lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 30 Aug 2017 15:14:13 -0500
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     "H. Peter Anvin" <hpa@...or.com>
Cc:     arnd@...db.de, linux-kernel@...r.kernel.org, mingo@...nel.org,
        fengguang.wu@...el.com, torvalds@...ux-foundation.org,
        tglx@...utronix.de, peterz@...radead.org,
        linux-tip-commits@...r.kernel.org
Subject: Re: [tip:x86/asm] objtool: Handle GCC stack pointer adjustment bug

On Wed, Aug 30, 2017 at 12:23:24PM -0700, H. Peter Anvin wrote:
> On 08/30/17 02:43, tip-bot for Josh Poimboeuf wrote:
> > 
> > Those warnings are caused by an unusual GCC non-optimization where it
> > uses an intermediate register to adjust the stack pointer.  It does:
> > 
> >   lea    0x8(%rsp), %rcx
> >   ...
> >   mov    %rcx, %rsp
> > 
> > Instead of the obvious:
> > 
> >   add    $0x8, %rsp
> > 
> > It makes no sense to use an intermediate register, so I opened a GCC bug
> > to track it:
> > 
> >   https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81813
> > 
> > But it's not exactly a high-priority bug and it looks like we'll be
> > stuck with this issue for a while.  So for now we have to track register
> > values when they're loaded with stack pointer offsets.
> > 
> 
> This seems like a good reason to try to extract this information from
> the DWARF data *if available*?

Well, I haven't ruled that out for the future, but in this case,
integrating DWARF would be a lot more work than this relatively simple
patch.

If we did go that route, it could be tricky deciding when to trust
DWARF vs. when to trust objtool's reverse engineering.

Another (vague) idea I'm thinking about is to write a GCC plugin which
annotates the object files in a way that would help objtool become more
GCC-ignorant.  If it worked, this approach would be more powerful and
less error-prone than relying on DWARF.

Depending on how much work we can offload to the plugin, it might also
help make it easier to port objtool to other arches and compilers (e.g.,
clang).

I'm not 100% sold on that idea either, because it still requires objtool
to trust the compiler to some extent.  But I think it would be worth it
because it would make the objtool code simpler, more portable, more
robust, and easier to maintain (so I don't always have to stay on top of
all of GCC's latest optimizations).

In the meantime, objtool's current design is working fine (for now).  I
haven't found any issues it can't handle (yet).

-- 
Josh

Powered by blists - more mailing lists