lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 29 Jan 2021 13:27:18 -0800
From:   Fangrui Song <maskray@...gle.com>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     Nathan Chancellor <nathan@...nel.org>,
        Arnd Bergmann <arnd@...db.de>,
        Kees Cook <keescook@...omium.org>,
        LKML <linux-kernel@...r.kernel.org>,
        clang-built-linux <clang-built-linux@...glegroups.com>,
        kernel test robot <lkp@...el.com>
Subject: Re: [PATCH] vmlinux.lds.h: Define SANTIZER_DISCARDS with
 CONFIG_GCOV_KERNEL=y

On 2021-01-29, Nick Desaulniers wrote:
>On Fri, Jan 29, 2021 at 12:11 PM Nathan Chancellor <nathan@...nel.org> wrote:
>>
>> clang produces .eh_frame sections when CONFIG_GCOV_KERNEL is enabled,
>> even when -fno-asynchronous-unwind-tables is in KBUILD_CFLAGS:
>>
>> $ make CC=clang vmlinux
>> ...
>> ld: warning: orphan section `.eh_frame' from `init/main.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/version.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/do_mounts.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/do_mounts_initrd.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/initramfs.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/calibrate.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/init_task.o' being placed in section `.eh_frame'
>> ...
>>
>> $ rg "GCOV_KERNEL|GCOV_PROFILE_ALL" .config
>> CONFIG_GCOV_KERNEL=y
>> CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y
>> CONFIG_GCOV_PROFILE_ALL=y
>>
>> This was already handled for a couple of other options in
>> commit d812db78288d ("vmlinux.lds.h: Avoid KASAN and KCSAN's unwanted
>> sections") and there is an open LLVM bug for this issue. Take advantage
>> of that section for this config as well so that there are no more orphan
>> warnings.
>>
>> Link: https://bugs.llvm.org/show_bug.cgi?id=46478
>> Link: https://github.com/ClangBuiltLinux/linux/issues/1069
>> Reported-by: kernel test robot <lkp@...el.com>
>> Signed-off-by: Nathan Chancellor <nathan@...nel.org>
>
>Reviewed-by: Nick Desaulniers <ndesaulniers@...gle.com>
>
>I suspect we're going to need to add module level attributes in LLVM
>IR for these options, then check those when synthesizing new function
>definitions within LLVM.  At least we'll be able to point to this file
>and say "hey, this is a general problem in LLVM, and here are 3
>specific cases now where it's a problem."  Not a large problem, but
>would help us save some bytes in the final object.  LLVM is not
>producing data in this section for all code, just these synthesized
>routines.

Maybe. There are also a long list of security features which may impose
additional requirements. Adding a module flag metadata for each such
feature will be a long battle. For .eh_frame, I think it is
important/generic enough and can benefit other applications that
deserves special handling (and I can look into it). For .init_array, I
am not too sure....

>> ---
>>  include/asm-generic/vmlinux.lds.h | 5 +++--
>>  1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
>> index b2b3d81b1535..f753fd449436 100644
>> --- a/include/asm-generic/vmlinux.lds.h
>> +++ b/include/asm-generic/vmlinux.lds.h
>> @@ -988,12 +988,13 @@
>>  #endif
>>
>>  /*
>> - * Clang's -fsanitize=kernel-address and -fsanitize=thread produce
>> + * Clang's -fsanitize=kernel-address, -fsanitize=thread,
>> + * and -fprofile-arcs -ftest-coverage produce unwanted
>>   * unwanted sections (.eh_frame and .init_array.*), but
>>   * CONFIG_CONSTRUCTORS wants to keep any .init_array.* sections.
>>   * https://bugs.llvm.org/show_bug.cgi?id=46478
>>   */
>> -#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KCSAN)
>> +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KCSAN) || defined(CONFIG_GCOV_KERNEL)
>>  # ifdef CONFIG_CONSTRUCTORS
>>  #  define SANITIZER_DISCARDS                                           \
>>         *(.eh_frame)
>>
>> base-commit: bec4c2968fce2f44ce62d05288a633cd99a722eb
>> --
>> 2.30.0
>>

Drop -ftest-coverage. -ftest-coverage just produces .gcno and does not
affect code generation.

Reviewed-by: Fangrui Song <maskray@...gle.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ