lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1459284282-6676-1-git-send-email-nicolas.pitre@linaro.org>
Date:	Tue, 29 Mar 2016 16:44:34 -0400
From:	Nicolas Pitre <nicolas.pitre@...aro.org>
To:	Michal Marek <mmarek@...e.com>
Cc:	linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH v7 0/8]/[PULL REQUEST] Trim unused exported kernel symbols

This patch series provides the option to omit exported symbols from
the kernel and modules that are never referenced by any of the selected
modules in the current kernel configuration. this allows for optimizing
the compiled code and reducing final binaries' size. When using LTO the
binary size reduction is even more effective. It could also be argued
that this could bring some security advantages.

The original cover letter with lots of test results can be found here:

	https://lkml.org/lkml/2016/2/8/813

Please consider for merging into your tree.

Alternately, the following branch can be pulled:

	http://git.linaro.org/people/nicolas.pitre/linux.git autoksyms

Thanks.

Changes from v6:

- Rebased on v4.6-rc1, including adjustments to the recently introduced
  rule_as_o_S.

- Explicitly ignored more if_changed_dep callers for which no EXPORT_SYMBOL
  can be parsed.

Changes from v5:

- Disable automatic dependency file generation during the preprocessor
  pass when gathering exported symbol names.  Not only it is redundant
  but in some conditions this crashes fixdep that might be reading the
  previous dependency file at the same time. Reported by Michal Marek.

- Redirect error messages to stderr rather than pass it as a symbol name
  dependency.

Changes from v4:

- Correctness changes plus small cleanup to adjust_autoksyms.sh as
  suggested by Michal Marek.

- Changed ksym build dependency generation by re-running the preprocessor
  rather than collecting those dependencies as warnings through stderr
  which was too fragile.

Changes from v3:

- Shell portability changes to adjust_autoksyms.sh, partly from
  suggestions by Zev Weiss.

- Fix sample modules by building them before adjust_autoksyms.sh is run.

Changes from v2:

- Generating the build dependencies by parsing the source with fixdep
  turned out to be unreliable due to all the EXPORT_SYMBOL() variants,
  and especially their use within macros where the actual symbol name
  is known only after running the preprocessor. This list of symbol names
  is now obtained from the preprocessor directly, fixing allmodconfig
  builds.

Changes from v1:

- Replaced "exp" that doesn't convey the right meaning as noted by
  Sam Ravnborg. The "ksym" identifier is actually what the kernel
  already uses for this. Therefore:
  - CONFIG_TRIM_UNUSED_EXPSYMS --> CONFIG_TRIM_UNUSED_KSYMS
  - include/generated/expsyms.h --> include/generated/autoksyms.h
  - #define __EXPSYM_* --> #define __KSYM_*

- Some sed regexp improvements as suggested by Al Viro.

- Renamed vmlinux_recursive target to autoksyms_recursive.

- Accept EXPORT_SYMBOL variants with a prefix, e.g. ACPI_EXPORT_SYMBOL.

- Minor commit log clarifications.

- Added Rusty's ACK.

diffstat:

 Makefile                    |  23 +++++++--
 include/linux/export.h      |  33 ++++++++++++-
 init/Kconfig                |  16 ++++++
 scripts/Kbuild.include      |  32 +++++++++++-
 scripts/Makefile.build      |  32 ++++++------
 scripts/adjust_autoksyms.sh | 101 ++++++++++++++++++++++++++++++++++++++
 scripts/basic/fixdep.c      |  61 +++++++++++++++++------
 7 files changed, 261 insertions(+), 37 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ