Re: [PATCH v3 1/3] x86, stackvalidate: Compile-time stack frame pointer validation

[Michal Marek <mmarek@suse.cz>]

On 2015-05-11 18:38, Josh Poimboeuf wrote:
> Frame pointer based stack traces aren't always reliable.  One big reason
> is that most asm functions don't set up the frame pointer.
> 
> Fix that by enforcing that all asm functions honor CONFIG_FRAME_POINTER.
> This is done with a new stackvalidate host tool which is automatically
> run for every compiled .S file and which validates that every asm
> function does the proper frame pointer setup.
> 
> Also, to make sure somebody didn't forget to annotate their callable asm code
> as a function, flag an error for any return instructions which are hiding
> outside of a function.  In almost all cases, return instructions are part of
> callable functions and should be annotated as such so that we can validate
> their frame pointer usage.  A whitelist mechanism exists for those few return
> instructions which are not actually in callable code.
> 
> It currently only supports x86_64.  It *almost* supports x86_32, but the
> stackvalidate code doesn't yet know how to deal with 32-bit REL
> relocations for the return whitelists.  I tried to make the code generic
> so that support for other architectures can be plugged in pretty easily.
> 
> As a first step, all reported non-compliances result in warnings.  Right
> now I'm seeing 200+ warnings.  Once we get them all cleaned up, we can
> change the warnings to build errors so the asm code can stay clean.
> 
> Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
> ---
>  MAINTAINERS                           |   6 +
>  arch/Kconfig                          |   4 +
>  arch/x86/Kconfig                      |   1 +
>  arch/x86/Makefile                     |   6 +-
>  lib/Kconfig.debug                     |  11 ++
>  scripts/Makefile                      |   1 +
>  scripts/Makefile.build                |  22 ++-

For the kbuild parts: Acked-by: Michal Marek <mmarek@suse.cz>


> +int main(int argc, char *argv[])
> +{
> +	struct args args;
> +	struct elf *elf;
> +	struct section *sec;
> +	int ret, warnings = 0;
> +
> +	argp_parse(&argp, argc, argv, 0, 0, &args);
> +
> +	elf = elf_open(args.args[0]);
> +	if (!elf) {
> +		fprintf(stderr, "error reading elf file %s\n", args.args[0]);
> +		return 1;
> +	}
> +
> +	if (is_file_whitelisted(elf))
> +		return 0;
> +
> +	list_for_each_entry(sec, &elf->sections, list) {
> +		ret = validate_section(elf, sec);
> +		if (ret < 0)
> +			return -1;

return 1? Since this is the exit status of the program.

Michal