| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Jul 2019 15:59:44 -0700
From: Vaibhav Rustagi <vaibhavrustagi@...gle.com>
To: Nick Desaulniers <ndesaulniers@...gle.com>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Peter Zijlstra <peterz@...radead.org>,
clang-built-linux <clang-built-linux@...glegroups.com>,
"H. Peter Anvin" <hpa@...or.com>,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 2/2] x86/purgatory: use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS
On Mon, Jul 22, 2019 at 3:10 PM Nick Desaulniers
<ndesaulniers@...gle.com> wrote:
>
> On Mon, Jul 22, 2019 at 2:33 PM Nick Desaulniers
> <ndesaulniers@...gle.com> wrote:
> >
> > KBUILD_CFLAGS is very carefully built up in the top level Makefile,
> > particularly when cross compiling or using different build tools.
> > Resetting KBUILD_CFLAGS via := assignment is an antipattern.
> >
> > The comment above the reset mentions that -pg is problematic. Other
> > Makefiles like arch/x86/xen/vdso/Makefile use
> > `CFLAGS_REMOVE_file.o = -pg` when CONFIG_FUNCTION_TRACER is set. Prefer
> > that pattern to wiping out all of the important KBUILD_CFLAGS then
> > manually having to re-add them.
> >
> > Fixes: 8fc5b4d4121c ("purgatory: core purgatory functionality")
> > Reported-by: Vaibhav Rustagi <vaibhavrustagi@...gle.com>
> > Suggested-by: Peter Zijlstra <peterz@...radead.org>
> > Signed-off-by: Nick Desaulniers <ndesaulniers@...gle.com>
> > ---
> > Rather than manually add -mno-sse, -mno-mmx, -mno-sse2, prefer to filter
> > -pg flags.
> >
> > arch/x86/purgatory/Makefile | 12 +++++++-----
> > 1 file changed, 7 insertions(+), 5 deletions(-)
> >
> > diff --git a/arch/x86/purgatory/Makefile b/arch/x86/purgatory/Makefile
> > index 91ef244026d2..56bcabca283f 100644
> > --- a/arch/x86/purgatory/Makefile
> > +++ b/arch/x86/purgatory/Makefile
> > @@ -20,11 +20,13 @@ KCOV_INSTRUMENT := n
> >
> > # Default KBUILD_CFLAGS can have -pg option set when FTRACE is enabled. That
> > # in turn leaves some undefined symbols like __fentry__ in purgatory and not
> > -# sure how to relocate those. Like kexec-tools, use custom flags.
> > -
> > -KBUILD_CFLAGS := -fno-strict-aliasing -Wall -Wstrict-prototypes -fno-zero-initialized-in-bss -fno-builtin -ffreestanding -c -Os -mcmodel=large
> > -KBUILD_CFLAGS += -m$(BITS)
>
> Is purgatory/kexec supported for CONFIG_X86_32? Should I be keeping
> `-m$(BITS)`? arch/x86/purgatory/Makefile mentions
> `setup-x86_$(BITS).o` which I assume is broken as there is no
> arch/x86/purgatory/setup-x86_32.S?
>
> > -KBUILD_CFLAGS += $(call cc-option,-fno-PIE)
> > +# sure how to relocate those.
> > +ifdef CONFIG_FUNCTION_TRACER
> > +CFLAGS_REMOVE_sha256.o = -pg
> > +CFLAGS_REMOVE_purgatory.o = -pg
> > +CFLAGS_REMOVE_string.o = -pg
> > +CFLAGS_REMOVE_kexec-purgatory.o = -pg
> > +endif
> >
The changes suggested will cause undefined symbols while loading the new kernel.
On doing 'nm purgatory.ro', I found below undefined symbols:
U bmcp
U __stack_chk_fail
> > $(obj)/purgatory.ro: $(PURGATORY_OBJS) FORCE
> > $(call if_changed,ld)
> > --
> > 2.22.0.657.g960e92d24f-goog
> >
>
>
> --
> Thanks,
> ~Nick Desaulniers
Powered by blists - more mailing lists