|
Message-ID: <46bf2261-6707-c37a-0fe4-0d98159a92b2@gmail.com>
Date: Thu, 11 Jun 2020 21:53:52 +0200
From: Mikhail Morfikov <mmorfikov@...il.com>
To: lkrg-users@...ts.openwall.com
Subject: Re: RE: ISRA optimized functions
On 11/06/2020 20:16, Adam Zabrocki wrote:
> I meant "your compiler". You must have enabled optimization flag during
> compilation (-02? -03?). However, as I mentioned you can manually replace the
> name of lookup_fast to lookup_fast.constprop.0 and it will work fine. This
> function is ISRA safe and should CONSTPROP safe as well.
>
Hmm, that's weird because I haven't changed anything in the kernel build
process, except moving from gcc9 to gcc10.
Here's the log when the kernel is built with the gcc9:
kernel: p_lkrg: loading out-of-tree module taints kernel.
kernel: [p_lkrg] Loading LKRG...
kernel: [p_lkrg] System does NOT support SMAP. LKRG can't enforce SMAP validation :(
kernel: Freezing user space processes ... (elapsed 0.154 seconds) done.
kernel: OOM killer disabled.
kernel: [p_lkrg] 8/23 UMH paths were whitelisted...
kernel: [p_lkrg] LKRG initialized successfully!
kernel: OOM killer enabled.
kernel: Restarting tasks ... done.
As you can see, there's no problem because:
# cat /proc/kallsyms|grep lookup_fast
ffffffff864ee250 t lookup_fast
ffffffff86fcbbc0 t nft_hash_lookup_fast
ffffffffc04d53ee t p_pcfi_lookup_fast_entry.cold [p_lkrg]
ffffffffc04ed520 d p_pcfi_lookup_fast_kretprobe [p_lkrg]
ffffffffc04cd130 t p_pcfi_lookup_fast_ret [p_lkrg]
ffffffffc04cd320 t p_install_pcfi_lookup_fast_hook [p_lkrg]
ffffffffc04cd140 t p_pcfi_lookup_fast_entry [p_lkrg]
ffffffffc04cd350 t p_uninstall_pcfi_lookup_fast_hook [p_lkrg]
ffffffffc04f4d74 b p_pcfi_lookup_fast_kretprobe_state [p_lkrg]
So it looks good.
I checked what flags are used when building the kernel via
"make ARCH="x86_64" -j3 bindeb-pkg" , and I got:
$ make ARCH="x86_64" -j3 bindeb-pkg
HOSTCC scripts/kconfig/conf.o
HOSTCC scripts/kconfig/confdata.o
HOSTCC scripts/kconfig/expr.o
HOSTCC scripts/kconfig/lexer.lex.o
HOSTLD scripts/kconfig/conf
scripts/kconfig/conf --syncconfig Kconfig
sh ./scripts/package/mkdebian
dpkg-buildpackage -r"fakeroot -u" -a$(cat debian/arch) -b -nc -uc
dpkg-buildpackage: info: source package linux-5.7.2-amd64
dpkg-buildpackage: info: source version 5.7.2-amd64-7
dpkg-buildpackage: info: source distribution sid
dpkg-buildpackage: info: source changed by Mikhail Morfikov <mmorfikov@...il.com>
dpkg-buildpackage: info: host architecture amd64
dpkg-source --before-build .
debian/rules build
dpkg-buildflags --status
dpkg-buildflags: status: environment variable DEB_BUILD_OPTIONS=parallel=4
dpkg-buildflags: status: environment variable DEB_HOST_ARCH=amd64
dpkg-buildflags: status: vendor is Debian
dpkg-buildflags: status: future features: lfs=no
dpkg-buildflags: status: hardening features: bindnow=no format=yes fortify=yes pie=yes relro=yes stackprotector=yes stackprotectorstrong=yes
dpkg-buildflags: status: qa features: bug=no canary=no
dpkg-buildflags: status: reproducible features: fixdebugpath=yes fixfilepath=no timeless=yes
dpkg-buildflags: status: sanitize features: address=no leak=no thread=no undefined=no
dpkg-buildflags: status: CFLAGS [vendor]: -g -O2 -fdebug-prefix-map=/media/debian_sources/git-kernel/linux-5.7=. -fstack-protector-strong -Wformat -Werror=format-security
dpkg-buildflags: status: CPPFLAGS [vendor]: -Wdate-time -D_FORTIFY_SOURCE=2
dpkg-buildflags: status: CXXFLAGS [vendor]: -g -O2 -fdebug-prefix-map=/media/debian_sources/git-kernel/linux-5.7=. -fstack-protector-strong -Wformat -Werror=format-security
dpkg-buildflags: status: FCFLAGS [vendor]: -g -O2 -fdebug-prefix-map=/media/debian_sources/git-kernel/linux-5.7=. -fstack-protector-strong
dpkg-buildflags: status: FFLAGS [vendor]: -g -O2 -fdebug-prefix-map=/media/debian_sources/git-kernel/linux-5.7=. -fstack-protector-strong
dpkg-buildflags: status: GCJFLAGS [vendor]: -g -O2 -fdebug-prefix-map=/media/debian_sources/git-kernel/linux-5.7=. -fstack-protector-strong
dpkg-buildflags: status: LDFLAGS [vendor]: -Wl,-z,relro
dpkg-buildflags: status: OBJCFLAGS [vendor]: -g -O2 -fdebug-prefix-map=/media/debian_sources/git-kernel/linux-5.7=. -fstack-protector-strong -Wformat -Werror=format-security
dpkg-buildflags: status: OBJCXXFLAGS [vendor]: -g -O2 -fdebug-prefix-map=/media/debian_sources/git-kernel/linux-5.7=. -fstack-protector-strong -Wformat -Werror=format-security
...
The same sets of flags is used when I switch to gcc10, and yet in the case of
gcc10 LKRG has problem with lookup_fast function.
So I assume that when the gcc10 will be default in Debian, LKRG will have this
issue I experience now.
Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.