SHIFT) + $offset = KASAN_MIN_ADDRESS
-#
-#	This is different than amd64, where we have a different
-#	KASAN_MIN_ADDRESS, and this offset value should eventually be
-#	upstreamed similar to: https://reviews.llvm.org/D98285
-#
-.if ${COMPILER_TYPE} == "clang"
-SAN_CFLAGS+=	-mllvm -asan-mapping-offset=0xdfff208000000000
-.else
-SAN_CFLAGS+=	-fasan-shadow-offset=0xdfff208000000000
-.endif
-.elif ${MACHINE_CPUARCH} == "amd64" && \
-      ${COMPILER_TYPE} == "clang" && ${COMPILER_VERSION} >= 180000
-# Work around https://github.com/llvm/llvm-project/issues/87923, which leads to
-# an assertion failure compiling dtrace.c with asan enabled.
-SAN_CFLAGS+=	-mllvm -asan-use-stack-safety=0
-.endif
-.endif
-
-KCSAN_ENABLED!=	grep KCSAN opt_global.h || true ; echo
-.if !empty(KCSAN_ENABLED)
-SAN_CFLAGS+=	-DSAN_NEEDS_INTERCEPTORS -DSAN_INTERCEPTOR_PREFIX=kcsan \
-		-fsanitize=thread
-.endif
-
 KMSAN_ENABLED!= grep KMSAN opt_global.h || true ; echo
-.if !empty(KMSAN_ENABLED)
-# Disable -fno-sanitize-memory-param-retval until interceptors have been
-# updated to work properly with it.
-MSAN_CFLAGS+=	-DSAN_NEEDS_INTERCEPTORS -DSAN_INTERCEPTOR_PREFIX=kmsan \
-		-fsanitize=kernel-memory
-.if ${COMPILER_TYPE} == "clang" && ${COMPILER_VERSION} >= 160000
-MSAN_CFLAGS+=	-fno-sanitize-memory-param-retval
-.endif
-SAN_CFLAGS+=	${MSAN_CFLAGS}
-.endif
-
 KUBSAN_ENABLED!=	grep KUBSAN opt_global.h || true ; echo
-.if !empty(KUBSAN_ENABLED)
-SAN_CFLAGS+=	-fsanitize=undefined
-.endif
-
 COVERAGE_ENABLED!=	grep COVERAGE opt_global.h || true ; echo
-.if !empty(COVERAGE_ENABLED)
-.if ${COMPILER_TYPE} == "clang" || \
-    (${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} >= 80100)
-SAN_CFLAGS+=	-fsanitize-coverage=trace-pc,trace-cmp
-.else
-SAN_CFLAGS+=	-fsanitize-coverage=trace-pc
-.endif
-.endif
-
-CFLAGS+=	${SAN_CFLAGS}
 
 GCOV_ENABLED!=	grep GCOV opt_global.h || true ; echo
 .if !empty(GCOV_ENABLED)
diff --git a/sys/conf/kmod.mk b/sys/conf/kmod.mk
index 03bf42f5b413..645c04cdd135 100644
--- a/sys/conf/kmod.mk
+++ b/sys/conf/kmod.mk
@@ -406,8 +406,10 @@ ${_src}:
 .endfor
 .endif
 
-# Add the sanitizer C flags
-CFLAGS+=	${SAN_CFLAGS}
+KASAN_ENABLED=	${KERN_OPTS:MKASAN}
+KCSAN_ENABLED=	${KERN_OPTS:MKCSAN}
+KMSAN_ENABLED=	${KERN_OPTS:MKMSAN}
+KUBSAN_ENABLED=	${KERN_OPTS:MKUBSAN}
 
 # Add the gcov flags
 CFLAGS+=	${GCOV_CFLAGS}