lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <31A791DF-C044-4883-9074-8D13A67DE89B@kernel.org>
Date: Mon, 28 Jul 2025 23:10:19 -0700
From: Kees Cook <kees@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
CC: linux-kernel@...r.kernel.org,
 Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
 Dan Williams <dan.j.williams@...el.com>, David Gow <davidgow@...gle.com>,
 "Gustavo A. R. Silva" <gustavoars@...nel.org>,
 Heiko Carstens <hca@...ux.ibm.com>, Huacai Chen <chenhuacai@...ngson.cn>,
 Ingo Molnar <mingo@...nel.org>,
 Jannik Glückert <jannik.glueckert@...il.com>,
 kernel test robot <lkp@...el.com>, Lee Jones <lee@...nel.org>,
 Linux Kernel Functional Testing <lkft@...aro.org>,
 Marco Elver <elver@...gle.com>, Nathan Chancellor <nathan@...nel.org>,
 Nicolas Schier <n.schier@....de>, Nishanth Menon <nm@...com>,
 Ritesh Harjani <ritesh.list@...il.com>,
 Thorsten Blum <thorsten.blum@...ux.dev>,
 Youling Tang <tangyouling@...inos.cn>
Subject: Re: [GIT PULL] hardening updates for v6.17-rc1



On July 28, 2025 5:43:08 PM PDT, Linus Torvalds <torvalds@...ux-foundation.org> wrote:
>On Mon, 28 Jul 2025 at 17:01, Kees Cook <kees@...nel.org> wrote:
>>
>> Please pull these hardening updates for v6.17-rc1. Some notable things
>> that stand out diffstat: there are many scattered changes across arch code
>> to clean up __init vs KCOV instrumentation. Most are landing here via
>> the hardening tree but 2 landed separately in their respective trees:
>> loongarch in v6.16 already, and platform-drivers-x86 that is queued
>> for merging:
>
>Is this the cause of the new
>
>  section mismatch in reference: volume_set_software_mute+0x6f
>(section: .text.unlikely) -> tpacpi_is_lenovo (section: .init.text)
>
>warning?
>
>It does seem to be a preexisting bug, with volume_set_software_mute()
>(not init) calling tpacpi_is_lenovo (which is marked __init for some
>unknown crazy reason).
>
>I'm just not seeing what changed to *not* inline that trivial
>single-instruction thing. So something really bad is happening to the
>compiler because of this hardening change.

The change is actually *removing* sanitizer instrumentation from __init functions, and this seems to cause GCC to play weird games with inline vs section markings vs coverage sanitizer options. I scratched my head over it for a while but since GCC has had this kind of "unstable" inlining behavior before, it looked like the fix in similar situations was to switch it to __always_inline. In other cases the use of __init was adjusted.

The fix is part of the platform-drivers-x86 PR, specifically:
https://lore.kernel.org/lkml/20250529181831.work.439-kees@kernel.org/

-Kees

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ