| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220419115130.GT2731@worktop.programming.kicks-ass.net>
Date: Tue, 19 Apr 2022 13:51:30 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
Miroslav Benes <mbenes@...e.cz>
Subject: Re: [PATCH v2 00/25] objtool: Interface overhaul
On Mon, Apr 18, 2022 at 09:50:19AM -0700, Josh Poimboeuf wrote:
> Josh Poimboeuf (25):
> objtool: Enable unreachable warnings for CLANG LTO
> libsubcmd: Fix OPTION_GROUP sorting
> x86/static_call: Add ANNOTATE_NOENDBR to static call trampoline
> x86/retpoline: Add ANNOTATE_ENDBR for retpolines
> x86/uaccess: Add ENDBR to __put_user_nocheck*()
> x86/xen: Add ANNOTATE_ENDBR to startup_xen()
> objtool: Reorganize cmdline options
> objtool: Ditch subcommands
> objtool: Don't print parentheses in function addresses
> objtool: Print data address for "!ENDBR" data warnings
> objtool: Use offstr() to print address of missing ENDBR
> objtool: Add option to print section addresses
> scripts: Create objdump-func helper script
> objtool: Make stack validation optional
> objtool: Rework ibt and extricate from stack validation
> objtool: Extricate sls from stack validation
> objtool: Add CONFIG_OBJTOOL
> objtool: Make stack validation frame-pointer-specific
> objtool: Make static call annotation optional
> objtool: Make jump label hack optional
> objtool: Make noinstr hacks optional
> objtool: Rename "VMLINUX_VALIDATION" -> "NOINSTR_VALIDATION"
> objtool: Add HAVE_NOINSTR_VALIDATION
> objtool: Remove --lto and --vmlinux in favor of --link
> objtool: Update documentation
I've taken the liberty of reordering it slightly:
objtool: Enable unreachable warnings for CLANG LTO
x86/static_call: Add ANNOTATE_NOENDBR to static call trampoline
x86/retpoline: Add ANNOTATE_ENDBR for retpolines
x86/uaccess: Add ENDBR to __put_user_nocheck*()
x86/xen: Add ANNOTATE_ENDBR to startup_xen()
objtool: Print data address for "!ENDBR" data warnings
objtool: Use offstr() to print address of missing ENDBR
Go into x86/urgent, and I've added Fixes: tags with various patches from
the IBT series, and then the rest goes into objtool/core.
As already indicated, there's going to be a few merge conflicts against
x86/core, but alas. Resolved as per the below.
---
diff --cc arch/x86/Kconfig
index 20c1dacd2baa,c8f560802bf2..000000000000
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
diff --cc scripts/Makefile.build
index 7e7aa1d030a6,ac8167227bc0..000000000000
--- a/scripts/Makefile.build
+++ b/scripts/Makefile.build
@@@ -227,15 -227,19 +227,19 @@@ ifdef CONFIG_OBJTOO
objtool := $(objtree)/tools/objtool/objtool
objtool_args = \
- $(if $(CONFIG_UNWINDER_ORC),orc generate,check) \
- $(if $(part-of-module), --module) \
- $(if $(CONFIG_X86_KERNEL_IBT), --lto --ibt) \
- $(if $(CONFIG_FRAME_POINTER),, --no-fp) \
- $(if $(CONFIG_GCOV_KERNEL)$(CONFIG_LTO_CLANG), --no-unreachable)\
+ $(if $(CONFIG_HAVE_JUMP_LABEL_HACK), --hacks=jump_label) \
+ $(if $(CONFIG_HAVE_NOINSTR_HACK), --hacks=noinstr) \
+ $(if $(CONFIG_X86_KERNEL_IBT), --ibt) \
+ $(if $(CONFIG_FTRACE_MCOUNT_USE_OBJTOOL), --mcount) \
+ $(if $(CONFIG_UNWINDER_ORC), --orc) \
$(if $(CONFIG_RETPOLINE), --retpoline) \
+ $(if $(CONFIG_SLS), --sls) \
+ $(if $(CONFIG_STACK_VALIDATION), --stackval) \
+ $(if $(CONFIG_HAVE_STATIC_CALL_INLINE), --static-call) \
- $(if $(CONFIG_X86_SMAP), --uaccess) \
+ --uaccess \
- $(if $(CONFIG_FTRACE_MCOUNT_USE_OBJTOOL), --mcount) \
- $(if $(CONFIG_SLS), --sls)
+ $(if $(linked-object), --link) \
+ $(if $(part-of-module), --module) \
+ $(if $(CONFIG_GCOV_KERNEL), --no-unreachable)
cmd_objtool = $(if $(objtool-enabled), ; $(objtool) $(objtool_args) $@)
cmd_gen_objtooldep = $(if $(objtool-enabled), { echo ; echo '$@: $$(wildcard $(objtool))' ; } >> $(dot-target).cmd)
diff --cc scripts/link-vmlinux.sh
index 3a2fffdf49d4,eb9324f07f3d..000000000000
--- a/scripts/link-vmlinux.sh
+++ b/scripts/link-vmlinux.sh
@@@ -126,34 -132,46 +132,44 @@@ objtool_link(
if is_enabled CONFIG_FTRACE_MCOUNT_USE_OBJTOOL; then
objtoolopt="${objtoolopt} --mcount"
fi
- fi
- if is_enabled CONFIG_VMLINUX_VALIDATION; then
- objtoolopt="${objtoolopt} --noinstr"
- fi
+ if is_enabled CONFIG_UNWINDER_ORC; then
+ objtoolopt="${objtoolopt} --orc"
+ fi
- if [ -n "${objtoolopt}" ]; then
- if [ -z "${objtoolcmd}" ]; then
- objtoolcmd="check"
+ if is_enabled CONFIG_RETPOLINE; then
+ objtoolopt="${objtoolopt} --retpoline"
fi
- objtoolopt="${objtoolopt} --vmlinux"
- if ! is_enabled CONFIG_FRAME_POINTER; then
- objtoolopt="${objtoolopt} --no-fp"
+
+ if is_enabled CONFIG_SLS; then
+ objtoolopt="${objtoolopt} --sls"
fi
- if is_enabled CONFIG_GCOV_KERNEL || is_enabled CONFIG_LTO_CLANG; then
- objtoolopt="${objtoolopt} --no-unreachable"
+
+ if is_enabled CONFIG_STACK_VALIDATION; then
+ objtoolopt="${objtoolopt} --stackval"
fi
- if is_enabled CONFIG_RETPOLINE; then
- objtoolopt="${objtoolopt} --retpoline"
+
+ if is_enabled CONFIG_HAVE_STATIC_CALL_INLINE; then
+ objtoolopt="${objtoolopt} --static-call"
fi
- if is_enabled CONFIG_X86_SMAP; then
- objtoolopt="${objtoolopt} --uaccess"
- fi
+ objtoolopt="${objtoolopt} --uaccess"
+ fi
- if is_enabled CONFIG_SLS; then
- objtoolopt="${objtoolopt} --sls"
+ if is_enabled CONFIG_NOINSTR_VALIDATION; then
+ objtoolopt="${objtoolopt} --noinstr"
+ fi
+
+ if [ -n "${objtoolopt}" ]; then
+
+ if is_enabled CONFIG_GCOV_KERNEL; then
+ objtoolopt="${objtoolopt} --no-unreachable"
fi
+
+ objtoolopt="${objtoolopt} --link"
+
info OBJTOOL ${1}
- tools/objtool/objtool ${objtoolcmd} ${objtoolopt} ${1}
+ tools/objtool/objtool ${objtoolopt} ${1}
fi
}
Powered by blists - more mailing lists