ladybird/Kernel/CMakeLists.txt

339 lines
8.9 KiB
Text
Raw Normal View History

add_compile_options(-Os)
set(KERNEL_HEAP_SOURCES
Heap/SlabAllocator.cpp
Heap/kmalloc.cpp
)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS_STATIC}")
set(KERNEL_SOURCES
ACPI/DynamicParser.cpp
ACPI/Initialize.cpp
ACPI/MultiProcessorParser.cpp
ACPI/Parser.cpp
Kernel: Initial integration of Kernel Address Sanitizer (KASAN) KASAN is a dynamic analysis tool that finds memory errors. It focuses mostly on finding use-after-free and out-of-bound read/writes bugs. KASAN works by allocating a "shadow memory" region which is used to store whether each byte of memory is safe to access. The compiler then instruments the kernel code and a check is inserted which validates the state of the shadow memory region on every memory access (load or store). To fully integrate KASAN into the SerenityOS kernel we need to: a) Implement the KASAN interface to intercept the injected loads/stores. void __asan_load*(address); void __asan_store(address); b) Setup KASAN region and determine the shadow memory offset + translation. This might be challenging since Serenity is only 32bit at this time. Ex: Linux implements kernel address -> shadow address translation like: static inline void *kasan_mem_to_shadow(const void *addr) { return ((unsigned long)addr >> KASAN_SHADOW_SCALE_SHIFT) + KASAN_SHADOW_OFFSET; } c) Integrating KASAN with Kernel allocators. The kernel allocators need to be taught how to record allocation state in the shadow memory region. This commit only implements the initial steps of this long process: - A new (default OFF) CMake build flag `ENABLE_KERNEL_ADDRESS_SANITIZER` - Stubs out enough of the KASAN interface to allow the Kernel to link clean. Currently the KASAN kernel crashes on boot (triple fault because of the crash in strlen other sanitizer are seeing) but the goal here is to just get started, and this should help others jump in and continue making progress on KASAN. References: * ASAN Paper: https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/37752.pdf * KASAN Docs: https://github.com/google/kasan * NetBSD KASAN Blog: https://blog.netbsd.org/tnf/entry/kernel_address_sanitizer_part_3 * LWN KASAN Article: https://lwn.net/Articles/612153/ * Tracking Issue #5351
2021-02-14 20:47:10 +00:00
AddressSanitizer.cpp
Arch/PC/BIOS.cpp
Arch/i386/CPU.cpp
2020-06-27 23:06:33 +00:00
Arch/i386/ProcessorInfo.cpp
Arch/i386/SafeMem.cpp
Arch/x86/SmapDisabler.h
CMOS.cpp
CommandLine.cpp
Console.cpp
CoreDump.cpp
2021-01-29 11:10:18 +00:00
DMI.cpp
Devices/AsyncDeviceRequest.cpp
Devices/BXVGADevice.cpp
Devices/BlockDevice.cpp
Devices/CharacterDevice.cpp
Devices/Device.cpp
Devices/FullDevice.cpp
Devices/I8042Controller.cpp
Devices/KeyboardDevice.cpp
Devices/MBVGADevice.cpp
Devices/MemoryDevice.cpp
Devices/NullDevice.cpp
Devices/PCSpeaker.cpp
Devices/PS2MouseDevice.cpp
Devices/RandomDevice.cpp
Devices/SB16.cpp
Devices/SerialDevice.cpp
Devices/USB/UHCIController.cpp
Devices/VMWareBackdoor.cpp
Devices/ZeroDevice.cpp
Storage/Partition/DiskPartition.cpp
Storage/Partition/DiskPartitionMetadata.cpp
Storage/Partition/EBRPartitionTable.cpp
Storage/Partition/GUIDPartitionTable.cpp
Storage/Partition/MBRPartitionTable.cpp
Storage/Partition/PartitionTable.cpp
Storage/StorageDevice.cpp
Storage/IDEController.cpp
Storage/IDEChannel.cpp
Storage/PATADiskDevice.cpp
2021-01-19 21:33:00 +00:00
Storage/RamdiskController.cpp
Storage/RamdiskDevice.cpp
Storage/StorageManagement.cpp
DoubleBuffer.cpp
FileSystem/AnonymousFile.cpp
FileSystem/BlockBasedFileSystem.cpp
FileSystem/Custody.cpp
FileSystem/DevFS.cpp
FileSystem/DevPtsFS.cpp
FileSystem/Ext2FileSystem.cpp
FileSystem/FIFO.cpp
FileSystem/File.cpp
FileSystem/FileBackedFileSystem.cpp
FileSystem/FileDescription.cpp
FileSystem/FileSystem.cpp
FileSystem/Inode.cpp
FileSystem/InodeFile.cpp
FileSystem/InodeWatcher.cpp
FileSystem/Plan9FileSystem.cpp
FileSystem/ProcFS.cpp
FileSystem/TmpFS.cpp
FileSystem/VirtualFileSystem.cpp
FutexQueue.cpp
Interrupts/APIC.cpp
Interrupts/GenericInterruptHandler.cpp
Interrupts/IOAPIC.cpp
Interrupts/IRQHandler.cpp
Interrupts/InterruptManagement.cpp
Interrupts/PIC.cpp
Interrupts/SharedIRQHandler.cpp
Interrupts/SpuriousInterruptHandler.cpp
Interrupts/UnhandledInterruptHandler.cpp
KBufferBuilder.cpp
KSyms.cpp
Lock.cpp
Net/E1000NetworkAdapter.cpp
Net/IPv4Socket.cpp
Net/LocalSocket.cpp
Net/LoopbackAdapter.cpp
Net/NE2000NetworkAdapter.cpp
Net/NetworkAdapter.cpp
Net/NetworkTask.cpp
Net/RTL8139NetworkAdapter.cpp
Net/Routing.cpp
Net/Socket.cpp
Net/TCPSocket.cpp
Net/UDPSocket.cpp
PCI/Access.cpp
PCI/Device.cpp
PCI/DeviceController.cpp
PCI/IOAccess.cpp
PCI/Initializer.cpp
PCI/MMIOAccess.cpp
Panic.cpp
PerformanceEventBuffer.cpp
Process.cpp
ProcessGroup.cpp
RTC.cpp
Random.cpp
Scheduler.cpp
StdLib.cpp
Syscall.cpp
Syscalls/anon_create.cpp
Syscalls/abort.cpp
Syscalls/access.cpp
Syscalls/alarm.cpp
Syscalls/beep.cpp
Syscalls/chdir.cpp
Syscalls/chmod.cpp
Syscalls/chown.cpp
Syscalls/chroot.cpp
Syscalls/clock.cpp
Syscalls/debug.cpp
Syscalls/disown.cpp
Syscalls/dup2.cpp
Syscalls/execve.cpp
Syscalls/exit.cpp
Syscalls/fcntl.cpp
Syscalls/fork.cpp
Syscalls/ftruncate.cpp
Syscalls/futex.cpp
Syscalls/get_dir_entries.cpp
Syscalls/get_stack_bounds.cpp
Syscalls/getrandom.cpp
Syscalls/getuid.cpp
Syscalls/hostname.cpp
Syscalls/ioctl.cpp
Syscalls/keymap.cpp
Syscalls/kill.cpp
Syscalls/link.cpp
Syscalls/lseek.cpp
Syscalls/mkdir.cpp
Syscalls/mknod.cpp
Syscalls/mmap.cpp
Syscalls/module.cpp
Syscalls/mount.cpp
Syscalls/open.cpp
Syscalls/perf_event.cpp
Syscalls/pipe.cpp
Syscalls/pledge.cpp
Syscalls/prctl.cpp
Syscalls/process.cpp
Syscalls/profiling.cpp
Syscalls/ptrace.cpp
Syscalls/purge.cpp
Syscalls/read.cpp
Syscalls/readlink.cpp
Syscalls/realpath.cpp
Syscalls/rename.cpp
Syscalls/rmdir.cpp
Syscalls/sched.cpp
Syscalls/select.cpp
Syscalls/sendfd.cpp
Syscalls/setpgid.cpp
Syscalls/setuid.cpp
Syscalls/shutdown.cpp
Syscalls/sigaction.cpp
Syscalls/socket.cpp
Syscalls/stat.cpp
Syscalls/sync.cpp
Syscalls/sysconf.cpp
Syscalls/thread.cpp
Syscalls/times.cpp
Syscalls/ttyname.cpp
Syscalls/umask.cpp
Syscalls/uname.cpp
Syscalls/unlink.cpp
Syscalls/unveil.cpp
Syscalls/utime.cpp
Syscalls/waitid.cpp
Syscalls/watch_file.cpp
Syscalls/write.cpp
TTY/MasterPTY.cpp
TTY/PTYMultiplexer.cpp
TTY/SlavePTY.cpp
TTY/TTY.cpp
TTY/VirtualConsole.cpp
Tasks/FinalizerTask.cpp
Tasks/SyncTask.cpp
Thread.cpp
ThreadBlockers.cpp
ThreadTracer.cpp
Time/APICTimer.cpp
Time/HPET.cpp
Time/HPETComparator.cpp
Time/PIT.cpp
Time/RTC.cpp
Time/TimeManagement.cpp
TimerQueue.cpp
UBSanitizer.cpp
UserOrKernelBuffer.cpp
VM/AnonymousVMObject.cpp
VM/ContiguousVMObject.cpp
VM/InodeVMObject.cpp
VM/MemoryManager.cpp
VM/PageDirectory.cpp
VM/PhysicalPage.cpp
VM/PhysicalRegion.cpp
VM/PrivateInodeVMObject.cpp
VM/ProcessPagingScope.cpp
VM/PurgeablePageRanges.cpp
VM/Range.cpp
VM/RangeAllocator.cpp
VM/Region.cpp
VM/SharedInodeVMObject.cpp
VM/Space.cpp
VM/VMObject.cpp
WaitQueue.cpp
init.cpp
kprintf.cpp
)
set(AK_SOURCES
../AK/ByteBuffer.cpp
../AK/FlyString.cpp
../AK/GenericLexer.cpp
../AK/Hex.cpp
../AK/JsonParser.cpp
../AK/JsonValue.cpp
../AK/LexicalPath.cpp
../AK/LogStream.cpp
../AK/String.cpp
../AK/StringBuilder.cpp
../AK/StringImpl.cpp
../AK/StringUtils.cpp
../AK/StringView.cpp
../AK/Time.cpp
../AK/Format.cpp
../AK/UUID.cpp
)
set(ELF_SOURCES
2021-01-12 11:17:30 +00:00
../Userland/Libraries/LibELF/Image.cpp
../Userland/Libraries/LibELF/Validation.cpp
)
set(VT_SOURCES
2021-01-12 11:17:30 +00:00
../Userland/Libraries/LibVT/Terminal.cpp
../Userland/Libraries/LibVT/Line.cpp
)
set(KEYBOARD_SOURCES
2021-01-12 11:17:30 +00:00
../Userland/Libraries/LibKeyboard/CharacterMap.cpp
)
set(CRYPTO_SOURCES
2021-01-12 11:17:30 +00:00
../Userland/Libraries/LibCrypto/Cipher/AES.cpp
../Userland/Libraries/LibCrypto/Hash/SHA2.cpp
)
set(C_SOURCES
2021-01-12 11:17:30 +00:00
../Userland/Libraries/LibC/ctype.cpp
)
set(SOURCES
${KERNEL_SOURCES}
${AK_SOURCES}
${ELF_SOURCES}
${VT_SOURCES}
${KEYBOARD_SOURCES}
${CRYPTO_SOURCES}
${C_SOURCES}
)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wno-unknown-warning-option")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pie -fPIE -fno-rtti -ffreestanding -fbuiltin")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -mno-80387 -mno-mmx -mno-sse -mno-sse2")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-asynchronous-unwind-tables")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fstack-protector-strong")
if (NOT ${CMAKE_HOST_SYSTEM_NAME} MATCHES SerenityOS)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -nostdlib -nostdinc -nostdinc++")
endif()
# Kernel Undefined Behavior Sanitizer (KUBSAN)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=undefined")
Kernel: Initial integration of Kernel Address Sanitizer (KASAN) KASAN is a dynamic analysis tool that finds memory errors. It focuses mostly on finding use-after-free and out-of-bound read/writes bugs. KASAN works by allocating a "shadow memory" region which is used to store whether each byte of memory is safe to access. The compiler then instruments the kernel code and a check is inserted which validates the state of the shadow memory region on every memory access (load or store). To fully integrate KASAN into the SerenityOS kernel we need to: a) Implement the KASAN interface to intercept the injected loads/stores. void __asan_load*(address); void __asan_store(address); b) Setup KASAN region and determine the shadow memory offset + translation. This might be challenging since Serenity is only 32bit at this time. Ex: Linux implements kernel address -> shadow address translation like: static inline void *kasan_mem_to_shadow(const void *addr) { return ((unsigned long)addr >> KASAN_SHADOW_SCALE_SHIFT) + KASAN_SHADOW_OFFSET; } c) Integrating KASAN with Kernel allocators. The kernel allocators need to be taught how to record allocation state in the shadow memory region. This commit only implements the initial steps of this long process: - A new (default OFF) CMake build flag `ENABLE_KERNEL_ADDRESS_SANITIZER` - Stubs out enough of the KASAN interface to allow the Kernel to link clean. Currently the KASAN kernel crashes on boot (triple fault because of the crash in strlen other sanitizer are seeing) but the goal here is to just get started, and this should help others jump in and continue making progress on KASAN. References: * ASAN Paper: https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/37752.pdf * KASAN Docs: https://github.com/google/kasan * NetBSD KASAN Blog: https://blog.netbsd.org/tnf/entry/kernel_address_sanitizer_part_3 * LWN KASAN Article: https://lwn.net/Articles/612153/ * Tracking Issue #5351
2021-02-14 20:47:10 +00:00
# Kernel Address Sanitize (KASAN) implementation is still a work in progress, this option
# is not currently meant to be used, besides when developing Kernel ASAN support.
#
if (ENABLE_KERNEL_ADDRESS_SANITIZER)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=kernel-address")
endif()
add_compile_definitions(KERNEL)
# HACK: This is a workaround for CLion to grok the kernel sources.
# It's needed because CLion doesn't understand the way we switch compilers mid-build.
add_compile_definitions(__serenity__)
add_link_options(LINKER:-T ${CMAKE_CURRENT_BINARY_DIR}/linker.ld -nostdlib)
# HACK: This is to work around a bug in CMake dependency resolution, the
# kernel won't re-link when boot.S changes without this.
set_source_files_properties(init.cpp
PROPERTIES
OBJECT_DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/Arch/i386/Boot/boot.S
)
add_library(boot OBJECT Arch/i386/Boot/boot.S)
add_library(kernel_heap STATIC ${KERNEL_HEAP_SOURCES})
file(GENERATE OUTPUT linker.ld INPUT linker.ld)
if (${CMAKE_HOST_SYSTEM_NAME} MATCHES SerenityOS)
2020-10-12 09:38:50 +00:00
include_directories(/usr/local/include/c++/10.2.0/)
else()
include_directories(../Toolchain/Local/${SERENITY_ARCH}/${SERENITY_ARCH}-pc-serenity/include/c++/10.2.0/)
include_directories(../Toolchain/Local/${SERENITY_ARCH}/${SERENITY_ARCH}-pc-serenity/include/c++/10.2.0/${SERENITY_ARCH}-pc-serenity/)
endif()
add_executable(Kernel ${SOURCES})
target_link_libraries(Kernel kernel_heap gcc stdc++)
add_dependencies(Kernel boot kernel_heap)
install(TARGETS Kernel RUNTIME DESTINATION boot)
add_custom_command(
TARGET Kernel
COMMAND sh ${CMAKE_CURRENT_SOURCE_DIR}/mkmap.sh
)
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/kernel.map DESTINATION res)
serenity_install_headers(Kernel)
serenity_install_sources(Kernel)
add_subdirectory(Modules)