From patchwork Fri May 23 04:39:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 892100 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F0679221F02; Fri, 23 May 2025 04:39:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975179; cv=none; b=pZ71laTH0oqMatJf3NOhgbde0ziXNveYxektMPIG4Vm8fIyCp3I+aGLMjWC1JGOwgbYM5XWwv8SaNeRp1ZRqxQO2pYqeNM62Kdg1uMi0CczWjMOBdrawZBWXy1vQ4pUWymb2LCZ0K1KUyihTPGWVBa4cYfFoAAOqM/GgMv1iMBc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975179; c=relaxed/simple; bh=6jDSpkitaXxC96OxJjyaip+FfU4NrOF4Y8k/mkqIlN4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=YcNZzli+IgQmv4AToDXvfSpUBC7hluIv0MxgL2mJoAEgE3Dtl5dezQ34jaDaVxSb1FagB6X2acKhTpFjWvpQXVzNiNtCLPhlkHdSx7yFbFvnaeor6ASmdYFEKTidSYesIhmvbvX8fRhOB3AdBxKwBUaBnbQTnV4dEUNHR7/Hvwg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=i+a8IsmW; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="i+a8IsmW" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 64BFDC4CEED; Fri, 23 May 2025 04:39:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1747975178; bh=6jDSpkitaXxC96OxJjyaip+FfU4NrOF4Y8k/mkqIlN4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=i+a8IsmWkRaZUDatab07b90e3vzxppks+OX4T89Y4zWJvHGrBmzFVJWU6OMCEvD4F LXx9C4LC2ozcEl2c1tCHud/2yTnVZK3C+Yc6jcJ01q2DvmzpBCQgKZEq5ZbgNLSCr6 wvkrz8nVPePLbviO64whBm0hqyAxcaKeePkVwz2JVSLP286XlSZTcBlNB+OWLRENz8 JJzd19kWCU1XsGa8MGL06XNBmtkVM9oskQVrXqeUdkyUVolK6a//R2/GRcu0Dr7U6y PxJrga5fhP+4BzwafUSEWbnhxeR5PfOolhi4iM+QP28v6TqsG0AO86tLdwIVPvE38j 1OcWPFytRa3Xg== From: Kees Cook To: Arnd Bergmann Cc: Kees Cook , linux-hardening@vger.kernel.org, "Gustavo A. R. Silva" , Christoph Hellwig , Marco Elver , Andrey Konovalov , Andrey Ryabinin , Ard Biesheuvel , Masahiro Yamada , Nathan Chancellor , Nicolas Schier , Nick Desaulniers , Bill Wendling , Justin Stitt , linux-kernel@vger.kernel.org, x86@kernel.org, kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-efi@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH v2 02/14] stackleak: Rename stackleak_track_stack to __sanitizer_cov_stack_depth Date: Thu, 22 May 2025 21:39:12 -0700 Message-Id: <20250523043935.2009972-2-kees@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250523043251.it.550-kees@kernel.org> References: <20250523043251.it.550-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=11486; i=kees@kernel.org; h=from:subject; bh=6jDSpkitaXxC96OxJjyaip+FfU4NrOF4Y8k/mkqIlN4=; b=owGbwMvMwCVmps19z/KJym7G02pJDBn6v388d99a4lGamGETdeemkuEC3/SchscmPwLXLDdIk 9wmtra6o5SFQYyLQVZMkSXIzj3OxeNte7j7XEWYOaxMIEMYuDgFYCLNYYwMe5wZf7q5M+2YOsvW na0ll3XpXv/156rcSmbvuOG+/bTRSkaGrn2i2+dzxfIZ7A7e/v5EnMDNnh0sT1bekHjWxsUf1Hi SEQA= X-Developer-Key: i=kees@kernel.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 The Clang stack depth tracking implementation has a fixed name for the stack depth tracking callback, "__sanitizer_cov_stack_depth", so rename the GCC plugin function to match since the plugin has no external dependencies on naming. Signed-off-by: Kees Cook --- Cc: Arnd Bergmann Cc: --- security/Kconfig.hardening | 4 +- scripts/gcc-plugins/stackleak_plugin.c | 52 +++++++++++++------------- include/linux/kstack_erase.h | 2 +- kernel/kstack_erase.c | 4 +- tools/objtool/check.c | 2 +- 5 files changed, 32 insertions(+), 32 deletions(-) diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening index 125b35e2ef0f..f7aa2024ab25 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -129,8 +129,8 @@ config KSTACK_ERASE_TRACK_MIN_SIZE help The KSTACK_ERASE option instruments the kernel code for tracking the lowest border of the kernel stack (and for some other purposes). - It inserts the stackleak_track_stack() call for the functions with - a stack frame size greater than or equal to this parameter. + It inserts the __sanitizer_cov_stack_depth() call for the functions + with a stack frame size greater than or equal to this parameter. If unsure, leave the default value 100. config KSTACK_ERASE_METRICS diff --git a/scripts/gcc-plugins/stackleak_plugin.c b/scripts/gcc-plugins/stackleak_plugin.c index d20c47d21ad8..e486488c867d 100644 --- a/scripts/gcc-plugins/stackleak_plugin.c +++ b/scripts/gcc-plugins/stackleak_plugin.c @@ -9,7 +9,7 @@ * any of the gcc libraries * * This gcc plugin is needed for tracking the lowest border of the kernel stack. - * It instruments the kernel code inserting stackleak_track_stack() calls: + * It instruments the kernel code inserting __sanitizer_cov_stack_depth() calls: * - after alloca(); * - for the functions with a stack frame size greater than or equal * to the "track-min-size" plugin parameter. @@ -33,7 +33,7 @@ __visible int plugin_is_GPL_compatible; static int track_frame_size = -1; static bool build_for_x86 = false; -static const char track_function[] = "stackleak_track_stack"; +static const char track_function[] = "__sanitizer_cov_stack_depth"; static bool disable = false; static bool verbose = false; @@ -58,7 +58,7 @@ static void add_stack_tracking_gcall(gimple_stmt_iterator *gsi, bool after) cgraph_node_ptr node; basic_block bb; - /* Insert calling stackleak_track_stack() */ + /* Insert calling __sanitizer_cov_stack_depth() */ stmt = gimple_build_call(track_function_decl, 0); gimple_call = as_a_gcall(stmt); if (after) @@ -120,12 +120,12 @@ static void add_stack_tracking_gasm(gimple_stmt_iterator *gsi, bool after) gcc_assert(build_for_x86); /* - * Insert calling stackleak_track_stack() in asm: - * asm volatile("call stackleak_track_stack" + * Insert calling __sanitizer_cov_stack_depth() in asm: + * asm volatile("call __sanitizer_cov_stack_depth" * :: "r" (current_stack_pointer)) * Use ASM_CALL_CONSTRAINT trick from arch/x86/include/asm/asm.h. * This constraint is taken into account during gcc shrink-wrapping - * optimization. It is needed to be sure that stackleak_track_stack() + * optimization. It is needed to be sure that __sanitizer_cov_stack_depth() * call is inserted after the prologue of the containing function, * when the stack frame is prepared. */ @@ -137,7 +137,7 @@ static void add_stack_tracking_gasm(gimple_stmt_iterator *gsi, bool after) input = build_tree_list(NULL_TREE, build_const_char_string(2, "r")); input = chainon(NULL_TREE, build_tree_list(input, sp_decl)); vec_safe_push(inputs, input); - asm_call = gimple_build_asm_vec("call stackleak_track_stack", + asm_call = gimple_build_asm_vec("call __sanitizer_cov_stack_depth", inputs, NULL, NULL, NULL); gimple_asm_set_volatile(asm_call, true); if (after) @@ -151,11 +151,11 @@ static void add_stack_tracking(gimple_stmt_iterator *gsi, bool after) { /* * The 'no_caller_saved_registers' attribute is used for - * stackleak_track_stack(). If the compiler supports this attribute for - * the target arch, we can add calling stackleak_track_stack() in asm. + * __sanitizer_cov_stack_depth(). If the compiler supports this attribute for + * the target arch, we can add calling __sanitizer_cov_stack_depth() in asm. * That improves performance: we avoid useless operations with the * caller-saved registers in the functions from which we will remove - * stackleak_track_stack() call during the stackleak_cleanup pass. + * __sanitizer_cov_stack_depth() call during the stackleak_cleanup pass. */ if (lookup_attribute_spec(get_identifier("no_caller_saved_registers"))) add_stack_tracking_gasm(gsi, after); @@ -165,7 +165,7 @@ static void add_stack_tracking(gimple_stmt_iterator *gsi, bool after) /* * Work with the GIMPLE representation of the code. Insert the - * stackleak_track_stack() call after alloca() and into the beginning + * __sanitizer_cov_stack_depth() call after alloca() and into the beginning * of the function if it is not instrumented. */ static unsigned int stackleak_instrument_execute(void) @@ -205,7 +205,7 @@ static unsigned int stackleak_instrument_execute(void) DECL_NAME_POINTER(current_function_decl)); } - /* Insert stackleak_track_stack() call after alloca() */ + /* Insert __sanitizer_cov_stack_depth() call after alloca() */ add_stack_tracking(&gsi, true); if (bb == entry_bb) prologue_instrumented = true; @@ -241,7 +241,7 @@ static unsigned int stackleak_instrument_execute(void) return 0; } - /* Insert stackleak_track_stack() call at the function beginning */ + /* Insert __sanitizer_cov_stack_depth() call at the function beginning */ bb = entry_bb; if (!single_pred_p(bb)) { /* gcc_assert(bb_loop_depth(bb) || @@ -270,15 +270,15 @@ static void remove_stack_tracking_gcall(void) rtx_insn *insn, *next; /* - * Find stackleak_track_stack() calls. Loop through the chain of insns, + * Find __sanitizer_cov_stack_depth() calls. Loop through the chain of insns, * which is an RTL representation of the code for a function. * * The example of a matching insn: - * (call_insn 8 4 10 2 (call (mem (symbol_ref ("stackleak_track_stack") - * [flags 0x41] ) - * [0 stackleak_track_stack S1 A8]) (0)) 675 {*call} (expr_list - * (symbol_ref ("stackleak_track_stack") [flags 0x41] ) (expr_list (0) (nil))) (nil)) + * (call_insn 8 4 10 2 (call (mem (symbol_ref ("__sanitizer_cov_stack_depth") + * [flags 0x41] ) + * [0 __sanitizer_cov_stack_depth S1 A8]) (0)) 675 {*call} (expr_list + * (symbol_ref ("__sanitizer_cov_stack_depth") [flags 0x41] ) (expr_list (0) (nil))) (nil)) */ for (insn = get_insns(); insn; insn = next) { rtx body; @@ -318,7 +318,7 @@ static void remove_stack_tracking_gcall(void) if (SYMBOL_REF_DECL(body) != track_function_decl) continue; - /* Delete the stackleak_track_stack() call */ + /* Delete the __sanitizer_cov_stack_depth() call */ delete_insn_and_edges(insn); #if BUILDING_GCC_VERSION < 8000 if (GET_CODE(next) == NOTE && @@ -340,12 +340,12 @@ static bool remove_stack_tracking_gasm(void) gcc_assert(build_for_x86); /* - * Find stackleak_track_stack() asm calls. Loop through the chain of + * Find __sanitizer_cov_stack_depth() asm calls. Loop through the chain of * insns, which is an RTL representation of the code for a function. * * The example of a matching insn: * (insn 11 5 12 2 (parallel [ (asm_operands/v - * ("call stackleak_track_stack") ("") 0 + * ("call __sanitizer_cov_stack_depth") ("") 0 * [ (reg/v:DI 7 sp [ current_stack_pointer ]) ] * [ (asm_input:DI ("r")) ] []) * (clobber (reg:CC 17 flags)) ]) -1 (nil)) @@ -375,7 +375,7 @@ static bool remove_stack_tracking_gasm(void) continue; if (strcmp(ASM_OPERANDS_TEMPLATE(body), - "call stackleak_track_stack")) { + "call __sanitizer_cov_stack_depth")) { continue; } @@ -389,7 +389,7 @@ static bool remove_stack_tracking_gasm(void) /* * Work with the RTL representation of the code. - * Remove the unneeded stackleak_track_stack() calls from the functions + * Remove the unneeded __sanitizer_cov_stack_depth() calls from the functions * which don't call alloca() and don't have a large enough stack frame size. */ static unsigned int stackleak_cleanup_execute(void) @@ -474,13 +474,13 @@ static bool stackleak_gate(void) return track_frame_size >= 0; } -/* Build the function declaration for stackleak_track_stack() */ +/* Build the function declaration for __sanitizer_cov_stack_depth() */ static void stackleak_start_unit(void *gcc_data __unused, void *user_data __unused) { tree fntype; - /* void stackleak_track_stack(void) */ + /* void __sanitizer_cov_stack_depth(void) */ fntype = build_function_type_list(void_type_node, NULL_TREE); track_function_decl = build_fn_decl(track_function, fntype); DECL_ASSEMBLER_NAME(track_function_decl); /* for LTO */ diff --git a/include/linux/kstack_erase.h b/include/linux/kstack_erase.h index 4e432eefa4d0..bf3bf1905557 100644 --- a/include/linux/kstack_erase.h +++ b/include/linux/kstack_erase.h @@ -80,7 +80,7 @@ static inline void stackleak_task_init(struct task_struct *t) asmlinkage void noinstr stackleak_erase(void); asmlinkage void noinstr stackleak_erase_on_task_stack(void); asmlinkage void noinstr stackleak_erase_off_task_stack(void); -void __no_caller_saved_registers noinstr stackleak_track_stack(void); +void __no_caller_saved_registers noinstr __sanitizer_cov_stack_depth(void); #else /* !CONFIG_KSTACK_ERASE */ static inline void stackleak_task_init(struct task_struct *t) { } diff --git a/kernel/kstack_erase.c b/kernel/kstack_erase.c index 201b846f8345..e49bb88b4f0a 100644 --- a/kernel/kstack_erase.c +++ b/kernel/kstack_erase.c @@ -156,7 +156,7 @@ asmlinkage void noinstr stackleak_erase_off_task_stack(void) __stackleak_erase(false); } -void __used __no_caller_saved_registers noinstr stackleak_track_stack(void) +void __used __no_caller_saved_registers noinstr __sanitizer_cov_stack_depth(void) { unsigned long sp = current_stack_pointer; @@ -174,4 +174,4 @@ void __used __no_caller_saved_registers noinstr stackleak_track_stack(void) current->lowest_stack = sp; } } -EXPORT_SYMBOL(stackleak_track_stack); +EXPORT_SYMBOL(__sanitizer_cov_stack_depth); diff --git a/tools/objtool/check.c b/tools/objtool/check.c index 31088a138bc9..dad81194a81b 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -1192,7 +1192,7 @@ static const char *uaccess_safe_builtin[] = { "__ubsan_handle_shift_out_of_bounds", "__ubsan_handle_load_invalid_value", /* KSTACK_ERASE */ - "stackleak_track_stack", + "__sanitizer_cov_stack_depth", /* TRACE_BRANCH_PROFILING */ "ftrace_likely_update", /* STACKPROTECTOR */ From patchwork Fri May 23 04:39:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 892101 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F05BF1547F2; Fri, 23 May 2025 04:39:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975179; cv=none; b=mK/qWrv8+QhDppD82jepqE+W30f2r4Yus6Bo8QUuIpAJf4Q7vF/L3vM7y1uYVgzvwkbOatSeszyXFG5CqBBn6jJyiuahdK5pkM/azcqtyQnXo05tbRIyoB6vaQ/V1j97aJOAiCmom7yg/6Fks5Scme02rutTNMlRg40jNI79B/0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975179; c=relaxed/simple; bh=NLp+yNLHFbt0GV+WqSgZP5Jpw7SgnlmemsBZjPqNKQ0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version:Content-Type; b=B4UU44tPgzEwmMyrmeylv4DMVBJy+qpmXqRhUpKFO48dAcHCPEgRf1tiA99OUMUt28Ejyl4xePWyP8PgsthHoSrTyX37PJVGL7DQ8zURsnDhP5umqjZD0db8mUrVGAhtAFHqP6UhhbSTFq659/a1+YSy9U5ZeMOzf4PWcI948Dc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=qlCKyVVK; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="qlCKyVVK" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6B20AC4AF0D; Fri, 23 May 2025 04:39:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1747975178; bh=NLp+yNLHFbt0GV+WqSgZP5Jpw7SgnlmemsBZjPqNKQ0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=qlCKyVVKLEZ335sLpg+xeLE2/qJ62IS1vyetoyVip+Yyuu60s5XnBtQe5q0zKHjkY etIn1cA5kgQZxhhqM+nSxGwqYnlKxif2/cg4HxcmNEaoJHzj2/Pcc2IIer9ePMC4cd uGYmI/++s2hmct2fKbHy78u8wyTDLJ9Qr3pbUq4On2urBYfO/BnItaRSZDMTze51z2 9SqS6uc8MgyJZ7iZNxcJfybotHxmcUdOg9IQMoBb5yyyEv89ZE92csR4rfVug2cgbq pJXOOhWsQy2pRnAaCatN/HP5mgoiLLeblf2rFZpESNcCsQJC/We44mKVQiW8lD++UD FomvAY7ZOyPhQ== From: Kees Cook To: Arnd Bergmann Cc: Kees Cook , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Paolo Bonzini , Vitaly Kuznetsov , Henrique de Moraes Holschuh , Hans de Goede , =?utf-8?q?Ilpo_J=C3=A4rvinen?= , "Rafael J. Wysocki" , Len Brown , Masami Hiramatsu , Ard Biesheuvel , Mike Rapoport , Michal Wilczynski , Juergen Gross , Andy Shevchenko , "Kirill A. Shutemov" , Roger Pau Monne , David Woodhouse , Usama Arif , "Guilherme G. Piccoli" , Thomas Huth , Brian Gerst , kvm@vger.kernel.org, ibm-acpi-devel@lists.sourceforge.net, platform-driver-x86@vger.kernel.org, linux-acpi@vger.kernel.org, linux-trace-kernel@vger.kernel.org, linux-efi@vger.kernel.org, linux-mm@kvack.org, "Gustavo A. R. Silva" , Christoph Hellwig , Marco Elver , Andrey Konovalov , Andrey Ryabinin , Masahiro Yamada , Nathan Chancellor , Nicolas Schier , Nick Desaulniers , Bill Wendling , Justin Stitt , linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH v2 04/14] x86: Handle KCOV __init vs inline mismatches Date: Thu, 22 May 2025 21:39:14 -0700 Message-Id: <20250523043935.2009972-4-kees@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250523043251.it.550-kees@kernel.org> References: <20250523043251.it.550-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=6526; i=kees@kernel.org; h=from:subject; bh=NLp+yNLHFbt0GV+WqSgZP5Jpw7SgnlmemsBZjPqNKQ0=; b=owGbwMvMwCVmps19z/KJym7G02pJDBn6v3/M6Lj0TL3UZvEPryO2U1XiwmeUWRnm7Ltu8Tv7T fejWHWxjhIWBjEuBlkxRZYgO/c4F4+37eHucxVh5rAygQxh4OIUgIncPMDIMF2RL/S7vLKpfM2M t8x3m+UdDqwvS9xyTbb4p4asf8qChQw/nnGmzL67VZLb8E8Q7+r/36asCDud1Su0ufrUxFOvRAJ YAA== X-Developer-Key: i=kees@kernel.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 When KCOV is enabled all functions get instrumented, unless the __no_sanitize_coverage attribute is used. To prepare for __no_sanitize_coverage being applied to __init functions, we have to handle differences in how GCC's inline optimizations get resolved. For x86 this means forcing several functions to be inline with __always_inline. Signed-off-by: Kees Cook --- Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: Vitaly Kuznetsov Cc: Henrique de Moraes Holschuh Cc: Hans de Goede Cc: "Ilpo Järvinen" Cc: "Rafael J. Wysocki" Cc: Len Brown Cc: Masami Hiramatsu Cc: Ard Biesheuvel Cc: Mike Rapoport Cc: Michal Wilczynski Cc: Juergen Gross Cc: Andy Shevchenko Cc: "Kirill A. Shutemov" Cc: Roger Pau Monne Cc: David Woodhouse Cc: Usama Arif Cc: "Guilherme G. Piccoli" Cc: Thomas Huth Cc: Brian Gerst Cc: Cc: Cc: Cc: Cc: Cc: Cc: --- arch/x86/include/asm/acpi.h | 4 ++-- arch/x86/include/asm/realmode.h | 2 +- include/linux/acpi.h | 4 ++-- include/linux/bootconfig.h | 2 +- include/linux/efi.h | 2 +- include/linux/memblock.h | 2 +- arch/x86/kernel/kvm.c | 2 +- drivers/platform/x86/thinkpad_acpi.c | 4 ++-- 8 files changed, 11 insertions(+), 11 deletions(-) diff --git a/arch/x86/include/asm/acpi.h b/arch/x86/include/asm/acpi.h index 5ab1a4598d00..a03aa6f999d1 100644 --- a/arch/x86/include/asm/acpi.h +++ b/arch/x86/include/asm/acpi.h @@ -158,13 +158,13 @@ static inline bool acpi_has_cpu_in_madt(void) } #define ACPI_HAVE_ARCH_SET_ROOT_POINTER -static inline void acpi_arch_set_root_pointer(u64 addr) +static __always_inline void acpi_arch_set_root_pointer(u64 addr) { x86_init.acpi.set_root_pointer(addr); } #define ACPI_HAVE_ARCH_GET_ROOT_POINTER -static inline u64 acpi_arch_get_root_pointer(void) +static __always_inline u64 acpi_arch_get_root_pointer(void) { return x86_init.acpi.get_root_pointer(); } diff --git a/arch/x86/include/asm/realmode.h b/arch/x86/include/asm/realmode.h index f607081a022a..e406a1e92c63 100644 --- a/arch/x86/include/asm/realmode.h +++ b/arch/x86/include/asm/realmode.h @@ -78,7 +78,7 @@ extern unsigned char secondary_startup_64[]; extern unsigned char secondary_startup_64_no_verify[]; #endif -static inline size_t real_mode_size_needed(void) +static __always_inline size_t real_mode_size_needed(void) { if (real_mode_header) return 0; /* already allocated. */ diff --git a/include/linux/acpi.h b/include/linux/acpi.h index e72100c0684f..ae76c8915000 100644 --- a/include/linux/acpi.h +++ b/include/linux/acpi.h @@ -759,13 +759,13 @@ int acpi_arch_timer_mem_init(struct arch_timer_mem *timer_mem, int *timer_count) #endif #ifndef ACPI_HAVE_ARCH_SET_ROOT_POINTER -static inline void acpi_arch_set_root_pointer(u64 addr) +static __always_inline void acpi_arch_set_root_pointer(u64 addr) { } #endif #ifndef ACPI_HAVE_ARCH_GET_ROOT_POINTER -static inline u64 acpi_arch_get_root_pointer(void) +static __always_inline u64 acpi_arch_get_root_pointer(void) { return 0; } diff --git a/include/linux/bootconfig.h b/include/linux/bootconfig.h index 3f4b4ac527ca..25df9260d206 100644 --- a/include/linux/bootconfig.h +++ b/include/linux/bootconfig.h @@ -290,7 +290,7 @@ int __init xbc_get_info(int *node_size, size_t *data_size); /* XBC cleanup data structures */ void __init _xbc_exit(bool early); -static inline void xbc_exit(void) +static __always_inline void xbc_exit(void) { _xbc_exit(false); } diff --git a/include/linux/efi.h b/include/linux/efi.h index 7d63d1d75f22..e3776d9cad07 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -1334,7 +1334,7 @@ struct linux_efi_initrd { bool xen_efi_config_table_is_usable(const efi_guid_t *guid, unsigned long table); -static inline +static __always_inline bool efi_config_table_is_usable(const efi_guid_t *guid, unsigned long table) { if (!IS_ENABLED(CONFIG_XEN_EFI)) diff --git a/include/linux/memblock.h b/include/linux/memblock.h index bb19a2534224..b96746376e17 100644 --- a/include/linux/memblock.h +++ b/include/linux/memblock.h @@ -463,7 +463,7 @@ static inline void *memblock_alloc_raw(phys_addr_t size, NUMA_NO_NODE); } -static inline void *memblock_alloc_from(phys_addr_t size, +static __always_inline void *memblock_alloc_from(phys_addr_t size, phys_addr_t align, phys_addr_t min_addr) { diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c index 921c1c783bc1..72f13d643fca 100644 --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -420,7 +420,7 @@ static u64 kvm_steal_clock(int cpu) return steal; } -static inline void __set_percpu_decrypted(void *ptr, unsigned long size) +static __always_inline void __set_percpu_decrypted(void *ptr, unsigned long size) { early_set_memory_decrypted((unsigned long) ptr, size); } diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c index e7350c9fa3aa..0518d5b1f4ec 100644 --- a/drivers/platform/x86/thinkpad_acpi.c +++ b/drivers/platform/x86/thinkpad_acpi.c @@ -559,12 +559,12 @@ static unsigned long __init tpacpi_check_quirks( return 0; } -static inline bool __pure __init tpacpi_is_lenovo(void) +static __always_inline bool __pure tpacpi_is_lenovo(void) { return thinkpad_id.vendor == PCI_VENDOR_ID_LENOVO; } -static inline bool __pure __init tpacpi_is_ibm(void) +static __always_inline bool __pure tpacpi_is_ibm(void) { return thinkpad_id.vendor == PCI_VENDOR_ID_IBM; } From patchwork Fri May 23 04:39:17 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 892096 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D20EA253947; Fri, 23 May 2025 04:39:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975182; cv=none; b=bog9WG/UA6U308UzYGgUBt4c8Y1M8Ar9LZyLXB4T9xPv4HGGhHg2gHzhembJWK1+piVy1OJ4DfYMa2ZRRueLsWZzhW2xSSVT5O7+E5b6nz7PaR8NFKaCxQY683LpYrGtwE7xPuXMf2jG15Su957FdNz9z9hMIwSEeIJrOYUqB70= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975182; c=relaxed/simple; bh=SyZieAtSFEV9PhSUW/pPII2GWOki6kjF+H9/UmF+VLY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=S2quAldDSMjgXSz+t8uL87vmlcT/hx9GNNe+F2yIAaJUSj50MGoXpfAByqQatoJWYAuLdCD8QsH2qobWvjsSDe8QeUeW42jjFjgPVqiUTEio32y9AoohHX5m9vUvNW05omIsIDqrPTJOHp4N/TE7VxbqzbixOlMbngswjYnAcDI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=J6TfYX4s; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="J6TfYX4s" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3B2A2C4AF0D; Fri, 23 May 2025 04:39:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1747975181; bh=SyZieAtSFEV9PhSUW/pPII2GWOki6kjF+H9/UmF+VLY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=J6TfYX4sDZSOJ6cC3hQx7PEZ/P0hoeBP28dc1+Brd35hPTwJ6k97WHpqZa8fbAVeq 5juHb3DUqOGqceXSEGpBdDtPMfNBhFApP7wKwIKL/2C2LYJMNlzzzjE3NXvmYvwsfp cpTPBe3558GSOBbtXZAqbFeXxHg2JthsF0YNO/uRw7JXFf41SXkcV3im1cjmlK+M1C VUyAGWEUKYn0vNFv+3oOS0ipT5PIApXQfiGYPlh9IaMysvmKeUOnyVfpdzxHcsFBsS 0SBVqnX3srPSUhXwXJv3jgYKgf/cSp/Ef3sURkijydoETVLUBeuCiISO09TxrEUBXW YO1ES1sgKvMwg== From: Kees Cook To: Arnd Bergmann Cc: Kees Cook , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Gerald Schaefer , Gaosheng Cui , linux-s390@vger.kernel.org, "Gustavo A. R. Silva" , Christoph Hellwig , Marco Elver , Andrey Konovalov , Andrey Ryabinin , Ard Biesheuvel , Masahiro Yamada , Nathan Chancellor , Nicolas Schier , Nick Desaulniers , Bill Wendling , Justin Stitt , linux-kernel@vger.kernel.org, x86@kernel.org, kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-riscv@lists.infradead.org, linux-efi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH v2 07/14] s390: Handle KCOV __init vs inline mismatches Date: Thu, 22 May 2025 21:39:17 -0700 Message-Id: <20250523043935.2009972-7-kees@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250523043251.it.550-kees@kernel.org> References: <20250523043251.it.550-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2325; i=kees@kernel.org; h=from:subject; bh=SyZieAtSFEV9PhSUW/pPII2GWOki6kjF+H9/UmF+VLY=; b=owGbwMvMwCVmps19z/KJym7G02pJDBn6v3/W2hxYfnr9mkd3prUpF7sxH1j6p+qa4A+jPlbJO ZrHeJwyOkpZGMS4GGTFFFmC7NzjXDzetoe7z1WEmcPKBDKEgYtTACaynZfhn9Ljrme7X4ZanbzI enOKheqe3dPnMBjFOf2a8H5d36lL53Yz/BW9v3h2neSzt9ozGS8uNX7i59RwPPZXRVlAzeyrGhL 31/ACAA== X-Developer-Key: i=kees@kernel.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 When KCOV is enabled all functions get instrumented, unless the __no_sanitize_coverage attribute is used. To prepare for __no_sanitize_coverage being applied to __init functions, we have to handle differences in how GCC's inline optimizations get resolved. For s390 this exposed a place where the __init annotation was missing but ended up being "accidentally correct". Fix this cases and force a couple functions to be inline with __always_inline. Signed-off-by: Kees Cook --- Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Sven Schnelle Cc: Gerald Schaefer Cc: Gaosheng Cui Cc: --- arch/s390/hypfs/hypfs.h | 2 +- arch/s390/hypfs/hypfs_diag.h | 2 +- arch/s390/mm/init.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/s390/hypfs/hypfs.h b/arch/s390/hypfs/hypfs.h index 83ebf54cca6b..4dc2e068e0ff 100644 --- a/arch/s390/hypfs/hypfs.h +++ b/arch/s390/hypfs/hypfs.h @@ -48,7 +48,7 @@ void hypfs_sprp_exit(void); int __hypfs_fs_init(void); -static inline int hypfs_fs_init(void) +static __always_inline int hypfs_fs_init(void) { if (IS_ENABLED(CONFIG_S390_HYPFS_FS)) return __hypfs_fs_init(); diff --git a/arch/s390/hypfs/hypfs_diag.h b/arch/s390/hypfs/hypfs_diag.h index 7090eff27fef..b5218135b8fe 100644 --- a/arch/s390/hypfs/hypfs_diag.h +++ b/arch/s390/hypfs/hypfs_diag.h @@ -19,7 +19,7 @@ int diag204_store(void *buf, int pages); int __hypfs_diag_fs_init(void); void __hypfs_diag_fs_exit(void); -static inline int hypfs_diag_fs_init(void) +static __always_inline int hypfs_diag_fs_init(void) { if (IS_ENABLED(CONFIG_S390_HYPFS_FS)) return __hypfs_diag_fs_init(); diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c index afa085e8186c..0f83c82af7a6 100644 --- a/arch/s390/mm/init.c +++ b/arch/s390/mm/init.c @@ -143,7 +143,7 @@ bool force_dma_unencrypted(struct device *dev) } /* protected virtualization */ -static void pv_init(void) +static void __init pv_init(void) { if (!is_prot_virt_guest()) return; From patchwork Fri May 23 04:39:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 892097 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AF67D24DD01; Fri, 23 May 2025 04:39:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975181; cv=none; b=BmVjFcHP+03Z90gW2U/DmGv1mT6Jvw88gEu+xZ31kKO0tRL+up7Mr9QuY9C7GbeRakQxSQg9bIkrvf2+lZ2y3siSvp17vnCAM089QckW8bq971T3v7Y8LDmmwxIQ+3dsngju1GL0Z1wb4r/XKVkW+Qx/SVtJyBf7KFeMv2XGP5k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975181; c=relaxed/simple; bh=yaSxmxtYpasuc+rufEWrdAWe3aDh1VboHkgvW7Uuxmk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=UomziwWio9H4bDynr6IoRvU6GmqiEPlmT9enYGVbSp4Dw1SM6ezGFSK5yBQ0gXg76W1KTdyqJ28Fg0t5fjIy/iVGebQl8iomLj7D1ITdyFzvDV4HNjRG9khlRNIQ7rHWDbhzfq3x/73oV6ABQfHshzHMtrX17ObGCyFP8mTwjYs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=CHB1UIrX; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="CHB1UIrX" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3E840C4CEED; Fri, 23 May 2025 04:39:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1747975181; bh=yaSxmxtYpasuc+rufEWrdAWe3aDh1VboHkgvW7Uuxmk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CHB1UIrXXIJNnDqoawhvxACuyRxlpr3fsHJOcaMiX78eZBw6bj2aCmamSdxBgr0Q1 cv2JxCHOnwvyafgtOlwyLeWkIJcvvmBOc3FGaH7CycNh6ciUxu783i7rIN1Q7uR/YZ egoHkAstCNIvH0Ni9mbt5Ty4Gh02RZ66vXL7zkVg5EvNVKTTIDuVY7AvMEtb0fYV8p mJKUBNr2h5nbAO7s6Ui4esyy2FZgHJ+NnCkDJYKNpnSZCOqTVyO+IRaFk0btgFjTdO S8daDPWHmwFh5MEl/KFRRxM9icxB3PHJq5dg1QlY9jE+fNHEdaX6TMoMVDjrVztIdI PtpSj3RRaZDNw== From: Kees Cook To: Arnd Bergmann Cc: Kees Cook , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , "Ritesh Harjani (IBM)" , "Aneesh Kumar K.V" , Andrew Morton , linuxppc-dev@lists.ozlabs.org, "Gustavo A. R. Silva" , Christoph Hellwig , Marco Elver , Andrey Konovalov , Andrey Ryabinin , Ard Biesheuvel , Masahiro Yamada , Nathan Chancellor , Nicolas Schier , Nick Desaulniers , Bill Wendling , Justin Stitt , linux-kernel@vger.kernel.org, x86@kernel.org, kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-efi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH v2 08/14] powerpc: Handle KCOV __init vs inline mismatches Date: Thu, 22 May 2025 21:39:18 -0700 Message-Id: <20250523043935.2009972-8-kees@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250523043251.it.550-kees@kernel.org> References: <20250523043251.it.550-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1981; i=kees@kernel.org; h=from:subject; bh=yaSxmxtYpasuc+rufEWrdAWe3aDh1VboHkgvW7Uuxmk=; b=owGbwMvMwCVmps19z/KJym7G02pJDBn6v3+dEGvzLNyc4frZMlegpp5xqfLf4qvOhQ6vClwWG c4+vkWro5SFQYyLQVZMkSXIzj3OxeNte7j7XEWYOaxMIEMYuDgFYCJ6nYwMa39MVvl34OWuxWLC YitLL7uZs+fqxoq1bLk+uZ0hXWGaIMP/IouHmyfNuDCZ8fKpT88FFNw8Sr8vU98je2Fj6/LNOe9 62AA= X-Developer-Key: i=kees@kernel.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 When KCOV is enabled all functions get instrumented, unless the __no_sanitize_coverage attribute is used. To prepare for __no_sanitize_coverage being applied to __init functions, we have to handle differences in how GCC's inline optimizations get resolved. For s390 this requires forcing a couple functions to be inline with __always_inline. Signed-off-by: Kees Cook --- Cc: Madhavan Srinivasan Cc: Michael Ellerman Cc: Nicholas Piggin Cc: Christophe Leroy Cc: Naveen N Rao Cc: "Ritesh Harjani (IBM)" Cc: "Aneesh Kumar K.V" Cc: Andrew Morton Cc: --- arch/powerpc/mm/book3s64/hash_utils.c | 2 +- arch/powerpc/mm/book3s64/radix_pgtable.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/powerpc/mm/book3s64/hash_utils.c b/arch/powerpc/mm/book3s64/hash_utils.c index 5158aefe4873..93f1e1eb5ea6 100644 --- a/arch/powerpc/mm/book3s64/hash_utils.c +++ b/arch/powerpc/mm/book3s64/hash_utils.c @@ -409,7 +409,7 @@ static DEFINE_RAW_SPINLOCK(linear_map_kf_hash_lock); static phys_addr_t kfence_pool; -static inline void hash_kfence_alloc_pool(void) +static __always_inline void hash_kfence_alloc_pool(void) { if (!kfence_early_init_enabled()) goto err; diff --git a/arch/powerpc/mm/book3s64/radix_pgtable.c b/arch/powerpc/mm/book3s64/radix_pgtable.c index 9f764bc42b8c..3238e9ed46b5 100644 --- a/arch/powerpc/mm/book3s64/radix_pgtable.c +++ b/arch/powerpc/mm/book3s64/radix_pgtable.c @@ -363,7 +363,7 @@ static int __meminit create_physical_mapping(unsigned long start, } #ifdef CONFIG_KFENCE -static inline phys_addr_t alloc_kfence_pool(void) +static __always_inline phys_addr_t alloc_kfence_pool(void) { phys_addr_t kfence_pool; From patchwork Fri May 23 04:39:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 892095 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1D23825E454; Fri, 23 May 2025 04:39:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975182; cv=none; b=rG6w8oOd8GvilpRJYgPAwX09d30+tNZZoprXDu+edojXXEmiHLbgNakNnSsb5o1rsY6nEzb2e1gF9zVhVU9uUm87XUSrx/9JwsLmRmPVfG4T30hXU8iDmpDm4EUK/DNZj4mm4s9OAdG1wLPS0xhNKylORArQsL8qyxtYcFB50oc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975182; c=relaxed/simple; bh=Jd/sB6oZ8iltvnfrQDqGbUKjd0Ro3QNhdkLI+vDUogY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=RGyxhPh79+kjRujVjrYEGo5MrFNLa/E0TzSfcIWKN4lTE8TejhJoS4KFUzm5oHGatzgr4rrG9RQv7sr2evfgJLy60ClHqUcoSJuOIMkeTUpYA52Q/Ih+oJ74Pgvc5Hl/nU+WpXxjzyqeN4fmyNOC1rTCG1ykDcDJp0fSFouBEyA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=uE7AaIXp; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="uE7AaIXp" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 45D20C4CEF6; Fri, 23 May 2025 04:39:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1747975181; bh=Jd/sB6oZ8iltvnfrQDqGbUKjd0Ro3QNhdkLI+vDUogY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=uE7AaIXpwC5UwsMRJ69CQY6UitGX9wnySf5tVkqGdVEf3R8NkbsWcogYuMzwCIPjU PKOIlhjPY7eZqWnbn23WMH4eVsoeXc2gpbWtUYAl5lScvcTQhwCu+WHQ/weTwqFkY1 MKtNJT1gy9Ua87vncd628DzNyGV+pLo4o1GRdtLgYU4s0pK+yl1CFQL8tjutl60QfX UIedCQqD0fEMZOR1fqZKF/lfM5q1EcIFwL7VMYlAEDzsOkmVJtO4+AOBJmSkAdh3q9 IX5DyMtDuEsfAVFqKg+pGrxwAZJxoDombtDDeetPTNkmjyHD7gtG+v5lDEGWWpUAoR uheAXE53E4XBw== From: Kees Cook To: Arnd Bergmann Cc: Kees Cook , Thomas Bogendoerfer , linux-mips@vger.kernel.org, "Gustavo A. R. Silva" , Christoph Hellwig , Marco Elver , Andrey Konovalov , Andrey Ryabinin , Ard Biesheuvel , Masahiro Yamada , Nathan Chancellor , Nicolas Schier , Nick Desaulniers , Bill Wendling , Justin Stitt , linux-kernel@vger.kernel.org, x86@kernel.org, kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-efi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH v2 09/14] mips: Handle KCOV __init vs inline mismatches Date: Thu, 22 May 2025 21:39:19 -0700 Message-Id: <20250523043935.2009972-9-kees@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250523043251.it.550-kees@kernel.org> References: <20250523043251.it.550-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1052; i=kees@kernel.org; h=from:subject; bh=Jd/sB6oZ8iltvnfrQDqGbUKjd0Ro3QNhdkLI+vDUogY=; b=owGbwMvMwCVmps19z/KJym7G02pJDBn6v3/Zi0kce6axcl3IlGXXv7dekvhyRPSBTort1tP1K SyVtX0ZHaUsDGJcDLJiiixBdu5xLh5v28Pd5yrCzGFlAhnCwMUpABOZysfIsPL2U8Z//9ZLv1JP aV33p2xj+sPc5oXl284XsjnqZc1ZtpPhf9Cv8pC7KxeE36nZ/nr2m3tGE9NjZ03f/PFc35H9N+K yTLkB X-Developer-Key: i=kees@kernel.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 When KCOV is enabled all functions get instrumented, unless the __no_sanitize_coverage attribute is used. To prepare for __no_sanitize_coverage being applied to __init functions, we have to handle differences in how GCC's inline optimizations get resolved. For mips this requires forcing a function to be inline with __always_inline. Signed-off-by: Kees Cook --- Cc: Thomas Bogendoerfer Cc: --- arch/mips/include/asm/time.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/mips/include/asm/time.h b/arch/mips/include/asm/time.h index e855a3611d92..044cff0e0764 100644 --- a/arch/mips/include/asm/time.h +++ b/arch/mips/include/asm/time.h @@ -55,7 +55,7 @@ static inline int mips_clockevent_init(void) */ extern int init_r4k_clocksource(void); -static inline int init_mips_clocksource(void) +static __always_inline int init_mips_clocksource(void) { #ifdef CONFIG_CSRC_R4K return init_r4k_clocksource(); From patchwork Fri May 23 04:39:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 892098 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AF5C924DCFB; Fri, 23 May 2025 04:39:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975181; cv=none; b=sKwnmBHkPfMhgOeczyBBL47PVmRjP4mJ/fxHimpSdABoV8vLwdkonPC09KjpXNUcSHHGrZ6ND6++V7A9X02obonALXsYrFqfMVJ5LY2qKcEvkOIExuxS/GnmunnMhls9idQGK+Ad1hxkTulBSZ4unvX1jzi/B3KEWP1/OirU1r8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975181; c=relaxed/simple; bh=hftQ+JwDBzI0zRNacsurrBG64kHnxlfHAL+GJc3UtlU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ViFyFoIR1BE6BQmYUf+1ojfF+7ynyrWfiZQ5vWLQw8MCQc10KF8V5Bs3/NuFtbR451+JWxbQcduCkYkloxIP8nrqvlsSHSWF0YW+1C58cxDI+xVyJe2L+HPBsb8BeQ8qpeyHyyk3n7qsG4FeI226vgdQzHOZuIppUTrqWWZJwJg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Mlt9V43N; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Mlt9V43N" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 375BCC4CEF0; Fri, 23 May 2025 04:39:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1747975181; bh=hftQ+JwDBzI0zRNacsurrBG64kHnxlfHAL+GJc3UtlU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Mlt9V43N3s40KNvwRkfJKjgVKijKqbPLij46HqqlNkvIfoSL+rYnTRagbRTto7C/K 8lYy8Vqp7TbL+nevN/UIpBTjs/XiptxQbwFMSHjovX29YatR87eZXGa5wo9w35cPhn Cefoo+t9qOreQxCbxZcAa0YkQCMkvZrw4A3VgoPMNxG6T2SYs36c/iq02U+MSB9q36 kfcyPIztlB4cObaFoHSd51+ZGbz3F5mBh3nlmSv+d05RczPwBGHTDnXqMJ/Wsu/fFY IDaZlSE5ORjlyuqIi2cwHtzMweQh4kn/Xp2k5lvlHUjzyqNROrExrC8pBmVtDqBVFs RqH/LrMJYFszg== From: Kees Cook To: Arnd Bergmann Cc: Kees Cook , "Gustavo A. R. Silva" , linux-hardening@vger.kernel.org, Christoph Hellwig , Marco Elver , Andrey Konovalov , Andrey Ryabinin , Ard Biesheuvel , Masahiro Yamada , Nathan Chancellor , Nicolas Schier , Nick Desaulniers , Bill Wendling , Justin Stitt , linux-kernel@vger.kernel.org, x86@kernel.org, kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-efi@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH v2 13/14] configs/hardening: Enable CONFIG_KSTACK_ERASE Date: Thu, 22 May 2025 21:39:23 -0700 Message-Id: <20250523043935.2009972-13-kees@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250523043251.it.550-kees@kernel.org> References: <20250523043251.it.550-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1038; i=kees@kernel.org; h=from:subject; bh=hftQ+JwDBzI0zRNacsurrBG64kHnxlfHAL+GJc3UtlU=; b=owGbwMvMwCVmps19z/KJym7G02pJDBn6v38HyWWXKGX9Fha1ip2xar75gzP/j6q95Jmz43H6d fc3TrsmdZSyMIhxMciKKbIE2bnHuXi8bQ93n6sIM4eVCWQIAxenAEyE/SHDX6HNeeWcaw/7rJ2y 6+fW8y+a07ddtX01ccPv5zYrb7rddeNj+MNv+XBylp3fp4kvJqYU+moZvBBbtaU3/mb8VCcD2V+ hfJwA X-Developer-Key: i=kees@kernel.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Since we can wipe the stack with both Clang and GCC plugins, enable this for the "hardening.config" for wider testing. Signed-off-by: Kees Cook --- Cc: "Gustavo A. R. Silva" Cc: --- kernel/configs/hardening.config | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/configs/hardening.config b/kernel/configs/hardening.config index dd7c32fb5ac1..d24c2772d04d 100644 --- a/kernel/configs/hardening.config +++ b/kernel/configs/hardening.config @@ -63,6 +63,9 @@ CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y # Initialize all stack variables to zero on function entry. CONFIG_INIT_STACK_ALL_ZERO=y +# Wipe kernel stack after syscall completion to reduce stale data lifetime. +CONFIG_KSTACK_ERASE=y + # Wipe RAM at reboot via EFI. For more details, see: # https://trustedcomputinggroup.org/resource/pc-client-work-group-platform-reset-attack-mitigation-specification/ # https://bugzilla.redhat.com/show_bug.cgi?id=1532058 From patchwork Fri May 23 04:39:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 892094 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE5852741A6; Fri, 23 May 2025 04:39:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975183; cv=none; b=tqzqikWSmnawmnS9HAbpPveS66uiU603KuaNFz51iU4D9w1Y3izgUOOKjTqzCFsUYQFgafCHY+/FpXfo9Bd4TpeK8g6kBSG33VhvvotITgCDhTpKNAL+tlJm1SyvxYJd5oYJTSZR5NIOxblZ5b5Zbuleh31taUs0I8UMFhHBCPg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747975183; c=relaxed/simple; bh=qfrc6vYarbMRQKv1a7xZvSfoxfkNIKlLJL8wJGuWS5I=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=hlL6b6KDXg+aEoBbifXdQBJQKV1PIu4b65nZ4zVbKQAK2Vty7DHgFCEyZjQFa4/HbJLA5X9emQ9NstRUwwm1Tkpheanv7LmcxbVOhTbWLpF18q9GhNtBNRibBK1wotRB0GMey7viWt1KeUGOls1ZKIiTTAOj3p9HBU8Hp4iYcsU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=fbUGodwJ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="fbUGodwJ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 220CFC4CEEF; Fri, 23 May 2025 04:39:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1747975183; bh=qfrc6vYarbMRQKv1a7xZvSfoxfkNIKlLJL8wJGuWS5I=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fbUGodwJRuPFbGj2rmb07LimNKiilPja/Re2UpMZrtv+LFKGOsocK4ASzPYnRWGAw h0UPFtLNzxHO+L/wp+cfVKPnCLznvwW696LzrGi8kwrTwrLK08IcXb6276wlGkceSF TDV+KhMod7MFWrUddTu1iu76mFX6e2noD89w4oKerMRogRRPXyEm20oO1zZNDq0oEm r3LyFDxJr6pfuSz0GIQzFfIlIWs82juw5aQvWE2KnLB1cbP4NsGPJl4m+29T1RmBvw 0JBNjoPjcg4yhzhjheddU3GoWMuoYxlZphPGvXkkf8Nxmo1qxKKg8KoTFdlh1sQ9k5 jZl4kmogyzHVA== From: Kees Cook To: Arnd Bergmann Cc: Kees Cook , "Gustavo A. R. Silva" , linux-hardening@vger.kernel.org, Christoph Hellwig , Marco Elver , Andrey Konovalov , Andrey Ryabinin , Ard Biesheuvel , Masahiro Yamada , Nathan Chancellor , Nicolas Schier , Nick Desaulniers , Bill Wendling , Justin Stitt , linux-kernel@vger.kernel.org, x86@kernel.org, kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-efi@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH v2 14/14] configs/hardening: Enable CONFIG_INIT_ON_FREE_DEFAULT_ON Date: Thu, 22 May 2025 21:39:24 -0700 Message-Id: <20250523043935.2009972-14-kees@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250523043251.it.550-kees@kernel.org> References: <20250523043251.it.550-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=961; i=kees@kernel.org; h=from:subject; bh=qfrc6vYarbMRQKv1a7xZvSfoxfkNIKlLJL8wJGuWS5I=; b=owGbwMvMwCVmps19z/KJym7G02pJDBn6v/+stliQLFcnI3MhNuGpqrXlscsrPuZ2Pphw9PPty JK/tZMZOkpZGMS4GGTFFFmC7NzjXDzetoe7z1WEmcPKBDKEgYtTACZy9jUjwz9r0T3FG5uDw0+4 eXQIht/dYufivG1V+fbJC4R/a1xouMvIsO2lyatle/N4Tq8Kn/e280RHCuP9s5s4OE3DpW5fOpL 9jgkA X-Developer-Key: i=kees@kernel.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 To reduce stale data lifetimes, enable CONFIG_INIT_ON_FREE_DEFAULT_ON as well. This matches the addition of CONFIG_STACKLEAK=y, which is doing similar for stack memory. Signed-off-by: Kees Cook --- Cc: "Gustavo A. R. Silva" Cc: --- kernel/configs/hardening.config | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/configs/hardening.config b/kernel/configs/hardening.config index d24c2772d04d..64caaf997fc0 100644 --- a/kernel/configs/hardening.config +++ b/kernel/configs/hardening.config @@ -60,6 +60,9 @@ CONFIG_LIST_HARDENED=y # Initialize all heap variables to zero on allocation. CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y +# Initialize all heap variables to zero on free to reduce stale data lifetime. +CONFIG_INIT_ON_FREE_DEFAULT_ON=y + # Initialize all stack variables to zero on function entry. CONFIG_INIT_STACK_ALL_ZERO=y