Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp3087589rwi; Fri, 21 Oct 2022 11:19:57 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6VHcYbFOUAGGRnVFr56+Phl7kLJOGQ3cj9dMrbZ2JDoHEQowHFCjod4f//glIgajjraDCC X-Received: by 2002:a63:1521:0:b0:43c:9566:7a6a with SMTP id v33-20020a631521000000b0043c95667a6amr17245707pgl.339.1666376397124; Fri, 21 Oct 2022 11:19:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666376397; cv=none; d=google.com; s=arc-20160816; b=nLqbEjvyF5Hr30hPa+iVp9V1EzmVMffi9wisDMZ1rJ2gYYubez5ZTE39Cc3hMVKPcd qDBoULJUk/xQ4hYbMrTJZtcDT6ht288x2VmHK9gmfhxbeqVKhrLUHYu7voG1LuUI1LsM QU7Y+GVifXB+SF6f66r7Knqgyes7RlW4gCkFIpOUboYczi5j/H7V6eRb3fHvdTFHtoYC h0z8eryIwtiPQ/hvkHuFgiChx7XOKmyv0Npimak7G4gCHDRqBh7iqA6XjR9C4frumivS 2P1ST6A3SIx6I4duFfpwSd1HANuVdaNAhC32COARUunqi1I+PkuBVCuWj3+rDnNgYHpD 0uOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=jf/Eb/CewThpJ/hWTbFyMXRlobZKi0EOll0w249IASg=; b=WX3tsOSjoJ+QvpXZbB9NYDrfmlMVZqRGfkhZ3XnGjunDO0RUdsGxOQQu/NsntVLiBq LQbEZI0tFpE1tCT/MTTirTgl/u+j16W4UEJ308d2bNhr4aBacSVbDM2n1pZebCj0FEmH LFB+3ygtR28ZeHO3A3UEqJt6/mS8PHh5Kxw8bNcPGQ/au/c+oV9FyYv2Q6U+FlZy6QMq y1fZeQrY70w8ohKTkTXAPZMgixzTAV1zAwXl9nZc0XkymjlRjlNswTUyMD620IKQFYc9 wW8AuHABtrCUIOlNwirSJTHMkhBJ4yE4Iu27TtHDXtEuX8jPc+2dT6Fy8DCRXKU4YZqC UdoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=FjP2s6nG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w8-20020a170902e88800b00182c500d973si31158165plg.43.2022.10.21.11.19.29; Fri, 21 Oct 2022 11:19:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=FjP2s6nG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229788AbiJURkF (ORCPT + 99 others); Fri, 21 Oct 2022 13:40:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51836 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230305AbiJURjx (ORCPT ); Fri, 21 Oct 2022 13:39:53 -0400 Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DFA2A3FD6D for ; Fri, 21 Oct 2022 10:39:51 -0700 (PDT) Received: by mail-ed1-x52a.google.com with SMTP id g27so8562776edf.11 for ; Fri, 21 Oct 2022 10:39:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=jf/Eb/CewThpJ/hWTbFyMXRlobZKi0EOll0w249IASg=; b=FjP2s6nGxVS8vSbGwtA3KWSHKhXX8uLMMdG+La4JzzyBHW4NHjGGaQnizz3lVooFie IzVyvdcrTpQendS3OohqZkGPSatE52FV8Ug+S6d6WNP+VoYS8NVpX4vfrcaeZpOld4y+ CQDkL7FZGdYjOHxLKjFVRrTIaoYWXb/oBNAPCs6g0/zbE8cdMQTsd8PQAr/o7ND2yytX D9Q4/uv6BI89n2p7DXRIFEsAY9SlP4uayCt2MSuUx+emK3UPqMfmc1EQ4zGSadbIfkfi ULPEiSeiXEQhHFkkNtAyJB9I9WPzMLs+d3pfqQIxO+nUVeFrnO6wtr8CMsv1zCns2h5l jtNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jf/Eb/CewThpJ/hWTbFyMXRlobZKi0EOll0w249IASg=; b=Bz2Q6hzrXnGqEuqf+iw7njUCgmzUcTaVgYka1i0nrhfRPo4K4v6rXaIDJN56CDxA9C pLqiOUXJs7PvKcfuHQ0TwCje0KfFxV0Iqc5vP4In0fNvsrZsGwdnemELpq646wHnBRio mGlLzzmsTU6UEtbSLbQvsGAg+XIYvs7jjZa/Su3G2zChakfG9YtQOk2xAgh0MshkkFDy 5xQqMynLOrMkuEh/cegpgipW4g9PmrQshfa7zQFr1iEL+72hXQgSfFfvsqtipI9tDNiZ Jff8ZU2mMRVR0ISh3vKDY4n1rAVM09Sp83yF1POLje/RNcHf0Y1Vzw2iLiSVqdMcW7ID CVFQ== X-Gm-Message-State: ACrzQf2eeHc29Zv4qGAEkLhYPr74s9LzaJoaPvrXh6UnuZ2rFXfRABbZ zF1RA2GJbeXOGXbkEM8bpH4ldH4DnHwAVEloWhfq+w== X-Received: by 2002:a17:907:3f1e:b0:78d:f198:fd00 with SMTP id hq30-20020a1709073f1e00b0078df198fd00mr16066742ejc.730.1666373989777; Fri, 21 Oct 2022 10:39:49 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Sami Tolvanen Date: Fri, 21 Oct 2022 10:39:13 -0700 Message-ID: Subject: Re: kCFI && patchable-function-entry=M,N To: Mark Rutland , Fangrui Song Cc: llvm@lists.linux.dev, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, Joao Moreira , Josh Poimboeuf , Kees Cook , Nathan Chancellor , Nick Desaulniers , Peter Zijlstra Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Oct 21, 2022 at 8:56 AM Mark Rutland wrote: > > Hi, > > For arm64, I'd like to use -fatchable-function-entry=M,N (where N > 0), for our > ftrace implementation, which instruments *some* but not all functions. > Unfortuntately, this doesn't play nicely with -fsanitize=kcfi, as instrumented > and non-instrumented functions don't agree on where the type hash should live > relative to the function entry point, making them incompatible with one another. Yes, the current implementation assumes that if prefix nops are used, all functions have the same number of them. > Is there any mechanism today that we could use to solve this, or could we > extend clang to have some options to control this behaviour? I don't think there's a mechanism to work around the issue right now, but we could just change where the hash is emitted on arm64. > It would also be helpful to have a symbol before both the hash and pre-function > NOPs so that we can filter those out of probes patching (I see that x86 does > this with the __cfi_function symbol). Adding a symbol before the hash isn't a problem, but if we move the hash and want the symbol to be placed before the prefix nops as well, we might need a flag to control this. Fangrui, what do you think? Sami