[PATCH v5] kallsyms: strip LTO suffixes from static functions

[PATCH v5] kallsyms: strip LTO suffixes from static functions

[Nick Desaulniers]

Similar to:
commit 8b8e6b5d3b01 ("kallsyms: strip ThinLTO hashes from static
functions")

It's very common for compilers to modify the symbol name for static
functions as part of optimizing transformations. That makes hooking
static functions (that weren't inlined or DCE'd) with kprobes difficult.

LLVM has yet another name mangling scheme used by thin LTO.

Combine handling of the various schemes by truncating after the first
'.'.  Strip off these suffixes so that we can continue to hook such
static functions.  Clang releases prior to clang-13 would use '$'
instead of '.'

Link: https://reviews.llvm.org/rGc6e5c4654bd5045fe22a1a52779e48e2038a404c
Reported-by: KE.LI(Lieke) <like1@oppo.com>
Suggested-by: Fangrui Song <maskray@google.com>
Suggested-by: Nathan Chancellor <nathan@kernel.org>
Suggested-by: Padmanabha Srinivasaiah <treasure4paddy@gmail.com>
Suggested-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
---
Changes v4 -> v5:
* Absorb Padmanabha Srinivasaiah's patch from
  https://lore.kernel.org/lkml/20210814124224.8551-1-treasure4paddy@gmail.com/.
* Add Padmanabha's Suggested-by tag.
* Rewrite the patch to truncate after first '.', as per Sami's comment
  from
  https://lore.kernel.org/lkml/CABCJKue5Ay6_+8sibzh5wRh3gPzV1g72gJ9m2ot4E1ezj8bpHA@mail.gmail.com/.
* Add Sami's Suggested-by tag.
* Verify that the '$' delimiter only appears for
  thin LTO + CFI + clang <= 12, use __clang_minor__ to check.
* Update comments as per Nathan + Fangrui, add their Suggested-by tags.
* While Nathan + Fangrui did review v4, v5 is too different IMO to carry
  those tags forward.

Changes v3 -> v4:
* Convert this function to use IS_ENABLED rather than provide multiple
  definitions based on preprocessor checks.
* Add Nathan's suggested-by.

Changes v2 -> v3:
* Un-nest preprocessor checks, as per Nathan.

Changes v1 -> v2:
* Both mangling schemes can occur for thinLTO + CFI, this new scheme can
  also occur for thinLTO without CFI. Split cleanup_symbol_name() into
  two function calls.
* Drop KE.LI's tested by tag.
* Do not carry Fangrui's Reviewed by tag.
* Drop the inline keyword; it is meaningless.

 kernel/kallsyms.c | 45 ++++++++++++++++++++++++++++++++-------------
 1 file changed, 32 insertions(+), 13 deletions(-)

diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
index 0ba87982d017..3e4766204b07 100644
--- a/kernel/kallsyms.c
+++ b/kernel/kallsyms.c
@@ -164,26 +164,45 @@ static unsigned long kallsyms_sym_address(int idx)
 	return kallsyms_relative_base - 1 - kallsyms_offsets[idx];
 }
 
-#if defined(CONFIG_CFI_CLANG) && defined(CONFIG_LTO_CLANG_THIN)
-/*
- * LLVM appends a hash to static function names when ThinLTO and CFI are
- * both enabled, i.e. foo() becomes foo$707af9a22804d33c81801f27dcfe489b.
- * This causes confusion and potentially breaks user space tools, so we
- * strip the suffix from expanded symbol names.
- */
-static inline bool cleanup_symbol_name(char *s)
+static bool cleanup_symbol_name(char *s)
 {
 	char *res;
 
+	if (!IS_ENABLED(CONFIG_LTO_CLANG))
+		return false;
+
+	/*
+	 * LLVM appends various suffixes for local functions and variables that must
+	 * be promoted to global scope as part of LTO.  This can break hooking of
+	 * static functions with kprobes. '.' is not a valid character in an
+	 * identifier in C. Suffixes observed:
+	 * - foo.llvm.[0-9a-f]+
+	 * - foo.[0-9a-f]+
+	 * - foo.[0-9a-f]+.cfi_jt
+	 */
+	res = strchr(s, '.');
+	if (res) {
+		*res = '\0';
+		return true;
+	}
+
+	if (!IS_ENABLED(CONFIG_CFI_CLANG) || !IS_ENABLED(CONFIG_LTO_CLANG_THIN) ||
+	    __clang_major__ >= 13)
+		return false;
+
+	/*
+	 * Prior to LLVM 13, the following suffixes were observed when thinLTO
+	 * and CFI are both enabled:
+	 * - foo$[0-9]+
+	 */
 	res = strrchr(s, '$');
-	if (res)
+	if (res) {
 		*res = '\0';
+		return true;
+	}
 
-	return res != NULL;
+	return false;
 }
-#else
-static inline bool cleanup_symbol_name(char *s) { return false; }
-#endif
 
 /* Lookup the address for this symbol. Returns 0 if not found. */
 unsigned long kallsyms_lookup_name(const char *name)

base-commit: 4de593fb965fc2bd11a0b767e0c65ff43540a6e4
-- 
2.33.0.800.g4c38ced690-goog

Re: [PATCH v5] kallsyms: strip LTO suffixes from static functions

[Sami Tolvanen]

On Fri, Oct 1, 2021 at 12:58 PM Nick Desaulniers
<ndesaulniers@google.com> wrote:
>
> Similar to:
> commit 8b8e6b5d3b01 ("kallsyms: strip ThinLTO hashes from static
> functions")
>
> It's very common for compilers to modify the symbol name for static
> functions as part of optimizing transformations. That makes hooking
> static functions (that weren't inlined or DCE'd) with kprobes difficult.
>
> LLVM has yet another name mangling scheme used by thin LTO.
>
> Combine handling of the various schemes by truncating after the first
> '.'.  Strip off these suffixes so that we can continue to hook such
> static functions.  Clang releases prior to clang-13 would use '$'
> instead of '.'
>
> Link: https://reviews.llvm.org/rGc6e5c4654bd5045fe22a1a52779e48e2038a404c
> Reported-by: KE.LI(Lieke) <like1@oppo.com>
> Suggested-by: Fangrui Song <maskray@google.com>
> Suggested-by: Nathan Chancellor <nathan@kernel.org>
> Suggested-by: Padmanabha Srinivasaiah <treasure4paddy@gmail.com>
> Suggested-by: Sami Tolvanen <samitolvanen@google.com>
> Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
> ---
> Changes v4 -> v5:
> * Absorb Padmanabha Srinivasaiah's patch from
>   https://lore.kernel.org/lkml/20210814124224.8551-1-treasure4paddy@gmail.com/.
> * Add Padmanabha's Suggested-by tag.
> * Rewrite the patch to truncate after first '.', as per Sami's comment
>   from
>   https://lore.kernel.org/lkml/CABCJKue5Ay6_+8sibzh5wRh3gPzV1g72gJ9m2ot4E1ezj8bpHA@mail.gmail.com/.
> * Add Sami's Suggested-by tag.
> * Verify that the '$' delimiter only appears for
>   thin LTO + CFI + clang <= 12, use __clang_minor__ to check.
> * Update comments as per Nathan + Fangrui, add their Suggested-by tags.
> * While Nathan + Fangrui did review v4, v5 is too different IMO to carry
>   those tags forward.
>
> Changes v3 -> v4:
> * Convert this function to use IS_ENABLED rather than provide multiple
>   definitions based on preprocessor checks.
> * Add Nathan's suggested-by.
>
> Changes v2 -> v3:
> * Un-nest preprocessor checks, as per Nathan.
>
> Changes v1 -> v2:
> * Both mangling schemes can occur for thinLTO + CFI, this new scheme can
>   also occur for thinLTO without CFI. Split cleanup_symbol_name() into
>   two function calls.
> * Drop KE.LI's tested by tag.
> * Do not carry Fangrui's Reviewed by tag.
> * Drop the inline keyword; it is meaningless.
>
>  kernel/kallsyms.c | 45 ++++++++++++++++++++++++++++++++-------------
>  1 file changed, 32 insertions(+), 13 deletions(-)
>
> diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
> index 0ba87982d017..3e4766204b07 100644
> --- a/kernel/kallsyms.c
> +++ b/kernel/kallsyms.c
> @@ -164,26 +164,45 @@ static unsigned long kallsyms_sym_address(int idx)
>         return kallsyms_relative_base - 1 - kallsyms_offsets[idx];
>  }
>
> -#if defined(CONFIG_CFI_CLANG) && defined(CONFIG_LTO_CLANG_THIN)
> -/*
> - * LLVM appends a hash to static function names when ThinLTO and CFI are
> - * both enabled, i.e. foo() becomes foo$707af9a22804d33c81801f27dcfe489b.
> - * This causes confusion and potentially breaks user space tools, so we
> - * strip the suffix from expanded symbol names.
> - */
> -static inline bool cleanup_symbol_name(char *s)
> +static bool cleanup_symbol_name(char *s)
>  {
>         char *res;
>
> +       if (!IS_ENABLED(CONFIG_LTO_CLANG))
> +               return false;
> +
> +       /*
> +        * LLVM appends various suffixes for local functions and variables that must
> +        * be promoted to global scope as part of LTO.  This can break hooking of
> +        * static functions with kprobes. '.' is not a valid character in an
> +        * identifier in C. Suffixes observed:
> +        * - foo.llvm.[0-9a-f]+
> +        * - foo.[0-9a-f]+
> +        * - foo.[0-9a-f]+.cfi_jt
> +        */
> +       res = strchr(s, '.');
> +       if (res) {
> +               *res = '\0';
> +               return true;
> +       }
> +
> +       if (!IS_ENABLED(CONFIG_CFI_CLANG) || !IS_ENABLED(CONFIG_LTO_CLANG_THIN) ||
> +           __clang_major__ >= 13)
> +               return false;
> +
> +       /*
> +        * Prior to LLVM 13, the following suffixes were observed when thinLTO
> +        * and CFI are both enabled:
> +        * - foo$[0-9]+
> +        */
>         res = strrchr(s, '$');
> -       if (res)
> +       if (res) {
>                 *res = '\0';
> +               return true;
> +       }
>
> -       return res != NULL;
> +       return false;
>  }
> -#else
> -static inline bool cleanup_symbol_name(char *s) { return false; }
> -#endif

Thanks for sending the patch, Nick. This looks correct to me.

Reviewed-by: Sami Tolvanen <samitolvanen@google.com>

Sami

Re: [PATCH v5] kallsyms: strip LTO suffixes from static functions

[Padmanabha Srinivasaiah]

On Fri, Oct 01, 2021 at 01:05:44PM -0700, Sami Tolvanen wrote:
> On Fri, Oct 1, 2021 at 12:58 PM Nick Desaulniers
> <ndesaulniers@google.com> wrote:
> >
> > Similar to:
> > commit 8b8e6b5d3b01 ("kallsyms: strip ThinLTO hashes from static
> > functions")
> >
> > It's very common for compilers to modify the symbol name for static
> > functions as part of optimizing transformations. That makes hooking
> > static functions (that weren't inlined or DCE'd) with kprobes difficult.
> >
> > LLVM has yet another name mangling scheme used by thin LTO.
> >
> > Combine handling of the various schemes by truncating after the first
> > '.'.  Strip off these suffixes so that we can continue to hook such
> > static functions.  Clang releases prior to clang-13 would use '$'
> > instead of '.'
> >
> > Link: https://reviews.llvm.org/rGc6e5c4654bd5045fe22a1a52779e48e2038a404c
> > Reported-by: KE.LI(Lieke) <like1@oppo.com>
> > Suggested-by: Fangrui Song <maskray@google.com>
> > Suggested-by: Nathan Chancellor <nathan@kernel.org>
> > Suggested-by: Padmanabha Srinivasaiah <treasure4paddy@gmail.com>
> > Suggested-by: Sami Tolvanen <samitolvanen@google.com>
> > Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
> > ---
> > Changes v4 -> v5:
> > * Absorb Padmanabha Srinivasaiah's patch from
> >   https://lore.kernel.org/lkml/20210814124224.8551-1-treasure4paddy@gmail.com/.
> > * Add Padmanabha's Suggested-by tag.
> > * Rewrite the patch to truncate after first '.', as per Sami's comment
> >   from
> >   https://lore.kernel.org/lkml/CABCJKue5Ay6_+8sibzh5wRh3gPzV1g72gJ9m2ot4E1ezj8bpHA@mail.gmail.com/.
> > * Add Sami's Suggested-by tag.
> > * Verify that the '$' delimiter only appears for
> >   thin LTO + CFI + clang <= 12, use __clang_minor__ to check.
> > * Update comments as per Nathan + Fangrui, add their Suggested-by tags.
> > * While Nathan + Fangrui did review v4, v5 is too different IMO to carry
> >   those tags forward.
> >
> > Changes v3 -> v4:
> > * Convert this function to use IS_ENABLED rather than provide multiple
> >   definitions based on preprocessor checks.
> > * Add Nathan's suggested-by.
> >
> > Changes v2 -> v3:
> > * Un-nest preprocessor checks, as per Nathan.
> >
> > Changes v1 -> v2:
> > * Both mangling schemes can occur for thinLTO + CFI, this new scheme can
> >   also occur for thinLTO without CFI. Split cleanup_symbol_name() into
> >   two function calls.
> > * Drop KE.LI's tested by tag.
> > * Do not carry Fangrui's Reviewed by tag.
> > * Drop the inline keyword; it is meaningless.
> >
> >  kernel/kallsyms.c | 45 ++++++++++++++++++++++++++++++++-------------
> >  1 file changed, 32 insertions(+), 13 deletions(-)
> >
> > diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
> > index 0ba87982d017..3e4766204b07 100644
> > --- a/kernel/kallsyms.c
> > +++ b/kernel/kallsyms.c
> > @@ -164,26 +164,45 @@ static unsigned long kallsyms_sym_address(int idx)
> >         return kallsyms_relative_base - 1 - kallsyms_offsets[idx];
> >  }
> >
> > -#if defined(CONFIG_CFI_CLANG) && defined(CONFIG_LTO_CLANG_THIN)
> > -/*
> > - * LLVM appends a hash to static function names when ThinLTO and CFI are
> > - * both enabled, i.e. foo() becomes foo$707af9a22804d33c81801f27dcfe489b.
> > - * This causes confusion and potentially breaks user space tools, so we
> > - * strip the suffix from expanded symbol names.
> > - */
> > -static inline bool cleanup_symbol_name(char *s)
> > +static bool cleanup_symbol_name(char *s)
> >  {
> >         char *res;
> >
> > +       if (!IS_ENABLED(CONFIG_LTO_CLANG))
> > +               return false;
> > +
> > +       /*
> > +        * LLVM appends various suffixes for local functions and variables that must
> > +        * be promoted to global scope as part of LTO.  This can break hooking of
> > +        * static functions with kprobes. '.' is not a valid character in an
> > +        * identifier in C. Suffixes observed:
> > +        * - foo.llvm.[0-9a-f]+
> > +        * - foo.[0-9a-f]+
> > +        * - foo.[0-9a-f]+.cfi_jt
> > +        */
> > +       res = strchr(s, '.');
> > +       if (res) {
> > +               *res = '\0';
> > +               return true;
> > +       }
> > +
> > +       if (!IS_ENABLED(CONFIG_CFI_CLANG) || !IS_ENABLED(CONFIG_LTO_CLANG_THIN) ||
> > +           __clang_major__ >= 13)
> > +               return false;
> > +
> > +       /*
> > +        * Prior to LLVM 13, the following suffixes were observed when thinLTO
> > +        * and CFI are both enabled:
> > +        * - foo$[0-9]+
> > +        */
> >         res = strrchr(s, '$');
> > -       if (res)
> > +       if (res) {
> >                 *res = '\0';
> > +               return true;
> > +       }
> >
> > -       return res != NULL;
> > +       return false;
> >  }
> > -#else
> > -static inline bool cleanup_symbol_name(char *s) { return false; }
> > -#endif
> 
> Thanks for sending the patch, Nick. This looks correct to me.
> 
> Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
> 
> Sami

Nick, Thanks for absorbing the patch and sharing same.
Sami, Thanks for reviewing and yours inputs