I wanted to compile the hello world example with ASAN, but it seems like asylo's toolchain does not include sanitizers. I can understand why you may not want to build trusted components with ASAN, I have successfully added fsanitize=address to the enclave_loader's copts and linkopts parameters and that seems to work for the untrusted components.
Based on my simple experiment, I wanted to ask about the possibility for running sanitizers on trusted code. Some options I can think of include:
Creating different binaries that test trusted code but are built using the host's toolchain
Maybe supporting sanitizers in simulation mode?
Maybe supporting sanitizers for debug enclaves?
A follow-on question that is loosely linked to the above: is there a way to specify flags specifically for targets built using the host toolchain in .bazelrc (to allow one to invoke sanitizers by something like bazel --config=asan test ....).
Hey.
I wanted to compile the hello world example with ASAN, but it seems like asylo's toolchain does not include sanitizers. I can understand why you may not want to build trusted components with ASAN, I have successfully added fsanitize=address to the enclave_loader's copts and linkopts parameters and that seems to work for the untrusted components.
Based on my simple experiment, I wanted to ask about the possibility for running sanitizers on trusted code. Some options I can think of include:
A follow-on question that is loosely linked to the above: is there a way to specify flags specifically for targets built using the host toolchain in .bazelrc (to allow one to invoke sanitizers by something like
bazel --config=asan test ....
).