lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANpmjNNqzCTks5dFkbbqzPP4UX7GDTdjbvJ7SbN2jcSNWjxQzA@mail.gmail.com>
Date:   Tue, 1 Jun 2021 19:46:47 +0200
From:   Marco Elver <elver@...gle.com>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Nathan Chancellor <nathan@...nel.org>,
        Miguel Ojeda <ojeda@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Kees Cook <keescook@...omium.org>,
        Arvind Sankar <nivedita@...m.mit.edu>,
        Will Deacon <will@...nel.org>,
        Luc Van Oostenryck <luc.vanoostenryck@...il.com>,
        Masahiro Yamada <masahiroy@...nel.org>,
        Borislav Petkov <bp@...e.de>,
        Sami Tolvanen <samitolvanen@...gle.com>,
        Arnd Bergmann <arnd@...db.de>,
        clang-built-linux <clang-built-linux@...glegroups.com>,
        Dmitry Vyukov <dvyukov@...gle.com>,
        Mark Rutland <mark.rutland@....com>,
        kasan-dev <kasan-dev@...glegroups.com>
Subject: Re: [PATCH v2] kcov: add __no_sanitize_coverage to fix noinstr for
 all architectures

On Tue, 1 Jun 2021 at 19:42, Nick Desaulniers <ndesaulniers@...gle.com> wrote:
> On Thu, May 27, 2021 at 9:27 AM Marco Elver <elver@...gle.com> wrote:
> >
> > Until now no compiler supported an attribute to disable coverage
> > instrumentation as used by KCOV.
> >
> > To work around this limitation on x86, noinstr functions have their
> > coverage instrumentation turned into nops by objtool. However, this
> > solution doesn't scale automatically to other architectures, such as
> > arm64, which are migrating to use the generic entry code.
> >
> > Clang [1] and GCC [2] have added support for the attribute recently.
> > [1] https://github.com/llvm/llvm-project/commit/280333021e9550d80f5c1152a34e33e81df1e178
> > [2] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=cec4d4a6782c9bd8d071839c50a239c49caca689
> > The changes will appear in Clang 13 and GCC 12.
> >
> > Add __no_sanitize_coverage for both compilers, and add it to noinstr.
> >
> > Note: In the Clang case, __has_feature(coverage_sanitizer) is only true
> > if the feature is enabled, and therefore we do not require an additional
> > defined(CONFIG_KCOV) (like in the GCC case where __has_attribute(..) is
> > always true) to avoid adding redundant attributes to functions if KCOV
> > is off. That being said, compilers that support the attribute will not
> > generate errors/warnings if the attribute is redundantly used; however,
> > where possible let's avoid it as it reduces preprocessed code size and
> > associated compile-time overheads.
> >
> > Signed-off-by: Marco Elver <elver@...gle.com>
> > Acked-by: Peter Zijlstra (Intel) <peterz@...radead.org>
> > ---
> > v2:
> > * Implement __has_feature(coverage_sanitizer) in Clang
> >   (https://reviews.llvm.org/D103159) and use instead of version check.
> > * Add Peter's Ack.
> > ---
> >  include/linux/compiler-clang.h | 11 +++++++++++
> >  include/linux/compiler-gcc.h   |  6 ++++++
> >  include/linux/compiler_types.h |  2 +-
> >  3 files changed, 18 insertions(+), 1 deletion(-)
> >
> > diff --git a/include/linux/compiler-clang.h b/include/linux/compiler-clang.h
> > index adbe76b203e2..e15eebfa8e5d 100644
> > --- a/include/linux/compiler-clang.h
> > +++ b/include/linux/compiler-clang.h
> > @@ -45,6 +45,17 @@
> >  #define __no_sanitize_undefined
> >  #endif
> >
> > +/*
> > + * Support for __has_feature(coverage_sanitizer) was added in Clang 13 together
> > + * with no_sanitize("coverage"). Prior versions of Clang support coverage
> > + * instrumentation, but cannot be queried for support by the preprocessor.
>
> I'm not against a version check for supporting older releases (in
> addition to the cleaner feature check, since the feature check was
> non-existent); we can clean it up someday when clang-13 is the
> minimally supported version.  Would having an additional version check
> help support existing/older releases here?

The feature check will just return 0 on older releases, since the
feature does not exist there. Therefore, no additional code is
required to support older releases and a version check would be
redundant.

> > + */
> > +#if __has_feature(coverage_sanitizer)
> > +#define __no_sanitize_coverage __attribute__((no_sanitize("coverage")))
> > +#else
> > +#define __no_sanitize_coverage
> > +#endif
> > +

Thanks,
-- Marco

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ