libbrillo: Disable asan on SecureMemset.

SecureMemset is used to overwrite beyond string size() but not
beyond capacity().
As this behavior is intentional, disable it from asan analysis.

Also provide a new asan.h header file to hold all asan specific
definitions.

BUG=chromium:808243
TEST=libbrillo/cryptohome unit tests pass with asan.

Change-Id: Idfabe15614299312be35beb64eae10e5acb07e1b
Reviewed-on: https://chromium-review.googlesource.com/898605
Commit-Ready: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>

4 files changed, 29 insertions, 7 deletions

diff --git a/brillo/asan.h b/brillo/asan.h
new file mode 100644
index 0000000..9a73202
--- /dev/null
+++ b/brillo/asan.h
@@ -0,0 +1,21 @@
+// Copyright 2018 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+//
+// This header provides Address Sanitizer specific macros.
+//
+#ifndef LIBBRILLO_BRILLO_ASAN_H_
+#define LIBBRILLO_BRILLO_ASAN_H_
+
+#if defined(__has_feature) && __has_feature(address_sanitizer)
+// ASan is enabled.
+#define BRILLO_ASAN_BUILD 1
+// Provide BRILLO_DISABLE_ASAN hook to disable ASan.
+// Put this in front on functions or global variables where required.
+#define BRILLO_DISABLE_ASAN __attribute__((no_sanitize("address")))
+#else
+#define BRILLO_DISABLE_ASAN
+#endif
+
+#endif
+
diff --git a/brillo/secure_blob.cc b/brillo/secure_blob.cc
index 9e6d570..58cd594 100644
--- a/brillo/secure_blob.cc
+++ b/brillo/secure_blob.cc
@@ -49,7 +49,7 @@ SecureBlob SecureBlob::Combine(const SecureBlob& blob1,
   return result;
 }
 
-void* SecureMemset(void* v, int c, size_t n) {
+BRILLO_DISABLE_ASAN void* SecureMemset(void* v, int c, size_t n) {
   volatile uint8_t* p = reinterpret_cast<volatile uint8_t*>(v);
   while (n--)
     *p++ = c;
diff --git a/brillo/secure_blob.h b/brillo/secure_blob.h
index b6111c7..86f43eb 100644
--- a/brillo/secure_blob.h
+++ b/brillo/secure_blob.h
@@ -8,6 +8,7 @@
 #include <string>
 #include <vector>
 
+#include <brillo/asan.h>
 #include <brillo/brillo_export.h>
 
 namespace brillo {
@@ -46,7 +47,10 @@ class BRILLO_EXPORT SecureBlob : public Blob {
 // While memset() can be optimized out in certain situations (since most
 // compilers implement this function as intrinsic and know of its side effects),
 // this function will not be optimized out.
-BRILLO_EXPORT void* SecureMemset(void* v, int c, size_t n);
+//
+// SecureMemset is used to write beyond the size() in several functions.
+// Since this is intentional, disable address sanitizer from analying it.
+BRILLO_EXPORT BRILLO_DISABLE_ASAN void* SecureMemset(void* v, int c, size_t n);
 
 // Compare [n] bytes starting at [s1] with [s2] and return 0 if they match,
 // 1 if they don't. Time taken to perform the comparison is only dependent on
diff --git a/brillo/secure_blob_unittest.cc b/brillo/secure_blob_unittest.cc
index f68ac24..aa2684e 100644
--- a/brillo/secure_blob_unittest.cc
+++ b/brillo/secure_blob_unittest.cc
@@ -4,6 +4,7 @@
 
 // Unit tests for SecureBlob.
 
+#include "brillo/asan.h"
 #include "brillo/secure_blob.h"
 
 #include <algorithm>
@@ -78,11 +79,7 @@ TEST_F(SecureBlobTest, IteratorConstructorTest) {
 
 // Disable ResizeTest with address sanitizer.
 // https://crbug.com/806013
-#if defined(__has_feature) && __has_feature(address_sanitizer)
-#define BRILLO_DISABLE_RESIZETEST 1
-#endif
-
-#ifndef BRILLO_DISABLE_RESIZETEST
+#ifndef BRILLO_ASAN_BUILD
 TEST_F(SecureBlobTest, ResizeTest) {
   // Check that resizing a SecureBlob wipes the excess memory.  The test assumes
   // that resize() down by one will not re-allocate the memory, so the last byte