From: Simon Glass <simon.glass@canonical.com> Add CONFIG_MCHECK_HEAP_PROTECTION option to enable mcheck heap protection. Convert all uses of MCHECK_HEAP_PROTECTION to use the CONFIG_ -prefixed version to work with Kconfig. Disable this option when tracing is enabled, since the mcheck hooks (mcheck_pedantic_prehook(), etc.) interfere with function tracing. Co-developed-by: Claude <noreply@anthropic.com> Signed-off-by: Simon Glass <simon.glass@canonical.com> --- Kconfig | 10 ++++++++++ common/board_f.c | 2 +- common/dlmalloc.c | 6 +++--- common/mcheck_core.inc.h | 6 +++--- 4 files changed, 17 insertions(+), 7 deletions(-) diff --git a/Kconfig b/Kconfig index 86276c89f38..fb320fdb418 100644 --- a/Kconfig +++ b/Kconfig @@ -345,6 +345,16 @@ config MALLOC_DEBUG enables additional assertions and the malloc_get_info() function to retrieve memory-allocation statistics. +config MCHECK_HEAP_PROTECTION + bool "Enable mcheck heap protection" + depends on !TRACE + help + Enable heap protection using the mcheck library. This adds canary + values before and after each allocation to detect buffer overflows + and underflows, double-frees, and memory corruption. This + significantly increases memory overhead and should only be used for + debugging. + config SPL_SYS_MALLOC_F bool "Enable malloc() pool in SPL" depends on SPL_FRAMEWORK && SYS_MALLOC_F && SPL diff --git a/common/board_f.c b/common/board_f.c index a3e4c69d449..9dce08002c5 100644 --- a/common/board_f.c +++ b/common/board_f.c @@ -749,7 +749,7 @@ static int setup_reloc(void) if (gd->flags & GD_FLG_SKIP_RELOC) { debug("Skipping relocation due to flag\n"); } else { -#ifdef MCHECK_HEAP_PROTECTION +#ifdef CONFIG_MCHECK_HEAP_PROTECTION mcheck_on_ramrelocation(gd->reloc_off); #endif debug("Relocation Offset is: %08lx\n", gd->reloc_off); diff --git a/common/dlmalloc.c b/common/dlmalloc.c index b8de42cc47e..7258a7dda84 100644 --- a/common/dlmalloc.c +++ b/common/dlmalloc.c @@ -572,7 +572,7 @@ MAX_RELEASE_CHECK_RATE default: 4095 unless not HAVE_MMAP #define DEBUG 1 #endif -#ifdef MCHECK_HEAP_PROTECTION +#if CONFIG_IS_ENABLED(MCHECK_HEAP_PROTECTION) #define STATIC_IF_MCHECK static #undef MALLOC_COPY #undef MALLOC_ZERO @@ -5451,7 +5451,7 @@ static void* internal_memalign(mstate m, size_t alignment, size_t bytes) { } return mem; } -#endif /* !CONFIG_MCHECK_HEAP_PROTECTION || MSPACES */ +#endif /* !MCHECK_HEAP_PROTECTION || MSPACES */ /* Common support for independent_X routines, handling @@ -5937,7 +5937,7 @@ size_t dlmalloc_usable_size(const void* mem) { return 0; } -#ifdef MCHECK_HEAP_PROTECTION +#if CONFIG_IS_ENABLED(MCHECK_HEAP_PROTECTION) #include "mcheck_core.inc.h" void *dlmalloc(size_t bytes) diff --git a/common/mcheck_core.inc.h b/common/mcheck_core.inc.h index 69021409922..7caa9ac8dff 100644 --- a/common/mcheck_core.inc.h +++ b/common/mcheck_core.inc.h @@ -45,8 +45,8 @@ * an array, for index(+1/-1) errors. * * U-Boot is a BL, not an OS with a lib. Activity of the library is set not in runtime, - * rather in compile-time, by MCHECK_HEAP_PROTECTION macro. That guarantees that - * we haven't missed first malloc. + * rather in compile-time, by CONFIG_MCHECK_HEAP_PROTECTION macro. That + * guarantees that we haven't missed first malloc. */ /* @@ -59,7 +59,7 @@ #define _MCHECKCORE_INC_H 1 #include "mcheck.h" -#if defined(MCHECK_HEAP_PROTECTION) +#if CONFIG_IS_ENABLED(MCHECK_HEAP_PROTECTION) #define mcheck_flood memset // these are from /dev/random: -- 2.43.0