lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251223202038.91200-1-ubizjak@gmail.com>
Date: Tue, 23 Dec 2025 21:18:55 +0100
From: Uros Bizjak <ubizjak@...il.com>
To: x86@...nel.org,
	linux-kernel@...r.kernel.org
Cc: Uros Bizjak <ubizjak@...il.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...nel.org>,
	Borislav Petkov <bp@...en8.de>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	"H. Peter Anvin" <hpa@...or.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>
Subject: [PATCH 0/3] Remove obsolete RELOC_HIDE() macro from compiler-gcc.h

The GCC specific macro was historically used to workaround very old
compiler bugs (including pre-4.1 ppc64 GCC). These compilers are long
obsolete.

The generic RELOC_HIDE() macro should be used instead.

The removal causes GCC to detect several reads from addresses below 4kB in
the boot code. GCC treats absolute addresses smaller than min-pagesize param
(defaulting to 4kB) as assumed results of pointer arithmetics from NULL.
The following code, when compiled with -O2 -Warray-bounds (included in -Wall):

  int foo (void) { return *(int *)0x123; }

will emit a rather cryptic warning:

warning: array subscript 0 is outside array bounds of ‘int[0]’ [-Warray-bounds=]
    1 | int foo (void) { return *(int *)0x123; }
      |                         ^~~~~~~~~~~~~
cc1: note: source object is likely at address zero

To solve the issue, replace open-coded inline assembly used for
FS/GS memory accesses in arch/x86/boot/boot.h with segment-qualified
pointer dereferences. The compiler allows pointer arithmetic from
NULL in __seg_fs and __seg_gs named address spaces.

The early boot environment does not guarantee any minimum page size,
so explicitly setting the minimum page size to zero by adding
--param=min-pagesize=0 to the compiler flags when building the x86
boot code with GCC inhibits warnings for addresses below 4kB.

The removal of the GCC specific macro results in the
following code size reduction:

     text    data     bss     dec     hex filename
  28526453        4823511  737108 34087072        20820a0 vmlinux-old.o
  28520945        4823463  737108 34081516        2080aec vmlinux-new.o

  ./bloat-o-meter vmlinux-old.o vmlinux-new.o
  add/remove: 4/14 grow/shrink: 189/674 up/down: 4433/-7865 (-3432)
  ...
  Total: Before=24103512, After=24100080, chg -0.01%

Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Ingo Molnar <mingo@...nel.org>
Cc: Borislav Petkov <bp@...en8.de>
Cc: Dave Hansen <dave.hansen@...ux.intel.com>
Cc: "H. Peter Anvin" <hpa@...or.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>

Uros Bizjak (3):
  x86/boot: replace FS/GS inline asm with segment-qualified accesses
  x86/boot: disable GCC min-pagesize assumption in boot code
  compiler-gcc: Remove obsolete RELOC_HIDE() macro

 arch/x86/boot/Makefile       |  3 ++
 arch/x86/boot/boot.h         | 58 +++++++++++-------------------------
 include/linux/compiler-gcc.h | 25 ----------------
 3 files changed, 21 insertions(+), 65 deletions(-)

-- 
2.52.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ