From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Arnd Bergmann <arnd@arndb.de>, Kees Cook <keescook@chromium.org>,
Mark Rutland <mark.rutland@arm.com>,
Nicolas Boichat <drinkcat@chromium.org>
Subject: [PATCH 4.19 06/43] lkdtm: dont move ctors to .rodata
Date: Mon, 22 Mar 2021 13:28:20 +0100 [thread overview]
Message-ID: <20210322121920.142955352@linuxfoundation.org> (raw)
In-Reply-To: <20210322121919.936671417@linuxfoundation.org>
From: Nicolas Boichat <drinkcat@chromium.org>
From: Mark Rutland <mark.rutland@arm.com>
commit 3f618ab3323407ee4c6a6734a37eb6e9663ebfb9 upstream.
When building with KASAN and LKDTM, clang may implictly generate an
asan.module_ctor function in the LKDTM rodata object. The Makefile moves
the lkdtm_rodata_do_nothing() function into .rodata by renaming the
file's .text section to .rodata, and consequently also moves the ctor
function into .rodata, leading to a boot time crash (splat below) when
the ctor is invoked by do_ctors().
Let's prevent this by marking the function as noinstr rather than
notrace, and renaming the file's .noinstr.text to .rodata. Marking the
function as noinstr will prevent tracing and kprobes, and will inhibit
any undesireable compiler instrumentation.
The ctor function (if any) will be placed in .text and will work
correctly.
Example splat before this patch is applied:
[ 0.916359] Unable to handle kernel execute from non-executable memory at virtual address ffffa0006b60f5ac
[ 0.922088] Mem abort info:
[ 0.922828] ESR = 0x8600000e
[ 0.923635] EC = 0x21: IABT (current EL), IL = 32 bits
[ 0.925036] SET = 0, FnV = 0
[ 0.925838] EA = 0, S1PTW = 0
[ 0.926714] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000000427b3000
[ 0.928489] [ffffa0006b60f5ac] pgd=000000023ffff003, p4d=000000023ffff003, pud=000000023fffe003, pmd=0068000042000f01
[ 0.931330] Internal error: Oops: 8600000e [#1] PREEMPT SMP
[ 0.932806] Modules linked in:
[ 0.933617] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.10.0-rc7 #2
[ 0.935620] Hardware name: linux,dummy-virt (DT)
[ 0.936924] pstate: 40400005 (nZcv daif +PAN -UAO -TCO BTYPE=--)
[ 0.938609] pc : asan.module_ctor+0x0/0x14
[ 0.939759] lr : do_basic_setup+0x4c/0x70
[ 0.940889] sp : ffff27b600177e30
[ 0.941815] x29: ffff27b600177e30 x28: 0000000000000000
[ 0.943306] x27: 0000000000000000 x26: 0000000000000000
[ 0.944803] x25: 0000000000000000 x24: 0000000000000000
[ 0.946289] x23: 0000000000000001 x22: 0000000000000000
[ 0.947777] x21: ffffa0006bf4a890 x20: ffffa0006befb6c0
[ 0.949271] x19: ffffa0006bef9358 x18: 0000000000000068
[ 0.950756] x17: fffffffffffffff8 x16: 0000000000000000
[ 0.952246] x15: 0000000000000000 x14: 0000000000000000
[ 0.953734] x13: 00000000838a16d5 x12: 0000000000000001
[ 0.955223] x11: ffff94000da74041 x10: dfffa00000000000
[ 0.956715] x9 : 0000000000000000 x8 : ffffa0006b60f5ac
[ 0.958199] x7 : f9f9f9f9f9f9f9f9 x6 : 000000000000003f
[ 0.959683] x5 : 0000000000000040 x4 : 0000000000000000
[ 0.961178] x3 : ffffa0006bdc15a0 x2 : 0000000000000005
[ 0.962662] x1 : 00000000000000f9 x0 : ffffa0006bef9350
[ 0.964155] Call trace:
[ 0.964844] asan.module_ctor+0x0/0x14
[ 0.965895] kernel_init_freeable+0x158/0x198
[ 0.967115] kernel_init+0x14/0x19c
[ 0.968104] ret_from_fork+0x10/0x30
[ 0.969110] Code: 00000003 00000000 00000000 00000000 (00000000)
[ 0.970815] ---[ end trace b5339784e20d015c ]---
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Kees Cook <keescook@chromium.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Link: https://lore.kernel.org/r/20201207170533.10738-1-mark.rutland@arm.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
(no changes since v1)
drivers/misc/lkdtm/Makefile | 2 +-
drivers/misc/lkdtm/rodata.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--- a/drivers/misc/lkdtm/Makefile
+++ b/drivers/misc/lkdtm/Makefile
@@ -13,7 +13,7 @@ KCOV_INSTRUMENT_rodata.o := n
OBJCOPYFLAGS :=
OBJCOPYFLAGS_rodata_objcopy.o := \
- --rename-section .text=.rodata,alloc,readonly,load
+ --rename-section .noinstr.text=.rodata,alloc,readonly,load
targets += rodata.o rodata_objcopy.o
$(obj)/rodata_objcopy.o: $(obj)/rodata.o FORCE
$(call if_changed,objcopy)
--- a/drivers/misc/lkdtm/rodata.c
+++ b/drivers/misc/lkdtm/rodata.c
@@ -5,7 +5,7 @@
*/
#include "lkdtm.h"
-void notrace lkdtm_rodata_do_nothing(void)
+void noinstr lkdtm_rodata_do_nothing(void)
{
/* Does nothing. We just want an architecture agnostic "return". */
}
next prev parent reply other threads:[~2021-03-22 12:50 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-22 12:28 [PATCH 4.19 00/43] 4.19.183-rc1 review Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 01/43] ASoC: ak4458: Add MODULE_DEVICE_TABLE Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 02/43] ASoC: ak5558: " Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 03/43] ALSA: hda: generic: Fix the micmute led init state Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 04/43] Revert "PM: runtime: Update device status before letting suppliers suspend" Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 05/43] vmlinux.lds.h: Create section for protection against instrumentation Greg Kroah-Hartman
2021-03-22 12:28 ` Greg Kroah-Hartman [this message]
2021-03-22 12:28 ` [PATCH 4.19 07/43] perf tools: Use %define api.pure full instead of %pure-parser Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 08/43] tools build feature: Check if get_current_dir_name() is available Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 09/43] tools build feature: Check if eventfd() " Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 10/43] tools build: Check if gettid() is available before providing helper Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 11/43] btrfs: fix race when cloning extent buffer during rewind of an old root Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 12/43] btrfs: fix slab cache flags for free space tree bitmap Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 13/43] ASoC: fsl_ssi: Fix TDM slot setup for I2S mode Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 14/43] nvmet: dont check iosqes,iocqes for discovery controllers Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 15/43] NFSD: Repair misuse of sv_lock in 5.10.16-rt30 Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 16/43] svcrdma: disable timeouts on rdma backchannel Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 17/43] sunrpc: fix refcount leak for rpc auth modules Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 18/43] net/qrtr: fix __netdev_alloc_skb call Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 19/43] scsi: lpfc: Fix some error codes in debugfs Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 20/43] nvme-rdma: fix possible hang when failing to set io queues Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 21/43] powerpc: Force inlining of cpu_has_feature() to avoid build failure Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 22/43] usb-storage: Add quirk to defeat Kindles automatic unload Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 23/43] usbip: Fix incorrect double assignment to udc->ud.tcp_rx Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 24/43] USB: replace hardcode maximum usb string length by definition Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 25/43] usb: gadget: configfs: Fix KASAN use-after-free Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 26/43] iio:adc:stm32-adc: Add HAS_IOMEM dependency Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 27/43] iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 28/43] iio: adis16400: Fix an error code in adis16400_initial_setup() Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 29/43] iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 30/43] iio: hid-sensor-humidity: Fix alignment issue of timestamp channel Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 31/43] iio: hid-sensor-prox: Fix scale not correct issue Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 32/43] iio: hid-sensor-temperature: Fix issues of timestamp channel Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 33/43] PCI: rpadlpar: Fix potential drc_name corruption in store functions Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 34/43] perf/x86/intel: Fix a crash caused by zero PEBS status Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 35/43] x86/ioapic: Ignore IRQ2 again Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 36/43] kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 37/43] x86: Move TS_COMPAT back to asm/thread_info.h Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 38/43] x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 39/43] ext4: find old entry again if failed to rename whiteout Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 40/43] ext4: do not try to set xattr into ea_inode if value is empty Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 41/43] ext4: fix potential error in ext4_do_update_inode Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 42/43] genirq: Disable interrupts for force threaded handlers Greg Kroah-Hartman
2021-03-22 12:28 ` [PATCH 4.19 43/43] x86/apic/of: Fix CPU devicetree-node lookups Greg Kroah-Hartman
2021-03-22 14:35 ` [PATCH 4.19 00/43] 4.19.183-rc1 review Jon Hunter
2021-03-22 20:14 ` Pavel Machek
2021-03-22 21:53 ` Guenter Roeck
2021-03-23 7:17 ` Samuel Zou
2021-03-23 10:31 ` Naresh Kamboju
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210322121920.142955352@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=arnd@arndb.de \
--cc=drinkcat@chromium.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).