From: Josh Poimboeuf <jpoimboe@redhat.com>
To: Sami Tolvanen <samitolvanen@google.com>
Cc: Peter Zijlstra <peterz@infradead.org>,
Jann Horn <jannh@google.com>,
the arch/x86 maintainers <x86@kernel.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Will Deacon <will@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Paul E. McKenney" <paulmck@kernel.org>,
Kees Cook <keescook@chromium.org>,
Nick Desaulniers <ndesaulniers@google.com>,
clang-built-linux <clang-built-linux@googlegroups.com>,
Kernel Hardening <kernel-hardening@lists.openwall.com>,
linux-arch <linux-arch@vger.kernel.org>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
linux-kbuild <linux-kbuild@vger.kernel.org>,
kernel list <linux-kernel@vger.kernel.org>,
linux-pci@vger.kernel.org
Subject: Re: [PATCH v6 22/25] x86/asm: annotate indirect jumps
Date: Tue, 20 Oct 2020 13:52:17 -0500 [thread overview]
Message-ID: <20201020185217.ilg6w5l7ujau2246@treble> (raw)
In-Reply-To: <CABCJKufDLmBCwmgGnfLcBw_B_4U8VY-R-dSNNp86TFfuMobPMw@mail.gmail.com>
On Tue, Oct 20, 2020 at 09:45:06AM -0700, Sami Tolvanen wrote:
> On Thu, Oct 15, 2020 at 1:39 PM Josh Poimboeuf <jpoimboe@redhat.com> wrote:
> >
> > On Thu, Oct 15, 2020 at 12:22:16PM +0200, Peter Zijlstra wrote:
> > > On Thu, Oct 15, 2020 at 01:23:41AM +0200, Jann Horn wrote:
> > >
> > > > It would probably be good to keep LTO and non-LTO builds in sync about
> > > > which files are subjected to objtool checks. So either you should be
> > > > removing the OBJECT_FILES_NON_STANDARD annotations for anything that
> > > > is linked into the main kernel (which would be a nice cleanup, if that
> > > > is possible),
> > >
> > > This, I've had to do that for a number of files already for the limited
> > > vmlinux.o passes we needed for noinstr validation.
> >
> > Getting rid of OBJECT_FILES_NON_STANDARD is indeed the end goal, though
> > I'm not sure how practical that will be for some of the weirder edge
> > case.
> >
> > On a related note, I have some old crypto cleanups which need dusting
> > off.
>
> Building allyesconfig with this series and LTO enabled, I still see
> the following objtool warnings for vmlinux.o, grouped by source file:
>
> arch/x86/entry/entry_64.S:
> __switch_to_asm()+0x0: undefined stack state
> .entry.text+0xffd: sibling call from callable instruction with
> modified stack frame
> .entry.text+0x48: stack state mismatch: cfa1=7-8 cfa2=-1+0
Not sure what this one's about, there's no OBJECT_FILES_NON_STANDARD?
> arch/x86/entry/entry_64_compat.S:
> .entry.text+0x1754: unsupported instruction in callable function
> .entry.text+0x1634: redundant CLD
> .entry.text+0x15fd: stack state mismatch: cfa1=7-8 cfa2=-1+0
> .entry.text+0x168c: stack state mismatch: cfa1=7-8 cfa2=-1+0
Ditto.
> arch/x86/kernel/head_64.S:
> .head.text+0xfb: unsupported instruction in callable function
Ditto.
> arch/x86/kernel/acpi/wakeup_64.S:
> do_suspend_lowlevel()+0x116: sibling call from callable instruction
> with modified stack frame
We'll need to look at how to handle this one.
> arch/x86/crypto/camellia-aesni-avx2-asm_64.S:
> camellia_cbc_dec_32way()+0xb3: stack state mismatch: cfa1=7+520 cfa2=7+8
> camellia_ctr_32way()+0x1a: stack state mismatch: cfa1=7+520 cfa2=7+8
I can clean off my patches for all the crypto warnings.
> arch/x86/lib/retpoline.S:
> __x86_retpoline_rdi()+0x10: return with modified stack frame
> __x86_retpoline_rdi()+0x0: stack state mismatch: cfa1=7+32 cfa2=7+8
> __x86_retpoline_rdi()+0x0: stack state mismatch: cfa1=7+32 cfa2=-1+0
Is this with upstream? I thought we fixed that with
UNWIND_HINT_RET_OFFSET.
> Josh, Peter, any thoughts on what would be the preferred way to fix
> these, or how to tell objtool to ignore this code?
One way or another, the patches need to be free of warnings before
getting merged. I can help, though I'm traveling and only have limited
bandwidth for at least the rest of the month.
Ideally we'd want to have objtool understand everything, with no
whitelisting, but some cases (e.g. suspend code) can be tricky.
I wouldn't be opposed to embedding the whitelist in the binary, in a
discardable section. It should be relatively easy, but as I mentioned I
may or may not have time to work on it for a bit. I'm working half
days, and now the ocean beckons from the window of my camper.
--
Josh
next prev parent reply other threads:[~2020-10-20 18:52 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-13 0:31 [PATCH v6 00/25] Add support for Clang LTO Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 01/25] kbuild: preprocess module linker script Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 02/25] objtool: Add a pass for generating __mcount_loc Sami Tolvanen
2020-10-14 16:50 ` Ingo Molnar
2020-10-14 18:21 ` Peter Zijlstra
2020-10-15 20:10 ` Josh Poimboeuf
2020-10-13 0:31 ` [PATCH v6 03/25] objtool: Don't autodetect vmlinux.o Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 04/25] tracing: move function tracer options to Kconfig Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 05/25] tracing: add support for objtool mcount Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 06/25] x86, build: use " Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 07/25] treewide: remove DISABLE_LTO Sami Tolvanen
2020-10-14 22:43 ` Kees Cook
2020-10-17 1:46 ` Masahiro Yamada
2020-10-13 0:31 ` [PATCH v6 08/25] kbuild: add support for Clang LTO Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 09/25] kbuild: lto: fix module versioning Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 10/25] objtool: Split noinstr validation from --vmlinux Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 11/25] kbuild: lto: postpone objtool Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 12/25] kbuild: lto: limit inlining Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 13/25] kbuild: lto: merge module sections Sami Tolvanen
2020-10-14 22:49 ` Kees Cook
2020-10-20 16:42 ` Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 14/25] kbuild: lto: remove duplicate dependencies from .mod files Sami Tolvanen
2020-10-14 22:50 ` Kees Cook
2020-12-03 17:59 ` Masahiro Yamada
2020-12-03 18:47 ` Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 15/25] init: lto: ensure initcall ordering Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 16/25] init: lto: fix PREL32 relocations Sami Tolvanen
2020-10-14 22:53 ` Kees Cook
2020-10-15 0:12 ` Jann Horn
2020-10-13 0:31 ` [PATCH v6 17/25] PCI: Fix PREL32 relocations for LTO Sami Tolvanen
2020-10-14 22:58 ` Kees Cook
2020-10-13 0:31 ` [PATCH v6 18/25] modpost: lto: strip .lto from module names Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 19/25] scripts/mod: disable LTO for empty.c Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 20/25] efi/libstub: disable LTO Sami Tolvanen
2020-10-13 0:31 ` [PATCH v6 21/25] drivers/misc/lkdtm: disable LTO for rodata.o Sami Tolvanen
2020-10-13 0:32 ` [PATCH v6 22/25] x86/asm: annotate indirect jumps Sami Tolvanen
2020-10-14 22:46 ` Kees Cook
2020-10-14 23:23 ` Jann Horn
2020-10-15 10:22 ` Peter Zijlstra
2020-10-15 20:39 ` Josh Poimboeuf
2020-10-20 16:45 ` Sami Tolvanen
2020-10-20 18:52 ` Josh Poimboeuf [this message]
2020-10-20 19:24 ` Sami Tolvanen
2020-10-21 8:56 ` Peter Zijlstra
2020-10-21 9:08 ` Peter Zijlstra
2020-10-21 9:32 ` Peter Zijlstra
2020-10-21 21:27 ` Josh Poimboeuf
2020-10-22 7:25 ` Peter Zijlstra
2020-10-23 17:48 ` Sami Tolvanen
2020-10-23 18:04 ` Nick Desaulniers
2020-10-21 15:01 ` Sami Tolvanen
2020-10-22 0:22 ` Sami Tolvanen
2020-10-23 17:36 ` Sami Tolvanen
2020-11-09 23:11 ` Sami Tolvanen
2020-11-10 2:29 ` Josh Poimboeuf
2020-11-10 3:18 ` Nick Desaulniers
2020-11-10 4:48 ` Sami Tolvanen
2020-11-10 16:11 ` Josh Poimboeuf
2020-11-10 17:46 ` Josh Poimboeuf
2020-11-10 18:59 ` Sami Tolvanen
2020-11-13 19:54 ` Josh Poimboeuf
2020-11-13 20:24 ` Sami Tolvanen
2020-11-13 20:52 ` Josh Poimboeuf
2020-11-13 22:34 ` Josh Poimboeuf
2020-11-13 22:54 ` Sami Tolvanen
2020-11-13 22:56 ` Josh Poimboeuf
2020-11-13 23:31 ` Sami Tolvanen
2020-11-14 0:49 ` Josh Poimboeuf
2020-10-21 9:51 ` Peter Zijlstra
2020-10-21 18:30 ` Josh Poimboeuf
2020-10-13 0:32 ` [PATCH v6 23/25] x86, vdso: disable LTO only for vDSO Sami Tolvanen
2020-10-13 0:32 ` [PATCH v6 24/25] x86, cpu: disable LTO for cpu.c Sami Tolvanen
2020-10-13 0:32 ` [PATCH v6 25/25] x86, build: allow LTO_CLANG and THINLTO to be selected Sami Tolvanen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201020185217.ilg6w5l7ujau2246@treble \
--to=jpoimboe@redhat.com \
--cc=clang-built-linux@googlegroups.com \
--cc=gregkh@linuxfoundation.org \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=ndesaulniers@google.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=samitolvanen@google.com \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).