Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp1613331ybv; Sat, 8 Feb 2020 02:05:30 -0800 (PST) X-Google-Smtp-Source: APXvYqw3kNYxrBkRjPghvbakFcwHdf9+gTtonoCVNLJkpUwQOLgg7t2PqRZbxJxHmygVlGTvnHZ+ X-Received: by 2002:a9d:806:: with SMTP id 6mr2780592oty.90.1581156330127; Sat, 08 Feb 2020 02:05:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581156330; cv=none; d=google.com; s=arc-20160816; b=JmUQVZtA6udRcA+J9mZaTEQ51WMX30k2SSIeolcdP7d7mG3D7OuAAqjbNab5K2CjDJ GyamW16ZlgiPxB3bLG3ULNOluphdSQYRzq63OXA2Cds8u+jlEVQMolx9cj+dGzNoXcCA Z59ThLnmRrgMbzralQw6k5loSDX7TCzdAgWfDIIEd3//2gV6CsNMZROr4u9xKqE2IFFG 39xwpem8wadyAugD30T1xlnDM988Wd5df5SHnXAgVBXK+bUj0Go34DQdKDWKhkaQvGyB kinT4I/84H+/2IMr08IFUfT9bkQtPo8aoP7kvGKVkz9Yq3XVyYobQXs4MrfYVFvcTl/S CqDg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=H0xgMzVvnquxmSoa8b2un9FhUW2CIcx5JEQW64zzoig=; b=AFMRQEdL6Ti9lNVzJuBT/+32oi39LGJZkyg7GsGKsdVv8cH/4TNtNYaGAL+2bA28ka MiL4X91qtO/c8Xh2MwReVl+6OunS0wWscAupw6WM1FvZoP7Uw5ZHetFbibyHMDjaOzqr dRqKYWJez+3+qq9ip6/FTvBFW+OQt7MzpI84FahPRHB+fYq0QORyCc6mtH4MtpX1+x/Y pYriqI51D1+Mkk3Jwq9zpk7gFSs3NAXxEyzznPD3Hzj7pUV213caUCUHX3vjIlYXnetP TrRMdZlbASBZFSLDkm61S3jfe3TqJK6iEE6VRPcSckWTYKGQWTKNqjBieD1CNkM/ZGVE mNCQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=PZ4fq6KO; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d22si1172181oti.316.2020.02.08.02.05.15; Sat, 08 Feb 2020 02:05:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=PZ4fq6KO; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726970AbgBHKFG (ORCPT + 99 others); Sat, 8 Feb 2020 05:05:06 -0500 Received: from mail-pl1-f196.google.com ([209.85.214.196]:36250 "EHLO mail-pl1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726876AbgBHKFG (ORCPT ); Sat, 8 Feb 2020 05:05:06 -0500 Received: by mail-pl1-f196.google.com with SMTP id a6so797893plm.3 for ; Sat, 08 Feb 2020 02:05:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=H0xgMzVvnquxmSoa8b2un9FhUW2CIcx5JEQW64zzoig=; b=PZ4fq6KOA2eSPnd8W1jJK5kxEPyXhpQZdTSgiW9rPSj7pjzydNU4g4mL3m0aSpop3p eCrxeox3Bi/EKLVS6i6WlTUEf0cmzdtTUbm6VtjaXVx2qDKM529O5dYcHj8qru6dDStg LfLirUhLJ6HiRByfmjyF46wF+itXbGMcs/8uCAqFLX6/xHd8eXc1BqU3wBnCEhLmx3mv VuAFnYUM4cZwPbY+iFrJS65cndVXbI0VP22VBDfPeXvKPtxi9VHX39h/tqXagI7ORcbd l9w/jTVBhsGT1zNjRWkQ4xbaAn2z3Ot9S8AYiWjd0u1KkCGqssyiU5lZPNPbWi5WaORV QvZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=H0xgMzVvnquxmSoa8b2un9FhUW2CIcx5JEQW64zzoig=; b=MNsgmQ8vaco+iA2GIaayDrkTM9uw8p3M/v66RBneRyKLJNA0vu5IJ69cz2W+OTGYkj WmP4slxkjAnTgho+G7ygkIUGj3MsWxaHPChUK4PqCy9Yn2yaaU6akcMnnhE++0itMl4v Pwq/SfFOFlsgtm3irG3Y1UvUdkDqiDJ/dsDGiAxzIE2JNuhpT4IoqPeOLfYKYAIVo4+0 pfRZAtzgJ2jsBXtjFehce1C7q2oYHG8+UxI5pHQ3fWAuYZIXtXm9b/Q/PDsW37YmER+U JKrfXC1WgoTVs2ZEWCaWh+d1oA1G0hHxTh0ej7ymJCAWCIsAyaCI/wZ+TvO4BT7ThG2n NREQ== X-Gm-Message-State: APjAAAVKqIkU6eLAvduxvfu8yhV5/73UojzOzuVjHGGP8tmk0h8a/OLx y1E/+DwTWQp3AUE5i3j5uf5oz++TEjmQgFbOdU9lAQ== X-Received: by 2002:a17:90a:7784:: with SMTP id v4mr9439882pjk.134.1581156305061; Sat, 08 Feb 2020 02:05:05 -0800 (PST) MIME-Version: 1.0 References: <202002071754.F5F073F1D@keescook> <202002080054.CBBE423@keescook> In-Reply-To: <202002080054.CBBE423@keescook> From: Nick Desaulniers Date: Sat, 8 Feb 2020 10:04:53 +0000 Message-ID: Subject: Re: [PATCH] ARM: rename missed uaccess .fixup section To: Kees Cook Cc: Ard Biesheuvel , Nicolas Pitre , Manoj Gupta , Nathan Chancellor , Russell King - ARM Linux , clang-built-linux , Linux ARM , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Feb 8, 2020 at 9:55 AM Kees Cook wrote: > > On Sat, Feb 08, 2020 at 07:54:39AM +0000, Ard Biesheuvel wrote: > > On Sat, 8 Feb 2020 at 02:02, Kees Cook wrote: > > > > > > When the uaccess .fixup section was renamed to .text.fixup, one case was > > > missed. Under ld.bfd, the orphaned section was moved close to .text > > > (since they share the "ax" bits), so things would work normally on > > > uaccess faults. Under ld.lld, the orphaned section was placed outside > > > the .text section, making it unreachable. Rename the missed section. > > > > > > Link: https://github.com/ClangBuiltLinux/linux/issues/282 > > > Link: https://bugs.chromium.org/p/chromium/issues/detail?id=1020633#c44 > > > Link: https://lore.kernel.org/r/nycvar.YSQ.7.76.1912032147340.17114@knanqh.ubzr > > > Fixes: c4a84ae39b4a5 ("ARM: 8322/1: keep .text and .fixup regions closer together") > > > Cc: stable@vger.kernel.org > > > Reported-by: Nathan Chancellor > > > Reported-by: Manoj Gupta > > > Debugged-by: Nick Desaulniers > > > Signed-off-by: Kees Cook > > > > Reviewed-by: Ard Biesheuvel > > Thanks! > > > As Nick points out, the *(.fixup) line still appears in the > > decompressor's linker script, but this is harmless, given that we > > don't ever emit anything into that section. But while we're at it, we > > might just remove it as well. > > Agreed. I'll send a separate patch for that. Sure, in that case Reviewed-by: Nick Desaulniers > > -Kees > > > > > > > > --- > > > I completely missed this the first several times I looked at this > > > problem. Thank you Nicolas for pushing back on the earlier patch! > > > Manoj or Nathan, can you test this? > > > --- > > > arch/arm/lib/copy_from_user.S | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/arch/arm/lib/copy_from_user.S b/arch/arm/lib/copy_from_user.S > > > index 95b2e1ce559c..f8016e3db65d 100644 > > > --- a/arch/arm/lib/copy_from_user.S > > > +++ b/arch/arm/lib/copy_from_user.S > > > @@ -118,7 +118,7 @@ ENTRY(arm_copy_from_user) > > > > > > ENDPROC(arm_copy_from_user) > > > > > > - .pushsection .fixup,"ax" > > > + .pushsection .text.fixup,"ax" > > > .align 0 > > > copy_abort_preamble > > > ldmfd sp!, {r1, r2, r3} > > > -- > > > 2.20.1 > > > > > > > > > -- > > > Kees Cook > > -- > Kees Cook -- Thanks, ~Nick Desaulniers