Received: by 2002:ab2:6a05:0:b0:1f8:1780:a4ed with SMTP id w5csp2341471lqo; Mon, 13 May 2024 15:51:46 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVWtI5VnreDWchhuXtrm7Qo8uzxxSQYWBvlUtbGCng1gUzbhVZC9X5Fm33WKb4yJ4MCBjy1cSZilyfBKBm9CkkDFLrTPLG3/3iQ/x3p6A== X-Google-Smtp-Source: AGHT+IH3UKzDJpi5jAUpJf1ts+He9FNTjzUmnYDCNVxfUmi+1TjcO9cfZNLeiFMiQY/eje49d0rV X-Received: by 2002:a05:6808:2208:b0:3c8:4dcb:3d34 with SMTP id 5614622812f47-3c997032c1dmr17107382b6e.7.1715640706199; Mon, 13 May 2024 15:51:46 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715640706; cv=pass; d=google.com; s=arc-20160816; b=JNlNFzWo6E/8+bNpolFdTn4j/0YfJjVJhy7vR9b+vNjm05giidfRbCYcplLUAhPz53 Es6jKw1EFlDPe01bafLvAOx/u1sh4FBRMW9UhcqACrw/laOGdDo6cfspj8W+ucjvwU+O Jdt4+arDgRJN1teopR24fCzVbOY+35BynEGygUKEknf/4HOj6bzeaYFwjHTOcQJ1fPnJ cnW0dtXLI9db9x0bDfAjiu17pPa4rboweWBmK+47zFre5q6K5R6cyf7LesfM2uhxl2Rs SG8K9uyKTOdoO7WDI+tzqM9wjQRHc9XS/ueNsEVJBImJwCjSgb0dYVaZ7sA2XnMSR6HU TpqA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=R9nb6AKCiNXgoFXe291EdQ1c6gS62P3/lGO+GjHmbyY=; fh=AyfwG/7EMO0rff3bVBK7WfJY1BlVWZc6blBKWAYVwGk=; b=BFsd3ZYdrWEx+dc6dADTet0/msL6OxoWgr6AVEIpIS23M1ANyfOGGGl7KWNyUxk4SC 2X2swMJZLaPpFgrHo+/bYB++hCOnpeZ7cmYc7mchtjPgPNDWk9jIlTHF2L+Q8ka1bUtR AZCPZ/rgYzz29CaQsKI4a0ofEvpsefdi292xWYIEzK3AF1oDOaKi6H/btAEBGyoM+/ti I4u9On4QH617HHzkLxM/zo/P0sX12Y7n5oeLDeNSsUT6wgHvvFfliYBFtXP9DGXQOUT+ HDtg0MccNaMXYqcErAW5NasJMyBlRRnY8C4YKwRxt9PJN0AeAkUwWDUNmkzx52B4p+3W 0pYA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Ccm7AzJr; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-178153-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-178153-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id 6a1803df08f44-6a15f29a943si106892536d6.271.2024.05.13.15.51.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 13 May 2024 15:51:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-178153-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Ccm7AzJr; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-178153-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-178153-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id E22911C2154C for ; Mon, 13 May 2024 22:51:45 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 590D884DFC; Mon, 13 May 2024 22:51:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Ccm7AzJr" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6C93953E30; Mon, 13 May 2024 22:51:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715640697; cv=none; b=ANePrJdYDYIywGVa38ayOgAa5QiPy8ppxUIxqfonuP06FhcP0AMp+2IA7it4UqUnP0IvRbVgiTT6D+LGSBL9mX6DuAOBjrjzAte0LLHhVtCPtrLyv22Xr3vNxtih+Etev8pq4cdVzbRIShdYA7fv5/ca9VpzErolvV1w6MOrf/4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715640697; c=relaxed/simple; bh=BAFv8AC6amhIecrF8hdOUU0Utzaza1MY/IfWMVB1EGQ=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=o1fBtGAY6/Xx+iaAXXvWMWlxc1bU6JODZ+yfXjnvaxHlqind7CxU4b2vWfgm6E2KLAQqkHuzW7xVpsDUZzoBN9U9A+NUbkD2wQSZD0WRuWrEXc7MuX6nAMsCxF1L3GtpDsPUl4sme4cUlaJKXA3lDxlnJ/WmVDWvfJQevutZ+oc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Ccm7AzJr; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4AF35C32786; Mon, 13 May 2024 22:51:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1715640697; bh=BAFv8AC6amhIecrF8hdOUU0Utzaza1MY/IfWMVB1EGQ=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=Ccm7AzJrOHl7szBXHj3OwKtrRjQqNKrjrzH4zVjbroaCP9Wh0TEqGu1v4AhtK7e2o 5SNH/T+4EhdVCPluQoFIiz4l/5ikh8YR3K/al02r8b/iGop4aUq25HpEnEHnfFg7Ad tk5uPTyArgz8ECCgAWD6pwqbBcxQjCILqSn5oPZ6vUcG5b0rmK6mKn4YOjj+TSYiBP qaBdf8wVGkqZl+GxCb9eIvNoBAFYqomrUa7eaAZCYWvxx+XsdNmLhEXk0GdcMVW6Rd HC0/gbYdTrU60PaczUt2RQpVVOCHxHrlpsj0aOc+QiKk3zEmEEDdJ4x9Uh0xtKl+Jm nPC+/T/jYqTuA== Received: by mail-lj1-f171.google.com with SMTP id 38308e7fff4ca-2dcc8d10d39so58124351fa.3; Mon, 13 May 2024 15:51:37 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCV/AULmrIMPx9cnrO9JWrX/iwx5HMS3xGMAKwr6QKoioT0aGZ3044oxNbdDtOYcO5q7yNS3667xzy4ejKDyOJGW4Q66CZysYsC0GivTm9BZ+Tvaf8y/SzxJpw5z9TEQi5ABLWCEy/q75eJWclq50otqxFiO2d7qhDe0vWcxXIKOyz9nCfgoD+Ic+abgMZwCFXHWsBrvr6FPYZhJSZnx21+tvot3G1KyDw== X-Gm-Message-State: AOJu0YyZaor58hUNgxx3M+m4lYeXmdVJSZ2n0Dumu4GPyf7qk8e0cOsH RWJLUkTQlspSC7XTzBJ5yr+5HSattIFISFWfjMpvMZDcC8LQEvL2NzXMb1eb9MqA9C20NV+2Ut3 qjd5+5lYOK1jfc24hLFRMGO4VkRY= X-Received: by 2002:a05:6512:3151:b0:513:1a9c:ae77 with SMTP id 2adb3069b0e04-5220fe799c9mr5293673e87.52.1715640695978; Mon, 13 May 2024 15:51:35 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240506133544.2861555-1-masahiroy@kernel.org> <202405131136.73E766AA8@keescook> In-Reply-To: From: Masahiro Yamada Date: Tue, 14 May 2024 07:50:59 +0900 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 0/3] kbuild: remove many tool coverage variables To: Marco Elver Cc: Kees Cook , linux-kbuild@vger.kernel.org, linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org, Andrey Ryabinin , Alexander Potapenko , Andrey Konovalov , Dmitry Vyukov , Vincenzo Frascino , Josh Poimboeuf , Peter Zijlstra , Peter Oberparleiter , Roberto Sassu , Johannes Berg , kasan-dev@googlegroups.com, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, May 14, 2024 at 4:55=E2=80=AFAM Marco Elver wrot= e: > > On Mon, 13 May 2024 at 20:48, Kees Cook wrote: > > > > In the future can you CC the various maintainers of the affected > > tooling? :) > > > > On Mon, May 06, 2024 at 10:35:41PM +0900, Masahiro Yamada wrote: > > > > > > This patch set removes many instances of the following variables: > > > > > > - OBJECT_FILES_NON_STANDARD > > > - KASAN_SANITIZE > > > - UBSAN_SANITIZE > > > - KCSAN_SANITIZE > > > - KMSAN_SANITIZE > > > - GCOV_PROFILE > > > - KCOV_INSTRUMENT > > > > > > Such tools are intended only for kernel space objects, most of which > > > are listed in obj-y, lib-y, or obj-m. > > I welcome the simplification, but see below. > > > This is a reasonable assertion, and the changes really simplify things > > now and into the future. Thanks for finding such a clean solution! I > > note that it also immediately fixes the issue noticed and fixed here: > > https://lore.kernel.org/all/20240513122754.1282833-1-roberto.sassu@huaw= eicloud.com/ > > > > > The best guess is, objects in $(obj-y), $(lib-y), $(obj-m) can opt in > > > such tools. Otherwise, not. > > > > > > This works in most places. > > > > I am worried about the use of "guess" and "most", though. :) Before, we > > had some clear opt-out situations, and now it's more of a side-effect. = I > > think this is okay, but I'd really like to know more about your testing= . > > > > It seems like you did build testing comparing build flags, since you > > call out some of the explicit changes in patch 2, quoting: > > > > > - include arch/mips/vdso/vdso-image.o into UBSAN, GCOV, KCOV > > > - include arch/sparc/vdso/vdso-image-*.o into UBSAN > > > - include arch/sparc/vdso/vma.o into UBSAN > > > - include arch/x86/entry/vdso/extable.o into KASAN, KCSAN, UBSAN, GC= OV, KCOV > > > - include arch/x86/entry/vdso/vdso-image-*.o into KASAN, KCSAN, UBSA= N, GCOV, KCOV > > > - include arch/x86/entry/vdso/vdso32-setup.o into KASAN, KCSAN, UBSA= N, GCOV, KCOV > > > - include arch/x86/entry/vdso/vma.o into GCOV, KCOV > > > - include arch/x86/um/vdso/vma.o into KASAN, GCOV, KCOV > > > > I would agree that these cases are all likely desirable. > > > > Did you find any cases where you found that instrumentation was _remove= d_ > > where not expected? > > In addition, did you boot test these kernels? No. I didn't. > While I currently don't > recall if the vdso code caused us problems (besides the linking > problem for non-kernel objects), anything that is opted out from > instrumentation in arch/ code needs to be carefully tested if it > should be opted back into instrumentation. We had many fun hours > debugging boot hangs or other recursion issues due to instrumented > arch code. As I replied to Kees, I checked the diff of .*.cmd files. I believe checking the compiler flags for every object is comprehensive testing. If the same set of compiler flags is passed, the same build artifact is generated. --=20 Best Regards Masahiro Yamada