lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 4 Apr 2022 11:27:47 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Steven Rostedt <rostedt@...dmis.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>
Cc:     kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org,
        kernel test robot <lkp@...el.com>
Subject: Re: vmlinux.o: warning: objtool: stackleak_erase()+0x35: call to
 ftrace_likely_update() leaves .noinstr.text section

Hi,

On Mon, Apr 04, 2022 at 08:22:33PM +0800, kernel test robot wrote:
> tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> head:   3123109284176b1532874591f7c81f3837bbdc17
> commit: dcb85f85fa6f142aae1fe86f399d4503d49f2b60 gcc-plugins/stackleak: Use noinstr in favor of notrace
> date:   8 weeks ago
> config: x86_64-randconfig-r012-20220404 (https://download.01.org/0day-ci/archive/20220404/202204042008.sCQbEmVS-lkp@intel.com/config)
> compiler: gcc-11 (Debian 11.2.0-19) 11.2.0
> reproduce (this is a W=1 build):
>         # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dcb85f85fa6f142aae1fe86f399d4503d49f2b60
>         git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>         git fetch --no-tags linus master
>         git checkout dcb85f85fa6f142aae1fe86f399d4503d49f2b60
>         # save the config file to linux build tree
>         mkdir build_dir
>         make W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash
> 
> If you fix the issue, kindly add following tag as appropriate
> Reported-by: kernel test robot <lkp@...el.com>
> 
> All warnings (new ones prefixed by >>):
> 
>    vmlinux.o: warning: objtool: __wrgsbase_inactive()+0x26: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: __rdgsbase_inactive()+0x23: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: fixup_bad_iret()+0x76: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: noist_exc_debug()+0x3c: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: exc_nmi()+0xaa: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: poke_int3_handler()+0x3e: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: mce_check_crashing_cpu()+0x15: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: mce_start()+0x4e: call to __kcsan_check_access() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: mce_gather_info()+0x5f: call to v8086_mode.constprop.0() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: mce_read_aux()+0x93: call to mca_msr_reg() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: do_machine_check()+0x5f: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: exc_machine_check()+0x8e: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: mce_severity_amd.constprop.0()+0xca: call to mce_severity_amd_smca() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: irqentry_nmi_enter()+0x45: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: irqentry_nmi_exit()+0x38: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: enter_from_user_mode()+0x15: call to test_bit() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: syscall_enter_from_user_mode()+0x1a: call to test_bit() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: syscall_enter_from_user_mode_prepare()+0x15: call to test_bit() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: irqentry_enter_from_user_mode()+0x15: call to test_bit() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: irqentry_exit()+0x28: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: context_tracking_recursion_enter()+0x103: call to ftrace_likely_update() leaves .noinstr.text section
>    vmlinux.o: warning: objtool: __context_tracking_enter()+0x30: call to ftrace_likely_update() leaves .noinstr.text section
> >> vmlinux.o: warning: objtool: stackleak_erase()+0x35: call to ftrace_likely_update() leaves .noinstr.text section

I got CCed on this because of stackleak_erase() triggering, this, but it
appears to be an existing issue for other callers too. It looks like
__branch_check__() shouldn't be emitting ftrace_likely_update() calls
for noinstr functions...

I have no idea how a macro is meant to check for function attributes,
though... :(

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ