linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Fangrui Song <maskray@google.com>
To: Nick Desaulniers <ndesaulniers@google.com>
Cc: Nathan Chancellor <nathan@kernel.org>,
	Arnd Bergmann <arnd@arndb.de>, Kees Cook <keescook@chromium.org>,
	LKML <linux-kernel@vger.kernel.org>,
	clang-built-linux <clang-built-linux@googlegroups.com>,
	kernel test robot <lkp@intel.com>
Subject: Re: [PATCH] vmlinux.lds.h: Define SANTIZER_DISCARDS with CONFIG_GCOV_KERNEL=y
Date: Fri, 29 Jan 2021 13:27:18 -0800	[thread overview]
Message-ID: <20210129212718.lf7kdw6d5rrtnt4q@google.com> (raw)
In-Reply-To: <CAKwvOdkoivL4+HjXi4aKQbQ7R2J_oKBcMKrSsdxuOGLpseQZcw@mail.gmail.com>

On 2021-01-29, Nick Desaulniers wrote:
>On Fri, Jan 29, 2021 at 12:11 PM Nathan Chancellor <nathan@kernel.org> wrote:
>>
>> clang produces .eh_frame sections when CONFIG_GCOV_KERNEL is enabled,
>> even when -fno-asynchronous-unwind-tables is in KBUILD_CFLAGS:
>>
>> $ make CC=clang vmlinux
>> ...
>> ld: warning: orphan section `.eh_frame' from `init/main.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/version.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/do_mounts.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/do_mounts_initrd.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/initramfs.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/calibrate.o' being placed in section `.eh_frame'
>> ld: warning: orphan section `.eh_frame' from `init/init_task.o' being placed in section `.eh_frame'
>> ...
>>
>> $ rg "GCOV_KERNEL|GCOV_PROFILE_ALL" .config
>> CONFIG_GCOV_KERNEL=y
>> CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y
>> CONFIG_GCOV_PROFILE_ALL=y
>>
>> This was already handled for a couple of other options in
>> commit d812db78288d ("vmlinux.lds.h: Avoid KASAN and KCSAN's unwanted
>> sections") and there is an open LLVM bug for this issue. Take advantage
>> of that section for this config as well so that there are no more orphan
>> warnings.
>>
>> Link: https://bugs.llvm.org/show_bug.cgi?id=46478
>> Link: https://github.com/ClangBuiltLinux/linux/issues/1069
>> Reported-by: kernel test robot <lkp@intel.com>
>> Signed-off-by: Nathan Chancellor <nathan@kernel.org>
>
>Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
>
>I suspect we're going to need to add module level attributes in LLVM
>IR for these options, then check those when synthesizing new function
>definitions within LLVM.  At least we'll be able to point to this file
>and say "hey, this is a general problem in LLVM, and here are 3
>specific cases now where it's a problem."  Not a large problem, but
>would help us save some bytes in the final object.  LLVM is not
>producing data in this section for all code, just these synthesized
>routines.

Maybe. There are also a long list of security features which may impose
additional requirements. Adding a module flag metadata for each such
feature will be a long battle. For .eh_frame, I think it is
important/generic enough and can benefit other applications that
deserves special handling (and I can look into it). For .init_array, I
am not too sure....

>> ---
>>  include/asm-generic/vmlinux.lds.h | 5 +++--
>>  1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
>> index b2b3d81b1535..f753fd449436 100644
>> --- a/include/asm-generic/vmlinux.lds.h
>> +++ b/include/asm-generic/vmlinux.lds.h
>> @@ -988,12 +988,13 @@
>>  #endif
>>
>>  /*
>> - * Clang's -fsanitize=kernel-address and -fsanitize=thread produce
>> + * Clang's -fsanitize=kernel-address, -fsanitize=thread,
>> + * and -fprofile-arcs -ftest-coverage produce unwanted
>>   * unwanted sections (.eh_frame and .init_array.*), but
>>   * CONFIG_CONSTRUCTORS wants to keep any .init_array.* sections.
>>   * https://bugs.llvm.org/show_bug.cgi?id=46478
>>   */
>> -#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KCSAN)
>> +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KCSAN) || defined(CONFIG_GCOV_KERNEL)
>>  # ifdef CONFIG_CONSTRUCTORS
>>  #  define SANITIZER_DISCARDS                                           \
>>         *(.eh_frame)
>>
>> base-commit: bec4c2968fce2f44ce62d05288a633cd99a722eb
>> --
>> 2.30.0
>>

Drop -ftest-coverage. -ftest-coverage just produces .gcno and does not
affect code generation.

Reviewed-by: Fangrui Song <maskray@google.com>

  reply	other threads:[~2021-01-29 21:28 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-29 20:11 Nathan Chancellor
2021-01-29 20:18 ` Nick Desaulniers
2021-01-29 21:27   ` Fangrui Song [this message]
2021-01-30  0:25 ` [PATCH v2] " Nathan Chancellor
2021-01-30  0:39   ` Sedat Dilek
2021-01-30  0:46   ` [PATCH v3] " Nathan Chancellor
2021-02-25 19:28     ` Nathan Chancellor
2021-02-25 21:19     ` Kees Cook

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210129212718.lf7kdw6d5rrtnt4q@google.com \
    --to=maskray@google.com \
    --cc=arnd@arndb.de \
    --cc=clang-built-linux@googlegroups.com \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lkp@intel.com \
    --cc=nathan@kernel.org \
    --cc=ndesaulniers@google.com \
    --subject='Re: [PATCH] vmlinux.lds.h: Define SANTIZER_DISCARDS with CONFIG_GCOV_KERNEL=y' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).