[PATCH] x86: Allow for exclusions in checking RETHUNK

From: Kees Cook
Date: Wed Jul 13 2022 - 17:31:43 EST

Next message: Daniel Bristot de Oliveira: "Re: [PATCH] rtla: Fix Makefile when called from -C tools/"
Previous message: Srivatsa S. Bhat: "Re: [PATCH] sched/deadline: Fix BUG_ON condition for deboosted tasks"
Next in thread: Josh Poimboeuf: "Re: [PATCH] x86: Allow for exclusions in checking RETHUNK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

LKDTM builds a "just return" function that lives in .rodata, but this
creates problems when validating alternatives in the face of RETHUNK.
Export RETHUNK_CFLAGS so they can be disabled for the LKDTM function,
and ask objtool to ignore this function. (Use of STACK_FRAME_NON_STANDARD
here seems to generate a non-.rela section, that needed to be adjusted.)

Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
Link: https://lore.kernel.org/lkml/Ys58BxHxoDZ7rfpr@xsang-OptiPlex-9020/
Debugged-by: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Fixes: ee88d363d156 ("x86,static_call: Use alternative RET encoding")
Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: x86@xxxxxxxxxx
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
arch/x86/Makefile | 1 +
drivers/misc/lkdtm/Makefile | 2 +-
drivers/misc/lkdtm/rodata.c | 4 ++++
tools/objtool/check.c | 4 +++-
4 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/arch/x86/Makefile b/arch/x86/Makefile
index 1f40dad30d50..7854685c5f25 100644
--- a/arch/x86/Makefile
+++ b/arch/x86/Makefile
@@ -27,6 +27,7 @@ RETHUNK_CFLAGS := -mfunction-return=thunk-extern
RETPOLINE_CFLAGS += $(RETHUNK_CFLAGS)
endif

+export RETHUNK_CFLAGS
export RETPOLINE_CFLAGS
export RETPOLINE_VDSO_CFLAGS

diff --git a/drivers/misc/lkdtm/Makefile b/drivers/misc/lkdtm/Makefile
index 2e0aa74ac185..fd96ac1617f7 100644
--- a/drivers/misc/lkdtm/Makefile
+++ b/drivers/misc/lkdtm/Makefile
@@ -16,7 +16,7 @@ lkdtm-$(CONFIG_PPC_64S_HASH_MMU) += powerpc.o
KASAN_SANITIZE_rodata.o := n
KASAN_SANITIZE_stackleak.o := n
KCOV_INSTRUMENT_rodata.o := n
-CFLAGS_REMOVE_rodata.o += $(CC_FLAGS_LTO)
+CFLAGS_REMOVE_rodata.o += $(CC_FLAGS_LTO) $(RETHUNK_CFLAGS)

OBJCOPYFLAGS :=
OBJCOPYFLAGS_rodata_objcopy.o := \
diff --git a/drivers/misc/lkdtm/rodata.c b/drivers/misc/lkdtm/rodata.c
index baacb876d1d9..708a2558a7ac 100644
--- a/drivers/misc/lkdtm/rodata.c
+++ b/drivers/misc/lkdtm/rodata.c
@@ -4,8 +4,12 @@
* (via objcopy tricks), to validate the non-executability of .rodata.
*/
#include "lkdtm.h"
+#include <linux/objtool.h>

void noinstr lkdtm_rodata_do_nothing(void)
{
/* Does nothing. We just want an architecture agnostic "return". */
}
+
+/* This is a lie, but given the objcopy, we need objtool to ignore it. */
+STACK_FRAME_NON_STANDARD(lkdtm_rodata_do_nothing);
diff --git a/tools/objtool/check.c b/tools/objtool/check.c
index b341f8a8c7c5..c1b58a682ace 100644
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -902,6 +902,8 @@ static void add_ignores(struct objtool_file *file)
struct reloc *reloc;

sec = find_section_by_name(file->elf, ".rela.discard.func_stack_frame_non_standard");
+ if (!sec)
+ sec = find_section_by_name(file->elf, ".discard.func_stack_frame_non_standard");
if (!sec)
return;

@@ -3719,7 +3721,7 @@ static int validate_retpoline(struct objtool_file *file)
insn->type != INSN_RETURN)
continue;

- if (insn->retpoline_safe)
+ if (insn->retpoline_safe || insn->ignore)
continue;

/*
--
2.32.0

Next message: Daniel Bristot de Oliveira: "Re: [PATCH] rtla: Fix Makefile when called from -C tools/"
Previous message: Srivatsa S. Bhat: "Re: [PATCH] sched/deadline: Fix BUG_ON condition for deboosted tasks"
Next in thread: Josh Poimboeuf: "Re: [PATCH] x86: Allow for exclusions in checking RETHUNK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]