| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c26de68d-4a56-03a0-2625-25c7e2997d45@meta.com>
Date: Mon, 19 Jun 2023 11:17:08 -0700
From: Yonghong Song <yhs@...a.com>
To: Florent Revest <revest@...omium.org>,
Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: bpf@...r.kernel.org, linux-kernel@...r.kernel.org,
llvm@...ts.linux.dev, martin.lau@...ux.dev, ast@...nel.org,
daniel@...earbox.net, andrii@...nel.org, song@...nel.org,
yhs@...com, john.fastabend@...il.com, kpsingh@...nel.org,
sdf@...gle.com, haoluo@...gle.com, jolsa@...nel.org,
nathan@...nel.org, ndesaulniers@...gle.com, trix@...hat.com,
stable@...r.kernel.org
Subject: Re: [PATCH bpf] bpf/btf: Accept function names that contain dots
On 6/19/23 7:03 AM, Florent Revest wrote:
> On Fri, Jun 16, 2023 at 6:57 PM Andrii Nakryiko
> <andrii.nakryiko@...il.com> wrote:
>>
>> On Thu, Jun 15, 2023 at 7:56 AM Florent Revest <revest@...omium.org> wrote:
>>>
>>> When building a kernel with LLVM=1, LLVM_IAS=0 and CONFIG_KASAN=y, LLVM
>>> leaves DWARF tags for the "asan.module_ctor" & co symbols. In turn,
>>> pahole creates BTF_KIND_FUNC entries for these and this makes the BTF
>>> metadata validation fail because they contain a dot.
>>>
>>> In a dramatic turn of event, this BTF verification failure can cause
>>> the netfilter_bpf initialization to fail, causing netfilter_core to
>>> free the netfilter_helper hashmap and netfilter_ftp to trigger a
>>> use-after-free. The risk of u-a-f in netfilter will be addressed
>>> separately but the existence of "asan.module_ctor" debug info under some
>>> build conditions sounds like a good enough reason to accept functions
>>> that contain dots in BTF.
>>
>> I don't see much harm in allowing dots. There are also all those .isra
>> and other modifications to functions that we currently don't have in
>> BTF, but with the discussions about recording function addrs we might
>> eventually have those as well. So:
>>
>> Acked-by: Andrii Nakryiko <andrii@...nel.org>
>
> Thanks Andrii! :)
>
>>> Cc: stable@...r.kernel.org
>>> Fixes: 1dc92851849c ("bpf: kernel side support for BTF Var and DataSec")
>
> So do you think these trailers should be kept ? I suppose we can
> either see this as a "new feature" to accommodate .isra that should go
> through bpf-next or as a bug fix that goes through bpf and gets
> backported to stable (without this, BTF wouldn't work on old kernels
> built under a new clang and with LLVM_IAS=0 and CONFIG_KASAN=y so this
> sounds like a legitimate bug fix to me, I just wanted to double check)
How many people really build the kernel with
LLVM=1 LLVM_IAS=0
which uses clang compiler ans gcc 'as'.
I think distro most likely won't do this if they intend to
build the kernel with clang.
Note that
LLVM=1
implies to use both clang compiler and clang assembler.
Using clang17 and 'LLVM=1 LLVM_IAS=0', with latest bpf-next,
I actually hit some build errors like:
/tmp/video-bios-59fa52.s: Assembler messages:
/tmp/video-bios-59fa52.s:4: Error: junk at end of line, first
unrecognized character is `"'
/tmp/video-bios-59fa52.s:4: Error: file number less than one
/tmp/video-bios-59fa52.s:5: Error: junk at end of line, first
unrecognized character is `"'
/tmp/video-bios-59fa52.s:6: Error: junk at end of line, first
unrecognized character is `"'
/tmp/video-bios-59fa52.s:7: Error: junk at end of line, first
unrecognized character is `"'
/tmp/video-bios-59fa52.s:8: Error: junk at end of line, first
unrecognized character is `"'
/tmp/video-bios-59fa52.s:9: Error: junk at end of line, first
unrecognized character is `"'
/tmp/video-bios-59fa52.s:10: Error: junk at end of line, first
unrecognized character is `"'
/tmp/video-bios-59fa52.s:68: Error: junk at end of line, first
unrecognized character is `"'
clang: error: assembler command failed with exit code 1 (use -v to see
invocation)
make[4]: *** [/home/yhs/work/bpf-next/scripts/Makefile.build:252:
arch/x86/realmode/rm/video-bios.o] Error 1
make[4]: *** Waiting for unfinished jobs....
/tmp/wakemain-88777c.s: Assembler messages:
/tmp/wakemain-88777c.s:4: Error: junk at end of line, first unrecognized
character is `"'
/tmp/wakemain-88777c.s:4: Error: file number less than one
/tmp/wakemain-88777c.s:5: Error: junk at end of line, first unrecognized
character is `"'
/tmp/wakemain-88777c.s:6: Error: junk at end of line, first unrecognized
character is `"'
/tmp/wakemain-88777c.s:7: Error: junk at end of line, first unrecognized
character is `"'
/tmp/wakemain-88777c.s:8: Error: junk at end of line, first unrecognized
character is `"'
/tmp/wakemain-88777c.s:81: Error: junk at end of line, first
unrecognized character is `"'
/tmp/wakemain-88777c.s:312: Error: junk at end of line, first
unrecognized character is `"'
clang: error: assembler command failed with exit code 1 (use -v to see
invocation)
Potentially because of my local gnu assembler 2.30-120.el8 won't work
with some syntax generated by clang. Mixing clang compiler and arbitrary
gnu assembler are not a good idea (see the above example). It might
work with close-to-latest gnu assembler.
To support function name like '<fname>.isra', some llvm work will be
needed, and it may take some time.
So in my opinion, this patch is NOT a bug fix. It won't affect distro.
Whether we should backport to the old kernel, I am not sure whether it
is absolutely necessary as casual build can always remove LLVM_IAS=0 or
hack the kernel source itself.
Powered by blists - more mailing lists