Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a4691dea authored by Vegard Nossum's avatar Vegard Nossum Committed by Linus Torvalds
Browse files

kcov: allow more fine-grained coverage instrumentation 

For more targeted fuzzing, it's better to disable kernel-wide
instrumentation and instead enable it on a per-subsystem basis.  This
follows the pattern of UBSAN and allows you to compile in the kcov
driver without instrumenting the whole kernel.

To instrument a part of the kernel, you can use either

    # for a single file in the current directory
    KCOV_INSTRUMENT_filename.o := y

or

    # for all the files in the current directory (excluding subdirectories)
    KCOV_INSTRUMENT := y

or

    # (same as above)
    ccflags-y += $(CFLAGS_KCOV)

or

    # for all the files in the current directory (including subdirectories)
    subdir-ccflags-y += $(CFLAGS_KCOV)

Link: http://lkml.kernel.org/r/1464008380-11405-1-git-send-email-vegard.nossum@oracle.com


Signed-off-by: default avatarVegard Nossum <vegard.nossum@oracle.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent f1cb637e

lib/Kconfig.debug

+11 −0
Original line number Original line Diff line number Diff line
@@ -719,6 +719,17 @@ config KCOV 




	  For more details, see Documentation/kcov.txt.

	  For more details, see Documentation/kcov.txt.





config KCOV_INSTRUMENT_ALL

	bool "Instrument all code by default"

	depends on KCOV

	default y if KCOV

	help

	  If you are doing generic system call fuzzing (like e.g. syzkaller),

	  then you will want to instrument the whole kernel and you should

	  say y here. If you are doing more targeted fuzzing (like e.g.

	  filesystem fuzzing with AFL) then you will want to enable coverage

	  for more specific subsets of files, and should say n here.



config DEBUG_SHIRQ

config DEBUG_SHIRQ

	bool "Debug shared IRQ handlers"

	bool "Debug shared IRQ handlers"

	depends on DEBUG_KERNEL

	depends on DEBUG_KERNEL

scripts/Makefile.lib

+1 −1
Original line number Original line Diff line number Diff line
@@ -138,7 +138,7 @@ endif 




ifeq ($(CONFIG_KCOV),y)

ifeq ($(CONFIG_KCOV),y)

_c_flags += $(if $(patsubst n%,, \

_c_flags += $(if $(patsubst n%,, \

	$(KCOV_INSTRUMENT_$(basetarget).o)$(KCOV_INSTRUMENT)y), \

	$(KCOV_INSTRUMENT_$(basetarget).o)$(KCOV_INSTRUMENT)$(CONFIG_KCOV_INSTRUMENT_ALL)), \

	$(CFLAGS_KCOV))

	$(CFLAGS_KCOV))

endif

endif