From 91ef65784e98eb83ef46faffbaa3df6512ca4662 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Fri, 6 Dec 2024 03:42:09 +0900 Subject: [PATCH] mkosi/sanitizers: add more ASAN options This adds the following three options: - detect_invalid_pointer_pairs=2 - handle_ioctl=1 - print_cmdline=1 Note, these options were used in the CentOS CI job. --- mkosi.sanitizers/mkosi.conf | 2 +- .../usr/lib/systemd/system.conf.d/10-sanitizers.conf | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/mkosi.sanitizers/mkosi.conf b/mkosi.sanitizers/mkosi.conf index 0492716ec11..22ae2028f2a 100644 --- a/mkosi.sanitizers/mkosi.conf +++ b/mkosi.sanitizers/mkosi.conf @@ -17,6 +17,6 @@ Environment=ASAN_OPTIONS=verify_asan_link_order=0:intercept_tls_get_addr=0 # systemd.setenv here as there's a size limit on the kernel command line and we don't want to trigger it. We # don't use ManagerEnvironment= either as we want these to be set for pid1 from the earliest possible moment. KernelCommandLine= - ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:disable_coredump=0:use_madv_dontdump=1 + ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:detect_invalid_pointer_pairs=2:handle_ioctl=1:print_cmdline=1:disable_coredump=0:use_madv_dontdump=1 UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 LSAN_OPTIONS=suppressions=/usr/lib/systemd/leak-sanitizer-suppressions diff --git a/mkosi.sanitizers/mkosi.extra/usr/lib/systemd/system.conf.d/10-sanitizers.conf b/mkosi.sanitizers/mkosi.extra/usr/lib/systemd/system.conf.d/10-sanitizers.conf index a7152a3abe4..1798226b6f8 100644 --- a/mkosi.sanitizers/mkosi.extra/usr/lib/systemd/system.conf.d/10-sanitizers.conf +++ b/mkosi.sanitizers/mkosi.extra/usr/lib/systemd/system.conf.d/10-sanitizers.conf @@ -1,6 +1,7 @@ # SPDX-License-Identifier: LGPL-2.1-or-later [Manager] -DefaultEnvironment=ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:disable_coredump=0:use_madv_dontdump=1 \ - UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 \ - LSAN_OPTIONS=suppressions=/usr/lib/systemd/leak-sanitizer-suppressions +DefaultEnvironment= \ + ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:detect_invalid_pointer_pairs=2:handle_ioctl=1:print_cmdline=1:disable_coredump=0:use_madv_dontdump=1 \ + UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 \ + LSAN_OPTIONS=suppressions=/usr/lib/systemd/leak-sanitizer-suppressions -- 2.47.3