Received: by 2002:a05:7208:9594:b0:7e:5202:c8b4 with SMTP id gs20csp156736rbb; Fri, 23 Feb 2024 15:52:15 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCV5RoUMbqLYj5xKXLycNG2Hh8V5OzKJBabAz0nsDwwQfbNzgJ6uZPFcMKySrlqgUQqLz0QQFiH/DZvKhTlfwb3MXb+/P7pVsF7pxSakqw== X-Google-Smtp-Source: AGHT+IF7ILoBX4jUaI76ldl95/FAhDNu4o8mmSUU1NPDpcagaNfM5sOiNcmvsN/zGJrW7stcQLYg X-Received: by 2002:aa7:cf10:0:b0:565:9dbd:33cc with SMTP id a16-20020aa7cf10000000b005659dbd33ccmr212844edy.42.1708732335775; Fri, 23 Feb 2024 15:52:15 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708732335; cv=pass; d=google.com; s=arc-20160816; b=iEu+u9QtooUv9+5/+eYzRnGH6kwR4ZCT1cRGe7mTQMge0SbrqnTUZgFeoRQXU9SPwP oPjWHk4ac437SE9cu8qbP0f7oOZITEhDgtXTigB8By9h8pNrtmq2m1gdy0jdZJZSiJYR 9ic3Uv+oOd/rfZG3O0nQFwE3Qgko72xDGPAhv3J72ssMxeskFqmNqvpmAviJBlsJGrmX 5JpE10wPukAM9E+AC1Dig9vFEeZf6AjwzZxWFzNA794F2gpGK9xHqbd9jNhyQqR+jriF GjCy1+o0UnPdCLAKnx7JzyBpX8L4rOKrM5xQwTlzPuVqLc6JecBn48I8NIbYiU4pKZhP BMew== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=JLZflnFtR+MomtbJ09mQku5GVn57VLGAF/Xrv5PCZG0=; fh=AhtYIxauSYH+6E9GG7byxUK78dJ/gTq/rRYOkntCYh0=; b=MEKqQP7wsdqqnnw9yVraGjI31/QKcX8ldbaiA20hefArAzzlUyCml23gVShyezW1Tv Ofr5OaJkEjVACK2oflUFlEoAwLPna4zQ4vpjFMDavQJlwvomcTWIKBk+pHJRdLS4Ioij bxTEC/Ik6qhdHM5uTipVkZXWj3PwJfE9AKwNtL7MPPnvR3JE4LJOzIVmieIBmEi3IdrK eynmL9Srzkov6IW/0sabjQFnRI2ZhlsKqs2VE8rKVP+9ZemYCg5GJ+aNwJz0hwilhc82 byV3xypqXvJ5YfRDs/B2+4jKGO7u/Gv3p4Tvth7/suLudNw1r2z6d9gXA98D2s/q8zwi eVXg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=MvDk78s+; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-79327-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-79327-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id a28-20020a50c31c000000b0056566dfdbf4si37100edb.81.2024.02.23.15.52.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 23 Feb 2024 15:52:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-79327-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=MvDk78s+; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-79327-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-79327-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 5CCCF1F24453 for ; Fri, 23 Feb 2024 23:52:15 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1C39A14DFF9; Fri, 23 Feb 2024 23:52:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="MvDk78s+" Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7F2F14DFD4 for ; Fri, 23 Feb 2024 23:52:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.179 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708732323; cv=none; b=WJ0C7xJ0sH/d2jGDE7ykXE9ywtPeoKsQy+tKrrUngCkO1kkrQ+FoKc9YGZiGMmh1rF11ALXHH7nLio6Y54QCJXich+uvVN7/ngxz/B5mQGpJbKg/7gbHjLVkV/xofKh+3P4NkziTuftSFsZoqBnObqKoW2etFeJZAa317wehwfQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708732323; c=relaxed/simple; bh=GHuNMsqWXJuF/kg0+z875A2i/BTrjQmPOaqdumwnZn4=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=Q3a7lVk65yfX6pl8GFB1VsVpD/xfJ5Lxi33l3bcivboAIy4U3lLXj21oXxoaOvG8oviJrcheP1jdujNP4CVseocL8K3S79VDnlbSBW2Jg6ge/iEbaRRresdUtvb9jhq5h/7Du1zhDG+ZqsBquS5oe5rWt/SdVjXOOXZ0Zdhjulk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org; spf=pass smtp.mailfrom=chromium.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b=MvDk78s+; arc=none smtp.client-ip=209.85.214.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-1dbae7b8ff2so6017865ad.3 for ; Fri, 23 Feb 2024 15:52:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1708732321; x=1709337121; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=JLZflnFtR+MomtbJ09mQku5GVn57VLGAF/Xrv5PCZG0=; b=MvDk78s+aFAjzTC1a7ODrPD0l7xtefq3Jum7NSDymx7wT9bbL4u8RZiwAUE6e1d2wV c7coTp5aAPKlFlEDJETRJPrWKl5Rhe4Qi7h3DJThPxTkPbMwe+eDf8uzI2Iz5iL5swdJ KWqRQ8pAgJMEMz7hSfl7OnwIkyMEMRIouJhIk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708732321; x=1709337121; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=JLZflnFtR+MomtbJ09mQku5GVn57VLGAF/Xrv5PCZG0=; b=PCay0iAcCvZHic+Al0zwumW7L4/UUTFn8w6D5y00fPRjbRdjz/9cMeDV5ACp1VW5zA Tz/IhLgkGEvBvkd7fvSe/HVjYvDjXdoRVwhi45g+KgNStQOY3HqR0qA8/u/viD7P+l/j aTRKOOVb76RAdZGlf8xFLSpiaQv3hykrBhN/Rzjn9m05ijsano00Gtvq/TrMH/xTNx98 qeon7yJOwMqtfKgy4iwomSPuulkDH6LrJY+nFxinU9Rbgn/FFyw7qD/3wBxYTP7Sys58 Ej9T4YibZJ2KsIvJbsO3RzA3R+h4gETiXNjtFCGL1j8BT/U5iCXdRv0DvjpSyTBGKE06 12PQ== X-Forwarded-Encrypted: i=1; AJvYcCUwRnE2I60TEmPMGJjCd/vZoOCH0wOG4XlowsmL8XSI5jlngFgrgKE5424p8sRLFJ6AwoW2qQJ6XHev31tRoLlnklORg30f/7GM0cjW X-Gm-Message-State: AOJu0YyNcjiCCvzqXcw0nnSXz/y+Aj3kNiz2JrKtj+kvHyIQKw0tkQgv Q3QaWwJ16n0ayBLdr5DNulX1Na+Sg+Jqnqb0mDaqgBncMUu7vgapIV1j9HMc0w== X-Received: by 2002:a17:902:db02:b0:1dc:2d4d:45a1 with SMTP id m2-20020a170902db0200b001dc2d4d45a1mr1859775plx.19.1708732321176; Fri, 23 Feb 2024 15:52:01 -0800 (PST) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id h15-20020a170902f7cf00b001db7ed47968sm12212835plw.30.2024.02.23.15.52.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 23 Feb 2024 15:52:00 -0800 (PST) Date: Fri, 23 Feb 2024 15:52:00 -0800 From: Kees Cook To: Jann Horn Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , linux-kernel@vger.kernel.org Subject: Re: [PATCH 3/3] x86/boot: avoid recompiling kaslr.c for incremental rebuilds Message-ID: <202402231550.80B97C8E@keescook> References: <20240220192144.2050167-1-jannh@google.com> <20240220192144.2050167-4-jannh@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240220192144.2050167-4-jannh@google.com> On Tue, Feb 20, 2024 at 08:21:44PM +0100, Jann Horn wrote: > Currently, every kernel rebuild needs to compile kaslr.c again because > UTS_VERSION changes on every rebuild. > Move the build string into a separate object file to speed things up. > > Signed-off-by: Jann Horn > --- > arch/x86/boot/compressed/dynamic_vars.c | 8 ++++++++ > arch/x86/boot/compressed/dynamic_vars.h | 3 +++ > arch/x86/boot/compressed/kaslr.c | 10 ++-------- > 3 files changed, 13 insertions(+), 8 deletions(-) > > diff --git a/arch/x86/boot/compressed/dynamic_vars.c b/arch/x86/boot/compressed/dynamic_vars.c > index cda64ff4b6da..15a57fbb05e3 100644 > --- a/arch/x86/boot/compressed/dynamic_vars.c > +++ b/arch/x86/boot/compressed/dynamic_vars.c > @@ -1,9 +1,17 @@ > // SPDX-License-Identifier: GPL-2.0 > #include > #include "dynamic_vars.h" > +#include > +#include > +#include > #include "../voffset.h" > > const unsigned long vo__text = VO__text; > const unsigned long vo___bss_start = VO___bss_start; > const unsigned long vo__end = VO__end; > const unsigned long kernel_total_size = VO__end - VO__text; > + > +/* Simplified build-specific string for starting entropy. */ > +const char build_str[] = UTS_RELEASE " (" LINUX_COMPILE_BY "@" > + LINUX_COMPILE_HOST ") (" LINUX_COMPILER ") " UTS_VERSION; > +unsigned long build_str_len = sizeof(build_str)-1; This can be const too, yes? (Also, you didn't want to include the trailing NUL in the xor? Otherwise, yeah, I like this whole series. -- Kees Cook