lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 22 Aug 2017 16:13:50 -0700
From:   Matthias Kaehlcke <mka@...omium.org>
To:     linux-kernel@...r.kernel.org
Cc:     Arnd Bergmann <arnd@...db.de>,
        Bernhard Rosenkränzer <bero@...aro.org>,
        Khem Raj <raj.khem@...il.com>,
        Behan Webster <behanw@...verseincode.com>,
        Stefan Agner <stefan@...er.ch>,
        Douglas Anderson <dianders@...omium.org>,
        Guenter Roeck <groeck@...omium.org>,
        Grant Grundler <grundler@...omium.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Greg Hackmann <ghackmann@...gle.com>,
        Michael Davidson <md@...gle.com>,
        Alexander Potapenko <glider@...gle.com>,
        Kees Cook <keescook@...omium.org>
Subject: Clang patch stacks for LTS kernels (v4.4 and v4.9) and status update

Hi,

Over the past months efforts have been made to upstream the remaining
LLVMLinux patches (http://llvm.linuxfoundation.org) and to address
other outstanding issues in order to build a usable kernel with clang.
To my knowledge upstream is in a relatively good shape by now for x86
and arm64 (I heard the same about PowerPC, but have no first hand
experience), most of the patches are already in Linus' tree, others
have landed in maintainer trees.

Since many projects use an LTS kernel rather than the latest upstream
I thought it could be useful for others to share my upstreamish
patch stacks (derived from my work on Chrome OS) for building v4.4 and
v4.9 with clang:

https://chromium.googlesource.com/chromiumos/third_party/kernel/+log/sandbox/mka/llvm/v4.4
https://chromium.googlesource.com/chromiumos/third_party/kernel/+log/sandbox/mka/llvm/v4.9

These two branches only have the basic patches needed to build an x86
or arm64 kernel with clang, additional fixes for warnings can be found
here:

https://chromium.googlesource.com/chromiumos/third_party/kernel/+log/sandbox/mka/llvm/v4.9_ext

For reference also a stack for v4.13(-rc6):

https://chromium.googlesource.com/chromiumos/third_party/kernel/+log/sandbox/mka/llvm/v4.13

If v4.14 (LTS) misses important patches I will create a stack for it.


To retrieve the patches (v4.9):

git fetch https://chromium.googlesource.com/chromiumos/third_party/kernel refs/sandbox/mka/llvm/v4.9
git checkout -b llvm_v4.9 FETCH_HEAD


To build the kernel with clang:

make CC=clang

or cross compilation:

make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- CC=aarch64-linux-gnu-clang


A short description of the tags used in the patches:

UPSTREAM   From Linus' tree
BACKPORT   From Linus' tree, conflicts had to be resolved
FROMGIT    From a maintainer tree, will eventually propagate to UPSTREAM
FROMLIST   Patch sent to one or more kernel mailing lists, but not
           picked up (yet)
HACK       Workaround for an issue, not upstreamable, proper fix needed
CUSTOM     Similar to HACK, but less hacky, mainly used for older kernels
OBSOLETE   Workaround for issue fixed in upstream clang, not needed
           with recent clang version (more info in the commit message)

The branches are subject to rebasing (e.g. to promote FROMGIT patches
to UPSTREAM, or to incorporate proper fixes for HACKs). If anyone
really needs a static branch for some reason let me know.


Pending issues (incomplete):
- x86: incompatible inline assembly to force generation of stack
  frames. A possible solution is under development:
  https://lkml.org/lkml/2017/7/28/775
- x86: maintainers raised concerns that clang does not support asm goto,
  LLVM devs do not plan to implement it.
- arm64: inconsistent behavior of -mgeneral-regs-only
  (https://llvm.org/bugs/show_bug.cgi?id=30792). A fix is being worked on.
- build errors in different drivers. Arnd Bergmann put together a
  bunch of patches that can serve as starting point for upstream fixes:
  https://git.kernel.org/pub/scm/linux/kernel/git/arnd/playground.git/log/?h=next-20170420%2bllvmlinux
- warnings: clang raises more warnings than gcc. Most warnings for x86
  and arm64 defconfig have been fixed, others still need to be addressed.
- ...

Thanks to everybody who contributed/s to this effort!

Matthias

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ