| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Jul 2021 17:32:33 -0700
From: Nathan Chancellor <nathan@...nel.org>
To: Fangrui Song <maskray@...gle.com>
Cc: Nick Desaulniers <ndesaulniers@...gle.com>,
Kees Cook <keescook@...omium.org>,
Arnd Bergmann <arnd@...db.de>, Marco Elver <elver@...gle.com>,
linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org,
kasan-dev@...glegroups.com, clang-built-linux@...glegroups.com,
stable@...r.kernel.org
Subject: Re: [PATCH] vmlinux.lds.h: Handle clang's module.{c,d}tor sections
On 7/30/2021 3:59 PM, Fangrui Song wrote:
> On 2021-07-30, Nick Desaulniers wrote:
>> On Fri, Jul 30, 2021 at 3:38 PM Nathan Chancellor <nathan@...nel.org>
>> wrote:
>>>
>>> A recent change in LLVM causes module_{c,d}tor sections to appear when
>>> CONFIG_K{A,C}SAN are enabled, which results in orphan section warnings
>>> because these are not handled anywhere:
>>>
>>> ld.lld: warning:
>>> arch/x86/pci/built-in.a(legacy.o):(.text.asan.module_ctor) is being
>>> placed in '.text.asan.module_ctor'
>>> ld.lld: warning:
>>> arch/x86/pci/built-in.a(legacy.o):(.text.asan.module_dtor) is being
>>> placed in '.text.asan.module_dtor'
>>> ld.lld: warning:
>>> arch/x86/pci/built-in.a(legacy.o):(.text.tsan.module_ctor) is being
>>> placed in '.text.tsan.module_ctor'
>>
>> ^ .text.tsan.*
>
> I was wondering why the orphan section warning only arose recently.
> Now I see: the function asan.module_ctor has the SHF_GNU_RETAIN flag, so
> it is in a separate section even with -fno-function-sections (default).
Thanks for the explanation, I will add this to the commit message.
> It seems that with -ffunction-sections the issue should have been caught
> much earlier.
>
>>>
>>> Place them in the TEXT_TEXT section so that these technologies continue
>>> to work with the newer compiler versions. All of the KASAN and KCSAN
>>> KUnit tests continue to pass after this change.
>>>
>>> Cc: stable@...r.kernel.org
>>> Link: https://github.com/ClangBuiltLinux/linux/issues/1432
>>> Link:
>>> https://github.com/llvm/llvm-project/commit/7b789562244ee941b7bf2cefeb3fc08a59a01865
>>>
>>> Signed-off-by: Nathan Chancellor <nathan@...nel.org>
>>> ---
>>> include/asm-generic/vmlinux.lds.h | 1 +
>>> 1 file changed, 1 insertion(+)
>>>
>>> diff --git a/include/asm-generic/vmlinux.lds.h
>>> b/include/asm-generic/vmlinux.lds.h
>>> index 17325416e2de..3b79b1e76556 100644
>>> --- a/include/asm-generic/vmlinux.lds.h
>>> +++ b/include/asm-generic/vmlinux.lds.h
>>> @@ -586,6 +586,7 @@
>>>
>>> NOINSTR_TEXT \
>>>
>>> *(.text..refcount) \
>>>
>>> *(.ref.text) \
>>> + *(.text.asan
>>> .text.asan.*) \
>>
>> Will this match .text.tsan.module_ctor?
No, I forgot to test CONFIG_KCSAN with this version, rather than the
prior one I had on GitHub so I will send v2 shortly.
> asan.module_ctor is the only function AddressSanitizer synthesizes in
> the instrumented translation unit.
> There is no function called "asan".
>
> (Even if a function "asan" exists due to -ffunction-sections
> -funique-section-names, TEXT_MAIN will match .text.asan, so the
> .text.asan pattern will match nothing.)
Sounds good, I will update it to remove the .text.asan and replace it
with .text.tsan.*
>> Do we want to add these conditionally on
>> CONFIG_KASAN_GENERIC/CONFIG_KCSAN like we do for SANITIZER_DISCARDS?
I do not think there is a point in doing so but I can if others feel
strongly.
Thank you both for the comments for the comments!
Cheers,
Nathan
Powered by blists - more mailing lists