lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20201106164537.GD4085@localhost>
Date:   Fri, 6 Nov 2020 17:45:37 +0100
From:   Johan Hovold <johan@...nel.org>
To:     Jessica Yu <jeyu@...nel.org>
Cc:     Johan Hovold <johan@...nel.org>, linux-kernel@...r.kernel.org,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Rob Herring <robh+dt@...nel.org>,
        Frank Rowand <frowand.list@...il.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Nick Desaulniers <ndesaulniers@...ogle.com>,
        Arnd Bergmann <arnd@...db.de>,
        Geert Uytterhoeven <geert@...ux-m68k.org>,
        Dmitry Torokhov <dmitry.torokhov@...il.com>,
        David Miller <davem@...emloft.net>,
        Jakub Jelinek <jakub@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Steven Rostedt <rostedt@...dmis.org>,
        Daniel Kurtz <djkurtz@...omium.org>,
        linux-arch@...r.kernel.org, linux-m68k@...ts.linux-m68k.org
Subject: Re: [PATCH 0/8] linker-section array fix and clean ups

On Fri, Nov 06, 2020 at 05:03:45PM +0100, Jessica Yu wrote:
> +++ Johan Hovold [03/11/20 18:57 +0100]:
> >We rely on the linker to create arrays for a number of things including
> >kernel parameters and device-tree-match entries.
> >
> >The stride of these linker-section arrays obviously needs to match the
> >expectations of the code accessing them or bad things will happen.
> >
> >One thing to watch out for is that gcc is known to increase the
> >alignment of larger objects with static extent as an optimisation (on
> >x86), but this can be suppressed by using the aligned attribute when
> >declaring entries.
> >
> >We've been relying on this behaviour for 16 years for kernel parameters
> >(and other structures) and it indeed hasn't changed since the
> >introduction of the aligned attribute in gcc 3.1 (see align_variable()
> >in [1]).
> >
> >Occasionally this gcc optimisation do cause problems which have instead
> >been worked around in various creative ways including using indirection
> >through an array of pointers. This was originally done for tracepoints
> >[2] after a number of failed attempts to create properly aligned arrays,
> >and the approach was later reused for module-version attributes [3] and
> >earlycon entries.
> 
> >[2] https://lore.kernel.org/lkml/20110126222622.GA10794@Krystal/

> So unfortunately, I am not familiar enough with the semantics of gcc's
> aligned attribute. AFAICT from the patch you linked in [2], the
> original purpose of the pointer indirection workaround was to avoid
> relying on (potentially inconsistent) compiler-specific behavior with
> respect to the aligned attribute. The main concern was potential
> up-alignment being done by gcc (or the linker) despite the desired
> alignment being specified. Indeed, the gcc documentation also states
> that the aligned attribute only specifies the *minimum* alignment,
> although there's no guarantee that up-alignment wouldn't occur.
>
> So I guess my question is, is there some implicit guarantee that
> specifying alignment by type via __alignof__ that's supposed to
> prevent gcc from up-aligning? Or are we just assuming that gcc won't
> increase the alignment? The gcc docs don't seem to clarify this
> unfortunately.

It's simply specifying alignment when declaring the variable that
prevents this optimisation. The relevant code is in the function
align_variable() in [1] where DATA_ALIGNMENT() is never called in case
an alignment has been specified (!DECL_USER_ALIGN(decl)).

There's no mention in the documentation of this that I'm aware of, but
this is the way the aligned attribute has worked since its introduction
judging from the commit history.

As mentioned above, we've been relying on this for kernel parameters and
other structures since 2003-2004 so if it ever were to change we'd find
out soon enough.

It's about to be used for scheduler classes as well. [2]

Johan

[1] https://github.com/gcc-mirror/gcc/blob/master/gcc/varasm.c
[2] https://lore.kernel.org/r/160396870486.397.377616182428528939.tip-bot2@tip-bot2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ