lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d591bfef-9146-abf6-04d0-96600ebb7a15@xen0n.name>
Date:   Sun, 6 Aug 2023 18:31:09 +0800
From:   WANG Xuerui <kernel@...0n.name>
To:     Huacai Chen <chenhuacai@...nel.org>
Cc:     Nathan Chancellor <nathan@...nel.org>,
        Xi Ruoyao <xry111@...111.site>, loongarch@...ts.linux.dev,
        llvm@...ts.linux.dev, linux-kernel@...r.kernel.org,
        WANG Xuerui <git@...0n.name>,
        Nick Desaulniers <ndesaulniers@...gle.com>
Subject: Re: [PATCH v2] LoongArch: Replace -ffreestanding with finer-grained
 -fno-builtin's

Hi,

On 8/6/23 17:16, Huacai Chen wrote:
> Hi, Xuerui,
>
> On Sun, Aug 6, 2023 at 4:30 PM WANG Xuerui <kernel@...0n.name> wrote:
>> From: WANG Xuerui <git@...0n.name>
>>
>> As explained by Nick in the original issue: the kernel usually does a
>> good job of providing library helpers that have similar semantics as
>> their ordinary userspace libc equivalents, but -ffreestanding disables
>> such libcall optimization and other related features in the compiler,
>> which can lead to unexpected things such as CONFIG_FORTIFY_SOURCE not
>> working (!).
>>
>> As it turns out to be the case, only the memory operations really need
>> to be prevented from expansion by the compiler, and this is doable with
>> finer-grained -fno-builtin-* toggles. So only disable memcpy, memmove
>> and memset, while leaving other builtins enabled, to fix source
>> fortification among others.
>>
>> Closes: https://github.com/ClangBuiltLinux/linux/issues/1897
>> Reported-by: Nathan Chancellor <nathan@...nel.org>
>> Suggested-by: Nick Desaulniers <ndesaulniers@...gle.com>
>> Signed-off-by: WANG Xuerui <git@...0n.name>
>> ---
>>
>> Changes in v2:
>>
>> - Keep the memory operation builtins disabled, add comments, and tweak the
>>    commit message along the way.
>>
>>   arch/loongarch/Makefile | 9 ++++++++-
>>   1 file changed, 8 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/loongarch/Makefile b/arch/loongarch/Makefile
>> index b1e5db51b61c..34fc48df87f2 100644
>> --- a/arch/loongarch/Makefile
>> +++ b/arch/loongarch/Makefile
>> @@ -83,7 +83,14 @@ KBUILD_CFLAGS_KERNEL         += -fPIE
>>   LDFLAGS_vmlinux                        += -static -pie --no-dynamic-linker -z notext
>>   endif
>>
>> -cflags-y += -ffreestanding
>> +# Make sure the memory libcalls are not expanded by the compiler, for better
>> +# control over unaligned accesses with respect to CONFIG_ARCH_STRICT_ALIGN,
>> +# and also for avoiding https://gcc.gnu.org/PR109465.
>> +#
>> +# The overly broad -ffreestanding is undesirable as it disables *all* libcall
>> +# handling, that unfortunately includes proper FORTIFY_SOURCE instrumentation.
> I think these comments should go to commit message rather than here,
> because after this patch there is no -ffreestanding in Makefile.
Thanks for the advice, I'm fine either way and I'll send v3.
>
> Huacai
>
>> +cflags-y += -fno-builtin-memcpy -fno-builtin-memmove -fno-builtin-memset
>> +
>>   cflags-y += $(call cc-option, -mno-check-zero-division)
>>
>>   load-y         = 0x9000000000200000
>> --
>> 2.40.0
>>
>>
-- 
WANG "xen0n" Xuerui

Linux/LoongArch mailing list: https://lore.kernel.org/loongarch/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ