From: Alice Ryhl <aliceryhl@google.com>
To: Sami Tolvanen <samitolvanen@google.com>
Cc: Kees Cook <kees@kernel.org>,
Nathan Chancellor <nathan@kernel.org>,
Miguel Ojeda <ojeda@kernel.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Gatlin Newhouse <gatlin.newhouse@gmail.com>,
Peter Zijlstra <peterz@infradead.org>,
linux-kernel@vger.kernel.org, rust-for-linux@vger.kernel.org,
llvm@lists.linux.dev, linux-kbuild@vger.kernel.org,
kernel test robot <oliver.sang@intel.com>
Subject: Re: [PATCH] cfi: encode cfi normalized integers + kasan/gcov bug in Kconfig
Date: Thu, 26 Sep 2024 12:38:38 +0200 [thread overview]
Message-ID: <CAH5fLgjoQvxFj5S1s_fUsfSho9QRCV5acHsQxpZdvEztpaxqCw@mail.gmail.com> (raw)
In-Reply-To: <20240926000053.GA3188344@google.com>
On Thu, Sep 26, 2024 at 2:01 AM Sami Tolvanen <samitolvanen@google.com> wrote:
>
> Hi Alice,
>
> On Wed, Sep 25, 2024 at 08:10:18AM +0000, Alice Ryhl wrote:
> > An alternative solution is to inspect a binary created by clang or rustc
> > to see whether the faulty CFI tags are in the binary. This would be a
> > precise check, but it would involve hard-coding the *hashed* version of
> > the CFI tag. This is because there's no way to get clang or rustc to
> > output the unhased version of the CFI tag. Relying on the precise
> > hashing algorithm using by CFI seems too fragile, so I have not pursued
> > this option.
>
> I suppose there would be no need to hardcode hashes in the test,
> it's enough to verify that the hashes for the compiler-emitted
> functions change when integer normalization is enabled. Still, I
> agree that this doesn't sound worth it in this case.
Future compilers could change it so that the same hash works in both
cases. After all, the signatures in question have no integers in them.
> > diff --git a/arch/Kconfig b/arch/Kconfig
> > index ee58df8b1080..b8066bf43153 100644
> > --- a/arch/Kconfig
> > +++ b/arch/Kconfig
> > @@ -829,7 +829,7 @@ config CFI_CLANG
> > config CFI_ICALL_NORMALIZE_INTEGERS
> > bool "Normalize CFI tags for integers"
> > depends on CFI_CLANG
> > - depends on $(cc-option,-fsanitize=kcfi -fsanitize-cfi-icall-experimental-normalize-integers)
> > + depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS
> > help
> > This option normalizes the CFI tags for integer types so that all
> > integer types of the same size and signedness receive the same CFI
> > @@ -842,6 +842,22 @@ config CFI_ICALL_NORMALIZE_INTEGERS
> >
> > This option is necessary for using CFI with Rust. If unsure, say N.
> >
> > +config HAVE_CFI_ICALL_NORMALIZE_INTEGERS
> > + def_bool !GCOV_KERNEL && !KASAN
> > + depends on CFI_CLANG
> > + depends on $(cc-option,-fsanitize=kcfi -fsanitize-cfi-icall-experimental-normalize-integers)
>
> This looks reasonable to me. Thanks for the fix!
>
> Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Thanks for taking a look!
Alice
next prev parent reply other threads:[~2024-09-26 10:38 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-25 8:10 [PATCH] cfi: encode cfi normalized integers + kasan/gcov bug in Kconfig Alice Ryhl
2024-09-26 0:00 ` Sami Tolvanen
2024-09-26 10:38 ` Alice Ryhl [this message]
2024-10-01 5:51 ` Miguel Ojeda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAH5fLgjoQvxFj5S1s_fUsfSho9QRCV5acHsQxpZdvEztpaxqCw@mail.gmail.com \
--to=aliceryhl@google.com \
--cc=gatlin.newhouse@gmail.com \
--cc=kees@kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=masahiroy@kernel.org \
--cc=nathan@kernel.org \
--cc=ojeda@kernel.org \
--cc=oliver.sang@intel.com \
--cc=peterz@infradead.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=samitolvanen@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).