Re: [PATCH v4] kallsyms: strip LTO suffixes from static functions

[Nathan Chancellor <nathan@kernel.org>]

On 7/7/2021 11:18 AM, Nick Desaulniers wrote:
> Similar to:
> commit 8b8e6b5d3b01 ("kallsyms: strip ThinLTO hashes from static
> functions")
> 
> It's very common for compilers to modify the symbol name for static
> functions as part of optimizing transformations. That makes hooking
> static functions (that weren't inlined or DCE'd) with kprobes difficult.
> 
> LLVM has yet another name mangling scheme used by thin LTO.  Strip off
> these suffixes so that we can continue to hook such static functions.
> 
> Reported-by: KE.LI(Lieke) <like1@oppo.com>
> Suggested-by: Nathan Chancellor <nathan@kernel.org>
> Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>

Code looks fine, small comment about a comment below.

Reviewed-by: Nathan Chancellor <nathan@kernel.org>

> ---
> Changes v3 -> v4:
> * Convert this function to use IS_ENABLED rather than provide multiple
>    definitions based on preprocessor checks.
> * Add Nathan's suggested-by.
> 
> Changes v2 -> v3:
> * Un-nest preprocessor checks, as per Nathan.
> 
> Changes v1 -> v2:
> * Both mangling schemes can occur for thinLTO + CFI, this new scheme can
>    also occur for thinLTO without CFI. Split cleanup_symbol_name() into
>    two function calls.
> * Drop KE.LI's tested by tag.
> * Do not carry Fangrui's Reviewed by tag.
> * Drop the inline keyword; it is meaningless.
> 
>   kernel/kallsyms.c | 43 ++++++++++++++++++++++++++++++-------------
>   1 file changed, 30 insertions(+), 13 deletions(-)
> 
> diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
> index 4067564ec59f..a10dab216f4f 100644
> --- a/kernel/kallsyms.c
> +++ b/kernel/kallsyms.c
> @@ -171,26 +171,43 @@ static unsigned long kallsyms_sym_address(int idx)
>   	return kallsyms_relative_base - 1 - kallsyms_offsets[idx];
>   }
>   
> -#if defined(CONFIG_CFI_CLANG) && defined(CONFIG_LTO_CLANG_THIN)
> -/*
> - * LLVM appends a hash to static function names when ThinLTO and CFI are
> - * both enabled, i.e. foo() becomes foo$707af9a22804d33c81801f27dcfe489b.
> - * This causes confusion and potentially breaks user space tools, so we
> - * strip the suffix from expanded symbol names.
> - */
> -static inline bool cleanup_symbol_name(char *s)
> +static bool cleanup_symbol_name(char *s)
>   {
>   	char *res;
>   
> +	/*
> +	 * LLVM appends a suffix for local variables that must be promoted to

This says local variables but the example uses a function? Is that correct?

> +	 * global scope as part of ThinLTO. foo() becomes
> +	 * foo.llvm.974640843467629774. This can break hooking of static
> +	 * functions with kprobes.
> +	 */
> +	if (!IS_ENABLED(CONFIG_LTO_CLANG_THIN))
> +		return false;
> +
> +	res = strstr(s, ".llvm.");
> +	if (res) {
> +		*res = '\0';
> +		return true;
> +	}
> +
> +	/*
> +	 * LLVM appends a hash to static function names when ThinLTO and CFI
> +	 * are both enabled, i.e. foo() becomes
> +	 * foo$707af9a22804d33c81801f27dcfe489b. This causes confusion and
> +	 * potentially breaks user space tools, so we strip the suffix from
> +	 * expanded symbol names.
> +	 */
> +	if (!IS_ENABLED(CONFIG_CFI_CLANG))
> +		return false;
> +
>   	res = strrchr(s, '$');
> -	if (res)
> +	if (res) {
>   		*res = '\0';
> +		return true;
> +	}
>   
> -	return res != NULL;
> +	return false;
>   }
> -#else
> -static inline bool cleanup_symbol_name(char *s) { return false; }
> -#endif
>   
>   /* Lookup the address for this symbol. Returns 0 if not found. */
>   unsigned long kallsyms_lookup_name(const char *name)
>