lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20211105165418.ucsrpk53dv5kgu6k@treble>
Date:   Fri, 5 Nov 2021 09:54:18 -0700
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Vasily Gorbik <gor@...ux.ibm.com>
Cc:     Peter Zijlstra <peterz@...radead.org>,
        Ingo Molnar <mingo@...nel.org>, Borislav Petkov <bp@...e.de>,
        Miroslav Benes <mbenes@...e.cz>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] compiler.h: Avoid using inline asm operand modifiers

On Wed, May 19, 2021 at 03:03:08PM +0200, Vasily Gorbik wrote:
> The expansion of annotate_reachable/annotate_unreachable on s390 will
> result in a compiler error if the __COUNTER__ value is high enough.
> For example with "i" (154) the "%c0" operand of annotate_reachable
> will be expanded to -102:
> 
>         -102:
>         .pushsection .discard.reachable
>         .long -102b - .
>         .popsection
> 
> This is a quirk of the gcc backend for s390, it interprets the %c0
> as a signed byte value. Avoid using operand modifiers in this case
> by simply converting __COUNTER__ to string, with the same result,
> but in an arch assembler independent way.
> 
> Signed-off-by: Vasily Gorbik <gor@...ux.ibm.com>

Hi Vasily,

This patch causes these macros to break with Clang and
CONFIG_TRACE_BRANCH_PROFILING.

I get a lot of warnings like

  arch/x86/kernel/traps.o: warning: objtool: handle_xfd_event()+0x134: unreachable instruction

Without an asm input, 'volatile' is ignored for some reason and Clang
feels free to move the reachable() annotation away from its intended
location.

I wonder if we could go back to the original approach of providing
__COUNTER__ as an input to the asm, but then mask it to < 128.

Does this work on s390?

diff --git a/include/linux/compiler.h b/include/linux/compiler.h
index 3d5af56337bd..42935500a712 100644
--- a/include/linux/compiler.h
+++ b/include/linux/compiler.h
@@ -115,24 +115,18 @@ void ftrace_likely_update(struct ftrace_likely_data *f, int val,
  * The __COUNTER__ based labels are a hack to make each instance of the macros
  * unique, to convince GCC not to merge duplicate inline asm statements.
  */
-#define __stringify_label(n) #n
-
-#define __annotate_reachable(c) ({					\
-	asm volatile(__stringify_label(c) ":\n\t"			\
+#define annotate_reachable() ({						\
+	asm volatile("%c0:\n\t"						\
 		     ".pushsection .discard.reachable\n\t"		\
-		     ".long " __stringify_label(c) "b - .\n\t"		\
-		     ".popsection\n\t");				\
+		     ".long %c0b - .\n\t"				\
+		     ".popsection\n\t" : : "i" (__COUNTER__ & 0x7f));	\
 })
-#define annotate_reachable() __annotate_reachable(__COUNTER__)
-
-#define __annotate_unreachable(c) ({					\
-	asm volatile(__stringify_label(c) ":\n\t"			\
+#define annotate_unreachable() ({					\
+	asm volatile("%c0:\n\t"						\
 		     ".pushsection .discard.unreachable\n\t"		\
-		     ".long " __stringify_label(c) "b - .\n\t"		\
-		     ".popsection\n\t");				\
+		     ".long %c0b - .\n\t"				\
+		     ".popsection\n\t" : : "i" (__COUNTER__ & 0x7f));	\
 })
-#define annotate_unreachable() __annotate_unreachable(__COUNTER__)
-
 #define ASM_UNREACHABLE							\
 	"999:\n\t"							\
 	".pushsection .discard.unreachable\n\t"				\

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ