linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v7 0/5] Warn on orphan section placement
@ 2020-09-02  2:53 Kees Cook
  2020-09-02  2:53 ` [PATCH v7 1/5] arm64/build: " Kees Cook
                   ` (5 more replies)
  0 siblings, 6 replies; 17+ messages in thread
From: Kees Cook @ 2020-09-02  2:53 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Kees Cook, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nick Desaulniers,
	Nathan Chancellor, Arnd Bergmann, x86, clang-built-linux,
	linux-arch, linux-efi, linux-arm-kernel, linux-kernel

Hi Ingo,

The ever-shortening series. ;) Here is "v7", which is just the remaining
Makefile changes to enable orphan section warnings, now updated to
include ld-option calls.

Thanks for getting this all into -tip!

-Kees

v6: https://lore.kernel.org/lkml/20200821194310.3089815-1-keescook@chromium.org/
v5: https://lore.kernel.org/lkml/20200731230820.1742553-1-keescook@chromium.org/
v4: https://lore.kernel.org/lkml/20200629061840.4065483-1-keescook@chromium.org/
v3: https://lore.kernel.org/lkml/20200624014940.1204448-1-keescook@chromium.org/
v2: https://lore.kernel.org/lkml/20200622205815.2988115-1-keescook@chromium.org/
v1: https://lore.kernel.org/lkml/20200228002244.15240-1-keescook@chromium.org/

Kees Cook (5):
  arm64/build: Warn on orphan section placement
  arm/build: Warn on orphan section placement
  arm/boot: Warn on orphan section placement
  x86/build: Warn on orphan section placement
  x86/boot/compressed: Warn on orphan section placement

 arch/arm/Makefile                 | 4 ++++
 arch/arm/boot/compressed/Makefile | 2 ++
 arch/arm64/Makefile               | 4 ++++
 arch/x86/Makefile                 | 4 ++++
 arch/x86/boot/compressed/Makefile | 1 +
 5 files changed, 15 insertions(+)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 17+ messages in thread

* [PATCH v7 1/5] arm64/build: Warn on orphan section placement
  2020-09-02  2:53 [PATCH v7 0/5] Warn on orphan section placement Kees Cook
@ 2020-09-02  2:53 ` Kees Cook
  2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
  2020-09-02  2:53 ` [PATCH v7 2/5] arm/build: " Kees Cook
                   ` (4 subsequent siblings)
  5 siblings, 1 reply; 17+ messages in thread
From: Kees Cook @ 2020-09-02  2:53 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Kees Cook, Will Deacon, Borislav Petkov, Catalin Marinas,
	Mark Rutland, Ard Biesheuvel, Peter Collingbourne, James Morse,
	Ingo Molnar, Russell King, Masahiro Yamada, Arvind Sankar,
	Nick Desaulniers, Nathan Chancellor, Arnd Bergmann, x86,
	clang-built-linux, linux-arch, linux-efi, linux-arm-kernel,
	linux-kernel

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker
script.

With all sections now handled, enable orphan section warnings.

Acked-by: Will Deacon <will@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 arch/arm64/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile
index 6de7f551b821..081144fcc3da 100644
--- a/arch/arm64/Makefile
+++ b/arch/arm64/Makefile
@@ -29,6 +29,10 @@ LDFLAGS_vmlinux	+= --fix-cortex-a53-843419
   endif
 endif
 
+# We never want expected sections to be placed heuristically by the
+# linker. All sections should be explicitly named in the linker script.
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
+
 ifeq ($(CONFIG_ARM64_USE_LSE_ATOMICS), y)
   ifneq ($(CONFIG_ARM64_LSE_ATOMICS), y)
 $(warning LSE atomics not supported by binutils)
-- 
2.25.1


^ permalink raw reply	[flat|nested] 17+ messages in thread

* [PATCH v7 2/5] arm/build: Warn on orphan section placement
  2020-09-02  2:53 [PATCH v7 0/5] Warn on orphan section placement Kees Cook
  2020-09-02  2:53 ` [PATCH v7 1/5] arm64/build: " Kees Cook
@ 2020-09-02  2:53 ` Kees Cook
  2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
  2020-09-02  2:53 ` [PATCH v7 3/5] arm/boot: " Kees Cook
                   ` (3 subsequent siblings)
  5 siblings, 1 reply; 17+ messages in thread
From: Kees Cook @ 2020-09-02  2:53 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Kees Cook, Nick Desaulniers, Borislav Petkov, Catalin Marinas,
	Mark Rutland, Ard Biesheuvel, Peter Collingbourne, James Morse,
	Ingo Molnar, Russell King, Masahiro Yamada, Arvind Sankar,
	Nathan Chancellor, Arnd Bergmann, x86, clang-built-linux,
	linux-arch, linux-efi, linux-arm-kernel, linux-kernel

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker
script.

Specifically, this would have made a recently fixed bug very obvious:

ld: warning: orphan section `.fixup' from `arch/arm/lib/copy_from_user.o' being placed in section `.fixup'

With all sections handled, enable orphan section warning.

Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 arch/arm/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/arm/Makefile b/arch/arm/Makefile
index 4e877354515f..e589da3c8949 100644
--- a/arch/arm/Makefile
+++ b/arch/arm/Makefile
@@ -16,6 +16,10 @@ LDFLAGS_vmlinux	+= --be8
 KBUILD_LDFLAGS_MODULE	+= --be8
 endif
 
+# We never want expected sections to be placed heuristically by the
+# linker. All sections should be explicitly named in the linker script.
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
+
 ifeq ($(CONFIG_ARM_MODULE_PLTS),y)
 KBUILD_LDS_MODULE	+= $(srctree)/arch/arm/kernel/module.lds
 endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 17+ messages in thread

* [PATCH v7 3/5] arm/boot: Warn on orphan section placement
  2020-09-02  2:53 [PATCH v7 0/5] Warn on orphan section placement Kees Cook
  2020-09-02  2:53 ` [PATCH v7 1/5] arm64/build: " Kees Cook
  2020-09-02  2:53 ` [PATCH v7 2/5] arm/build: " Kees Cook
@ 2020-09-02  2:53 ` Kees Cook
  2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
  2020-09-02  2:53 ` [PATCH v7 4/5] x86/build: " Kees Cook
                   ` (2 subsequent siblings)
  5 siblings, 1 reply; 17+ messages in thread
From: Kees Cook @ 2020-09-02  2:53 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Kees Cook, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nick Desaulniers,
	Nathan Chancellor, Arnd Bergmann, x86, clang-built-linux,
	linux-arch, linux-efi, linux-arm-kernel, linux-kernel

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker script.

With all sections now handled, enable orphan section warning.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 arch/arm/boot/compressed/Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/arm/boot/compressed/Makefile b/arch/arm/boot/compressed/Makefile
index b1147b7f2c8d..58028abd05d9 100644
--- a/arch/arm/boot/compressed/Makefile
+++ b/arch/arm/boot/compressed/Makefile
@@ -123,6 +123,8 @@ endif
 LDFLAGS_vmlinux += --no-undefined
 # Delete all temporary local symbols
 LDFLAGS_vmlinux += -X
+# Report orphan sections
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
 # Next argument is a linker script
 LDFLAGS_vmlinux += -T
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 17+ messages in thread

* [PATCH v7 4/5] x86/build: Warn on orphan section placement
  2020-09-02  2:53 [PATCH v7 0/5] Warn on orphan section placement Kees Cook
                   ` (2 preceding siblings ...)
  2020-09-02  2:53 ` [PATCH v7 3/5] arm/boot: " Kees Cook
@ 2020-09-02  2:53 ` Kees Cook
  2020-09-05 22:48   ` Arvind Sankar
  2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
  2020-09-02  2:53 ` [PATCH v7 5/5] x86/boot/compressed: " Kees Cook
  2020-09-02 19:04 ` [PATCH v7 0/5] " Nick Desaulniers
  5 siblings, 2 replies; 17+ messages in thread
From: Kees Cook @ 2020-09-02  2:53 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Kees Cook, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nick Desaulniers,
	Nathan Chancellor, Arnd Bergmann, x86, clang-built-linux,
	linux-arch, linux-efi, linux-arm-kernel, linux-kernel

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker script.

Now that all sections are explicitly handled, enable orphan section
warnings.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 arch/x86/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/Makefile b/arch/x86/Makefile
index 4346ffb2e39f..154259f18b8b 100644
--- a/arch/x86/Makefile
+++ b/arch/x86/Makefile
@@ -209,6 +209,10 @@ ifdef CONFIG_X86_64
 LDFLAGS_vmlinux += -z max-page-size=0x200000
 endif
 
+# We never want expected sections to be placed heuristically by the
+# linker. All sections should be explicitly named in the linker script.
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
+
 archscripts: scripts_basic
 	$(Q)$(MAKE) $(build)=arch/x86/tools relocs
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 17+ messages in thread

* [PATCH v7 5/5] x86/boot/compressed: Warn on orphan section placement
  2020-09-02  2:53 [PATCH v7 0/5] Warn on orphan section placement Kees Cook
                   ` (3 preceding siblings ...)
  2020-09-02  2:53 ` [PATCH v7 4/5] x86/build: " Kees Cook
@ 2020-09-02  2:53 ` Kees Cook
  2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
  2020-09-02 19:04 ` [PATCH v7 0/5] " Nick Desaulniers
  5 siblings, 1 reply; 17+ messages in thread
From: Kees Cook @ 2020-09-02  2:53 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Kees Cook, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nick Desaulniers,
	Nathan Chancellor, Arnd Bergmann, x86, clang-built-linux,
	linux-arch, linux-efi, linux-arm-kernel, linux-kernel

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker
script.

Now that all sections are explicitly handled, enable orphan section
warnings.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 arch/x86/boot/compressed/Makefile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
index 5b7f6e175b03..871cc071c925 100644
--- a/arch/x86/boot/compressed/Makefile
+++ b/arch/x86/boot/compressed/Makefile
@@ -54,6 +54,7 @@ KBUILD_LDFLAGS += $(call ld-option,--no-ld-generated-unwind-info)
 # Compressed kernel should be built as PIE since it may be loaded at any
 # address by the bootloader.
 LDFLAGS_vmlinux := -pie $(call ld-option, --no-dynamic-linker)
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
 LDFLAGS_vmlinux += -T
 
 hostprogs	:= mkpiggy
-- 
2.25.1


^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: [PATCH v7 0/5] Warn on orphan section placement
  2020-09-02  2:53 [PATCH v7 0/5] Warn on orphan section placement Kees Cook
                   ` (4 preceding siblings ...)
  2020-09-02  2:53 ` [PATCH v7 5/5] x86/boot/compressed: " Kees Cook
@ 2020-09-02 19:04 ` Nick Desaulniers
  2020-09-04  5:58   ` Ingo Molnar
  5 siblings, 1 reply; 17+ messages in thread
From: Nick Desaulniers @ 2020-09-02 19:04 UTC (permalink / raw)
  To: Kees Cook
  Cc: Ingo Molnar, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nathan Chancellor,
	Arnd Bergmann, maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT),
	clang-built-linux, linux-arch, linux-efi, Linux ARM, LKML

On Tue, Sep 1, 2020 at 7:53 PM Kees Cook <keescook@chromium.org> wrote:
>
> Hi Ingo,
>
> The ever-shortening series. ;) Here is "v7", which is just the remaining
> Makefile changes to enable orphan section warnings, now updated to
> include ld-option calls.
>
> Thanks for getting this all into -tip!

For the series,
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>

As the recent ppc vdso boogaloo exposed, what about the vdsos?
* arch/x86/entry/vdso/Makefile
* arch/arm/vdso/Makefile
* arch/arm64/kernel/vdso/Makefile
* arch/arm64/kernel/vdso32/Makefile

>
> -Kees
>
> v6: https://lore.kernel.org/lkml/20200821194310.3089815-1-keescook@chromium.org/
> v5: https://lore.kernel.org/lkml/20200731230820.1742553-1-keescook@chromium.org/
> v4: https://lore.kernel.org/lkml/20200629061840.4065483-1-keescook@chromium.org/
> v3: https://lore.kernel.org/lkml/20200624014940.1204448-1-keescook@chromium.org/
> v2: https://lore.kernel.org/lkml/20200622205815.2988115-1-keescook@chromium.org/
> v1: https://lore.kernel.org/lkml/20200228002244.15240-1-keescook@chromium.org/
>
> Kees Cook (5):
>   arm64/build: Warn on orphan section placement
>   arm/build: Warn on orphan section placement
>   arm/boot: Warn on orphan section placement
>   x86/build: Warn on orphan section placement
>   x86/boot/compressed: Warn on orphan section placement
>
>  arch/arm/Makefile                 | 4 ++++
>  arch/arm/boot/compressed/Makefile | 2 ++
>  arch/arm64/Makefile               | 4 ++++
>  arch/x86/Makefile                 | 4 ++++
>  arch/x86/boot/compressed/Makefile | 1 +
>  5 files changed, 15 insertions(+)
>
> --
> 2.25.1
>


-- 
Thanks,
~Nick Desaulniers

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: [PATCH v7 0/5] Warn on orphan section placement
  2020-09-02 19:04 ` [PATCH v7 0/5] " Nick Desaulniers
@ 2020-09-04  5:58   ` Ingo Molnar
  2020-09-04 18:20     ` Kees Cook
  0 siblings, 1 reply; 17+ messages in thread
From: Ingo Molnar @ 2020-09-04  5:58 UTC (permalink / raw)
  To: Nick Desaulniers, Kees Cook
  Cc: Kees Cook, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nathan Chancellor,
	Arnd Bergmann, maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT),
	clang-built-linux, linux-arch, linux-efi, Linux ARM, LKML


* Nick Desaulniers <ndesaulniers@google.com> wrote:

> On Tue, Sep 1, 2020 at 7:53 PM Kees Cook <keescook@chromium.org> wrote:
> >
> > Hi Ingo,
> >
> > The ever-shortening series. ;) Here is "v7", which is just the remaining
> > Makefile changes to enable orphan section warnings, now updated to
> > include ld-option calls.
> >
> > Thanks for getting this all into -tip!
> 
> For the series,
> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
> 
> As the recent ppc vdso boogaloo exposed, what about the vdsos?
> * arch/x86/entry/vdso/Makefile
> * arch/arm/vdso/Makefile
> * arch/arm64/kernel/vdso/Makefile
> * arch/arm64/kernel/vdso32/Makefile

Kees, will these patches DTRT for the vDSO builds? I will be unable to test 
these patches on that old system until tomorrow the earliest.

I'm keeping these latest changes in WIP.core/build for now.

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: [PATCH v7 0/5] Warn on orphan section placement
  2020-09-04  5:58   ` Ingo Molnar
@ 2020-09-04 18:20     ` Kees Cook
  2020-09-06  7:24       ` Ingo Molnar
  0 siblings, 1 reply; 17+ messages in thread
From: Kees Cook @ 2020-09-04 18:20 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Nick Desaulniers, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nathan Chancellor,
	Arnd Bergmann, maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT),
	clang-built-linux, linux-arch, linux-efi, Linux ARM, LKML

On Fri, Sep 04, 2020 at 07:58:25AM +0200, Ingo Molnar wrote:
> 
> * Nick Desaulniers <ndesaulniers@google.com> wrote:
> 
> > On Tue, Sep 1, 2020 at 7:53 PM Kees Cook <keescook@chromium.org> wrote:
> > >
> > > Hi Ingo,
> > >
> > > The ever-shortening series. ;) Here is "v7", which is just the remaining
> > > Makefile changes to enable orphan section warnings, now updated to
> > > include ld-option calls.
> > >
> > > Thanks for getting this all into -tip!
> > 
> > For the series,
> > Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
> > 
> > As the recent ppc vdso boogaloo exposed, what about the vdsos?
> > * arch/x86/entry/vdso/Makefile
> > * arch/arm/vdso/Makefile
> > * arch/arm64/kernel/vdso/Makefile
> > * arch/arm64/kernel/vdso32/Makefile
> 
> Kees, will these patches DTRT for the vDSO builds? I will be unable to test 
> these patches on that old system until tomorrow the earliest.

I would like to see VDSO done next, but it's entirely separate from
this series. This series only touches the core kernel build (i.e. via the
interactions with scripts/link-vmlinux.sh) or the boot stubs. So there
is no impact on VDSO linking.

> I'm keeping these latest changes in WIP.core/build for now.

They should be safe to land in -next, which is important so we can shake
out any other sneaky sections that all our existing testing hasn't
found. :)

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: [PATCH v7 4/5] x86/build: Warn on orphan section placement
  2020-09-02  2:53 ` [PATCH v7 4/5] x86/build: " Kees Cook
@ 2020-09-05 22:48   ` Arvind Sankar
  2020-09-08 20:17     ` Arvind Sankar
  2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
  1 sibling, 1 reply; 17+ messages in thread
From: Arvind Sankar @ 2020-09-05 22:48 UTC (permalink / raw)
  To: Kees Cook
  Cc: Ingo Molnar, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nick Desaulniers,
	Nathan Chancellor, Arnd Bergmann, x86, clang-built-linux,
	linux-arch, linux-efi, linux-arm-kernel, linux-kernel

On Tue, Sep 01, 2020 at 07:53:46PM -0700, Kees Cook wrote:
> We don't want to depend on the linker's orphan section placement
> heuristics as these can vary between linkers, and may change between
> versions. All sections need to be explicitly handled in the linker script.
> 
> Now that all sections are explicitly handled, enable orphan section
> warnings.
> 
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
>  arch/x86/Makefile | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/arch/x86/Makefile b/arch/x86/Makefile
> index 4346ffb2e39f..154259f18b8b 100644
> --- a/arch/x86/Makefile
> +++ b/arch/x86/Makefile
> @@ -209,6 +209,10 @@ ifdef CONFIG_X86_64
>  LDFLAGS_vmlinux += -z max-page-size=0x200000
>  endif
>  
> +# We never want expected sections to be placed heuristically by the
> +# linker. All sections should be explicitly named in the linker script.
> +LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
> +
>  archscripts: scripts_basic
>  	$(Q)$(MAKE) $(build)=arch/x86/tools relocs
>  
> -- 
> 2.25.1
> 

With LLVM=1 and GCOV_KERNEL/GCOV_PROFILE_ALL enabled, there are
.eh_frame sections created. I see that KASAN and KCSAN currently discard
them. Does GCOV actually need them or should it also discard?

Thanks.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: [PATCH v7 0/5] Warn on orphan section placement
  2020-09-04 18:20     ` Kees Cook
@ 2020-09-06  7:24       ` Ingo Molnar
  0 siblings, 0 replies; 17+ messages in thread
From: Ingo Molnar @ 2020-09-06  7:24 UTC (permalink / raw)
  To: Kees Cook
  Cc: Nick Desaulniers, Borislav Petkov, Catalin Marinas, Mark Rutland,
	Ard Biesheuvel, Peter Collingbourne, James Morse, Ingo Molnar,
	Russell King, Masahiro Yamada, Arvind Sankar, Nathan Chancellor,
	Arnd Bergmann, maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT),
	clang-built-linux, linux-arch, linux-efi, Linux ARM, LKML


* Kees Cook <keescook@chromium.org> wrote:

> On Fri, Sep 04, 2020 at 07:58:25AM +0200, Ingo Molnar wrote:
> > 
> > * Nick Desaulniers <ndesaulniers@google.com> wrote:
> > 
> > > On Tue, Sep 1, 2020 at 7:53 PM Kees Cook <keescook@chromium.org> wrote:
> > > >
> > > > Hi Ingo,
> > > >
> > > > The ever-shortening series. ;) Here is "v7", which is just the remaining
> > > > Makefile changes to enable orphan section warnings, now updated to
> > > > include ld-option calls.
> > > >
> > > > Thanks for getting this all into -tip!
> > > 
> > > For the series,
> > > Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
> > > 
> > > As the recent ppc vdso boogaloo exposed, what about the vdsos?
> > > * arch/x86/entry/vdso/Makefile
> > > * arch/arm/vdso/Makefile
> > > * arch/arm64/kernel/vdso/Makefile
> > > * arch/arm64/kernel/vdso32/Makefile
> > 
> > Kees, will these patches DTRT for the vDSO builds? I will be unable to test 
> > these patches on that old system until tomorrow the earliest.
> 
> I would like to see VDSO done next, but it's entirely separate from
> this series. This series only touches the core kernel build (i.e. via the
> interactions with scripts/link-vmlinux.sh) or the boot stubs. So there
> is no impact on VDSO linking.

Great!

I also double checked that things still build fine with ancient LD.

> > I'm keeping these latest changes in WIP.core/build for now.
> 
> They should be safe to land in -next, which is important so we can shake
> out any other sneaky sections that all our existing testing hasn't
> found. :)

OK, cool - I've graduated them over into tip:core/build. :-)

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [tip: core/build] x86/boot/compressed: Warn on orphan section placement
  2020-09-02  2:53 ` [PATCH v7 5/5] x86/boot/compressed: " Kees Cook
@ 2020-09-07  6:05   ` tip-bot2 for Kees Cook
  0 siblings, 0 replies; 17+ messages in thread
From: tip-bot2 for Kees Cook @ 2020-09-07  6:05 UTC (permalink / raw)
  To: linux-tip-commits; +Cc: Kees Cook, Ingo Molnar, Nick Desaulniers, x86, LKML

The following commit has been merged into the core/build branch of tip:

Commit-ID:     6e0bf0e0e55000742a53c5f3b58f8669e0091a11
Gitweb:        https://git.kernel.org/tip/6e0bf0e0e55000742a53c5f3b58f8669e0091a11
Author:        Kees Cook <keescook@chromium.org>
AuthorDate:    Tue, 01 Sep 2020 19:53:47 -07:00
Committer:     Ingo Molnar <mingo@kernel.org>
CommitterDate: Thu, 03 Sep 2020 10:28:36 +02:00

x86/boot/compressed: Warn on orphan section placement

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker
script.

Now that all sections are explicitly handled, enable orphan section
warnings.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://lore.kernel.org/r/20200902025347.2504702-6-keescook@chromium.org
---
 arch/x86/boot/compressed/Makefile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
index 5b7f6e1..871cc07 100644
--- a/arch/x86/boot/compressed/Makefile
+++ b/arch/x86/boot/compressed/Makefile
@@ -54,6 +54,7 @@ KBUILD_LDFLAGS += $(call ld-option,--no-ld-generated-unwind-info)
 # Compressed kernel should be built as PIE since it may be loaded at any
 # address by the bootloader.
 LDFLAGS_vmlinux := -pie $(call ld-option, --no-dynamic-linker)
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
 LDFLAGS_vmlinux += -T
 
 hostprogs	:= mkpiggy

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [tip: core/build] x86/build: Warn on orphan section placement
  2020-09-02  2:53 ` [PATCH v7 4/5] x86/build: " Kees Cook
  2020-09-05 22:48   ` Arvind Sankar
@ 2020-09-07  6:05   ` tip-bot2 for Kees Cook
  1 sibling, 0 replies; 17+ messages in thread
From: tip-bot2 for Kees Cook @ 2020-09-07  6:05 UTC (permalink / raw)
  To: linux-tip-commits; +Cc: Kees Cook, Ingo Molnar, Nick Desaulniers, x86, LKML

The following commit has been merged into the core/build branch of tip:

Commit-ID:     83109d5d5fba7abf362f5a443c9f4c4ea10bbc8d
Gitweb:        https://git.kernel.org/tip/83109d5d5fba7abf362f5a443c9f4c4ea10bbc8d
Author:        Kees Cook <keescook@chromium.org>
AuthorDate:    Tue, 01 Sep 2020 19:53:46 -07:00
Committer:     Ingo Molnar <mingo@kernel.org>
CommitterDate: Thu, 03 Sep 2020 10:28:36 +02:00

x86/build: Warn on orphan section placement

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker script.

Now that all sections are explicitly handled, enable orphan section
warnings.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://lore.kernel.org/r/20200902025347.2504702-5-keescook@chromium.org
---
 arch/x86/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/Makefile b/arch/x86/Makefile
index 4346ffb..154259f 100644
--- a/arch/x86/Makefile
+++ b/arch/x86/Makefile
@@ -209,6 +209,10 @@ ifdef CONFIG_X86_64
 LDFLAGS_vmlinux += -z max-page-size=0x200000
 endif
 
+# We never want expected sections to be placed heuristically by the
+# linker. All sections should be explicitly named in the linker script.
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
+
 archscripts: scripts_basic
 	$(Q)$(MAKE) $(build)=arch/x86/tools relocs
 

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [tip: core/build] arm64/build: Warn on orphan section placement
  2020-09-02  2:53 ` [PATCH v7 1/5] arm64/build: " Kees Cook
@ 2020-09-07  6:05   ` tip-bot2 for Kees Cook
  0 siblings, 0 replies; 17+ messages in thread
From: tip-bot2 for Kees Cook @ 2020-09-07  6:05 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: Kees Cook, Ingo Molnar, Will Deacon, Nick Desaulniers, x86, LKML

The following commit has been merged into the core/build branch of tip:

Commit-ID:     b3e5d80d0c48c0cc7bce56473672f4e6e1210910
Gitweb:        https://git.kernel.org/tip/b3e5d80d0c48c0cc7bce56473672f4e6e1210910
Author:        Kees Cook <keescook@chromium.org>
AuthorDate:    Tue, 01 Sep 2020 19:53:43 -07:00
Committer:     Ingo Molnar <mingo@kernel.org>
CommitterDate: Thu, 03 Sep 2020 10:28:35 +02:00

arm64/build: Warn on orphan section placement

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker
script.

With all sections now handled, enable orphan section warnings.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Will Deacon <will@kernel.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://lore.kernel.org/r/20200902025347.2504702-2-keescook@chromium.org
---
 arch/arm64/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile
index 6de7f55..081144f 100644
--- a/arch/arm64/Makefile
+++ b/arch/arm64/Makefile
@@ -29,6 +29,10 @@ LDFLAGS_vmlinux	+= --fix-cortex-a53-843419
   endif
 endif
 
+# We never want expected sections to be placed heuristically by the
+# linker. All sections should be explicitly named in the linker script.
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
+
 ifeq ($(CONFIG_ARM64_USE_LSE_ATOMICS), y)
   ifneq ($(CONFIG_ARM64_LSE_ATOMICS), y)
 $(warning LSE atomics not supported by binutils)

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [tip: core/build] arm/build: Warn on orphan section placement
  2020-09-02  2:53 ` [PATCH v7 2/5] arm/build: " Kees Cook
@ 2020-09-07  6:05   ` tip-bot2 for Kees Cook
  0 siblings, 0 replies; 17+ messages in thread
From: tip-bot2 for Kees Cook @ 2020-09-07  6:05 UTC (permalink / raw)
  To: linux-tip-commits; +Cc: Kees Cook, Ingo Molnar, Nick Desaulniers, x86, LKML

The following commit has been merged into the core/build branch of tip:

Commit-ID:     5a17850e251a55bba6d65aefbfeacfa9888cd2cd
Gitweb:        https://git.kernel.org/tip/5a17850e251a55bba6d65aefbfeacfa9888cd2cd
Author:        Kees Cook <keescook@chromium.org>
AuthorDate:    Tue, 01 Sep 2020 19:53:44 -07:00
Committer:     Ingo Molnar <mingo@kernel.org>
CommitterDate: Thu, 03 Sep 2020 10:28:35 +02:00

arm/build: Warn on orphan section placement

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker
script.

Specifically, this would have made a recently fixed bug very obvious:

ld: warning: orphan section `.fixup' from `arch/arm/lib/copy_from_user.o' being placed in section `.fixup'

With all sections handled, enable orphan section warning.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://lore.kernel.org/r/20200902025347.2504702-3-keescook@chromium.org
---
 arch/arm/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/arm/Makefile b/arch/arm/Makefile
index 4e87735..e589da3 100644
--- a/arch/arm/Makefile
+++ b/arch/arm/Makefile
@@ -16,6 +16,10 @@ LDFLAGS_vmlinux	+= --be8
 KBUILD_LDFLAGS_MODULE	+= --be8
 endif
 
+# We never want expected sections to be placed heuristically by the
+# linker. All sections should be explicitly named in the linker script.
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
+
 ifeq ($(CONFIG_ARM_MODULE_PLTS),y)
 KBUILD_LDS_MODULE	+= $(srctree)/arch/arm/kernel/module.lds
 endif

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [tip: core/build] arm/boot: Warn on orphan section placement
  2020-09-02  2:53 ` [PATCH v7 3/5] arm/boot: " Kees Cook
@ 2020-09-07  6:05   ` tip-bot2 for Kees Cook
  0 siblings, 0 replies; 17+ messages in thread
From: tip-bot2 for Kees Cook @ 2020-09-07  6:05 UTC (permalink / raw)
  To: linux-tip-commits; +Cc: Kees Cook, Ingo Molnar, Nick Desaulniers, x86, LKML

The following commit has been merged into the core/build branch of tip:

Commit-ID:     4409d2f8dfe7d5088567d4ba00133f876ee586c7
Gitweb:        https://git.kernel.org/tip/4409d2f8dfe7d5088567d4ba00133f876ee586c7
Author:        Kees Cook <keescook@chromium.org>
AuthorDate:    Tue, 01 Sep 2020 19:53:45 -07:00
Committer:     Ingo Molnar <mingo@kernel.org>
CommitterDate: Thu, 03 Sep 2020 10:28:35 +02:00

arm/boot: Warn on orphan section placement

We don't want to depend on the linker's orphan section placement
heuristics as these can vary between linkers, and may change between
versions. All sections need to be explicitly handled in the linker script.

With all sections now handled, enable orphan section warning.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://lore.kernel.org/r/20200902025347.2504702-4-keescook@chromium.org
---
 arch/arm/boot/compressed/Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/arm/boot/compressed/Makefile b/arch/arm/boot/compressed/Makefile
index b1147b7..58028ab 100644
--- a/arch/arm/boot/compressed/Makefile
+++ b/arch/arm/boot/compressed/Makefile
@@ -123,6 +123,8 @@ endif
 LDFLAGS_vmlinux += --no-undefined
 # Delete all temporary local symbols
 LDFLAGS_vmlinux += -X
+# Report orphan sections
+LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
 # Next argument is a linker script
 LDFLAGS_vmlinux += -T
 

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: [PATCH v7 4/5] x86/build: Warn on orphan section placement
  2020-09-05 22:48   ` Arvind Sankar
@ 2020-09-08 20:17     ` Arvind Sankar
  0 siblings, 0 replies; 17+ messages in thread
From: Arvind Sankar @ 2020-09-08 20:17 UTC (permalink / raw)
  To: Arvind Sankar
  Cc: Kees Cook, Ingo Molnar, Borislav Petkov, Catalin Marinas,
	Mark Rutland, Ard Biesheuvel, Peter Collingbourne, James Morse,
	Ingo Molnar, Russell King, Masahiro Yamada, Nick Desaulniers,
	Nathan Chancellor, Arnd Bergmann, x86, clang-built-linux,
	linux-arch, linux-efi, linux-arm-kernel, linux-kernel

On Sat, Sep 05, 2020 at 06:48:35PM -0400, Arvind Sankar wrote:
> On Tue, Sep 01, 2020 at 07:53:46PM -0700, Kees Cook wrote:
> > We don't want to depend on the linker's orphan section placement
> > heuristics as these can vary between linkers, and may change between
> > versions. All sections need to be explicitly handled in the linker script.
> > 
> > Now that all sections are explicitly handled, enable orphan section
> > warnings.
> > 
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> > ---
> >  arch/x86/Makefile | 4 ++++
> >  1 file changed, 4 insertions(+)
> > 
> > diff --git a/arch/x86/Makefile b/arch/x86/Makefile
> > index 4346ffb2e39f..154259f18b8b 100644
> > --- a/arch/x86/Makefile
> > +++ b/arch/x86/Makefile
> > @@ -209,6 +209,10 @@ ifdef CONFIG_X86_64
> >  LDFLAGS_vmlinux += -z max-page-size=0x200000
> >  endif
> >  
> > +# We never want expected sections to be placed heuristically by the
> > +# linker. All sections should be explicitly named in the linker script.
> > +LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn)
> > +
> >  archscripts: scripts_basic
> >  	$(Q)$(MAKE) $(build)=arch/x86/tools relocs
> >  
> > -- 
> > 2.25.1
> > 
> 
> With LLVM=1 and GCOV_KERNEL/GCOV_PROFILE_ALL enabled, there are
> .eh_frame sections created. I see that KASAN and KCSAN currently discard
> them. Does GCOV actually need them or should it also discard?
> 
> Thanks.

Also, with LLD 10.0.1 which is going to be the minimum supported
version, the relocation sections etc still generate warnings.

ld.lld: warning:
arch/x86/video/built-in.a(fbdev.o):(.rela.orc_unwind_ip) is being placed
in '.rela.orc_unwind_ip'
ld.lld: warning: .tmp_vmlinux.kallsyms2.o:(.rela.rodata) is being placed
in '.rela.rodata'
ld.lld: warning: <internal>:(.bss.rel.ro) is being placed in
'.bss.rel.ro'
ld.lld: warning: <internal>:(.eh_frame) is being placed in '.eh_frame'
ld.lld: warning: <internal>:(.symtab_shndx) is being placed in
'.symtab_shndx'

^ permalink raw reply	[flat|nested] 17+ messages in thread

end of thread, other threads:[~2020-09-08 20:17 UTC | newest]

Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-02  2:53 [PATCH v7 0/5] Warn on orphan section placement Kees Cook
2020-09-02  2:53 ` [PATCH v7 1/5] arm64/build: " Kees Cook
2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-09-02  2:53 ` [PATCH v7 2/5] arm/build: " Kees Cook
2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-09-02  2:53 ` [PATCH v7 3/5] arm/boot: " Kees Cook
2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-09-02  2:53 ` [PATCH v7 4/5] x86/build: " Kees Cook
2020-09-05 22:48   ` Arvind Sankar
2020-09-08 20:17     ` Arvind Sankar
2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-09-02  2:53 ` [PATCH v7 5/5] x86/boot/compressed: " Kees Cook
2020-09-07  6:05   ` [tip: core/build] " tip-bot2 for Kees Cook
2020-09-02 19:04 ` [PATCH v7 0/5] " Nick Desaulniers
2020-09-04  5:58   ` Ingo Molnar
2020-09-04 18:20     ` Kees Cook
2020-09-06  7:24       ` Ingo Molnar

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).