Re: [GIT PULL] hardening updates for v6.17-rc1

[Kees Cook]

On July 28, 2025 5:43:08 PM PDT, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>On Mon, 28 Jul 2025 at 17:01, Kees Cook <kees@xxxxxxxxxx> wrote:
>>
>> Please pull these hardening updates for v6.17-rc1. Some notable things
>> that stand out diffstat: there are many scattered changes across arch code
>> to clean up __init vs KCOV instrumentation. Most are landing here via
>> the hardening tree but 2 landed separately in their respective trees:
>> loongarch in v6.16 already, and platform-drivers-x86 that is queued
>> for merging:
>
>Is this the cause of the new
>
>  section mismatch in reference: volume_set_software_mute+0x6f
>(section: .text.unlikely) -> tpacpi_is_lenovo (section: .init.text)
>
>warning?
>
>It does seem to be a preexisting bug, with volume_set_software_mute()
>(not init) calling tpacpi_is_lenovo (which is marked __init for some
>unknown crazy reason).
>
>I'm just not seeing what changed to *not* inline that trivial
>single-instruction thing. So something really bad is happening to the
>compiler because of this hardening change.

The change is actually *removing* sanitizer instrumentation from __init functions, and this seems to cause GCC to play weird games with inline vs section markings vs coverage sanitizer options. I scratched my head over it for a while but since GCC has had this kind of "unstable" inlining behavior before, it looked like the fix in similar situations was to switch it to __always_inline. In other cases the use of __init was adjusted.

The fix is part of the platform-drivers-x86 PR, specifically:
https://lore.kernel.org/lkml/20250529181831.work.439-kees@xxxxxxxxxx/

-Kees

-- 
Kees Cook