From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2AF5A168 for ; Wed, 5 Jan 2022 03:25:03 +0000 (UTC) Received: by mail-pf1-f180.google.com with SMTP id 8so33956568pfo.4 for ; Tue, 04 Jan 2022 19:25:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=wkuN5scY3yiYZRl2fRuA4WGrOv7r3w+Jln9UFNacBQM=; b=sMREvPRxGZUwa08eFtR2hiuXSNQvK2z3b4UkIDQKPgoibmig3YKSC5pe3mtAttY7h4 XwK6GVkzJlAQFD2wxzX0eBRmZPIqCLwyrJwVVyBuYbzzF8v1N7MwQVj3P7PuIuTVvo0A rEP82aGHqFCbL7ltVQA9rwNIlRiurCUsJqIQJ75u9fKPGEUjWr+Bd51S25yKt9bNwyWq rcSVy1OCjWXA6fj3PLmN+GdKcNL6LzYc5Ao8OxtZok7AYQCkWdnX56ev9cPw3c3+UGgs dVVe/F8gBmvEA8sYC1WCJBKNz2MM65RNUa7GnJFiSHqVSKWr0g4rG/r7YmFBeeHCDHyO Sfog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=wkuN5scY3yiYZRl2fRuA4WGrOv7r3w+Jln9UFNacBQM=; b=pYDk4Tn1NRLHKEJOtFUNuxQTHYZpRyZayMr5EjhipcM6vblgtlJEXjtCDxcSKkT7IG i5Kt6gGpA4xReKxlfYv7aOcA2RHUwTsts2b5+Vwmi5BNHgNMNf7qV/tPyKE2ZlVLWJ1h KkBDbsCBJSOOJDtXFevKPv4KRZFmxz8vZGpAkGV4qilMnMx9r4id0r8lbxNwEBhr74Pm 59t5bk1CNgWOryPzBR5oi+wLxLN+G2quDuuGwM0TsDVri5r6eA0pgAGonYoNhZyYgquU pVJPrn6mXZD254HKkJlSl7JTSo830NKiF9/XI9qXk9Z+DVl/hvfiOKOuw3ZG2V8sZVP/ ORiQ== X-Gm-Message-State: AOAM530kgVHfgl607UMzm3kpvhE7U2C1yauXidI8azLxMIXdPeaLdpMk 06I7b1ZaMw7h/y7rLs7S43Yobw== X-Google-Smtp-Source: ABdhPJwILBGPaWIQmEOPR6iQ9ZbM+KK4UsIg1jEugYbcKOG7KIm+OYdMXveHNWvOBlsyyUCtrfOdgA== X-Received: by 2002:a63:8149:: with SMTP id t70mr46472429pgd.71.1641353102364; Tue, 04 Jan 2022 19:25:02 -0800 (PST) Received: from google.com ([2620:15c:2ce:200:b78:5a0b:6f2e:23e9]) by smtp.gmail.com with ESMTPSA id a15sm663138pjo.49.2022.01.04.19.24.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jan 2022 19:25:02 -0800 (PST) Date: Tue, 4 Jan 2022 19:24:56 -0800 From: =?utf-8?B?RsSBbmctcnXDrCBTw7JuZw==?= To: Alexander Lobakin Cc: Miroslav Benes , Borislav Petkov , linux-hardening@vger.kernel.org, x86@kernel.org, Jesse Brandeburg , Kristen Carlson Accardi , Kees Cook , Miklos Szeredi , Ard Biesheuvel , Tony Luck , Bruce Schlobohm , Jessica Yu , kernel test robot , Evgenii Shatokhin , Jonathan Corbet , Masahiro Yamada , Michal Marek , Nick Desaulniers , Herbert Xu , "David S. Miller" , Thomas Gleixner , Will Deacon , Ingo Molnar , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Arnd Bergmann , Josh Poimboeuf , Nathan Chancellor , Masami Hiramatsu , Marios Pomonis , Sami Tolvanen , "H.J. Lu" , Nicolas Pitre , linux-kernel@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-arch@vger.kernel.org, live-patching@vger.kernel.org, llvm@lists.linux.dev Subject: Re: [PATCH v9 02/15] livepatch: use `-z unique-symbol` if available to nuke pos-based search Message-ID: <20220105032456.hs3od326sdl4zjv4@google.com> References: <20211223002209.1092165-1-alexandr.lobakin@intel.com> <20211223002209.1092165-3-alexandr.lobakin@intel.com> <20220103160615.7904-1-alexandr.lobakin@intel.com> Precedence: bulk X-Mailing-List: llvm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20220103160615.7904-1-alexandr.lobakin@intel.com> On 2022-01-03, Alexander Lobakin wrote: >From: Miroslav Benes >Date: Mon, 3 Jan 2022 14:55:42 +0100 (CET) > >> On Thu, 30 Dec 2021, Fāng-ruì Sòng wrote: >> >> > On Thu, Dec 30, 2021 at 3:11 AM Borislav Petkov wrote: >> > > >> > > On Thu, Dec 23, 2021 at 01:21:56AM +0100, Alexander Lobakin wrote: >> > > > [PATCH v9 02/15] livepatch: use `-z unique-symbol` if available to nuke pos-based search >> >> ... >> >> > Apologies since I haven't read the patch series. >> > >> > The option does not exist in ld.lld and I am a bit concerning about >> > its semantics: https://maskray.me/blog/2020-11-15-explain-gnu-linker-options#z-unique-symbol >> > >> > I thought that someone forwarded my comments (originally posted months >> > on a feature request ago) here but seems not. >> > (I am a ld.lld maintainer.) >> >> Do you mean >> https://lore.kernel.org/all/20210123225928.z5hkmaw6qjs2gu5g@google.com/T/#u >> ? >> >> Unfortunately, it did not lead anywhere. I think that '-z unique-symbol' >> option should work fine as long as the live patching is concerned. Maybe I >> misunderstood but your concerns mentioned at the blog do not apply. The >> stability is not an issue for us since we (KLP) always work with already >> built and fixed kernel. And(at least) GCC already uses number suffices for >> IPA clones and it has not been a problem anywhere. The stability problem may not happen frequently but is possible if the compiler performs some IPA with new code. Such disturbence is probably more likely with LTO or PGO. For Clang LTO, Makefile currently specifies -mllvm -import-instr-limit=5. If a function close to the boundary happens to cross the boundary, if inlined into other translation units, the stability issue may affect many translation units. >LLD doesn't have such an option, so FG-KASLR + livepatching builds >wouldn't be available for LLVM with the current approach (or we'd >still need a stub that prints "FG-KASLR is not compatible with >sympos != 0"). >Unfortunately, I discovered this a bit late, just after sending this >revision. > >OTOH, there's no easy alternative. pair looks >appealing, but is it even possible for now to implement in the >kernel without much refactoring? pair looks good to me and will solve the stability problem.