| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <674267ed-6c9b-1307-3acf-019886605f91@redhat.com>
Date: Fri, 25 Jan 2019 11:47:22 +0100
From: Laura Abbott <labbott@...hat.com>
To: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
Jessica Yu <jeyu@...nel.org>
Cc: Martin Sebor <msebor@....gnu.org>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] include/linux/module.h: mark init/cleanup_module aliases
as __cold
On 1/23/19 9:37 AM, Miguel Ojeda wrote:
> The upcoming GCC 9 release adds the -Wmissing-attributes warnings
> (enabled by -Wall), which trigger for all the init/cleanup_module
> aliases in the kernel (defined by the module_init/exit macros),
> ending up being very noisy.
>
> These aliases point to the __init/__exit functions of a module,
> which are defined as __cold (among other attributes). However,
> the aliases themselves do not have the __cold attribute.
>
> Since the compiler behaves differently when compiling a __cold
> function as well as when compiling paths leading to calls
> to __cold functions, the warning is trying to point out
> the possibly-forgotten attribute in the alias.
>
> In order to keep the warning enabled, we choose to silence
> the warning by marking the aliases as __cold. This is possible
> marking either the extern declaration, the definition, or both.
> In order to avoid changing the behavior of callers, we do it
> only in the definition of the aliases (since those are not
> seen by any other TU).
>
> Suggested-by: Martin Sebor <msebor@....gnu.org>
> Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
> ---
> Note that an alternative is using the new copy attribute
> introduced by GCC 9 (Martin told me about it, as well as the
> new warning).
>
> What I am concerned about using __copy is that I am not sure
> we should be copying all the attributes (even if some are
> blacklisted by the copy itself), since:
> - We have unknown-to-GCC attributes (e.g. from plugins).
> - We wouldn't enjoy the fix for older compilers
> (e.g. if the fix had an actual impact).
>
> So here I took the conservative approach for the moment,
> and we can discuss/apply whether another solution is best.
>
> Jessica: please review what I explain in the commit message.
> Do we actually want the __cold attribute in the declaration
> as well? If yes, AFAIK, GCC would assume paths that end up
> calling the __init/__exit functions are not meant to be taken
> (but when we are asked to load modules, that is the expected
> path, no?).
>
> I will put this in the compiler-attributes tree and get
> some time in linux-next, unless you want to pick it up!
>
> include/linux/module.h | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/include/linux/module.h b/include/linux/module.h
> index 8fa38d3e7538..c4e805e87628 100644
> --- a/include/linux/module.h
> +++ b/include/linux/module.h
> @@ -129,13 +129,13 @@ extern void cleanup_module(void);
> #define module_init(initfn) \
> static inline initcall_t __maybe_unused __inittest(void) \
> { return initfn; } \
> - int init_module(void) __attribute__((alias(#initfn)));
> + int init_module(void) __cold __attribute__((alias(#initfn)));
>
> /* This is only required if you want to be unloadable. */
> #define module_exit(exitfn) \
> static inline exitcall_t __maybe_unused __exittest(void) \
> { return exitfn; } \
> - void cleanup_module(void) __attribute__((alias(#exitfn)));
> + void cleanup_module(void) __cold __attribute__((alias(#exitfn)));
>
> #endif
>
>
Tested-by: Laura Abbott <labbott@...hat.com>
Powered by blists - more mailing lists