| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b35dc3bb-71ca-4f5e-af29-8e1605ec5bde@roeck-us.net>
Date: Wed, 16 Apr 2025 20:10:19 -0700
From: Guenter Roeck <linux@...ck-us.net>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: Andrey Ryabinin <ryabinin.a.a@...il.com>,
Alexander Potapenko <glider@...gle.com>,
Andrey Konovalov <andreyknvl@...il.com>, Dmitry Vyukov <dvyukov@...gle.com>,
Vincenzo Frascino <vincenzo.frascino@....com>, kasan-dev@...glegroups.com,
linux-kernel@...r.kernel.org, Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [PATCH v2] x86/Kconfig: Fix allyesconfig
On 4/16/25 18:28, Andrew Morton wrote:
> On Wed, 16 Apr 2025 17:17:00 -0700 Guenter Roeck <linux@...ck-us.net> wrote:
>
>> On 4/16/25 17:03, Andrew Morton wrote:
>>> On Wed, 16 Apr 2025 16:05:59 -0700 Guenter Roeck <linux@...ck-us.net> wrote:
>>>
>>>> 64-bit allyesconfig builds fail with
>>>>
>>>> x86_64-linux-ld: kernel image bigger than KERNEL_IMAGE_SIZE
>>>>
>>>> Bisect points to commit 6f110a5e4f99 ("Disable SLUB_TINY for build
>>>> testing") as the responsible commit. Reverting that patch does indeed
>>>> fix the problem. Further analysis shows that disabling SLUB_TINY enables
>>>> KASAN, and that KASAN is responsible for the image size increase.
>>>>
>>>> Solve the build problem by disabling KASAN for test builds.
>>>>
>>>
>>> Excluding KASAN from COMPILE_TEST builds is regrettable.
>>>
>>> Can we address this some other way? One way might be to alter or
>>> disable the KERNEL_IMAGE_SIZE check if COMPILE_TEST? That will be sad
>>> for anyone who tries to boot a COMPILE_TEST kernel, but who the heck
>>> does that?
>>
>> I tried increasing the limit. It didn't work. With the RFC I sent earlier
>> I made it dependent on allmodconfig, but Linus said I should just disable
>> it for test builds (which was the cases anyway until commit 6f110a5e4f99).
>>
>> Personally I don't have a preference either way. I can also do nothing and
>> stop testing allyesconfig. That would help reducing the load on my testbed,
>> so I would be all for it.
>
> How about this?
>
>
>
> --- a/arch/x86/kernel/vmlinux.lds.S~a
> +++ a/arch/x86/kernel/vmlinux.lds.S
> @@ -466,10 +466,19 @@ SECTIONS
> }
>
> /*
> - * The ASSERT() sink to . is intentional, for binutils 2.14 compatibility:
> + * COMPILE_TEST kernels can be large - CONFIG_KASAN, for example, can cause
> + * this. Let's assume that nobody will be running a COMPILE_TEST kernel and
> + * let's assert that fuller build coverage is more valuable than being able to
> + * run a COMPILE_TEST kernel.
> + */
> +#ifndef CONFIG_COMPILE_TEST
> +/*
> +/*
> + * The ASSERT() sync to . is intentional, for binutils 2.14 compatibility:
> */
> . = ASSERT((_end - LOAD_OFFSET <= KERNEL_IMAGE_SIZE),
> "kernel image bigger than KERNEL_IMAGE_SIZE");
> +#endif
>
Yes, that is what I ended up doing with v3 (thanks for the idea), lacking the comment.
Guess I'll need to send v4, but I'll wait a bit to see if there is feedback from others.
> /* needed for Clang - see arch/x86/entry/entry.S */
> PROVIDE(__ref_stack_chk_guard = __stack_chk_guard);
> _
>
>
> (contains gratuitous s/sink/sync/)
>
>
> I'd like to add
>
> #else
> WARN((_end - LOAD_OFFSET <= KERNEL_IMAGE_SIZE),
> "kernel image bigger than KERNEL_IMAGE_SIZE - kernel probably will not work");
> #endif /* CONFIG_COMPILE_TEST */
>
> but I lack the patience to figure out how to do that.
WARN is a define which declares C code. That doesn't work in linker scripts.
I only got #ifdef to work. I did not find a linker script command which would
be equivalent to WARN(). Maybe someone else knows if it is possible and how
to do it.
Guenter
Powered by blists - more mailing lists