From: Kees Cook <keescook@chromium.org>
To: Sami Tolvanen <samitolvanen@google.com>
Cc: Masahiro Yamada <masahiroy@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Will Deacon <will@kernel.org>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Paul E. McKenney" <paulmck@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
clang-built-linux@googlegroups.com,
kernel-hardening@lists.openwall.com, linux-arch@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-pci@vger.kernel.org
Subject: Re: [PATCH v9 06/16] kbuild: lto: add a default list of used symbols
Date: Fri, 11 Dec 2020 11:32:33 -0800 [thread overview]
Message-ID: <202012111131.E41AFFCDB@keescook> (raw)
In-Reply-To: <20201211184633.3213045-7-samitolvanen@google.com>
On Fri, Dec 11, 2020 at 10:46:23AM -0800, Sami Tolvanen wrote:
> With CONFIG_LTO_CLANG, LLVM bitcode has not yet been compiled into a
> binary when the .mod files are generated, which means they don't yet
> contain references to certain symbols that will be present in the final
> binaries. This includes intrinsic functions, such as memcpy, memmove,
> and memset [1], and stack protector symbols [2]. This change adds a
> default symbol list to use with CONFIG_TRIM_UNUSED_KSYMS when Clang's
> LTO is used.
>
> [1] https://llvm.org/docs/LangRef.html#standard-c-c-library-intrinsics
> [2] https://llvm.org/docs/LangRef.html#llvm-stackprotector-intrinsic
>
> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
> ---
> init/Kconfig | 1 +
> scripts/lto-used-symbollist | 5 +++++
> 2 files changed, 6 insertions(+)
> create mode 100644 scripts/lto-used-symbollist
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 0872a5a2e759..e88c919c1bf1 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -2297,6 +2297,7 @@ config TRIM_UNUSED_KSYMS
> config UNUSED_KSYMS_WHITELIST
> string "Whitelist of symbols to keep in ksymtab"
> depends on TRIM_UNUSED_KSYMS
> + default "scripts/lto-used-symbollist" if LTO_CLANG
> help
> By default, all unused exported symbols will be un-exported from the
> build when TRIM_UNUSED_KSYMS is selected.
> diff --git a/scripts/lto-used-symbollist b/scripts/lto-used-symbollist
> new file mode 100644
> index 000000000000..38e7bb9ebaae
> --- /dev/null
> +++ b/scripts/lto-used-symbollist
> @@ -0,0 +1,5 @@
> +memcpy
> +memmove
> +memset
> +__stack_chk_fail
> +__stack_chk_guard
> --
> 2.29.2.576.ga3fc446d84-goog
>
bikeshed: Should this filename use some kind of extension, like
lto-user-symbols.txt or .list, to make it more human-friendly?
--
Kees Cook
next prev parent reply other threads:[~2020-12-11 21:07 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-11 18:46 [PATCH v9 00/16] Add support for Clang LTO Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 01/16] tracing: move function tracer options to Kconfig Sami Tolvanen
2021-02-24 20:17 ` [PATCH v9 01/16] tracing: move function tracer options to Kconfig (causing parisc build failures) Guenter Roeck
2021-02-24 20:38 ` Kees Cook
2021-02-24 20:54 ` Sami Tolvanen
2021-02-24 22:29 ` Guenter Roeck
2021-02-24 22:28 ` Guenter Roeck
2021-02-24 22:42 ` Kees Cook
2020-12-11 18:46 ` [PATCH v9 02/16] kbuild: add support for Clang LTO Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 03/16] kbuild: lto: fix module versioning Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 04/16] kbuild: lto: limit inlining Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 05/16] kbuild: lto: merge module sections Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 06/16] kbuild: lto: add a default list of used symbols Sami Tolvanen
2020-12-11 19:32 ` Kees Cook [this message]
2020-12-11 19:40 ` Sami Tolvanen
2020-12-11 19:45 ` Nick Desaulniers
2020-12-11 18:46 ` [PATCH v9 07/16] init: lto: ensure initcall ordering Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 08/16] init: lto: fix PREL32 relocations Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 09/16] PCI: Fix PREL32 relocations for LTO Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 10/16] modpost: lto: strip .lto from module names Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 11/16] scripts/mod: disable LTO for empty.c Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 12/16] efi/libstub: disable LTO Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 13/16] drivers/misc/lkdtm: disable LTO for rodata.o Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 14/16] arm64: vdso: disable LTO Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 15/16] arm64: disable recordmcount with DYNAMIC_FTRACE_WITH_REGS Sami Tolvanen
2020-12-11 18:46 ` [PATCH v9 16/16] arm64: allow LTO to be selected Sami Tolvanen
2020-12-11 19:38 ` [PATCH v9 00/16] Add support for Clang LTO Kees Cook
2021-01-09 0:27 ` Kees Cook
2021-01-09 14:54 ` Sedat Dilek
2021-01-09 15:36 ` Josh Poimboeuf
2021-01-09 15:46 ` Sedat Dilek
2021-01-09 16:07 ` Josh Poimboeuf
2021-01-09 16:21 ` Sedat Dilek
2021-01-09 16:32 ` Josh Poimboeuf
2021-01-09 16:45 ` Sedat Dilek
2021-01-09 17:03 ` Josh Poimboeuf
2021-01-09 17:05 ` Josh Poimboeuf
2021-01-09 17:33 ` Sedat Dilek
2021-01-09 23:44 ` Sedat Dilek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202012111131.E41AFFCDB@keescook \
--to=keescook@chromium.org \
--cc=clang-built-linux@googlegroups.com \
--cc=gregkh@linuxfoundation.org \
--cc=jpoimboe@redhat.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=ndesaulniers@google.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=samitolvanen@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).