Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp3100634ybt;
        Mon, 22 Jun 2020 15:09:50 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzNbyivAimuHz7WBmn/YkA2EgZU7D+l92vB17WAuBwSHe2G+xfyUsma6Tj8+lBJhi42AHLr
X-Received: by 2002:aa7:c80d:: with SMTP id a13mr9406350edt.327.1592863790068;
        Mon, 22 Jun 2020 15:09:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1592863790; cv=none;
        d=google.com; s=arc-20160816;
        b=CYMdXIsF5B4KFc4tGTbZIJvul1ar9ZvOfaDY/0gWOmGULxW1kiqD56rjvpwbAXmOQL
         PamFLcOAxwcNUtMCRjeG/hY1LxQ8BUA7Q/T46USvWOwzHUf9qR97BPoU0yL4s6zEiwLy
         w4d5VeT3vpOoBKvDqh9MSD/mGgclFjWvh83exvctSOjL3vwoFuApcSnTMCOwuH169b6b
         vX8F+8O0EJpRmLf8wmdYLvlIEDTMc8KUR5k4o0nlW/duXc8Q5RNJVwcz/Gj+h44rX66u
         bT+LVu4oGHNoIcX5/6YrEB+uKKXTGAxC19HrIOMrpRI2Qyhcsza6b7+BCAFkXCprXkLC
         kzLQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=NZrrNoLnR5tCsJjwkOg87lF2Y56Tb3KMrg75SysWUh0=;
        b=PYvK4vysMPY08uqawWOCOGbbUwVj8ffYDK2qsWVrf4U5L+Mii8AEpWrMZaWheFxv53
         D5D3XObnwXBVzn9KOUb+FAIBIUrGIEd62g3CQ588rPkZ2OedN6GLJ/dYNWryEQQWc9/e
         EM8kf/QG9IavElGAtX2OkYoMotkE62aRlph8kx4Bg+DL7zZE8cDYwe2yVMRamFnT2d+h
         6BP3e4scTtUxReSX4mZawTDEK2GygRDacVSjuRCuzS8m8LeLtwyo5BzUCL04+0N0sOuD
         dHOkI003+KsLgSZLkWcyhcnriX5/IF7mDsABcK0AvPdnaS+xaGEEPjt9Z4Xk8XExdkMc
         LCQQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=UIzUj+ug;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id p91si1202883edb.129.2020.06.22.15.09.26;
        Mon, 22 Jun 2020 15:09:50 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=UIzUj+ug;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730959AbgFVWGf (ORCPT <rfc822;tim.caudrey@gmail.com>
        + 99 others); Mon, 22 Jun 2020 18:06:35 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43694 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1730689AbgFVWGe (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 22 Jun 2020 18:06:34 -0400
Received: from mail-pg1-x542.google.com (mail-pg1-x542.google.com [IPv6:2607:f8b0:4864:20::542])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 092C7C061795
        for <linux-kernel@vger.kernel.org>; Mon, 22 Jun 2020 15:06:33 -0700 (PDT)
Received: by mail-pg1-x542.google.com with SMTP id h10so8866580pgq.10
        for <linux-kernel@vger.kernel.org>; Mon, 22 Jun 2020 15:06:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to;
        bh=NZrrNoLnR5tCsJjwkOg87lF2Y56Tb3KMrg75SysWUh0=;
        b=UIzUj+ug47F49Sp5vy/xR5WhNyTvMNN8hgmawE2K2svYVAvNR0eQkRlHf/Lm0FZZ/X
         7StKvXgVAWbI70D4t9TSVT46cI8wFgWe18KjZIUU2gbeYlypeQsSuhPwI5EvJGBXCknL
         /Sjqg8ACv3WsHhLOyyN1tYm7FtO7k1lZ7q32rJdr8zHbaa4KTHMBuv2T1BhpwNtUagCo
         l8awFGTwHbMp5iHCVsrWdKZ6GOvVD5DtxBa7R/FXwcFNEinFzoIb9d5pNE8nG9vruzlQ
         ZaHn86AGS9putBcaNX0ZgGsgbwCZlbN6Wefc6qbtKgCp3IYJF+C29+n//2QRwmI9FUmO
         aMUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=NZrrNoLnR5tCsJjwkOg87lF2Y56Tb3KMrg75SysWUh0=;
        b=AkkofzXvOEzbjsElMMsAG0zFofcQ+wnOr7Q20K4t1nSxKJ58+q5qBYBJ0Lq7NjZEv3
         FlyGWnG4aLqScXWMVGReBHPquDrJHkbejKK3LTe+DqMjeFtuUj2KirmY/1VdRMF+rUW7
         AKqVTYd4yRoJ9Qlg8lzUnxgAadMnxxRfdhtOAf0Sp1JT9JmfTsAMrRNd5aT6okQzooni
         ObI+OywpWFK3Xa6d/bTnMiuDj/hfZeaDz/2tSfBTVBjbpYfD+PmS111dfVejhEyYvTfe
         qE4OhA8A+QiEP5WonLhQuMtPQDKXKf8qrpQ1rE50sjVjLivLpyyHJVM7KFb2U4cLkMc0
         JXWw==
X-Gm-Message-State: AOAM531PTEzlnnRrWGKZZsrsjp6q6+nNvFDaqQCjyrPo/OPSW/AoUTm+
        1vnCVtZwqhKqTq75fC1ybPcDZQ==
X-Received: by 2002:a63:1d4d:: with SMTP id d13mr6212600pgm.28.1592863592255;
        Mon, 22 Jun 2020 15:06:32 -0700 (PDT)
Received: from google.com ([2620:15c:2ce:0:9efe:9f1:9267:2b27])
        by smtp.gmail.com with ESMTPSA id g65sm14702797pfb.61.2020.06.22.15.06.31
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 22 Jun 2020 15:06:31 -0700 (PDT)
Date:   Mon, 22 Jun 2020 15:06:28 -0700
From:   Fangrui Song <maskray@google.com>
To:     Kees Cook <keescook@chromium.org>
Cc:     Borislav Petkov <bp@suse.de>, Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, x86@kernel.org,
        Arnd Bergmann <arnd@arndb.de>,
        Nick Desaulniers <ndesaulniers@google.com>,
        Nathan Chancellor <natechancellor@gmail.com>,
        clang-built-linux@googlegroups.com, linux-arch@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 3/3] x86/boot: Warn on orphan section placement
Message-ID: <20200622220628.t5fklwmbtqoird5f@google.com>
References: <20200622205341.2987797-1-keescook@chromium.org>
 <20200622205341.2987797-4-keescook@chromium.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <20200622205341.2987797-4-keescook@chromium.org>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 2020-06-22, Kees Cook wrote:
>We don't want to depend on the linker's orphan section placement
>heuristics as these can vary between linkers, and may change between
>versions. All sections need to be explicitly named in the linker
>script.
>
>Add the common debugging sections. Discard the unused note, rel, plt,
>dyn, and hash sections that are not needed in the compressed vmlinux.
>Disable .eh_frame generation in the linker and enable orphan section
>warnings.
>
>Signed-off-by: Kees Cook <keescook@chromium.org>
>---
> arch/x86/boot/compressed/Makefile      |  3 ++-
> arch/x86/boot/compressed/vmlinux.lds.S | 11 +++++++++++
> 2 files changed, 13 insertions(+), 1 deletion(-)
>
>diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
>index 7619742f91c9..646720a05f89 100644
>--- a/arch/x86/boot/compressed/Makefile
>+++ b/arch/x86/boot/compressed/Makefile
>@@ -48,6 +48,7 @@ GCOV_PROFILE := n
> UBSAN_SANITIZE :=n
>
> KBUILD_LDFLAGS := -m elf_$(UTS_MACHINE)
>+KBUILD_LDFLAGS += $(call ld-option,--no-ld-generated-unwind-info)
> # Compressed kernel should be built as PIE since it may be loaded at any
> # address by the bootloader.
> ifeq ($(CONFIG_X86_32),y)
>@@ -59,7 +60,7 @@ else
> KBUILD_LDFLAGS += $(shell $(LD) --help 2>&1 | grep -q "\-z noreloc-overflow" \
> 	&& echo "-z noreloc-overflow -pie --no-dynamic-linker")
> endif
>-LDFLAGS_vmlinux := -T
>+LDFLAGS_vmlinux := --orphan-handling=warn -T
>
> hostprogs	:= mkpiggy
> HOST_EXTRACFLAGS += -I$(srctree)/tools/include
>diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compressed/vmlinux.lds.S
>index 8f1025d1f681..6fe3ecdfd685 100644
>--- a/arch/x86/boot/compressed/vmlinux.lds.S
>+++ b/arch/x86/boot/compressed/vmlinux.lds.S
>@@ -75,5 +75,16 @@ SECTIONS
> 	. = ALIGN(PAGE_SIZE);	/* keep ZO size page aligned */
> 	_end = .;
>
>+	STABS_DEBUG
>+	DWARF_DEBUG
>+
> 	DISCARDS
>+	/DISCARD/ : {
>+		*(.note.*)
>+		*(.rela.*) *(.rela_*)
>+		*(.rel.*) *(.rel_*)
>+		*(.plt) *(.plt.*)
>+		*(.dyn*)
>+		*(.hash) *(.gnu.hash)
>+	}
> }
>-- 
>2.25.1

LLD may report warnings for 3 synthetic sections if they are orphans:

ld.lld: warning: <internal>:(.symtab) is being placed in '.symtab'
ld.lld: warning: <internal>:(.shstrtab) is being placed in '.shstrtab'
ld.lld: warning: <internal>:(.strtab) is being placed in '.strtab'

Are they described?