lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 3 Feb 2022 17:14:11 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Kees Cook <keescook@...omium.org>
Cc:     Alexander Popov <alex.popov@...ux.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Borislav Petkov <bp@...en8.de>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH v2] gcc-plugins/stackleak: Use noinstr in favor of notrace

On Thu, Feb 3, 2022 at 12:18 PM Kees Cook <keescook@...omium.org> wrote:
>
> While the stackleak plugin was already using notrace, objtool is now a
> bit more picky. Update the notrace uses to noinstr. Silences the
> following objtool warnings when building with:

Thanks, applied.

There are still a few objtool warnings about other issues, all look
somehow related to mce:

  mce_start()+0x5c: call to __kasan_check_write() leaves .noinstr.text section
  mce_gather_info()+0x5f: call to v8086_mode.constprop.0() leaves
.noinstr.text section
  mce_read_aux()+0x8a: call to mca_msr_reg() leaves .noinstr.text section
  do_machine_check()+0x197: call to mce_no_way_out() leaves
.noinstr.text section
  mce_severity_amd.constprop.0()+0xca: call to mce_severity_amd_smca()
leaves .noinstr.textp section

and from a quick look at least some of them look like real bugs.

For example, mce_read_aux() is marked 'noinstr', but it calls
mca_msr_reg() which is not. That's iffy.

The others might be compiler-generated (the 'constprop' thing has
caused section issues before so I didn't bother looking closer). Or
related to kasan. But at least one of them seems to be a valid warning
about bad behavior.

              Linus

Powered by blists - more mailing lists