lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241122175445.tx3edadmof76yegs@jpoimboe>
Date: Fri, 22 Nov 2024 09:54:45 -0800
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: linux-kernel@...r.kernel.org
Subject: Re: [PATCH 9/9] objtool: Collect all annotations in objtool.h

On Fri, Nov 22, 2024 at 01:10:25PM +0100, Peter Zijlstra wrote:
> +#ifndef __ASSEMBLY__
> +/*
> + * Annotate away the various 'relocation to !ENDBR` complaints; knowing that
> + * these relocations will never be used for indirect calls.
> + */
> +#define ANNOTATE_NOENDBR		ASM_ANNOTATE(ANNOTYPE_NOENDBR)
> +/*
> + * This should be used immediately before an indirect jump/call. It tells
> + * objtool the subsequent indirect jump/call is vouched safe for retpoline
> + * builds.
> + */
> +#define ANNOTATE_RETPOLINE_SAFE		ASM_ANNOTATE(ANNOTYPE_RETPOLINE_SAFE)
> +/*
> + * objtool annotation to ignore the alternatives and only consider the original
> + * instruction(s).
> + */
> +#define ANNOTATE_IGNORE_ALTERNATIVE	ASM_ANNOTATE(ANNOTYPE_IGNORE_ALTS)

This is a good start, though it would be really nice to have them *all*
together:

  - move ANNOTATE_INTRA_FUNCTION_CALL down next to those ^

  - create ANNOTATE_INSTR_BEGIN and ANNOTATE_INSTR_END, and then do
    
      #define instrumentation_begin() ANNOTATE_INSTR_BEGIN

    to keep the existing syntax.  Then instrumentation.h is no longer
    needed.  The nice comment there can go above ANNOTATE_INSTR_BEGIN.

  - similarly, create ANNOTATE_UNRET_BEGIN and just do

      #define VALIDATE_UNRET_BEGIN ANNOTATE_UNRET_BEGIN
    
    since the VALIDATE_* syntax is more descriptive.

So basically even the macros with non-ANNOTATE naming still resolve to
ANNOTATE_FOO, with all the ANNOTATE_FOOs in one place, each with its own
nice comment.

BTW, is there a reason .discard.[un]reachable weren't converted over?

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ