| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aS1r98IsLzX6pTug@gmail.com>
Date: Mon, 1 Dec 2025 11:20:39 +0100
From: Ingo Molnar <mingo@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-kernel@...r.kernel.org, Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>,
Borislav Petkov <bp@...en8.de>,
Andrew Morton <akpm@...ux-foundation.org>,
Alexandre Chartre <alexandre.chartre@...cle.com>
Subject: [GIT PULL] objtool changes for v6.19
Linus,
Please pull the latest objtool/core Git tree from:
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git objtool-core-2025-12-01
# HEAD: 6ec33db1aaf06a76fb063610e668f8e12f32ebbf objtool: Fix segfault on unknown alternatives
objtool updates for v6.19:
- klp-build livepatch module generation (Josh Poimboeuf)
Introduce new objtool features and a klp-build
script to generate livepatch modules using a
source .patch as input.
This builds on concepts from the longstanding out-of-tree
kpatch project which began in 2012 and has been used for
many years to generate livepatch modules for production kernels.
However, this is a complete rewrite which incorporates
hard-earned lessons from 12+ years of maintaining kpatch.
Key improvements compared to kpatch-build:
- Integrated with objtool: Leverages objtool's existing control-flow
graph analysis to help detect changed functions.
- Works on vmlinux.o: Supports late-linked objects, making it
compatible with LTO, IBT, and similar.
- Simplified code base: ~3k fewer lines of code.
- Upstream: No more out-of-tree #ifdef hacks, far less cruft.
- Cleaner internals: Vastly simplified logic for symbol/section/reloc
inclusion and special section extraction.
- Robust __LINE__ macro handling: Avoids false positive binary diffs
caused by the __LINE__ macro by introducing a fix-patch-lines script
which injects #line directives into the source .patch to preserve
the original line numbers at compile time.
- Disassemble code with libopcodes instead of running objdump
(Alexandre Chartre)
- Disassemble support (-d option to objtool) by Alexandre Chartre,
which supports the decoding of various Linux kernel code generation
specials such as alternatives:
17ef: sched_balance_find_dst_group+0x62f mov 0x34(%r9),%edx
17f3: sched_balance_find_dst_group+0x633 | <alternative.17f3> | X86_FEATURE_POPCNT
17f3: sched_balance_find_dst_group+0x633 | call 0x17f8 <__sw_hweight64> | popcnt %rdi,%rax
17f8: sched_balance_find_dst_group+0x638 cmp %eax,%edx
... jump table alternatives:
1895: sched_use_asym_prio+0x5 test $0x8,%ch
1898: sched_use_asym_prio+0x8 je 0x18a9 <sched_use_asym_prio+0x19>
189a: sched_use_asym_prio+0xa | <jump_table.189a> | JUMP
189a: sched_use_asym_prio+0xa | jmp 0x18ae <sched_use_asym_prio+0x1e> | nop2
189c: sched_use_asym_prio+0xc mov $0x1,%eax
18a1: sched_use_asym_prio+0x11 and $0x80,%ecx
... exception table alternatives:
native_read_msr:
5b80: native_read_msr+0x0 mov %edi,%ecx
5b82: native_read_msr+0x2 | <ex_table.5b82> | EXCEPTION
5b82: native_read_msr+0x2 | rdmsr | resume at 0x5b84 <native_read_msr+0x4>
5b84: native_read_msr+0x4 shl $0x20,%rdx
.... x86 feature flag decoding (also see the X86_FEATURE_POPCNT
example in sched_balance_find_dst_group() above):
2faaf: start_thread_common.constprop.0+0x1f jne 0x2fba4 <start_thread_common.constprop.0+0x114>
2fab5: start_thread_common.constprop.0+0x25 | <alternative.2fab5> | X86_FEATURE_ALWAYS | X86_BUG_NULL_SEG
2fab5: start_thread_common.constprop.0+0x25 | jmp 0x2faba <.altinstr_aux+0x2f4> | jmp 0x4b0 <start_thread_common.constprop.0+0x3f> | nop5
2faba: start_thread_common.constprop.0+0x2a mov $0x2b,%eax
... NOP sequence shortening:
1048e2: snapshot_write_finalize+0xc2 je 0x104917 <snapshot_write_finalize+0xf7>
1048e4: snapshot_write_finalize+0xc4 nop6
1048ea: snapshot_write_finalize+0xca nop11
1048f5: snapshot_write_finalize+0xd5 nop11
104900: snapshot_write_finalize+0xe0 mov %rax,%rcx
104903: snapshot_write_finalize+0xe3 mov 0x10(%rdx),%rax
... and much more.
- Function validation tracing support (Alexandre Chartre)
- Various -ffunction-sections fixes (Josh Poimboeuf)
- Clang AutoFDO (Automated Feedback-Directed Optimizations) support (Josh Poimboeuf)
- Misc fixes and cleanups (Borislav Petkov, Chen Ni,
Dylan Hatch, Ingo Molnar, John Wang, Josh Poimboeuf,
Pankaj Raghav, Peter Zijlstra, Thorsten Blum)
Thanks,
Ingo
------------------>
Alexandre Chartre (31):
objtool: Move disassembly functions to a separated file
objtool: Create disassembly context
objtool: Disassemble code with libopcodes instead of running objdump
tool build: Remove annoying newline in build output
objtool: Print symbol during disassembly
objtool: Store instruction disassembly result
objtool: Disassemble instruction on warning or backtrace
objtool: Extract code to validate instruction from the validate branch loop
objtool: Record symbol name max length
objtool: Add option to trace function validation
objtool: Trace instruction state changes during function validation
objtool: Improve register reporting during function validation
objtool: Identify the different types of alternatives
objtool: Add functions to better name alternatives
objtool: Improve tracing of alternative instructions
objtool: Do not validate IBT for .return_sites and .call_sites
objtool: Add the --disas=<function-pattern> action
objtool: Preserve alternatives order
objtool: Print headers for alternatives
objtool: Disassemble group alternatives
objtool: Print addresses with alternative instructions
objtool: Disassemble exception table alternatives
objtool: Disassemble jump table alternatives
objtool: Fix address references in alternatives
objtool: Provide access to feature and flags of group alternatives
objtool: Add Function to get the name of a CPU feature
objtool: Improve naming of group alternatives
objtool: Compact output for alternatives with one instruction
objtool: Add wide output for disassembly
objtool: Trim trailing NOPs in alternative
objtool: Build with disassembly can fail when including bdf.h
Borislav Petkov (AMD) (2):
objtool/klp: Add the debian-based package name of xxhash to the hint
tools/objtool: Copy the __cleanup unused variable fix for older clang
Chen Ni (2):
objtool: Remove unneeded semicolon
objtool: Remove unneeded semicolon
Dylan Hatch (1):
objtool: Fix standalone --hacks=jump_label
Ingo Molnar (1):
objtool: Fix segfault on unknown alternatives
John Wang (1):
scripts/faddr2line: Set LANG=C to enforce ASCII output
Josh Poimboeuf (85):
tools build: Fix fixdep dependencies
s390/vmlinux.lds.S: Prevent thunk functions from getting placed with normal text
vmlinux.lds: Unify TEXT_MAIN, DATA_MAIN, and related macros
x86/module: Improve relocation error messages
x86/kprobes: Remove STACK_FRAME_NON_STANDARD annotation
compiler: Tweak __UNIQUE_ID() naming
compiler.h: Make addressable symbols less of an eyesore
elfnote: Change ELFNOTE() to use __UNIQUE_ID()
kbuild: Remove 'kmod_' prefix from __KBUILD_MODNAME
modpost: Ignore unresolved section bounds symbols
x86/alternative: Refactor INT3 call emulation selftest
interval_tree: Sync interval_tree_generic.h with tools
interval_tree: Fix ITSTATIC usage for *_subtree_search()
objtool: Make find_symbol_containing() less arbitrary
objtool: Fix broken error handling in read_symbols()
objtool: Propagate elf_truncate_section() error in elf_write()
objtool: Remove error handling boilerplate
objtool: Add empty symbols to the symbol tree again
objtool: Fix interval tree insertion for zero-length symbols
objtool: Fix weak symbol detection
objtool: Fix x86 addend calculation
objtool: Fix __pa_symbol() relocation handling
objtool: Fix "unexpected end of section" warning for alternatives
objtool: Check for missing annotation entries in read_annotate()
objtool: Const string cleanup
objtool: Clean up compiler flag usage
objtool: Remove .parainstructions reference
objtool: Convert elf iterator macros to use 'struct elf'
objtool: Add section/symbol type helpers
objtool: Mark .cold subfunctions
objtool: Fix weak symbol hole detection for .cold functions
objtool: Mark prefix functions
objtool: Simplify reloc offset calculation in unwind_read_hints()
objtool: Avoid emptying lists for duplicate sections
objtool: Rename --Werror to --werror
objtool: Resurrect --backup option
objtool: Reindent check_options[]
objtool: Refactor add_jump_destinations()
objtool: Simplify special symbol handling in elf_update_symbol()
objtool: Generalize elf_create_symbol()
objtool: Generalize elf_create_section()
objtool: Add elf_create_data()
objtool: Add elf_create_reloc() and elf_init_reloc()
objtool: Add elf_create_file()
objtool: Add annotype() helper
objtool: Move ANNOTATE* macros to annotate.h
objtool: Add ANNOTATE_DATA_SPECIAL
x86/asm: Annotate special section entries
objtool: Unify STACK_FRAME_NON_STANDARD entry sizes
objtool/klp: Add --checksum option to generate per-function checksums
objtool/klp: Add --debug-checksum=<funcs> to show per-instruction checksums
objtool/klp: Introduce klp diff subcommand for diffing object files
objtool/klp: Add --debug option to show cloning decisions
objtool/klp: Add post-link subcommand to finalize livepatch modules
objtool: Refactor prefix symbol creation code
objtool: Add base objtool support for livepatch modules
livepatch: Add CONFIG_KLP_BUILD
kbuild,objtool: Defer objtool validation step for CONFIG_KLP_BUILD
livepatch/klp-build: Introduce fix-patch-lines script to avoid __LINE__ diff noise
livepatch/klp-build: Add stub init code for livepatch modules
livepatch/klp-build: Introduce klp-build script for generating livepatch modules
livepatch/klp-build: Add --debug option to show cloning decisions
livepatch/klp-build: Add --show-first-changed option to show function divergence
livepatch: Introduce source code helpers for livepatch modules
module: Fix device table module aliases
perf build: Fix perf build issues with fixdep
vmlinux.lds: Exclude .text.startup and .text.exit from TEXT_MAIN
vmlinux.lds: Fix TEXT_MAIN to include .text.start and friends
media: atomisp: Fix namespace collision and startup() section placement with -ffunction-sections
drivers/xen/xenbus: Fix namespace collision and split() section placement with AutoFDO
objtool: Warn on functions with ambiguous -ffunction-sections section names
objtool: Set minimum xxhash version to 0.8
objtool/klp: Only enable --checksum when needed
objtool: Support Clang AUTOFDO .cold functions
objtool: Fix .cold function detection for duplicate symbols
objtool: Don't alias undefined symbols
objtool: Return canonical symbol when aliases exist in symbol finding helpers
objtool: Skip non-canonical aliased symbols in add_jump_table_alts()
objtool: Remove second pass of .cold function correlation
serial: icom: Fix namespace collision and startup() section placement with -ffunction-sections
media: atomisp: gc2235: Fix namespace collision and startup() section placement with -ffunction-sections
tty: amiserial: Fix namespace collision and startup() section placement with -ffunction-sections
tty: synclink_gt: Fix namespace collision and startup() section placement with -ffunction-sections
kbuild: Check for functions with ambiguous -ffunction-sections section names
Revert "objtool: Warn on functions with ambiguous -ffunction-sections section names"
Pankaj Raghav (2):
scripts/faddr2line: Use /usr/bin/env bash for portability
scripts/faddr2line: Fix "Argument list too long" error
Peter Zijlstra (3):
objtool/x86: Remove 0xea hack
objtool/x86: Add UDB support
objtool/x86: Fix NOP decode
Thorsten Blum (1):
x86/smpboot: Mark native_play_dead() as __noreturn
MAINTAINERS | 3 +-
arch/s390/include/asm/nospec-insn.h | 2 +-
arch/s390/kernel/vmlinux.lds.S | 2 +-
arch/x86/Kconfig | 1 +
arch/x86/boot/startup/Makefile | 2 +-
arch/x86/include/asm/alternative.h | 4 +
arch/x86/include/asm/asm.h | 5 +
arch/x86/include/asm/bug.h | 1 +
arch/x86/include/asm/cpufeature.h | 1 +
arch/x86/include/asm/jump_label.h | 1 +
arch/x86/include/asm/smp.h | 2 +-
arch/x86/kernel/alternative.c | 51 +-
arch/x86/kernel/kprobes/opt.c | 4 -
arch/x86/kernel/module.c | 15 +-
arch/x86/kernel/smpboot.c | 8 +-
.../infiniband/hw/usnic/usnic_uiom_interval_tree.h | 4 +
drivers/staging/media/atomisp/i2c/atomisp-gc2235.c | 4 +-
drivers/staging/media/atomisp/i2c/atomisp-ov2722.c | 6 +-
drivers/tty/amiserial.c | 14 +-
drivers/tty/serial/icom.c | 8 +-
drivers/tty/synclink_gt.c | 20 +-
drivers/xen/xenbus/xenbus_xs.c | 4 +-
include/asm-generic/vmlinux.lds.h | 76 +-
include/linux/annotate.h | 134 ++
include/linux/compiler.h | 8 +-
include/linux/elfnote.h | 13 +-
include/linux/init.h | 3 +-
include/linux/interval_tree.h | 4 +
include/linux/interval_tree_generic.h | 2 +-
include/linux/livepatch.h | 25 +-
include/linux/livepatch_external.h | 76 +
include/linux/livepatch_helpers.h | 77 +
include/linux/mm.h | 2 +
include/linux/module.h | 3 +-
include/linux/objtool.h | 96 +-
include/linux/objtool_types.h | 2 +
kernel/livepatch/Kconfig | 12 +
kernel/livepatch/core.c | 8 +-
lib/interval_tree.c | 1 +
scripts/Makefile.lib | 6 +-
scripts/Makefile.vmlinux_o | 6 +-
scripts/check-function-names.sh | 25 +
scripts/faddr2line | 19 +-
scripts/link-vmlinux.sh | 3 +-
scripts/livepatch/fix-patch-lines | 79 +
scripts/livepatch/init.c | 108 ++
scripts/livepatch/klp-build | 831 ++++++++++
scripts/mod/modpost.c | 5 +
scripts/module.lds.S | 22 +-
tools/arch/x86/tools/gen-cpu-feature-names-x86.awk | 34 +
tools/build/Build | 2 +
tools/build/Makefile | 21 +-
tools/build/Makefile.feature | 4 +-
tools/include/linux/interval_tree_generic.h | 10 +-
tools/include/linux/livepatch_external.h | 76 +
tools/include/linux/objtool_types.h | 2 +
tools/include/linux/string.h | 14 +
tools/objtool/.gitignore | 3 +
tools/objtool/Build | 7 +-
tools/objtool/Makefile | 70 +-
tools/objtool/arch/loongarch/decode.c | 29 +-
tools/objtool/arch/loongarch/orc.c | 1 -
tools/objtool/arch/loongarch/special.c | 5 +
tools/objtool/arch/powerpc/decode.c | 31 +-
tools/objtool/arch/powerpc/special.c | 5 +
tools/objtool/arch/x86/Build | 13 +-
tools/objtool/arch/x86/decode.c | 111 +-
tools/objtool/arch/x86/orc.c | 1 -
tools/objtool/arch/x86/special.c | 12 +-
tools/objtool/builtin-check.c | 102 +-
tools/objtool/builtin-klp.c | 53 +
tools/objtool/check.c | 1482 +++++++++--------
tools/objtool/disas.c | 1248 ++++++++++++++
tools/objtool/elf.c | 822 +++++++---
tools/objtool/include/objtool/arch.h | 16 +-
tools/objtool/include/objtool/builtin.h | 14 +-
tools/objtool/include/objtool/check.h | 39 +-
tools/objtool/include/objtool/checksum.h | 43 +
tools/objtool/include/objtool/checksum_types.h | 25 +
tools/objtool/include/objtool/disas.h | 81 +
tools/objtool/include/objtool/elf.h | 198 ++-
tools/objtool/include/objtool/endianness.h | 9 +-
tools/objtool/include/objtool/klp.h | 35 +
tools/objtool/include/objtool/objtool.h | 4 +-
tools/objtool/include/objtool/special.h | 4 +-
tools/objtool/include/objtool/trace.h | 141 ++
tools/objtool/include/objtool/util.h | 19 +
tools/objtool/include/objtool/warn.h | 66 +-
tools/objtool/klp-diff.c | 1723 ++++++++++++++++++++
tools/objtool/klp-post-link.c | 168 ++
tools/objtool/noreturns.h | 1 +
tools/objtool/objtool.c | 42 +-
tools/objtool/orc_dump.c | 1 -
tools/objtool/orc_gen.c | 9 +-
tools/objtool/special.c | 16 +-
tools/objtool/sync-check.sh | 2 +
tools/objtool/trace.c | 203 +++
tools/objtool/weak.c | 7 +
tools/perf/Makefile.perf | 6 +-
99 files changed, 7592 insertions(+), 1246 deletions(-)
create mode 100644 include/linux/annotate.h
create mode 100644 include/linux/livepatch_external.h
create mode 100644 include/linux/livepatch_helpers.h
create mode 100755 scripts/check-function-names.sh
create mode 100755 scripts/livepatch/fix-patch-lines
create mode 100644 scripts/livepatch/init.c
create mode 100755 scripts/livepatch/klp-build
create mode 100644 tools/arch/x86/tools/gen-cpu-feature-names-x86.awk
create mode 100644 tools/build/Build
create mode 100644 tools/include/linux/livepatch_external.h
create mode 100644 tools/objtool/builtin-klp.c
create mode 100644 tools/objtool/disas.c
create mode 100644 tools/objtool/include/objtool/checksum.h
create mode 100644 tools/objtool/include/objtool/checksum_types.h
create mode 100644 tools/objtool/include/objtool/disas.h
create mode 100644 tools/objtool/include/objtool/klp.h
create mode 100644 tools/objtool/include/objtool/trace.h
create mode 100644 tools/objtool/include/objtool/util.h
create mode 100644 tools/objtool/klp-diff.c
create mode 100644 tools/objtool/klp-post-link.c
create mode 100644 tools/objtool/trace.c
Powered by blists - more mailing lists