Kernel-hardening archive on lore.kernel.org
 help / color / Atom feed
From: Masahiro Yamada <masahiroy@kernel.org>
To: Kees Cook <keescook@chromium.org>
Cc: Linux Kbuild mailing list <linux-kbuild@vger.kernel.org>,
	Emese Revfy <re.emese@gmail.com>,
	Michal Marek <michal.lkml@markovi.net>,
	Kernel Hardening <kernel-hardening@lists.openwall.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 1/2] kbuild: move shared library build rules to scripts/gcc-plugins/Makefile
Date: Fri, 31 Jul 2020 13:16:17 +0900
Message-ID: <CAK7LNASRoqNfO+JAj9kKRgi3ee5mcdV99spy4t6jKG1RGC4KXA@mail.gmail.com> (raw)
In-Reply-To: <202007291401.A50E25BB@keescook>

On Thu, Jul 30, 2020 at 6:18 AM Kees Cook <keescook@chromium.org> wrote:
>
> On Wed, Jul 29, 2020 at 12:15:36PM +0900, Masahiro Yamada wrote:
> > The shared library build rules are currently implemented in
> > scripts/Makefile.host, but actually GCC-plugin is the only user of
> > them. Hence, they do not need to be treewide available.
>
> Are none of the VDSOs intending to use these rules?


Right.

GCC plugin .so files are compiled for the _host_ architecture.
vDSO .so files are compiled for the _target_ architecture.

They are built in completely different ways.



> > Move all the relevant build rules to scripts/gcc-plugins/Makefile.
> >
> > I also optimized the build steps so *.so is directly built from .c
> > because every upstream plugin is compiled from a single source file.
> >
> > I am still keeping the infrastructure to build a plugin from multiple
> > files because Kees suggested to do so in my previous attempt.
> > (https://lkml.org/lkml/2019/1/11/1107)
> >
> > If the plugin, foo.so, is compiled from two files foo.c and foo2.c,
> > then you can do like follows:
> >
> >   foo-objs := foo.o foo2.o
> >
> > Single-file plugins do not need the *-objs notation.
> >
> > Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
>
> But, yeah, sure!
>
> Acked-by: Kees Cook <keescook@chromium.org>
>
> Unrelated, but I do note that objtool maybe has the wrong indentation,
> path name reporting, and tool names (HOSTLD vs CC)?


Right.
Many people know it.


objtool opts out the Kbuild instructure.

I wrote a patch to make objtool join the Kbuild:
https://patchwork.kernel.org/patch/10839051/

The objtool maintainers refused to do this.






> ...
>   HOSTCC  scripts/asn1_compiler
>   HOSTCC  scripts/extract-cert
>   HOSTCC  scripts/genksyms/genksyms.o
>   YACC    scripts/genksyms/parse.tab.[ch]
>   LEX     scripts/genksyms/lex.lex.c
>   DESCEND  objtool
>   HOSTCXX scripts/gcc-plugins/cyc_complexity_plugin.so
>   HOSTCXX scripts/gcc-plugins/latent_entropy_plugin.so
>   HOSTCXX scripts/gcc-plugins/structleak_plugin.so
>   GENSEED scripts/gcc-plugins/randomize_layout_seed.h
>   HOSTCXX scripts/gcc-plugins/stackleak_plugin.so
>   HOSTCC  scripts/genksyms/parse.tab.o
>   HOSTCC  scripts/genksyms/lex.lex.o
>   HOSTCC   /home/kees/src/linux-build/plugins/tools/objtool/fixdep.o
>   HOSTLD  arch/x86/tools/relocs
>   HOSTLD   /home/kees/src/linux-build/plugins/tools/objtool/fixdep-in.o
>   LINK     /home/kees/src/linux-build/plugins/tools/objtool/fixdep
>   CC       /home/kees/src/linux-build/plugins/tools/objtool/exec-cmd.o
>   CC       /home/kees/src/linux-build/plugins/tools/objtool/help.o
>   CC       /home/kees/src/linux-build/plugins/tools/objtool/weak.o
> ...
>
> --
> Kees Cook



--
Best Regards
Masahiro Yamada

      reply index

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-29  3:15 Masahiro Yamada
2020-07-29 21:18 ` Kees Cook
2020-07-31  4:16   ` Masahiro Yamada [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAK7LNASRoqNfO+JAj9kKRgi3ee5mcdV99spy4t6jKG1RGC4KXA@mail.gmail.com \
    --to=masahiroy@kernel.org \
    --cc=keescook@chromium.org \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=linux-kbuild@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=michal.lkml@markovi.net \
    --cc=re.emese@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Kernel-hardening archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/kernel-hardening/0 kernel-hardening/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 kernel-hardening kernel-hardening/ https://lore.kernel.org/kernel-hardening \
		kernel-hardening@lists.openwall.com
	public-inbox-index kernel-hardening

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.openwall.lists.kernel-hardening


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git