From patchwork Thu Jan 12 23:40:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 9514425 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 6A13960710 for ; Thu, 12 Jan 2017 23:40:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 71C392862E for ; Thu, 12 Jan 2017 23:40:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 655DE28666; Thu, 12 Jan 2017 23:40:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BC6B22862E for ; Thu, 12 Jan 2017 23:40:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750888AbdALXko (ORCPT ); Thu, 12 Jan 2017 18:40:44 -0500 Received: from mail-it0-f54.google.com ([209.85.214.54]:38482 "EHLO mail-it0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750878AbdALXkn (ORCPT ); Thu, 12 Jan 2017 18:40:43 -0500 Received: by mail-it0-f54.google.com with SMTP id x2so25891762itf.1 for ; Thu, 12 Jan 2017 15:40:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=StRg33M1BK9QCgfnFhhTzV+JJx30Da8vS/1ExQpecK4=; b=sdSEZDWnrgbY2BoXJHnmEoEVAhIgL82sAubxi4CCleNS6Kag2HjOPSoNSR27nEZ6nn +nU+LFq/Z0o6Llm/NMP/PpPniTEXeftwNygKkarypsR1Eyvem+jnSQtmMeOi1ioWkid5 uZIcbKjjikADxAGTD2W0RNIxTunYh99NJgdWHw4bfYOQ97xibseGXu6fjM+Ol2VhHSBa 7w4EGkRomfRZeJxPlXbwnhSeDaYVYmUL9wvf+XX1GwQPt5pY+cEhVx7Mwthg0E+gBXzD itbKH6MwFSkarI9/qVABzFwqK6eTQjddWD6mSQV1W2uPVQi8ZSuHkqf0bwvI2YrcmuRy k0ig== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=StRg33M1BK9QCgfnFhhTzV+JJx30Da8vS/1ExQpecK4=; b=CvwMGAwgGuRys7wypTOF3UJ4HI3c8NxFrG4aIXWkq43Yn5Eex0h/A1dVYqF78fYDlp p7/JjbU9Ycuz968mIOgV6ymYqcCMO9J2oMQpoxOcKro8y5jGXH/MxmIBGqa7q7daLsT0 mLZTxMlXIpngOqs1iMq78X+ToTb8sqsQLnZpk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-transfer-encoding; bh=StRg33M1BK9QCgfnFhhTzV+JJx30Da8vS/1ExQpecK4=; b=jJ5I+dy06KZ1cUsBujAzkSfAZRXx1LDeGCpiCsYU3rkxprHzccZjH4lKQhHBKnN6iu I1INoIad9N2VMkBtuRjp/o0r8MoncWYwXfAu3v3csRcv08hexWC3bUYZHh73tEeq3j0A E9jQn0GLEy8L5IODlU3U0r5XfRX6Svcmm/XpdHH257xIBguKxa2DCRcDcG0iXfoz1R50 SsOSNCoGj8PEixkaDikwoijnDNRxHy4BNuVit2yMWUaQsLQoNZb7kV8qVB8eIQ+7FI/7 U6dAYotn/9rI1y3RFgfWj1TDw+2pqeVGzoB6R118ZIrX5W0DwXss6gYVE8YvKSomr/qZ FoBw== X-Gm-Message-State: AIkVDXK/og6EZsCDLaKmbZXgfQ6LoU7AzOLZ1DIzkBtqIx0oDETbYj5im93AvD6vkwLAhj8gHGAWGoKytwUtupfJ X-Received: by 10.36.194.70 with SMTP id i67mr614025itg.21.1484264442586; Thu, 12 Jan 2017 15:40:42 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.143.138 with HTTP; Thu, 12 Jan 2017 15:40:41 -0800 (PST) In-Reply-To: References: <1481925984-98605-1-git-send-email-keescook@chromium.org> <20161219121046.646e5ef425178fce8c2cb555@gmail.com> <20170111012459.c0a0c615c99a389e4d89c8b5@gmail.com> <20170112224116.680debbf6f5c288ba51a46c0@gmail.com> From: Kees Cook Date: Thu, 12 Jan 2017 15:40:41 -0800 X-Google-Sender-Auth: dH1zcEbGlb6efr8crH_PBl3zJO4 Message-ID: Subject: Re: [PATCH v4 0/4] Introduce the initify gcc plugin To: Emese Revfy Cc: "kernel-hardening@lists.openwall.com" , LKML , Arnd Bergmann , Josh Triplett , PaX Team , Brad Spengler , Michal Marek , Masahiro Yamada , linux-kbuild , minipli@ld-linux.so, Russell King , Catalin Marinas , Rasmus Villemoes , David Brown , "benh@kernel.crashing.org" , Thomas Gleixner , Andrew Morton , Jeff Layton , Sam Ravnborg Sender: linux-kbuild-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On Thu, Jan 12, 2017 at 3:27 PM, Kees Cook wrote: > On Thu, Jan 12, 2017 at 1:41 PM, Emese Revfy wrote: >> On Tue, 10 Jan 2017 17:09:31 -0800 >> Kees Cook wrote: >> >>> WARNING: vmlinux.o(.text+0x1087e7): Section mismatch in reference from >>> the function rebind_subsystems() to the variable >>> .init.rodata.str:__func__.4400 >>> The function rebind_subsystems() references >>> the variable __initconst __func__.4400. >>> This is often because rebind_subsystems lacks a __initconst >>> annotation or the annotation of __func__.4400 is wrong. >> >> Thanks for the report, you can find the fix here: >> https://github.com/ephox-gcc-plugins/initify/commit/25f34834e3373e067133bc5d39d42c50a3592d56 > > Awesome! I can confirm, it builds without warnings now. Thanks! Hm, actually, with an "allyesconfig" build, I'm still seeing warnings (and possibly some nocapture verification failures). Most look like this: WARNING: drivers/clk/bcm/built-in.o(.text+0xec2): Section mismatch in reference from the function clk_gate() to the variable .init.rodata.str:__func__.29708 The function clk_gate() references the variable __initconst __func__.29708. This is often because clk_gate lacks a __initconst annotation or the annotation of __func__.29708 is wrong. And there's this (should KASAN be disabled for initify?) mm/kasan/kasan.c: In function ‘memmove’: mm/kasan/kasan.c:346:7: warning: ‘memmove’ captures its 2 (‘src’) parameter, please remove it from the nocapture attribute. void *memmove(void *dest, const void *src, size_t len) ^ mm/kasan/kasan.c: In function ‘memcpy’: mm/kasan/kasan.c:355:7: warning: ‘memcpy’ captures its 2 (‘src’) parameter, please remove it from the nocapture attribute. void *memcpy(void *dest, const void *src, size_t len) ^ And ACPI: drivers/acpi/acpica/utdebug.c: In function ‘acpi_debug_print’: drivers/acpi/acpica/utdebug.c:158:1: warning: ‘acpi_debug_print’ captures its 3 (‘function_name’) parameter, please remove it from the nocapture attribute. acpi_debug_print(u32 requested_debug_level, ^ I used my initify v5 development tree, with the following patch, with "make allyesconfig": http://git.kernel.org/cgit/linux/kernel/git/kees/linux.git/log/?h=for-next/gcc-plugin/initify static analysis. @@ -429,6 +428,7 @@ config GCC_PLUGIN_INITIFY config GCC_PLUGIN_INITIFY_VERBOSE bool "Report initification" depends on GCC_PLUGIN_INITIFY + depends on !COMPILE_TEST help Print all initified strings and all functions which should be __init/__exit. I'll see if acpi needs __noverified_nocapture ... -Kees diff --git a/arch/Kconfig b/arch/Kconfig index b6009a21ebea..5693ef5f22c8 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -359,7 +359,6 @@ config HAVE_GCC_PLUGINS menuconfig GCC_PLUGINS bool "GCC plugins" depends on HAVE_GCC_PLUGINS - depends on !COMPILE_TEST help GCC plugins are loadable modules that provide extra features to the compiler. They are useful for runtime instrumentation and