Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp2674116pxa; Mon, 17 Aug 2020 16:14:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyRM+YmvRxSikWOy9zeJMVZW1yfcP/Sk0WhG0dUxYI7H2TpwpRmDbZGhf2XXq9f1ApnQw0d X-Received: by 2002:a05:6402:b87:: with SMTP id cf7mr17329108edb.131.1597706089938; Mon, 17 Aug 2020 16:14:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597706089; cv=none; d=google.com; s=arc-20160816; b=TJQEL8g/8E/vz3xC3q8+MU68JICmjI5ae0IHhLVVzGbMSp0caoyqpa6pktQ9jwVDgL k/o+ti1uv5hstinQHg34hJqHp0vdTPreTRoZm+/y2oNvWiBhHVA0kyrnkTZzb48DD82L RWwFoP0KTEP60dQ7ootxB9VyxHc95QP06y/oKa73Toi9W8izLfJ3Oru1eB5TSzkv51GH 3kY0Pit8QX6dZ1rcylA838mXnrjAMtDRIqqtRJGsMIjX2qlHTCpwip4/91MNtgV5bScj bQdSu7ImQJN8jxAra58pkr/f3VFJ4UB5LHGMf6Pirx1YDGiUNxdXW9QjM1QZg4cFctvc iMww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:from :subject:references:mime-version:message-id:in-reply-to:date :dkim-signature; bh=UpYGtC8VuPYbMUYzVChohylhl5f+DwA/jtv3WLbpTdU=; b=LF6kwbCdWYMcXbz7mI7T+byLYUAh8zk1M8tor6BUBHImISTZk+xQNfLQvGWl6+i3w6 hliyNRgUE9T0GTvgwLTgruIY+oBDKO3+NnzjsDNyaq1al/tn0Sm/SbYj+Sij+6IRSXJm Oa8il8zXcNg2XeAVQYQsFJ+9I6CLn2Tbu/UfaTHUJ0zbtQcdoHzHGw+cChGc6VZBxGOt /BjnoBad7zRRG70GvGg5SHJqwHfUxnOII+YDEjkRjK3JNlhDqGU4dPUfoMO71lqPVnXx 5fYOvMNDVebWZXBf9hnQaftPOwk6K0tdT58IS0lP+qYCPfVGnX4CkMiZSfy8UA2Ibl2j q5Ow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=LiE9k63v; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p16si12191875ejb.342.2020.08.17.16.14.26; Mon, 17 Aug 2020 16:14:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=LiE9k63v; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729748AbgHQWEu (ORCPT + 99 others); Mon, 17 Aug 2020 18:04:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38748 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729278AbgHQWCY (ORCPT ); Mon, 17 Aug 2020 18:02:24 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C85EC061343 for ; Mon, 17 Aug 2020 15:02:24 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id a14so19694438ybm.13 for ; Mon, 17 Aug 2020 15:02:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc:content-transfer-encoding; bh=UpYGtC8VuPYbMUYzVChohylhl5f+DwA/jtv3WLbpTdU=; b=LiE9k63vyCkhMTzCYeoaOM75uDKE+XeLSj2h/3vVFNBtsbG28nLNlqtKpTLxlj5faJ AAYS7sxuGNAA16qzVg1TR2Xrv4mJvPmQInmvyq957XguEVvW2RlgPL24OfTHYZyM7jTd aYh3VfLRRQofH8X4nGmNCAahxvnwi+L5GwOV6amHL6jODkxTtu+gCzfcVlnUcpjEhjLv i4zVI2Y07P0ZX3H26HpgtYeiV+DfeXO+PoBd/WycXbEG4u3e1rv9smrAfL1pQ1kMTEaR eD9vQkiLdGUIg/t0Cz5lu6Ku1Wop0JRuKdYyFaNxzSm3dlF/+n1KvP2pYqjs2LUfecLh dzLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc:content-transfer-encoding; bh=UpYGtC8VuPYbMUYzVChohylhl5f+DwA/jtv3WLbpTdU=; b=WkwMEkBx8QYzfLRNt+GYFlk9qCgX6rNKIMAay+5geW1cxbkH9UfGhLqhmEjQu/14LU ykztU+J5hw9yyVJ1EByxmlDN7ThTQE0RvCND7cafP5/66Kaf6qc67Z8NgC0GrhJcyu2z NCy6ORzj0PMo7OuSUnDCNW2ZVcFXOA1KqeEyQMYBLmQbV1PijnNSiWvZry81gyZQ20zo mdd+4PmTZjteGLiaHx7KAiwfmeoU0xhZxXoViOIka05uFOX6Ttt9USmdl5rblAGWQeod m78obZOGzPRpqGJ4Cph76MgYxUQ8PyVi3AEtfOpLiQpQzLZySHr9EVc74iGUnBN6zpxS pVHQ== X-Gm-Message-State: AOAM532yZiclXBmYp/FUh6hT3NWfme8qjk+Ex0g+YEmKKlb8XFaReYAt EQ5E4ZUf4heJEVdTuVCTohpwPbkI+QOOKd39mmM= X-Received: by 2002:a25:4252:: with SMTP id p79mr24577079yba.229.1597701743469; Mon, 17 Aug 2020 15:02:23 -0700 (PDT) Date: Mon, 17 Aug 2020 15:02:09 -0700 In-Reply-To: <20200817220212.338670-1-ndesaulniers@google.com> Message-Id: <20200817220212.338670-2-ndesaulniers@google.com> Mime-Version: 1.0 References: <20200817220212.338670-1-ndesaulniers@google.com> X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 1/4] Makefile: add -fno-builtin-stpcpy From: Nick Desaulniers To: Masahiro Yamada , Andrew Morton , Thomas Gleixner , Ingo Molnar , Borislav Petkov Cc: Michal Marek , linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, Kees Cook , Tony Luck , Dmitry Vyukov , Michael Ellerman , Joe Perches , Joel Fernandes , Daniel Axtens , Arvind Sankar , Andy Shevchenko , Alexandru Ardelean , Yury Norov , x86@kernel.org, "H . Peter Anvin" , Ard Biesheuvel , "Paul E . McKenney" , Daniel Kiper , Bruce Ashfield , Marco Elver , Vamshi K Sthambamkadi , Andi Kleen , Linus Torvalds , "=?UTF-8?q?D=C3=A1vid=20Bolvansk=C3=BD?=" , Eli Friedman , Nick Desaulniers , stable@vger.kernel.org, Sami Tolvanen Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org LLVM implemented a recent "libcall optimization" that lowers calls to `sprintf(dest, "%s", str)` where the return value is used to `stpcpy(dest, str) - dest`. This generally avoids the machinery involved in parsing format strings. This optimization was introduced into clang-12. Because the kernel does not provide an implementation of stpcpy, we observe linkage failures for almost all targets when building with ToT clang. The interface is unsafe as it does not perform any bounds checking. Disable this "libcall optimization" via `-fno-builtin-stpcpy`. Unlike commit 5f074f3e192f ("lib/string.c: implement a basic bcmp") which cited failures with `-fno-builtin-*` flags being retained in LLVM LTO, that bug seems to have been fixed by https://reviews.llvm.org/D71193, so the above sha can now be reverted in favor of `-fno-builtin-bcmp`. Cc: stable@vger.kernel.org # 4.4 Link: https://bugs.llvm.org/show_bug.cgi?id=3D47162 Link: https://github.com/ClangBuiltLinux/linux/issues/1126 Link: https://reviews.llvm.org/D85963 Reported-by: Sami Tolvanen Suggested-by: D=C3=A1vid Bolvansk=C3=BD Suggested-by: Kees Cook Signed-off-by: Nick Desaulniers --- Makefile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Makefile b/Makefile index 9cac6fde3479..211a1b6f6478 100644 --- a/Makefile +++ b/Makefile @@ -959,6 +959,12 @@ ifdef CONFIG_RETPOLINE KBUILD_CFLAGS +=3D $(call cc-option,-fcf-protection=3Dnone) endif =20 +# The compiler may "libcall optimize" certain function calls into the belo= w +# functions, for architectures that don't use -ffreestanding. If we don't = plan +# to provide implementations of these routines, then prevent the compiler = from +# emitting calls to what will be undefined symbols. +KBUILD_CFLAGS +=3D -fno-builtin-stpcpy + # include additional Makefiles when needed include-y :=3D scripts/Makefile.extrawarn include-$(CONFIG_KASAN) +=3D scripts/Makefile.kasan --=20 2.28.0.220.ged08abb693-goog