lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170630140934.mmwtpockvpupahro@treble>
Date:   Fri, 30 Jun 2017 09:09:34 -0500
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Ingo Molnar <mingo@...nel.org>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org,
        live-patching@...r.kernel.org,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Andy Lutomirski <luto@...nel.org>, Jiri Slaby <jslaby@...e.cz>,
        "H. Peter Anvin" <hpa@...or.com>,
        Peter Zijlstra <peterz@...radead.org>
Subject: [PATCH] objtool: silence warnings for functions which use iret

On Fri, Jun 30, 2017 at 10:32:03AM +0200, Ingo Molnar wrote:
> 
> * Josh Poimboeuf <jpoimboe@...hat.com> wrote:
> 
> > This is a major rewrite of objtool.  Instead of only tracking frame
> > pointer changes, it now tracks all stack-related operations, including
> > all register saves/restores.
> > 
> > In addition to making stack validation more robust, this also paves the
> > way for undwarf generation.
> > 
> > Signed-off-by: Josh Poimboeuf <jpoimboe@...hat.com>
> 
> Note, I have applied the first 3 patches, and got a bunch of new warnings on x86 
> 64-bit allmodconfig:
> 
>  arch/x86/kernel/alternative.o: warning: objtool: do_sync_core()+0x1b: unsupported instruction in callable function
>  arch/x86/kernel/alternative.o: warning: objtool: text_poke()+0x1a8: unsupported instruction in callable function
>  arch/x86/kernel/ftrace.o: warning: objtool: do_sync_core()+0x16: unsupported instruction in callable function
>  arch/x86/kernel/cpu/mcheck/mce.o: warning: objtool: machine_check_poll()+0x166: unsupported instruction in callable function
>  arch/x86/kernel/cpu/mcheck/mce.o: warning: objtool: do_machine_check()+0x147: unsupported instruction in callable function
> 
> (That's the vmlinux build - plus 4 more warnings in the modules build.)
> 
> That's with GCC 5.3.1.

Here's the fix.  It can be squashed into the 3rd commit ("objtool:
Implement stack validation 2.0") or can be added as a standalone commit,
whichever you prefer.

----

From: Josh Poimboeuf <jpoimboe@...hat.com>
Subject: [PATCH] objtool: silence warnings for functions which use iret

Previously, objtool ignored functions which have the 'iret' instruction
in them.  That's because it assumed that such functions know what
they're doing with respect to frame pointers.

With the new "objtool 2.0" changes, it stopped ignoring such functions,
and started complaining about them:

  arch/x86/kernel/alternative.o: warning: objtool: do_sync_core()+0x1b: unsupported instruction in callable function
  arch/x86/kernel/alternative.o: warning: objtool: text_poke()+0x1a8: unsupported instruction in callable function
  arch/x86/kernel/ftrace.o: warning: objtool: do_sync_core()+0x16: unsupported instruction in callable function
  arch/x86/kernel/cpu/mcheck/mce.o: warning: objtool: machine_check_poll()+0x166: unsupported instruction in callable function
  arch/x86/kernel/cpu/mcheck/mce.o: warning: objtool: do_machine_check()+0x147: unsupported instruction in callable function

Silence those warnings for now.  They can be re-enabled later, once we
have unwind hints which will allow the code to annotate the iret usages.

Reported-by: Ingo Molnar <mingo@...nel.org>
Fixes: baa41469a7b9 ("objtool: Implement stack validation 2.0")
Signed-off-by: Josh Poimboeuf <jpoimboe@...hat.com>
---
 tools/objtool/check.c | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/tools/objtool/check.c b/tools/objtool/check.c
index 2f80aa51..fea2221 100644
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -100,6 +100,7 @@ static bool gcov_enabled(struct objtool_file *file)
 static bool ignore_func(struct objtool_file *file, struct symbol *func)
 {
 	struct rela *rela;
+	struct instruction *insn;
 
 	/* check for STACK_FRAME_NON_STANDARD */
 	if (file->whitelist && file->whitelist->rela)
@@ -112,6 +113,11 @@ static bool ignore_func(struct objtool_file *file, struct symbol *func)
 				return true;
 		}
 
+	/* check if it has a context switching instruction */
+	func_for_each_insn(file, func, insn)
+		if (insn->type == INSN_CONTEXT_SWITCH)
+			return true;
+
 	return false;
 }
 
@@ -1446,14 +1452,6 @@ static int validate_branch(struct objtool_file *file, struct instruction *first,
 
 			return 0;
 
-		case INSN_CONTEXT_SWITCH:
-			if (func) {
-				WARN_FUNC("unsupported instruction in callable function",
-					  sec, insn->offset);
-				return 1;
-			}
-			return 0;
-
 		case INSN_STACK:
 			if (update_insn_state(insn, &state))
 				return -1;
-- 
2.7.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ