mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-11-01 00:48:50 +00:00
2d7ce49f58
Enabling CONFIG_KCSAN leads to unconverted, default return thunks to remain after patching. As David Kaplan describes in his debugging of the issue, it is caused by a couple of KCSAN-generated constructors which aren't processed by objtool: "When KCSAN is enabled, GCC generates lots of constructor functions named _sub_I_00099_0 which call __tsan_init and then return. The returns in these are generally annotated normally by objtool and fixed up at runtime. But objtool runs on vmlinux.o and vmlinux.o does not include a couple of object files that are in vmlinux, like init/version-timestamp.o and .vmlinux.export.o, both of which contain _sub_I_00099_0 functions. As a result, the returns in these functions are not annotated, and the panic occurs when we call one of them in do_ctors and it uses the default return thunk. This difference can be seen by counting the number of these functions in the object files: $ objdump -d vmlinux.o|grep -c "<_sub_I_00099_0>:" 2601 $ objdump -d vmlinux|grep -c "<_sub_I_00099_0>:" 2603 If these functions are only run during kernel boot, there is no speculation concern." Fix it by disabling KCSAN on version-timestamp.o and .vmlinux.export.o so the extra functions don't get generated. KASAN and GCOV are already disabled for those files. [ bp: Massage commit message. ] Closes: https://lore.kernel.org/lkml/20231016214810.GA3942238@dev-arch.thelio-3990X/ Reported-by: Nathan Chancellor <nathan@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> Acked-by: Marco Elver <elver@google.com> Tested-by: Nathan Chancellor <nathan@kernel.org> Link: https://lore.kernel.org/r/20231017165946.v4i2d4exyqwqq3bx@treble
64 lines
1.9 KiB
Makefile
64 lines
1.9 KiB
Makefile
# SPDX-License-Identifier: GPL-2.0
|
|
#
|
|
# Makefile for the linux kernel.
|
|
#
|
|
|
|
ccflags-y := -fno-function-sections -fno-data-sections
|
|
|
|
obj-y := main.o version.o mounts.o
|
|
ifneq ($(CONFIG_BLK_DEV_INITRD),y)
|
|
obj-y += noinitramfs.o
|
|
else
|
|
obj-$(CONFIG_BLK_DEV_INITRD) += initramfs.o
|
|
endif
|
|
obj-$(CONFIG_GENERIC_CALIBRATE_DELAY) += calibrate.o
|
|
|
|
obj-y += init_task.o
|
|
|
|
mounts-y := do_mounts.o
|
|
mounts-$(CONFIG_BLK_DEV_RAM) += do_mounts_rd.o
|
|
mounts-$(CONFIG_BLK_DEV_INITRD) += do_mounts_initrd.o
|
|
|
|
#
|
|
# UTS_VERSION
|
|
#
|
|
|
|
smp-flag-$(CONFIG_SMP) := SMP
|
|
preempt-flag-$(CONFIG_PREEMPT_BUILD) := PREEMPT
|
|
preempt-flag-$(CONFIG_PREEMPT_DYNAMIC) := PREEMPT_DYNAMIC
|
|
preempt-flag-$(CONFIG_PREEMPT_RT) := PREEMPT_RT
|
|
|
|
build-version = $(or $(KBUILD_BUILD_VERSION), $(build-version-auto))
|
|
build-timestamp = $(or $(KBUILD_BUILD_TIMESTAMP), $(build-timestamp-auto))
|
|
|
|
# Maximum length of UTS_VERSION is 64 chars
|
|
filechk_uts_version = \
|
|
utsver=$$(echo '$(pound)'"$(build-version)" $(smp-flag-y) $(preempt-flag-y) "$(build-timestamp)" | cut -b -64); \
|
|
echo '$(pound)'define UTS_VERSION \""$${utsver}"\"
|
|
|
|
#
|
|
# Build version.c with temporary UTS_VERSION
|
|
#
|
|
|
|
$(obj)/utsversion-tmp.h: FORCE
|
|
$(call filechk,uts_version)
|
|
|
|
clean-files += utsversion-tmp.h
|
|
|
|
$(obj)/version.o: $(obj)/utsversion-tmp.h
|
|
CFLAGS_version.o := -include $(obj)/utsversion-tmp.h
|
|
|
|
#
|
|
# Build version-timestamp.c with final UTS_VERSION
|
|
#
|
|
|
|
include/generated/utsversion.h: build-version-auto = $(shell $(srctree)/$(src)/build-version)
|
|
include/generated/utsversion.h: build-timestamp-auto = $(shell LC_ALL=C date)
|
|
include/generated/utsversion.h: FORCE
|
|
$(call filechk,uts_version)
|
|
|
|
$(obj)/version-timestamp.o: include/generated/utsversion.h
|
|
CFLAGS_version-timestamp.o := -include include/generated/utsversion.h
|
|
KASAN_SANITIZE_version-timestamp.o := n
|
|
KCSAN_SANITIZE_version-timestamp.o := n
|
|
GCOV_PROFILE_version-timestamp.o := n
|