Received: by 2002:ab2:6a05:0:b0:1f8:1780:a4ed with SMTP id w5csp2268968lqo; Mon, 13 May 2024 12:55:31 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWR3/AC1IPUKAMlr0/3vSxdsLI5UpW3WX7XiDjQ1oOHzAHgl/fuF5+76oUZ+15MjTxeilvHBJW+CeJ0DEN+x1w8ZlVraTZ/pXo5AXQMEw== X-Google-Smtp-Source: AGHT+IHhyOMTrsaoRlC1o669KNCyce1c9uj3UWkaBS7BYSQLGpwMi6BCpJn4PPEXJvxWVzbvRqhK X-Received: by 2002:ae9:ec0a:0:b0:790:b2a3:f86b with SMTP id af79cd13be357-792c759790fmr1088881885a.25.1715630131356; Mon, 13 May 2024 12:55:31 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715630131; cv=pass; d=google.com; s=arc-20160816; b=qO80TeXkLut78i/E2oYhkJMsmZubczMYSeqPC74O7syJlT/fNDowgFGXt6VDfR0F0v xZzGUlVphXpe79rH+3qFXfNbsddhaokMT5k+H3pUaL2x2b5/rj1B9QokWPy94Q2BzlFz R2Wvaz9bB8FmWfCSW0EotVtAC7TUAdikqxyZnf+FMsosTO/+5YdiBUHNrPm5e4kc/BNa fw9F69acQUumf+6XNefK1uhdnU0l9zSNKagJ1CFii2elIQ0AJRYd+UBPpJBYwCNVk9oi UgXGwWhqswxEEgEqZHmd0Blh0kSm35215wSVYeLAhB1N0KxTk5fSXdkf2U1V4IYWOY4P OwKA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :dkim-signature; bh=+L/QJAKhm4Sma54bKYWeDhRohm5ZmYTjH6drv8r9LS0=; fh=4TqhT6mnqM33RRBX1iK7R/qyPJawdRQGBHZnjMpJXF8=; b=VZ6hyheIAoFgqxmh0xiZ6rzFdn8IEJXJ0ZTPASQD7E+TkLrwS66RBFc3LjRRvJsHdJ PqbbnD2H8CyOpPzey1icO9Qr30Z26+Dlub9rYBEJ6JSGNhHh63drJDOQbEZ+YjV0CVmq yO+g37d1sFhnpMXgd6fgEm1bgOvp+VXnHeNGyLqxMwt9JxPhbSbx67rKQp9DWyHZjoK6 w0W559/xfmZpi3Dx60jiKxNryoXSgfme+ZtOAhlX6pNq+TK6GGSexLW9Qxtr4E0RJ/RE +nzMyNFjxhHOcI40tBO0kdGiGfun0WYSC/dya87ZQlWM86KHv1rDWAmM1bS+PKN1BZna I27A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=LbB+OgtX; arc=pass (i=1 spf=pass spfdomain=google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-178052-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-178052-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id af79cd13be357-792bf38d1ddsi1113659185a.707.2024.05.13.12.55.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 13 May 2024 12:55:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-178052-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=LbB+OgtX; arc=pass (i=1 spf=pass spfdomain=google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-178052-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-178052-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 0CA0A1C23250 for ; Mon, 13 May 2024 19:55:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D61877BB15; Mon, 13 May 2024 19:55:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="LbB+OgtX" Received: from mail-vk1-f182.google.com (mail-vk1-f182.google.com [209.85.221.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8406078285 for ; Mon, 13 May 2024 19:55:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.182 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715630117; cv=none; b=BdHA5wDWIly6r3n5PWoraBPscYC/cHq2wQIwpYZa3F8N4SVzgG/tc4EQdhPVn5rS96ImGorjOhO0Ctl6Sa0zHwr1Db4Oy7FjFiLm/8y0F4rBQfO1x3G5M4blq6vBZX/4p3PtqCS9mImuiefmyxbLPM6ikwyEF+R7XXpVEE+LS+A= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715630117; c=relaxed/simple; bh=uBD+lCS1DaJg6jKg9TthY1YebWwqH1WdbY89Bs+ieEE=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=VkB2G6GFHpCjyrY5TChQ8YizoZAtASn66IvVcrhNLDlcHHrkA5hPx1uKZRnH1oqAXxCXYmddCpbk2jHKu/tdMk2SShQ6HPwEe7agFb+QNsh2U/nbJUnPV6rJUK5jI56pOSVbzkV7xMYvt/hBBOVGJAJBVvPGLUWjXoJ6oNNuikA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=LbB+OgtX; arc=none smtp.client-ip=209.85.221.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com Received: by mail-vk1-f182.google.com with SMTP id 71dfb90a1353d-4df6e7414fdso1290050e0c.0 for ; Mon, 13 May 2024 12:55:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1715630114; x=1716234914; darn=vger.kernel.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=+L/QJAKhm4Sma54bKYWeDhRohm5ZmYTjH6drv8r9LS0=; b=LbB+OgtXPsRxrqha6lI297oWOvuDTIEjkmyAPFd2SrHxe0CN+hkNJz0sb5PKb8PsTi 6atRt4hj0qsW52ENIZjfUwx1qLcR4n+F47/YAnTT3qjZuW/TMnGNOp06qs7KscmNwvWu N8jMGvXT4KKLTjs2MQKn3SLbv7rjGO5P1HaqnPFrnYUtri7AyVSovhR+1YfQ8hX7HsO6 jL1RZG4dB9xdythpMtNDPgO89j79jtbNueIU5OYLrRllnbQAIoOuiBdjelqfNbQdfZIE 76bBzMh07lUMjAzaqXAqkXdk2TLlQFyLLjKOwX5eC6XDih9p+MOEMtG+U95cn96SbFWk haaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715630114; x=1716234914; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+L/QJAKhm4Sma54bKYWeDhRohm5ZmYTjH6drv8r9LS0=; b=leWlaepITGFa35HzKWf+nZWc73AccYQE8CC4CVcHIfxEy8ThjltqOR+aAhwmiTk3Bu aDMJzgV589qWkLWx9FAa/SBvAMZQWiaT6lR0N8QHhP6mqqhrPFRo4VZuRI0sdUz8yRgO Hs6h8x8Vd536lUZZYBskhgOeWO6zM0lnAnxJIYXjuevvXINIsVp0JhUKPwMkizS/4bEV Z6hr0sBbIHgkRQbMCvM2VeOVu2fH+pL1NyM94Mp1OwTBXPDwj4HkWWKcScyK0gi9C6SW O+dI/zru+9kSfzSZ1WcurnPrr2hiWHevVrFwg0PIq6/8M8oIKBEtq2+Dhf+gLqbp6KUr dSNA== X-Forwarded-Encrypted: i=1; AJvYcCUtLfzPQoUxMRSSf16TdnxxwXWmReQ1RPMaKlEi7wtydr78zKVwQVqv2ppBRVzYp7wxs62fVjmQmXqBQwl78WZJ1IuOVF+fZX+jdQ7g X-Gm-Message-State: AOJu0YzeJaI9sBlqLzixmc30qs/puDcbo/QObMvUVA91kQ043cklBkFU 105yxpuKwqyJSAgo5VX4sdpa9QQ5adtzRcvIT67kebnaYT36jaqS3prPERgACd0XVH++EOMtEy9 DU4Y2LLq3hCccXTUcg60my1fLBI2Twtrg2+/z X-Received: by 2002:a05:6122:922:b0:4d3:39c3:717c with SMTP id 71dfb90a1353d-4df88286086mr8285451e0c.1.1715630114304; Mon, 13 May 2024 12:55:14 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240506133544.2861555-1-masahiroy@kernel.org> <202405131136.73E766AA8@keescook> In-Reply-To: <202405131136.73E766AA8@keescook> From: Marco Elver Date: Mon, 13 May 2024 21:54:38 +0200 Message-ID: Subject: Re: [PATCH 0/3] kbuild: remove many tool coverage variables To: Kees Cook Cc: Masahiro Yamada , linux-kbuild@vger.kernel.org, linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org, Andrey Ryabinin , Alexander Potapenko , Andrey Konovalov , Dmitry Vyukov , Vincenzo Frascino , Josh Poimboeuf , Peter Zijlstra , Peter Oberparleiter , Roberto Sassu , Johannes Berg , kasan-dev@googlegroups.com, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" On Mon, 13 May 2024 at 20:48, Kees Cook wrote: > > In the future can you CC the various maintainers of the affected > tooling? :) > > On Mon, May 06, 2024 at 10:35:41PM +0900, Masahiro Yamada wrote: > > > > This patch set removes many instances of the following variables: > > > > - OBJECT_FILES_NON_STANDARD > > - KASAN_SANITIZE > > - UBSAN_SANITIZE > > - KCSAN_SANITIZE > > - KMSAN_SANITIZE > > - GCOV_PROFILE > > - KCOV_INSTRUMENT > > > > Such tools are intended only for kernel space objects, most of which > > are listed in obj-y, lib-y, or obj-m. I welcome the simplification, but see below. > This is a reasonable assertion, and the changes really simplify things > now and into the future. Thanks for finding such a clean solution! I > note that it also immediately fixes the issue noticed and fixed here: > https://lore.kernel.org/all/20240513122754.1282833-1-roberto.sassu@huaweicloud.com/ > > > The best guess is, objects in $(obj-y), $(lib-y), $(obj-m) can opt in > > such tools. Otherwise, not. > > > > This works in most places. > > I am worried about the use of "guess" and "most", though. :) Before, we > had some clear opt-out situations, and now it's more of a side-effect. I > think this is okay, but I'd really like to know more about your testing. > > It seems like you did build testing comparing build flags, since you > call out some of the explicit changes in patch 2, quoting: > > > - include arch/mips/vdso/vdso-image.o into UBSAN, GCOV, KCOV > > - include arch/sparc/vdso/vdso-image-*.o into UBSAN > > - include arch/sparc/vdso/vma.o into UBSAN > > - include arch/x86/entry/vdso/extable.o into KASAN, KCSAN, UBSAN, GCOV, KCOV > > - include arch/x86/entry/vdso/vdso-image-*.o into KASAN, KCSAN, UBSAN, GCOV, KCOV > > - include arch/x86/entry/vdso/vdso32-setup.o into KASAN, KCSAN, UBSAN, GCOV, KCOV > > - include arch/x86/entry/vdso/vma.o into GCOV, KCOV > > - include arch/x86/um/vdso/vma.o into KASAN, GCOV, KCOV > > I would agree that these cases are all likely desirable. > > Did you find any cases where you found that instrumentation was _removed_ > where not expected? In addition, did you boot test these kernels? While I currently don't recall if the vdso code caused us problems (besides the linking problem for non-kernel objects), anything that is opted out from instrumentation in arch/ code needs to be carefully tested if it should be opted back into instrumentation. We had many fun hours debugging boot hangs or other recursion issues due to instrumented arch code. Thanks, -- Marco