[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJcbSZEJ-kjcRQD3uHm0QZuOvbHpg9FV=wn7v4-RweDG7J3uqg@mail.gmail.com>
Date: Wed, 18 Oct 2017 16:15:10 -0700
From: Thomas Garnier <thgarnie@...gle.com>
To: "Luis R. Rodriguez" <mcgrof@...nel.org>
Cc: Guenter Roeck <linux@...ck-us.net>, Nicholas Piggin <npiggin@...il.com>,
Herbert Xu <herbert@...dor.apana.org.au>, "David S . Miller" <davem@...emloft.net>,
Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "H . Peter Anvin" <hpa@...or.com>,
Peter Zijlstra <peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...hat.com>,
Arnd Bergmann <arnd@...db.de>, Kees Cook <keescook@...omium.org>,
Andrey Ryabinin <aryabinin@...tuozzo.com>, Matthias Kaehlcke <mka@...omium.org>,
Tom Lendacky <thomas.lendacky@....com>, Andy Lutomirski <luto@...nel.org>,
"Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>, Borislav Petkov <bp@...e.de>,
"Rafael J . Wysocki" <rjw@...ysocki.net>, Len Brown <len.brown@...el.com>, Pavel Machek <pavel@....cz>,
Juergen Gross <jgross@...e.com>, Chris Wright <chrisw@...s-sol.org>,
Alok Kataria <akataria@...are.com>, Rusty Russell <rusty@...tcorp.com.au>, Tejun Heo <tj@...nel.org>,
Christoph Lameter <cl@...ux.com>, Boris Ostrovsky <boris.ostrovsky@...cle.com>,
Paul Gortmaker <paul.gortmaker@...driver.com>, Andrew Morton <akpm@...ux-foundation.org>,
Alexey Dobriyan <adobriyan@...il.com>, "Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>,
Nicolas Pitre <nicolas.pitre@...aro.org>, Borislav Petkov <bp@...en8.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Christopher Li <sparse@...isli.org>,
Steven Rostedt <rostedt@...dmis.org>, Jason Baron <jbaron@...mai.com>,
Mika Westerberg <mika.westerberg@...ux.intel.com>, Dou Liyang <douly.fnst@...fujitsu.com>,
"Rafael J . Wysocki" <rafael.j.wysocki@...el.com>, Lukas Wunner <lukas@...ner.de>,
Masahiro Yamada <yamada.masahiro@...ionext.com>, Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>, Markus Trippelsdorf <markus@...ppelsdorf.de>,
Paolo Bonzini <pbonzini@...hat.com>, Radim Krčmář <rkrcmar@...hat.com>,
Joerg Roedel <joro@...tes.org>, Rik van Riel <riel@...hat.com>, David Howells <dhowells@...hat.com>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>, Waiman Long <longman@...hat.com>,
Kyle Huey <me@...ehuey.com>, Jonathan Corbet <corbet@....net>, Michal Hocko <mhocko@...e.com>,
Peter Foley <pefoley2@...oley.com>, Paul Bolle <pebolle@...cali.nl>, Jiri Kosina <jkosina@...e.cz>,
"H . J . Lu" <hjl.tools@...il.com>, Rob Landley <rob@...dley.net>, Baoquan He <bhe@...hat.com>,
Jan H . Schönherr <jschoenh@...zon.de>,
Daniel Micay <danielmicay@...il.com>, "the arch/x86 maintainers" <x86@...nel.org>,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>,
Linux PM list <linux-pm@...r.kernel.org>, virtualization@...ts.linux-foundation.org,
xen-devel <xen-devel@...ts.xenproject.org>, linux-arch <linux-arch@...r.kernel.org>,
Sparse Mailing-list <linux-sparse@...r.kernel.org>, kvm list <kvm@...r.kernel.org>,
linux-doc@...r.kernel.org,
Kernel Hardening <kernel-hardening@...ts.openwall.com>
Subject: Re: [PATCH v1 15/27] compiler: Option to default to hidden symbols
On Thu, Oct 12, 2017 at 1:02 PM, Luis R. Rodriguez <mcgrof@...nel.org> wrote:
> On Wed, Oct 11, 2017 at 01:30:15PM -0700, Thomas Garnier wrote:
>> Provide an option to default visibility to hidden except for key
>> symbols. This option is disabled by default and will be used by x86_64
>> PIE support to remove errors between compilation units.
>>
>> The default visibility is also enabled for external symbols that are
>> compared as they maybe equals (start/end of sections). In this case,
>> older versions of GCC will remove the comparison if the symbols are
>> hidden. This issue exists at least on gcc 4.9 and before.
>>
>> Signed-off-by: Thomas Garnier <thgarnie@...gle.com>
>
> <-- snip -->
>
>> diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
>> index 86e8f0b2537b..8f021783a929 100644
>> --- a/arch/x86/kernel/cpu/microcode/core.c
>> +++ b/arch/x86/kernel/cpu/microcode/core.c
>> @@ -144,8 +144,8 @@ static bool __init check_loader_disabled_bsp(void)
>> return *res;
>> }
>>
>> -extern struct builtin_fw __start_builtin_fw[];
>> -extern struct builtin_fw __end_builtin_fw[];
>> +extern struct builtin_fw __start_builtin_fw[] __default_visibility;
>> +extern struct builtin_fw __end_builtin_fw[] __default_visibility;
>>
>> bool get_builtin_firmware(struct cpio_data *cd, const char *name)
>> {
>
> <-- snip -->
>
>> diff --git a/include/asm-generic/sections.h b/include/asm-generic/sections.h
>> index e5da44eddd2f..1aa5d6dac9e1 100644
>> --- a/include/asm-generic/sections.h
>> +++ b/include/asm-generic/sections.h
>> @@ -30,6 +30,9 @@
>> * __irqentry_text_start, __irqentry_text_end
>> * __softirqentry_text_start, __softirqentry_text_end
>> */
>> +#ifdef CONFIG_DEFAULT_HIDDEN
>> +#pragma GCC visibility push(default)
>> +#endif
>> extern char _text[], _stext[], _etext[];
>> extern char _data[], _sdata[], _edata[];
>> extern char __bss_start[], __bss_stop[];
>> @@ -46,6 +49,9 @@ extern char __softirqentry_text_start[], __softirqentry_text_end[];
>>
>> /* Start and end of .ctors section - used for constructor calls. */
>> extern char __ctors_start[], __ctors_end[];
>> +#ifdef CONFIG_DEFAULT_HIDDEN
>> +#pragma GCC visibility pop
>> +#endif
>>
>> extern __visible const void __nosave_begin, __nosave_end;
>>
>> diff --git a/include/linux/compiler.h b/include/linux/compiler.h
>> index e95a2631e545..6997716f73bf 100644
>> --- a/include/linux/compiler.h
>> +++ b/include/linux/compiler.h
>> @@ -78,6 +78,14 @@ extern void __chk_io_ptr(const volatile void __iomem *);
>> #include <linux/compiler-clang.h>
>> #endif
>>
>> +/* Useful for Position Independent Code to reduce global references */
>> +#ifdef CONFIG_DEFAULT_HIDDEN
>> +#pragma GCC visibility push(hidden)
>> +#define __default_visibility __attribute__((visibility ("default")))
>
> Does this still work with CONFIG_LD_DEAD_CODE_DATA_ELIMINATION ?
I cannot make it work with or without this change. How is it supposed
to be used?
For me with, it crashes with a bad consdev at:
http://elixir.free-electrons.com/linux/latest/source/drivers/tty/tty_io.c#L3194
>
>> +#else
>> +#define __default_visibility
>> +#endif
>> +
>> /*
>> * Generic compiler-dependent macros required for kernel
>> * build go below this comment. Actual compiler/compiler version
>> diff --git a/init/Kconfig b/init/Kconfig
>> index ccb1d8daf241..b640201fcff7 100644
>> --- a/init/Kconfig
>> +++ b/init/Kconfig
>> @@ -1649,6 +1649,13 @@ config PROFILING
>> config TRACEPOINTS
>> bool
>>
>> +#
>> +# Default to hidden visibility for all symbols.
>> +# Useful for Position Independent Code to reduce global references.
>> +#
>> +config DEFAULT_HIDDEN
>> + bool
>
> Note it is default.
>
> Has 0-day ran through this git tree? It should be easy to get it added for
> testing. Also, even though most changes are x86 based there are some generic
> changes and I'd love a warm fuzzy this won't break odd / random builds.
> Although 0-day does cover a lot of test cases, it only has limited run time
> tests. There are some other test beds which also cover some more obscure
> architectures. Having a test pass on Guenter's test bed would be nice to
> see. For that please coordinate with Guenter if he's willing to run this
> a test for you.
Not yet, plan to give a v1.5 to Kees Cook to keep in one of his tree
for couple weeks. I expect it will identify interesting issues.
>
> Luis
--
Thomas
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
