From: Josh Poimboeuf <jpoimboe@redhat.com>
To: Kees Cook <keescook@chromium.org>
Cc: linux-kernel@vger.kernel.org,
Masahiro Yamada <masahiroy@kernel.org>,
Michal Marek <michal.lkml@markovi.net>,
linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org,
Peter Zijlstra <peterz@infradead.org>,
Justin Forbes <jforbes@redhat.com>,
Ondrej Mosnacek <omosnace@redhat.com>
Subject: Re: [PATCH RFC] gcc-plugins: Handle GCC version mismatch for OOT modules
Date: Tue, 26 Jan 2021 17:32:49 -0600 [thread overview]
Message-ID: <20210126233249.ewgdsiazdwbzykqj@treble> (raw)
In-Reply-To: <202101261459.C90E9F97D@keescook>
On Tue, Jan 26, 2021 at 02:59:57PM -0800, Kees Cook wrote:
> On Tue, Jan 26, 2021 at 12:43:16PM -0600, Josh Poimboeuf wrote:
> > On Tue, Jan 26, 2021 at 09:56:10AM -0800, Kees Cook wrote:
> > > On Mon, Jan 25, 2021 at 04:19:53PM -0600, Josh Poimboeuf wrote:
> > > > On Mon, Jan 25, 2021 at 02:03:07PM -0800, Kees Cook wrote:
> > > > > On Mon, Jan 25, 2021 at 02:42:10PM -0600, Josh Poimboeuf wrote:
> > > > > > When a GCC version mismatch is detected, print a warning and disable the
> > > > > > plugin. The only exception is the RANDSTRUCT plugin which needs all
> > > > > > code to see the same struct layouts. In that case print an error.
> > > > >
> > > > > I prefer this patch as-is: only randstruct needs a hard failure. The
> > > > > others likely work (in fact, randstruct likely works too).
> > > >
> > > > I'm curious about this last statement, why would randstruct likely work?
> > > >
> > > > Even struct module has '__randomize_layout', wouldn't basic module init
> > > > go splat?
> > >
> > > No; the seed is part of the generate includes -- you'll get the same
> > > layout with the same seed.
> >
> > Right, but don't you need the plugin enabled to make use of that seed,
> > so the structs get interpreted properly by the module? Or am I
> > completely misunderstanding how this plugin works?
>
> Having the plugin enabled or not is part of the Kconfig ... you can't
> build anything if you change Kconfig. I feel like I'm missing
> something...
I guess we crossed wires somehow. Backing up :-)
The patch disables plugins when there's a GCC mismatch in the OOT module
build, with the exception of RANDSTRUCT, for which it just errors out.
When you said "randstruct likely works too" I thought you meant that
RANDSTRUCT would likely work even if it were disabled in the OOT module
build (i.e. if we removed the RANDSTRUCT special case from the patch).
Or did you mean something else? Like using RANDSTRUCT with a different
version of GCC would likely work?
(I'm definitely not proposing we allow GCC mismatches for plugins, as I
was told that plugins can break from one build to the next).
--
Josh
next prev parent reply other threads:[~2021-01-27 4:49 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-25 20:42 [PATCH RFC] gcc-plugins: Handle GCC version mismatch for OOT modules Josh Poimboeuf
2021-01-25 21:16 ` Masahiro Yamada
2021-01-25 21:27 ` Josh Poimboeuf
2021-01-25 21:44 ` Masahiro Yamada
2021-01-25 22:07 ` Josh Poimboeuf
2021-01-26 8:13 ` Greg KH
2021-01-26 12:44 ` Justin Forbes
2021-01-26 13:51 ` Greg KH
2021-01-26 14:51 ` Josh Poimboeuf
2021-01-26 15:00 ` Greg KH
2021-01-26 15:15 ` Peter Zijlstra
2021-01-26 15:46 ` Josh Poimboeuf
2021-01-26 16:05 ` Peter Zijlstra
2021-01-26 16:15 ` Justin Forbes
2021-01-26 16:19 ` Josh Poimboeuf
2021-01-26 17:06 ` Greg KH
2021-01-26 17:47 ` Justin Forbes
2021-01-26 16:22 ` David Laight
2021-01-27 18:03 ` Christoph Hellwig
2021-01-26 8:12 ` Greg KH
2021-01-25 22:03 ` Kees Cook
2021-01-25 22:19 ` Josh Poimboeuf
2021-01-26 17:56 ` Kees Cook
2021-01-26 18:43 ` Josh Poimboeuf
2021-01-26 22:59 ` Kees Cook
2021-01-26 23:32 ` Josh Poimboeuf [this message]
2021-01-26 1:53 ` Masahiro Yamada
2021-01-26 12:16 ` David Laight
2021-01-27 18:02 ` Christoph Hellwig
2021-01-27 18:38 ` Josh Poimboeuf
2021-01-27 18:43 ` Christoph Hellwig
2021-01-27 18:51 ` Josh Poimboeuf
2021-01-27 22:09 ` David Laight
2021-01-28 14:29 ` Christoph Hellwig
2021-01-28 15:45 ` Josh Poimboeuf
2021-03-02 23:26 ` Josh Poimboeuf
2021-03-03 18:49 ` Masahiro Yamada
2021-03-03 19:15 ` Josh Poimboeuf
2021-03-03 19:25 ` Linus Torvalds
2021-03-03 19:38 ` Josh Poimboeuf
2021-03-03 19:57 ` Linus Torvalds
2021-03-03 20:24 ` Josh Poimboeuf
2021-03-03 20:31 ` Josh Poimboeuf
2021-03-03 20:56 ` Linus Torvalds
2021-03-03 21:45 ` Josh Poimboeuf
2021-03-04 12:27 ` Masahiro Yamada
2021-03-04 15:08 ` Josh Poimboeuf
2021-03-04 15:35 ` Masahiro Yamada
2021-03-04 19:12 ` Linus Torvalds
2021-03-05 2:41 ` Josh Poimboeuf
2021-03-05 2:49 ` Linus Torvalds
2021-03-05 16:03 ` Masahiro Yamada
2021-03-05 19:18 ` Josh Poimboeuf
2021-03-08 9:39 ` David Laight
2021-03-05 15:31 ` Masahiro Yamada
2021-03-03 21:52 ` Kees Cook
2021-03-04 12:26 ` Masahiro Yamada
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210126233249.ewgdsiazdwbzykqj@treble \
--to=jpoimboe@redhat.com \
--cc=jforbes@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=michal.lkml@markovi.net \
--cc=omosnace@redhat.com \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox