| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Apr 2020 13:47:22 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: tglx@...utronix.de, jpoimboe@...hat.com
Cc: linux-kernel@...r.kernel.org, x86@...nel.org, peterz@...radead.org,
mhiramat@...nel.org, mbenes@...e.cz, jthierry@...hat.com,
alexandre.chartre@...cle.com
Subject: [PATCH v5 16/17] objtool: Add STT_NOTYPE noinstr validation
Make sure to also check STT_NOTYPE symbols for noinstr violations.
Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
---
tools/objtool/check.c | 46 ++++++++++++++++++++++++++++++----------------
1 file changed, 30 insertions(+), 16 deletions(-)
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -229,10 +229,18 @@ static void init_cfi_state(struct cfi_st
cfi->drap_offset = -1;
}
-static void clear_insn_state(struct insn_state *state)
+static void init_insn_state(struct insn_state *state, struct section *sec)
{
memset(state, 0, sizeof(*state));
init_cfi_state(&state->cfi);
+
+ /*
+ * We need the full vmlinux for noinstr validation, otherwise we can
+ * not correctly determine insn->call_dest->sec (external symbols do
+ * not have a section).
+ */
+ if (vmlinux && sec)
+ state->noinstr = sec->noinstr;
}
/*
@@ -2328,24 +2336,34 @@ static int validate_branch(struct objtoo
return 0;
}
-static int validate_unwind_hints(struct objtool_file *file)
+static int validate_unwind_hints(struct objtool_file *file, struct section *sec)
{
struct instruction *insn;
- int ret, warnings = 0;
struct insn_state state;
+ int ret, warnings = 0;
if (!file->hints)
return 0;
- clear_insn_state(&state);
+ init_insn_state(&state, sec);
- for_each_insn(file, insn) {
+ if (sec) {
+ insn = find_insn(file, sec, 0);
+ if (!insn)
+ return 0;
+ } else {
+ insn = list_first_entry(&file->insn_list, typeof(*insn), list);
+ }
+
+ while (&insn->list != &file->insn_list && (!sec || insn->sec == sec)) {
if (insn->hint && !insn->visited) {
ret = validate_branch(file, insn->func, insn, state);
if (ret && backtrace)
BT_FUNC("<=== (hint)", insn);
warnings += ret;
}
+
+ insn = list_next_entry(insn, list);
}
return warnings;
@@ -2479,21 +2497,13 @@ static int validate_section(struct objto
struct symbol *func;
int warnings = 0;
- clear_insn_state(&state);
+ init_insn_state(&state, sec);
state.cfi.cfa = initial_func_cfi.cfa;
memcpy(&state.cfi.regs, &initial_func_cfi.regs,
CFI_NUM_REGS * sizeof(struct cfi_reg));
state.cfi.stack_size = initial_func_cfi.cfa.offset;
- /*
- * We need the full vmlinux for noinstr validation, otherwise we can
- * not correctly determine insn->call_dest->sec (external symbols do
- * not have a section).
- */
- if (vmlinux)
- state.noinstr = sec->noinstr;
-
list_for_each_entry(func, &sec->symbol_list, list) {
if (func->type != STT_FUNC)
continue;
@@ -2507,12 +2517,16 @@ static int validate_section(struct objto
static int validate_vmlinux_functions(struct objtool_file *file)
{
struct section *sec;
+ int warnings = 0;
sec = find_section_by_name(file->elf, ".noinstr.text");
if (!sec)
return 0;
- return validate_section(file, sec);
+ warnings += validate_section(file, sec);
+ warnings += validate_unwind_hints(file, sec);
+
+ return warnings;
}
static int validate_functions(struct objtool_file *file)
@@ -2597,7 +2611,7 @@ int check(const char *_objname, bool orc
goto out;
warnings += ret;
- ret = validate_unwind_hints(&file);
+ ret = validate_unwind_hints(&file, NULL);
if (ret < 0)
goto out;
warnings += ret;
Powered by blists - more mailing lists