-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SRSO] mitigations cause unable to move location counter backward for: .text
for LTO
#1909
Comments
@samitolvanen and I had a conversation about this on internal chat:
on a hunch, I tried simply renaming the section and that seems to fix this. diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index eb1326602e8a..e5bde2e64a62 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -142,7 +142,7 @@ SECTIONS
ALIGN_ENTRY_TEXT_BEGIN
#ifdef CONFIG_CPU_SRSO
- *(.text.__x86.rethunk_untrain)
+ *(.__x86.rethunk_untrain)
#endif
ENTRY_TEXT
@@ -155,7 +155,7 @@ SECTIONS
ASSERT((srso_untrain_ret_alias & (PMD_SIZE - 1)) == 0,
"srso_untrain_ret_alias is not 2MiB aligned");
. = srso_untrain_ret_alias | (1 << 2) | (1 << 8) | (1 << 14) | (1 << 20);
- *(.text.__x86.rethunk_safe)
+ *(.__x86.rethunk_safe)
#endif
ALIGN_ENTRY_TEXT_END
*(.gnu.warning)
diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S
index 2cff585f22f2..df29da82993c 100644
--- a/arch/x86/lib/retpoline.S
+++ b/arch/x86/lib/retpoline.S
@@ -148,7 +148,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array)
* As a result, srso_safe_ret_alias() becomes a safe return.
*/
#ifdef CONFIG_CPU_SRSO
- .section .text.__x86.rethunk_untrain
+ .section .__x86.rethunk_untrain, "ax"
SYM_START(srso_untrain_ret_alias, SYM_L_GLOBAL, SYM_A_NONE)
ANNOTATE_NOENDBR
@@ -158,7 +158,7 @@ SYM_START(srso_untrain_ret_alias, SYM_L_GLOBAL, SYM_A_NONE)
SYM_FUNC_END(srso_untrain_ret_alias)
__EXPORT_THUNK(srso_untrain_ret_alias)
- .section .text.__x86.rethunk_safe
+ .section .__x86.rethunk_safe, "ax"
#endif
/* Needs a definition for the __x86_return_thunk alternative below. */ And that works:
I'm trying to remember if globbing rules for input sections in linker scripts came up before. Perhaps this should be fixed in LLD? It's surprising to me that |
Ha, I think this series might need to be fast tracked and be updated for SRSO... https://lore.kernel.org/[email protected]/ EDIT: Or at least the first patch. |
Yeah, that series is in -next and I can see that Stephen fixed up the merge conflict with respect to SRSO: https://lore.kernel.org/[email protected]/ If I apply the proposed fix for #1907 on top of |
FWICT, it seems like LLD matches the behavior of BFD for globbing. __attribute__((section(".text.10.hot")))
int bar2 = -1;
__attribute__((section(".text.10")))
int foo2 = 42;
int main() {
return foo2 + bar2;
}
So With the addition of the linker script and my knowledge of how regexes work (apparently everywhere BUT linkerscripts), I'd have expected:
Instead, we get the unexpected order:
Where
I swear @MaskRay explained this to us once before somewhere...but those experiments make it look to me less like any kind of bug in LLD and more like a general hazard when using globbing rules on input sections in linker scripts. I'm not sure this surprising behavior is documented
Ah, yeah! That looks like the same issue and sfr has fixed it in the new places, too. That fixed up version resolves the issue for me. Boris also mentioned on IRC:
Though what's in tip is the old/broken version |
I have pushed https://github.com/ClangBuiltLinux/linux/commits/srso-fixes for testing. |
unable to move location counter backward for: .text
for LTOunable to move location counter backward for: .text
for LTO
I've left this message to Boris on IRC:
|
Two patches from https://github.com/ClangBuiltLinux/tree/srso-fixes have to be brought up due to linking issues with LLD and Clang LTO. These are tracked as two separate issues: ClangBuiltLinux/linux#1907 and ClangBuiltLinux/linux#1909 Signed-off-by: Albert I <[email protected]>
Two patches from https://github.com/ClangBuiltLinux/linux/tree/srso-fixes have to be brought up due to linking issues with LLD and Clang LTO. These are tracked as two separate issues: ClangBuiltLinux/linux#1907 and ClangBuiltLinux/linux#1909 Signed-off-by: Albert I <[email protected]>
Patch has been picked up in |
* fix: remove flags not available in clang 15 * ci: move toolchain to llvm-git, drop patch for clang15 workaround * ci: use wildcard for safe directory workaround * ci: install llvm and upgrade all packages LLVM is already trimmed from upstream container * patch: fix LTO build with SRSO patch to fix this is from https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/diff/?id=79cd2a11224eab86d6673fe8a11d2046ae9d2757 Ref: ClangBuiltLinux/linux#1909 * patch: adapt srso lto fix to 6.1 * misc: fix typo, rename `build-lts` to `build`
The fix is now in mainline: https://git.kernel.org/linus/79cd2a11224eab86d6673fe8a11d2046ae9d2757 It has been backported to 6.4 so far but it should go back to 6.1 and 5.15, it appears the conflicts/issues with all the SRSO fixes have delayed these backports past 6.4 for now. |
Do we want to keep this open to track backports? |
Sure. |
Stable patches out for review. 6.1: https://lore.kernel.org/[email protected]/ |
Now released in stable kernels: 6.1: https://git.kernel.org/stable/c/c8b056a3b4ebb33adbb873cab152ed499d1a1dcb |
As reported by @nathanchance here
The text was updated successfully, but these errors were encountered: