lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 15 Jan 2021 19:54:29 +0100
From:   Sedat Dilek <sedat.dilek@...il.com>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org,
        Peter Zijlstra <peterz@...radead.org>,
        Sami Tolvanen <samitolvanen@...gle.com>,
        Kees Cook <keescook@...omium.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Clang-Built-Linux ML <clang-built-linux@...glegroups.com>,
        Miroslav Benes <mbenes@...e.cz>
Subject: Re: [PATCH 00/21] objtool: vmlinux.o and CLANG LTO support

On Fri, Jan 15, 2021 at 4:30 PM Sedat Dilek <sedat.dilek@...il.com> wrote:
>
> On Fri, Jan 15, 2021 at 5:51 AM Sedat Dilek <sedat.dilek@...il.com> wrote:
> >
> > On Thu, Jan 14, 2021 at 8:40 PM Josh Poimboeuf <jpoimboe@...hat.com> wrote:
> > >
> > > Add support for proper vmlinux.o validation, which will be needed for
> > > Sami's upcoming x86 LTO set.  (And vmlinux validation is the future for
> > > objtool anyway, for other reasons.)
> > >
> > > This isn't 100% done -- most notably, crypto still needs to be supported
> > > -- but I think this gets us most of the way there.
> > >
> > > This can also be found at
> > >
> > >   git://git.kernel.org/pub/scm/linux/kernel/git/jpoimboe/linux.git objtool-vmlinux
> > >
> > > And for more testing it can be combined with Sami's x86 LTO patches:
> > >
> > >   https://github.com/samitolvanen/linux clang-lto
> > >
> > >
> > >
> > > Josh Poimboeuf (21):
> > >   objtool: Fix seg fault in BT_FUNC() with fake jump
> > >   objtool: Fix error handling for STD/CLD warnings
> > >   objtool: Fix retpoline detection in asm code
> > >   objtool: Fix ".cold" section suffix check for newer versions of GCC
> > >   objtool: Support retpoline jump detection for vmlinux.o
> > >   x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub
> > >   objtool: Assume only ELF functions do sibling calls
> > >   objtool: Add asm version of STACK_FRAME_NON_STANDARD
> > >   objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC
> > >   objtool: Add xen_start_kernel() to noreturn list
> > >   objtool: Move unsuffixed symbol conversion to a helper function
> > >   objtool: Add CONFIG_CFI_CLANG support
> > >   x86/xen: Support objtool validation in xen-asm.S
> > >   x86/xen: Support objtool vmlinux.o validation in xen-head.S
> > >   x86/xen/pvh: Convert indirect jump to retpoline
> > >   x86/ftrace: Support objtool vmlinux.o validation in ftrace_64.S
> > >   x86/acpi: Convert indirect jump to retpoline
> > >   x86/acpi: Support objtool validation in wakeup_64.S
> > >   x86/power: Convert indirect jumps to retpolines
> > >   x86/power: Move restore_registers() to top of the file
> > >   x86/power: Support objtool validation in hibernate_asm_64.S
> > >
> > >  arch/x86/include/asm/unwind_hints.h |  13 +---
> > >  arch/x86/kernel/acpi/Makefile       |   1 -
> > >  arch/x86/kernel/acpi/wakeup_64.S    |   5 +-
> > >  arch/x86/kernel/ftrace_64.S         |   8 +--
> > >  arch/x86/lib/retpoline.S            |   2 +-
> > >  arch/x86/platform/pvh/head.S        |   3 +-
> > >  arch/x86/power/Makefile             |   1 -
> > >  arch/x86/power/hibernate_asm_64.S   | 105 ++++++++++++++--------------
> > >  arch/x86/xen/Makefile               |   1 -
> > >  arch/x86/xen/xen-asm.S              |  29 +++++---
> > >  arch/x86/xen/xen-head.S             |   5 +-
> > >  include/linux/objtool.h             |  13 +++-
> > >  tools/include/linux/objtool.h       |  13 +++-
> > >  tools/objtool/arch/x86/decode.c     |   4 +-
> > >  tools/objtool/arch/x86/special.c    |   2 +-
> > >  tools/objtool/check.c               |  91 +++++++++++++-----------
> > >  tools/objtool/check.h               |  12 +++-
> > >  tools/objtool/elf.c                 |  87 +++++++++++++++++------
> > >  tools/objtool/elf.h                 |   2 +-
> > >  19 files changed, 241 insertions(+), 156 deletions(-)
> > >
> > > --
> > > 2.29.2
> > >
> >
> > I tried this series on top of clang-cfi and it segfaults here.
> >
> > + info OBJTOOL vmlinux.o
> > + [  != silent_ ]
> > + printf   %-7s %s\n OBJTOOL vmlinux.o
> >  OBJTOOL vmlinux.o
> > + tools/objtool/objtool orc generate --duplicate --mcount --vmlinux
> > --no-fp --no-unreachable --retpoline --uaccess vmlinux.o
> > Segmentation fault
> > + on_exit
> > + [ 139 -ne 0 ]
> > + cleanup
> > + rm -f .btf.*
> > + rm -f .tmp_System.map
> > + rm -f .tmp_initcalls.lds
> > + rm -f .tmp_symversions.lds
> > + rm -f .tmp_vmlinux*
> > + rm -f System.map
> > + rm -f vmlinux
> > + rm -f vmlinux.o
> > make[3]: *** [Makefile:1213: vmlinux] Error 139
> >
>
> I re-tried with the latest clang-lto Git and switched to Debian's LLVM-11.0.1.
> This build was successful.
> No objtool-vmlinux warnings observed.
>
> In the next step I try with my selfmade LLVM-11.1.0-rc1 (to see if it's broken).
>

Good, my selfmade LLVM-11.1.0-rc1 is not broken with clang-lto.

+ info OBJTOOL vmlinux.o
+ [  != silent_ ]
+ printf   %-7s %s\n OBJTOOL vmlinux.o
 OBJTOOL vmlinux.o
+ tools/objtool/objtool orc generate --duplicate --mcount --vmlinux
--no-fp --no-unreachable --retpoline --uaccess vmlinux.o
+ make -f ./scripts/Makefile.modpost MODPOST_VMLINUX=1
 scripts/mod/modpost -m    -o vmlinux.symvers vmlinux.o
+ info MODINFO modules.builtin.modinfo

Josh and Sami, any idea what's going on with clang-cfi an this patchset?

Thanks.

Regards,
- Sedat -

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ