Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp286238pxb; Thu, 14 Apr 2022 22:47:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxm7fw7TyQabdVI7/9Kjdiu7p0UzasGiywc183jViqNG1aaOiS1XQNCD3wk7zyVICvMWSMt X-Received: by 2002:a05:6402:51d2:b0:41c:e157:84f1 with SMTP id r18-20020a05640251d200b0041ce15784f1mr6610166edd.135.1650001624550; Thu, 14 Apr 2022 22:47:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1650001624; cv=none; d=google.com; s=arc-20160816; b=kM5ezvsUXEGwb2YY1sPQoVPdKaPh92sORS3XHRPsP0FNfPgKYutOk9u4uKHZEmqFSv I/FQvAzfUaHSHQC6DodtlfijjQ4LX96fasZiH9SGxM5yorMsmwd9HJscCZDHH75JfmhK w+9T+C5vIk6b82PKBGQAGwqEEJNpEaxs0ShPMQddB4cU8mPNqUOMaj9eGKojxXbDhetN wWMaT6zpvtfzR0b/w1dwKU2x5MTN+Tsuyodis4QqpkXR1tWWELs2CI3ziFCIrD9hWRTU la9byCmtLnOhPZ7ZJA3uocAqX6U4aJI7EpcpYabJLTMUxF39Q9vLraq3EWpgwYXfPDpH HJrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=Mv+7Iz1BPKhhq+LK+IQAxPAtVwGoSMM8gimzeO1IWrg=; b=LB4hiYAF2nOrwE8kGi5xo0vfIoHuHzzz1CRDDlJv9GIwGmMWNYg/5QhttW1hjcrBrI ujtd6PlRZavZjqBftydCARG464lb4FKmPwo3OOuADTj8BeqRKv9PNNJVo3QrdqWOPS00 ReMdySuTnn9hKcWWinLRlUCZCAtzA2Jk2Wr/Fr46eqP6JSCTBdTkE7h6g3pku/f9sL5I H1KFLGtsNdT9L82kq/mBCBHGpZ6LNofVE5icmh5YqW/hRE5yCaF06zC1vaNdTQPrtUBK jMsL7BDXb6hr+lY9ezC4Vc2dneypJEarM5uuNqkYHKIEivyvXXPVotNSYvTdDzM1dd39 p+iQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=H0d3UeW3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v14-20020a1709064e8e00b006e9cd478e1bsi414024eju.764.2022.04.14.22.46.39; Thu, 14 Apr 2022 22:47:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=H0d3UeW3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240522AbiDNHzv (ORCPT + 99 others); Thu, 14 Apr 2022 03:55:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237045AbiDNHzt (ORCPT ); Thu, 14 Apr 2022 03:55:49 -0400 Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61DF6396A8 for ; Thu, 14 Apr 2022 00:53:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=Mv+7Iz1BPKhhq+LK+IQAxPAtVwGoSMM8gimzeO1IWrg=; b=H0d3UeW3Z13qFzf+tl0XxP2tww XauJ1sLV8QWB5Q0eZiXF/gwqEEyHLWMyK0Gd0NC/jNTIHJ43igUnIjJK63yft9nY2r8nr0HCFfumI D8e+z/0R8+DOwmKaZrd0DxIKqKrLAak0zHxghuRwd4xunGrkfkhZ/M8LnAGpSUpmhOiq0UlJqI8BK 4V0pa/SvaeUzrVVaASAyDRkTvway8a7QJj/pweJoyBlio/5sPJMdekxMn4F5kopVQfwQOHgTgkDtJ t8dsmyJ7CXU14fBl82hzN9BqvmmQ7D/+P/Np+6vjpwq3qMEY3s6/pdUj3tZNirgOqtrAIbseElAl2 fcfD55Lw==; Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=noisy.programming.kicks-ass.net) by desiato.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1neuI3-004wtA-0l; Thu, 14 Apr 2022 07:53:19 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id 9924C3000E3; Thu, 14 Apr 2022 09:53:18 +0200 (CEST) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 8277C2C5BC385; Thu, 14 Apr 2022 09:53:18 +0200 (CEST) Date: Thu, 14 Apr 2022 09:53:18 +0200 From: Peter Zijlstra To: Josh Poimboeuf Cc: x86@kernel.org, linux-kernel@vger.kernel.org, Miroslav Benes Subject: Re: [PATCH 10/18] objtool: Extricate ibt from stack validation Message-ID: References: <44a73f724b51c4a994edc43536b7a7ee5e972b40.1649891421.git.jpoimboe@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <44a73f724b51c4a994edc43536b7a7ee5e972b40.1649891421.git.jpoimboe@redhat.com> X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 13, 2022 at 04:19:45PM -0700, Josh Poimboeuf wrote: > Extricate ibt from validate_branch() in preparation for making stack > validation optional. It does a bit more.. > - /* already done in validate_branch() */ > - if (sec->sh.sh_flags & SHF_EXECINSTR) > - continue; > > - if (!sec->reloc) > continue; > > - if (!strncmp(sec->name, ".orc", 4)) > - continue; > > - if (!strncmp(sec->name, ".discard", 8)) > continue; > > - if (!strncmp(sec->name, ".debug", 6)) > continue; > > - if (!strcmp(sec->name, "_error_injection_whitelist")) > continue; > > - if (!strcmp(sec->name, "_kprobe_blacklist")) > continue; > > - is_data = strstr(sec->name, ".data") || strstr(sec->name, ".rodata"); > > - list_for_each_entry(reloc, &sec->reloc->reloc_list, list) { > - struct instruction *dest; > > - dest = validate_ibt_reloc(file, reloc); > - if (is_data && dest && !dest->noendbr) > - warn_noendbr("data ", sec, reloc->offset, dest); > - } So this iterates all sections and excludes a bunch, and only reports fail for .data/.rodata. > +static int validate_ibt(struct objtool_file *file) > +{ > + struct section *sec; > + struct reloc *reloc; > + struct instruction *insn; > + int warnings = 0; > + > + for_each_insn(file, insn) > + warnings += validate_ibt_insn(file, insn); So I specifically didn't do this because I wanted to reduce the amount of loops we do over those instructions. But yeah, if you really want to allow --ibt without --stack-validate (but why?) then I suppose so. Esp. for the vmlinux.o case, iterating all insn can quickly add up to significant time. > + for_each_sec(file, sec) { > + > + if (!strstr(sec->name, ".data") && !strstr(sec->name, ".rodata")) > + continue; But this only iterates .data/.rodata. That's not the same, specifically, it'll not iterate stuff like ksymtab that contains the EXPORT_SYMBOL* crud. The result being that we can now seal EXPORT'ed symbols, which will make modules really sad. There's also the .initcall sections, sealing initcalls typcally ends really badly. And there might be a few others I forgot about. > + if (!sec->reloc) > + continue; > + > + list_for_each_entry(reloc, &sec->reloc->reloc_list, list) > + warnings += validate_ibt_data_reloc(file, reloc); > + } > + > + return warnings; > } > > static int validate_reachable_instructions(struct objtool_file *file) > -- > 2.34.1 >