lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKv+Gu_k75i+tWWjTTQoAEaXj61FqxvhqwD_3G8r9WtrB+BA=w@mail.gmail.com>
Date:   Thu, 15 Mar 2018 16:29:48 +0000
From:   Ard Biesheuvel <ard.biesheuvel@...aro.org>
To:     linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>,
        Andrew Morton <akpm@...ux-foundation.org>
Cc:     Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Arnd Bergmann <arnd@...db.de>,
        Kees Cook <keescook@...omium.org>,
        Will Deacon <will.deacon@....com>,
        Michael Ellerman <mpe@...erman.id.au>,
        Thomas Garnier <thgarnie@...gle.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        "Serge E. Hallyn" <serge@...lyn.com>,
        Bjorn Helgaas <bhelgaas@...gle.com>,
        Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Russell King <linux@...linux.org.uk>,
        Paul Mackerras <paulus@...ba.org>,
        Catalin Marinas <catalin.marinas@....com>,
        Petr Mladek <pmladek@...e.com>, Ingo Molnar <mingo@...hat.com>,
        Nicolas Pitre <nico@...aro.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Jessica Yu <jeyu@...nel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        linuxppc-dev <linuxppc-dev@...ts.ozlabs.org>,
        "the arch/x86 maintainers" <x86@...nel.org>
Subject: Re: [PATCH v8 0/6] add support for relative references in special sections

On 11 March 2018 at 12:38, Ard Biesheuvel <ard.biesheuvel@...aro.org> wrote:
> This adds support for emitting special sections such as initcall arrays,
> PCI fixups and tracepoints as relative references rather than absolute
> references. This reduces the size by 50% on 64-bit architectures, but
> more importantly, it removes the need for carrying relocation metadata
> for these sections in relocatable kernels (e.g., for KASLR) that needs
> to be fixed up at boot time. On arm64, this reduces the vmlinux footprint
> of such a reference by 8x (8 byte absolute reference + 24 byte RELA entry
> vs 4 byte relative reference)
>
> Patch #3 was sent out before as a single patch. This series supersedes
> the previous submission. This version makes relative ksymtab entries
> dependent on the new Kconfig symbol HAVE_ARCH_PREL32_RELOCATIONS rather
> than trying to infer from kbuild test robot replies for which architectures
> it should be blacklisted.
>
> Patch #1 introduces the new Kconfig symbol HAVE_ARCH_PREL32_RELOCATIONS,
> and sets it for the main architectures that are expected to benefit the
> most from this feature, i.e., 64-bit architectures or ones that use
> runtime relocations.
>
> Patch #2 add support for #define'ing __DISABLE_EXPORTS to get rid of
> ksymtab/kcrctab sections in decompressor and EFI stub objects when
> rebuilding existing C files to run in a different context.
>
> Patches #4 - #6 implement relative references for initcalls, PCI fixups
> and tracepoints, respectively, all of which produce sections with order
> ~1000 entries on an arm64 defconfig kernel with tracing enabled. This
> means we save about 28 KB of vmlinux space for each of these patches.
>
> [From the v7 series blurb, which included the jump_label patches as well]:
>   For the arm64 kernel, all patches combined reduce the memory footprint of
>   vmlinux by about 1.3 MB (using a config copied from Ubuntu that has KASLR
>   enabled), of which ~1 MB is the size reduction of the RELA section in .init,
>   and the remaining 300 KB is reduction of .text/.data.
>
> Branch:
> git://git.kernel.org/pub/scm/linux/kernel/git/ardb/linux.git relative-special-sections-v8
>

All,

I think this has converged to a mergeable state now (taking the
mini-tweak for patch #3 into account I provided in a reply)

Are there any objections to this being merged?

Andrew,

If nobody objects, is this something you would care to pick up for the
next cycle? Do I need to respin to incorporate the mini-tweak and
apply Nico's ack to patch #2?

Thanks,
Ard.


> Changes since v7:
> - dropped the jump_label patches, these will be revisited in a separate series
> - reorder __DISABLE_EXPORTS with __KSYM_DEPS__ check in #2
> - use offset_to_ptr() helper function to abstract the relative pointer
>   conversion [int *off -> (ulong)off + *off] (#3 - #6)
> - rebase onto v4.16-rc3
>
> Changes since v6:
> - drop S390 from patch #1 introducing HAVE_ARCH_PREL32_RELOCATIONS: kbuild
>   robot threw me some s390 curveballs, and given that s390 does not define
>   CONFIG_RELOCATABLE in the first place, it does not benefit as much from
>   relative references as arm64, x86 and power do
> - add patch to allow symbol exports to be disabled at compilation unit
>   granularity (#2)
> - get rid of arm64 vmlinux.lds.S hunk to ensure code generated by __ADDRESSABLE
>   gets discarded from the EFI stub - it is no longer needed after adding #2 (#1)
> - change _ADDRESSABLE() to emit a data reference, not a code reference - this
>   is another simplification made possible by patch #2 (#3)
> - add Steven's ack to #6
> - split x86 jump_label patch into two (#9, #10)
>
> Changes since v5:
> - add missing jump_label prototypes to s390 jump_label.h (#6)
> - fix inverted condition in call to jump_entry_is_module_init() (#6)
>
> Changes since v4:
> - add patches to convert x86 and arm64 to use relative references for jump
>   tables (#6 - #8)
> - rename PCI patch and add Bjorn's ack (#4)
> - rebase onto v4.15-rc5
>
> Changes since v3:
> - fix module unload issue in patch #5 reported by Jessica, by reusing the
>   updated routine for_each_tracepoint_range() for the quiescent check at
>   module unload time; this requires this routine to be moved before
>   tracepoint_module_going() in kernel/tracepoint.c
> - add Jessica's ack to #2
> - rebase onto v4.14-rc1
>
> Changes since v2:
> - Revert my slightly misguided attempt to appease checkpatch, which resulted
>   in needless churn and worse code. This v3 is based on v1 with a few tweaks
>   that were actually reasonable checkpatch warnings: unnecessary braces (as
>   pointed out by Ingo) and other minor whitespace misdemeanors.
>
> Changes since v1:
> - Remove checkpatch errors to the extent feasible: in some cases, this
>   involves moving extern declarations into C files, and switching to
>   struct definitions rather than typedefs. Some errors are impossible
>   to fix: please find the remaining ones after the diffstat.
> - Used 'int' instead if 'signed int' for the various offset fields: there
>   is no ambiguity between architectures regarding its signedness (unlike
>   'char')
> - Refactor the different patches to be more uniform in the way they define
>   the section entry type and accessors in the .h file, and avoid the need to
>   add #ifdefs to the C code.
>
> Cc: Arnd Bergmann <arnd@...db.de>
> Cc: Kees Cook <keescook@...omium.org>
> Cc: Will Deacon <will.deacon@....com>
> Cc: Michael Ellerman <mpe@...erman.id.au>
> Cc: Thomas Garnier <thgarnie@...gle.com>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: "Serge E. Hallyn" <serge@...lyn.com>
> Cc: Bjorn Helgaas <bhelgaas@...gle.com>
> Cc: Benjamin Herrenschmidt <benh@...nel.crashing.org>
> Cc: Russell King <linux@...linux.org.uk>
> Cc: Paul Mackerras <paulus@...ba.org>
> Cc: Catalin Marinas <catalin.marinas@....com>
> Cc: Petr Mladek <pmladek@...e.com>
> Cc: Ingo Molnar <mingo@...hat.com>
> Cc: James Morris <james.l.morris@...cle.com>
> Cc: Andrew Morton <akpm@...ux-foundation.org>
> Cc: Nicolas Pitre <nico@...aro.org>
> Cc: Josh Poimboeuf <jpoimboe@...hat.com>
> Cc: Steven Rostedt <rostedt@...dmis.org>
> Cc: Sergey Senozhatsky <sergey.senozhatsky@...il.com>
> Cc: Linus Torvalds <torvalds@...ux-foundation.org>
> Cc: Jessica Yu <jeyu@...nel.org>
>
> Cc: linux-arm-kernel@...ts.infradead.org
> Cc: linux-kernel@...r.kernel.org
> Cc: linuxppc-dev@...ts.ozlabs.org
> Cc: x86@...nel.org
>
> Ard Biesheuvel (6):
>   arch: enable relative relocations for arm64, power and x86
>   module: allow symbol exports to be disabled
>   module: use relative references for __ksymtab entries
>   init: allow initcall tables to be emitted using relative references
>   PCI: Add support for relative addressing in quirk tables
>   kernel: tracepoints: add support for relative references
>
>  arch/Kconfig                          | 10 ++++
>  arch/arm64/Kconfig                    |  1 +
>  arch/powerpc/Kconfig                  |  1 +
>  arch/x86/Kconfig                      |  1 +
>  arch/x86/boot/compressed/kaslr.c      |  5 +-
>  arch/x86/include/asm/Kbuild           |  1 +
>  arch/x86/include/asm/export.h         |  5 --
>  drivers/firmware/efi/libstub/Makefile |  3 +-
>  drivers/pci/quirks.c                  | 12 +++--
>  include/asm-generic/export.h          | 12 ++++-
>  include/linux/compiler.h              | 19 +++++++
>  include/linux/export.h                | 57 +++++++++++++++-----
>  include/linux/init.h                  | 44 +++++++++++----
>  include/linux/pci.h                   | 20 +++++++
>  include/linux/tracepoint.h            | 19 +++++--
>  init/main.c                           | 32 +++++------
>  kernel/module.c                       | 32 ++++++++---
>  kernel/printk/printk.c                |  4 +-
>  kernel/tracepoint.c                   | 49 +++++++++--------
>  security/security.c                   |  4 +-
>  20 files changed, 240 insertions(+), 91 deletions(-)
>  delete mode 100644 arch/x86/include/asm/export.h
>
> --
> 2.15.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ