LKML Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH v6 00/29] Warn on orphan section placement
@ 2020-08-21 19:42 Kees Cook
  2020-08-21 19:42 ` [PATCH v6 01/29] vmlinux.lds.h: Create COMMON_DISCARDS Kees Cook
                   ` (29 more replies)
  0 siblings, 30 replies; 92+ messages in thread
From: Kees Cook @ 2020-08-21 19:42 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Kees Cook, Catalin Marinas, Mark Rutland, Ard Biesheuvel,
	Peter Collingbourne, James Morse, Borislav Petkov, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nick Desaulniers,
	Nathan Chancellor, Arnd Bergmann, x86, clang-built-linux,
	linux-arch, linux-efi, linux-arm-kernel, linux-kernel

Hi Ingo,

Based on my testing, this is ready to go. I've reviewed the feedback on
v5 and made a few small changes, noted below.


https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=linker/orphans/warn/v6

v6:
- rebase to -tip x86/boot
- remove 0-sized NOLOAD
- move .got.plt to end with INFO (NOLOAD warns)
- add Reviewed-bys
v5: https://lore.kernel.org/lkml/20200731230820.1742553-1-keescook@chromium.org/
v4: https://lore.kernel.org/lkml/20200629061840.4065483-1-keescook@chromium.org/
v3: https://lore.kernel.org/lkml/20200624014940.1204448-1-keescook@chromium.org/
v2: https://lore.kernel.org/lkml/20200622205815.2988115-1-keescook@chromium.org/
v1: https://lore.kernel.org/lkml/20200228002244.15240-1-keescook@chromium.org/

A recent bug[1] was solved for builds linked with ld.lld, and tracking
it down took way longer than it needed to (a year). Ultimately, it
boiled down to differences between ld.bfd and ld.lld's handling of
orphan sections. Similar situation have continued to recur, and it's
clear the kernel build needs to be much more explicit about linker
sections. Similarly, the recent FGKASLR series brought up orphan section
handling too[2]. In all cases, it would have been nice if the linker was
running with --orphan-handling=warn so that surprise sections wouldn't
silently get mapped into the kernel image at locations up to the whim
of the linker's orphan handling logic. Instead, all desired sections
should be explicitly identified in the linker script (to be either kept,
discarded, or verified to be zero-sized) with any orphans throwing a
warning. The powerpc architecture has actually been doing this for some
time, so this series just extends that coverage to x86, arm, and arm64.

This has gotten sucecssful build testing under the following matrix:

compiler/linker: gcc+ld.bfd, clang+ld.lld
targets: defconfig, allmodconfig
architectures: x86, i386, arm64, arm
versions: -tip x86/boot

All three architectures depend on the first several commits to
vmlinux.lds.h. x86 depends on Arvind's GOT series (in -tip x86/boot now).
arm64 depends on the efi/libstub patch. As such, I'd like to land this
series as a whole. Ingo has suggested he'd take it into -tip.

Thanks!

-Kees

[1] https://github.com/ClangBuiltLinux/linux/issues/282
[2] https://lore.kernel.org/lkml/202002242122.AA4D1B8@keescook/

Kees Cook (28):
  vmlinux.lds.h: Create COMMON_DISCARDS
  vmlinux.lds.h: Add .gnu.version* to COMMON_DISCARDS
  vmlinux.lds.h: Avoid KASAN and KCSAN's unwanted sections
  vmlinux.lds.h: Split ELF_DETAILS from STABS_DEBUG
  vmlinux.lds.h: Add .symtab, .strtab, and .shstrtab to ELF_DETAILS
  efi/libstub: Disable -mbranch-protection
  arm64/mm: Remove needless section quotes
  arm64/kernel: Remove needless Call Frame Information annotations
  arm64/build: Remove .eh_frame* sections due to unwind tables
  arm64/build: Use common DISCARDS in linker script
  arm64/build: Add missing DWARF sections
  arm64/build: Assert for unwanted sections
  arm64/build: Warn on orphan section placement
  arm/build: Refactor linker script headers
  arm/build: Explicitly keep .ARM.attributes sections
  arm/build: Add missing sections
  arm/build: Assert for unwanted sections
  arm/build: Warn on orphan section placement
  arm/boot: Handle all sections explicitly
  arm/boot: Warn on orphan section placement
  x86/asm: Avoid generating unused kprobe sections
  x86/build: Enforce an empty .got.plt section
  x86/build: Assert for unwanted sections
  x86/build: Warn on orphan section placement
  x86/boot/compressed: Reorganize zero-size section asserts
  x86/boot/compressed: Remove, discard, or assert for unwanted sections
  x86/boot/compressed: Add missing debugging sections to output
  x86/boot/compressed: Warn on orphan section placement

Nick Desaulniers (1):
  vmlinux.lds.h: add PGO and AutoFDO input sections

 arch/alpha/kernel/vmlinux.lds.S               |  1 +
 arch/arc/kernel/vmlinux.lds.S                 |  1 +
 arch/arm/Makefile                             |  4 ++
 arch/arm/boot/compressed/Makefile             |  2 +
 arch/arm/boot/compressed/vmlinux.lds.S        | 20 +++----
 .../arm/{kernel => include/asm}/vmlinux.lds.h | 30 ++++++++--
 arch/arm/kernel/vmlinux-xip.lds.S             |  8 ++-
 arch/arm/kernel/vmlinux.lds.S                 |  8 ++-
 arch/arm64/Makefile                           |  9 ++-
 arch/arm64/kernel/smccc-call.S                |  2 -
 arch/arm64/kernel/vmlinux.lds.S               | 28 +++++++--
 arch/arm64/mm/mmu.c                           |  2 +-
 arch/csky/kernel/vmlinux.lds.S                |  1 +
 arch/hexagon/kernel/vmlinux.lds.S             |  1 +
 arch/ia64/kernel/vmlinux.lds.S                |  1 +
 arch/mips/kernel/vmlinux.lds.S                |  1 +
 arch/nds32/kernel/vmlinux.lds.S               |  1 +
 arch/nios2/kernel/vmlinux.lds.S               |  1 +
 arch/openrisc/kernel/vmlinux.lds.S            |  1 +
 arch/parisc/boot/compressed/vmlinux.lds.S     |  1 +
 arch/parisc/kernel/vmlinux.lds.S              |  1 +
 arch/powerpc/kernel/vmlinux.lds.S             |  2 +-
 arch/riscv/kernel/vmlinux.lds.S               |  1 +
 arch/s390/kernel/vmlinux.lds.S                |  1 +
 arch/sh/kernel/vmlinux.lds.S                  |  1 +
 arch/sparc/kernel/vmlinux.lds.S               |  1 +
 arch/um/kernel/dyn.lds.S                      |  2 +-
 arch/um/kernel/uml.lds.S                      |  2 +-
 arch/x86/Makefile                             |  4 ++
 arch/x86/boot/compressed/Makefile             |  2 +
 arch/x86/boot/compressed/vmlinux.lds.S        | 58 +++++++++++++------
 arch/x86/include/asm/asm.h                    |  6 +-
 arch/x86/kernel/vmlinux.lds.S                 | 39 ++++++++++++-
 drivers/firmware/efi/libstub/Makefile         |  9 ++-
 include/asm-generic/vmlinux.lds.h             | 49 +++++++++++++---
 35 files changed, 241 insertions(+), 60 deletions(-)
 rename arch/arm/{kernel => include/asm}/vmlinux.lds.h (84%)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 92+ messages in thread

end of thread, back to index

Thread overview: 92+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-21 19:42 [PATCH v6 00/29] Warn on orphan section placement Kees Cook
2020-08-21 19:42 ` [PATCH v6 01/29] vmlinux.lds.h: Create COMMON_DISCARDS Kees Cook
2020-09-01 11:48   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 02/29] vmlinux.lds.h: Add .gnu.version* to COMMON_DISCARDS Kees Cook
2020-09-01 11:48   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 03/29] vmlinux.lds.h: Avoid KASAN and KCSAN's unwanted sections Kees Cook
2020-09-01 11:48   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 04/29] vmlinux.lds.h: Split ELF_DETAILS from STABS_DEBUG Kees Cook
2020-09-01 11:48   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 05/29] vmlinux.lds.h: Add .symtab, .strtab, and .shstrtab to ELF_DETAILS Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 06/29] vmlinux.lds.h: add PGO and AutoFDO input sections Kees Cook
2020-09-01 11:47   ` [tip: core/build] vmlinux.lds.h: Add " tip-bot2 for Nick Desaulniers
2020-08-21 19:42 ` [PATCH v6 07/29] efi/libstub: Disable -mbranch-protection Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 08/29] arm64/mm: Remove needless section quotes Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 09/29] arm64/kernel: Remove needless Call Frame Information annotations Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 10/29] arm64/build: Remove .eh_frame* sections due to unwind tables Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 11/29] arm64/build: Use common DISCARDS in linker script Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 12/29] arm64/build: Add missing DWARF sections Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 13/29] arm64/build: Assert for unwanted sections Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-10-26 12:29   ` [PATCH v6 13/29] " Geert Uytterhoeven
2020-10-26 13:29     ` Geert Uytterhoeven
2020-10-26 16:01       ` Geert Uytterhoeven
2020-10-26 17:38         ` Ard Biesheuvel
2020-10-26 17:43           ` Geert Uytterhoeven
2020-10-26 17:48             ` Nick Desaulniers
2020-10-26 17:53               ` Geert Uytterhoeven
2020-10-27  8:37                 ` Geert Uytterhoeven
2020-10-27 19:25               ` Geert Uytterhoeven
2020-10-27 19:33                 ` Ard Biesheuvel
2020-10-27 20:00                   ` Arvind Sankar
2020-10-27 20:12                 ` Nick Desaulniers
2020-10-27 20:15                   ` Ard Biesheuvel
2020-10-27 20:17                     ` Nick Desaulniers
2020-10-27 20:30                       ` Arvind Sankar
2020-10-27 20:40                         ` Nick Desaulniers
2020-10-27 21:24                           ` Arvind Sankar
2020-10-27 20:28                     ` Nick Desaulniers
2020-10-27 20:32                       ` Arvind Sankar
2020-10-27 20:36                         ` Nick Desaulniers
2020-10-28 21:36                     ` Alexei Starovoitov
2020-10-27  8:51             ` Geert Uytterhoeven
2020-10-27 10:08           ` Jean-Philippe Brucker
2020-10-27 10:20             ` Geert Uytterhoeven
2020-10-27 11:29               ` Ard Biesheuvel
2020-10-27 11:53                 ` Naresh Kamboju
2020-10-27 13:56                 ` Ard Biesheuvel
2020-08-21 19:42 ` [PATCH v6 14/29] arm64/build: Warn on orphan section placement Kees Cook
2020-08-21 19:42 ` [PATCH v6 15/29] arm/build: Refactor linker script headers Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 16/29] arm/build: Explicitly keep .ARM.attributes sections Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 17/29] arm/build: Add missing sections Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:42 ` [PATCH v6 18/29] arm/build: Assert for unwanted sections Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:43 ` [PATCH v6 19/29] arm/build: Warn on orphan section placement Kees Cook
2020-08-21 19:43 ` [PATCH v6 20/29] arm/boot: Handle all sections explicitly Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:43 ` [PATCH v6 21/29] arm/boot: Warn on orphan section placement Kees Cook
2020-08-21 19:43 ` [PATCH v6 22/29] x86/asm: Avoid generating unused kprobe sections Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:43 ` [PATCH v6 23/29] x86/build: Enforce an empty .got.plt section Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:43 ` [PATCH v6 24/29] x86/build: Assert for unwanted sections Kees Cook
2020-09-01 11:47   ` [tip: core/build] x86/build: Add asserts " tip-bot2 for Kees Cook
2020-08-21 19:43 ` [PATCH v6 25/29] x86/build: Warn on orphan section placement Kees Cook
2020-08-21 19:43 ` [PATCH v6 26/29] x86/boot/compressed: Reorganize zero-size section asserts Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:43 ` [PATCH v6 27/29] x86/boot/compressed: Remove, discard, or assert for unwanted sections Kees Cook
2020-08-21 20:01   ` Arvind Sankar
2020-08-21 21:21     ` Kees Cook
2020-08-21 21:28       ` Arvind Sankar
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:43 ` [PATCH v6 28/29] x86/boot/compressed: Add missing debugging sections to output Kees Cook
2020-09-01 11:47   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-08-21 19:43 ` [PATCH v6 29/29] x86/boot/compressed: Warn on orphan section placement Kees Cook
2020-08-31 19:41 ` [PATCH v6 00/29] " Kees Cook
2020-09-01  7:11   ` Ingo Molnar
2020-09-01  7:59     ` Ingo Molnar
2020-09-01  8:16       ` Ingo Molnar
2020-09-01 15:17         ` Kees Cook
2020-09-01 18:02           ` Nick Desaulniers
2020-09-01 23:18             ` Kees Cook
2020-09-01 23:54               ` Nick Desaulniers

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git
	git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git
	git clone --mirror https://lore.kernel.org/lkml/9 lkml/git/9.git
	git clone --mirror https://lore.kernel.org/lkml/10 lkml/git/10.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org
	public-inbox-index lkml

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git