From: Kees Cook <keescook@chromium.org>
To: Sami Tolvanen <samitolvanen@google.com>
Cc: Masahiro Yamada <masahiroy@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Will Deacon <will@kernel.org>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Paul E. McKenney" <paulmck@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
clang-built-linux@googlegroups.com,
kernel-hardening@lists.openwall.com, linux-arch@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-pci@vger.kernel.org
Subject: Re: [PATCH v9 06/16] kbuild: lto: add a default list of used symbols
Date: Fri, 11 Dec 2020 11:32:33 -0800 [thread overview]
Message-ID: <202012111131.E41AFFCDB@keescook> (raw)
In-Reply-To: <20201211184633.3213045-7-samitolvanen@google.com>
On Fri, Dec 11, 2020 at 10:46:23AM -0800, Sami Tolvanen wrote:
> With CONFIG_LTO_CLANG, LLVM bitcode has not yet been compiled into a
> binary when the .mod files are generated, which means they don't yet
> contain references to certain symbols that will be present in the final
> binaries. This includes intrinsic functions, such as memcpy, memmove,
> and memset [1], and stack protector symbols [2]. This change adds a
> default symbol list to use with CONFIG_TRIM_UNUSED_KSYMS when Clang's
> LTO is used.
>
> [1] https://llvm.org/docs/LangRef.html#standard-c-c-library-intrinsics
> [2] https://llvm.org/docs/LangRef.html#llvm-stackprotector-intrinsic
>
> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
> ---
> init/Kconfig | 1 +
> scripts/lto-used-symbollist | 5 +++++
> 2 files changed, 6 insertions(+)
> create mode 100644 scripts/lto-used-symbollist
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 0872a5a2e759..e88c919c1bf1 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -2297,6 +2297,7 @@ config TRIM_UNUSED_KSYMS
> config UNUSED_KSYMS_WHITELIST
> string "Whitelist of symbols to keep in ksymtab"
> depends on TRIM_UNUSED_KSYMS
> + default "scripts/lto-used-symbollist" if LTO_CLANG
> help
> By default, all unused exported symbols will be un-exported from the
> build when TRIM_UNUSED_KSYMS is selected.
> diff --git a/scripts/lto-used-symbollist b/scripts/lto-used-symbollist
> new file mode 100644
> index 000000000000..38e7bb9ebaae
> --- /dev/null
> +++ b/scripts/lto-used-symbollist
> @@ -0,0 +1,5 @@
> +memcpy
> +memmove
> +memset
> +__stack_chk_fail
> +__stack_chk_guard
> --
> 2.29.2.576.ga3fc446d84-goog
>
bikeshed: Should this filename use some kind of extension, like
lto-user-symbols.txt or .list, to make it more human-friendly?
--
Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: Sami Tolvanen <samitolvanen@google.com>
Cc: linux-arch@vger.kernel.org,
"Paul E. McKenney" <paulmck@kernel.org>,
kernel-hardening@lists.openwall.com,
Peter Zijlstra <peterz@infradead.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Masahiro Yamada <masahiroy@kernel.org>,
linux-kbuild@vger.kernel.org,
Nick Desaulniers <ndesaulniers@google.com>,
linux-kernel@vger.kernel.org,
Steven Rostedt <rostedt@goodmis.org>,
clang-built-linux@googlegroups.com, linux-pci@vger.kernel.org,
Josh Poimboeuf <jpoimboe@redhat.com>,
Will Deacon <will@kernel.org>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v9 06/16] kbuild: lto: add a default list of used symbols
Date: Fri, 11 Dec 2020 11:32:33 -0800 [thread overview]
Message-ID: <202012111131.E41AFFCDB@keescook> (raw)
In-Reply-To: <20201211184633.3213045-7-samitolvanen@google.com>
On Fri, Dec 11, 2020 at 10:46:23AM -0800, Sami Tolvanen wrote:
> With CONFIG_LTO_CLANG, LLVM bitcode has not yet been compiled into a
> binary when the .mod files are generated, which means they don't yet
> contain references to certain symbols that will be present in the final
> binaries. This includes intrinsic functions, such as memcpy, memmove,
> and memset [1], and stack protector symbols [2]. This change adds a
> default symbol list to use with CONFIG_TRIM_UNUSED_KSYMS when Clang's
> LTO is used.
>
> [1] https://llvm.org/docs/LangRef.html#standard-c-c-library-intrinsics
> [2] https://llvm.org/docs/LangRef.html#llvm-stackprotector-intrinsic
>
> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
> ---
> init/Kconfig | 1 +
> scripts/lto-used-symbollist | 5 +++++
> 2 files changed, 6 insertions(+)
> create mode 100644 scripts/lto-used-symbollist
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 0872a5a2e759..e88c919c1bf1 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -2297,6 +2297,7 @@ config TRIM_UNUSED_KSYMS
> config UNUSED_KSYMS_WHITELIST
> string "Whitelist of symbols to keep in ksymtab"
> depends on TRIM_UNUSED_KSYMS
> + default "scripts/lto-used-symbollist" if LTO_CLANG
> help
> By default, all unused exported symbols will be un-exported from the
> build when TRIM_UNUSED_KSYMS is selected.
> diff --git a/scripts/lto-used-symbollist b/scripts/lto-used-symbollist
> new file mode 100644
> index 000000000000..38e7bb9ebaae
> --- /dev/null
> +++ b/scripts/lto-used-symbollist
> @@ -0,0 +1,5 @@
> +memcpy
> +memmove
> +memset
> +__stack_chk_fail
> +__stack_chk_guard
> --
> 2.29.2.576.ga3fc446d84-goog
>
bikeshed: Should this filename use some kind of extension, like
lto-user-symbols.txt or .list, to make it more human-friendly?
--
Kees Cook
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-12-11 19:32 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-11 18:46 [PATCH v9 00/16] Add support for Clang LTO Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 01/16] tracing: move function tracer options to Kconfig Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2021-02-24 20:17 ` [PATCH v9 01/16] tracing: move function tracer options to Kconfig (causing parisc build failures) Guenter Roeck
2021-02-24 20:17 ` Guenter Roeck
2021-02-24 20:38 ` Kees Cook
2021-02-24 20:38 ` Kees Cook
2021-02-24 20:54 ` Sami Tolvanen
2021-02-24 20:54 ` Sami Tolvanen
2021-02-24 22:29 ` Guenter Roeck
2021-02-24 22:29 ` Guenter Roeck
2021-02-24 22:28 ` Guenter Roeck
2021-02-24 22:28 ` Guenter Roeck
2021-02-24 22:42 ` Kees Cook
2021-02-24 22:42 ` Kees Cook
2020-12-11 18:46 ` [PATCH v9 02/16] kbuild: add support for Clang LTO Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 03/16] kbuild: lto: fix module versioning Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 04/16] kbuild: lto: limit inlining Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 05/16] kbuild: lto: merge module sections Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2021-02-16 21:37 ` Stephen Boyd
2021-02-16 21:37 ` Stephen Boyd
2020-12-11 18:46 ` [PATCH v9 06/16] kbuild: lto: add a default list of used symbols Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 19:32 ` Kees Cook [this message]
2020-12-11 19:32 ` Kees Cook
2020-12-11 19:40 ` Sami Tolvanen
2020-12-11 19:40 ` Sami Tolvanen
2020-12-11 19:45 ` Nick Desaulniers
2020-12-11 19:45 ` Nick Desaulniers
2020-12-11 18:46 ` [PATCH v9 07/16] init: lto: ensure initcall ordering Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 08/16] init: lto: fix PREL32 relocations Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 09/16] PCI: Fix PREL32 relocations for LTO Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 10/16] modpost: lto: strip .lto from module names Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 11/16] scripts/mod: disable LTO for empty.c Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 12/16] efi/libstub: disable LTO Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 13/16] drivers/misc/lkdtm: disable LTO for rodata.o Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 14/16] arm64: vdso: disable LTO Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 15/16] arm64: disable recordmcount with DYNAMIC_FTRACE_WITH_REGS Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 16/16] arm64: allow LTO to be selected Sami Tolvanen
2020-12-11 18:46 ` Sami Tolvanen
2020-12-11 19:38 ` [PATCH v9 00/16] Add support for Clang LTO Kees Cook
2020-12-11 19:38 ` Kees Cook
2021-01-09 0:27 ` Kees Cook
2021-01-09 0:27 ` Kees Cook
2021-01-09 14:54 ` Sedat Dilek
2021-01-09 14:54 ` Sedat Dilek
2021-01-09 15:36 ` Josh Poimboeuf
2021-01-09 15:36 ` Josh Poimboeuf
2021-01-09 15:46 ` Sedat Dilek
2021-01-09 15:46 ` Sedat Dilek
2021-01-09 16:07 ` Josh Poimboeuf
2021-01-09 16:07 ` Josh Poimboeuf
2021-01-09 16:21 ` Sedat Dilek
2021-01-09 16:21 ` Sedat Dilek
2021-01-09 16:32 ` Josh Poimboeuf
2021-01-09 16:32 ` Josh Poimboeuf
2021-01-09 16:45 ` Sedat Dilek
2021-01-09 16:45 ` Sedat Dilek
2021-01-09 17:03 ` Josh Poimboeuf
2021-01-09 17:03 ` Josh Poimboeuf
2021-01-09 17:05 ` Josh Poimboeuf
2021-01-09 17:05 ` Josh Poimboeuf
2021-01-09 17:33 ` Sedat Dilek
2021-01-09 17:33 ` Sedat Dilek
2021-01-09 23:44 ` Sedat Dilek
2021-01-09 23:44 ` Sedat Dilek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202012111131.E41AFFCDB@keescook \
--to=keescook@chromium.org \
--cc=clang-built-linux@googlegroups.com \
--cc=gregkh@linuxfoundation.org \
--cc=jpoimboe@redhat.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=ndesaulniers@google.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=samitolvanen@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.