| Message ID | 74cd9d2e-6052-312a-241e-2b514a75c92c@applied-asynchrony.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | BPF |
| Headers | show |
| Series | bpftool: Always disable stack protection for clang | expand |
| Context | Check | Description |
|---|---|---|
| netdev/tree_selection | success | Not a local patch |
| bpf/vmtest-bpf-PR | success | PR summary |
| bpf/vmtest-bpf-VM_Test-1 | success | Logs for ShellCheck |
| bpf/vmtest-bpf-VM_Test-2 | success | Logs for build for aarch64 with gcc |
| bpf/vmtest-bpf-VM_Test-3 | success | Logs for build for aarch64 with llvm-16 |
| bpf/vmtest-bpf-VM_Test-4 | pending | Logs for build for s390x with gcc |
| bpf/vmtest-bpf-VM_Test-5 | success | Logs for build for x86_64 with gcc |
| bpf/vmtest-bpf-VM_Test-6 | success | Logs for build for x86_64 with llvm-16 |
| bpf/vmtest-bpf-VM_Test-7 | success | Logs for llvm-toolchain |
| bpf/vmtest-bpf-VM_Test-8 | success | Logs for set-matrix |
2023-01-13 14:49 UTC+0100 ~ Holger Hoffstätte <holger@applied-asynchrony.com> > > When the clang toolchain has stack protection enabled in order to be > consistent > with gcc - which just happens to be the case on Gentoo - the bpftool build > fails: > > clang \ > -I. \ > -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/include/uapi/ \ > -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/bpf/bpftool/bootstrap/libbpf/include \ > -g -O2 -Wall -target bpf -c skeleton/pid_iter.bpf.c -o pid_iter.bpf.o > clang \ > -I. \ > -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/include/uapi/ \ > -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/bpf/bpftool/bootstrap/libbpf/include \ > -g -O2 -Wall -target bpf -c skeleton/profiler.bpf.c -o profiler.bpf.o > skeleton/profiler.bpf.c:40:14: error: A call to built-in function > '__stack_chk_fail' is not supported. > int BPF_PROG(fentry_XXX) > ^ > skeleton/profiler.bpf.c:94:14: error: A call to built-in function > '__stack_chk_fail' is not supported. > int BPF_PROG(fexit_XXX) > ^ > 2 errors generated. > > Since stack-protector makes no sense for the BPF bits just unconditionally > disable it. > > Bug: https://bugs.gentoo.org/890638 > Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com> > > --snip-- > > diff a/src/Makefile b/src/Makefile > --- a/src/Makefile > +++ b/src/Makefile > @@ -205,7 +205,7 @@ $(OUTPUT)%.bpf.o: skeleton/%.bpf.c > $(OUTPUT)vmlinux.h $(LIBBPF_BOOTSTRAP) > -I$(or $(OUTPUT),.) \ > -I$(srctree)/include/uapi/ \ > -I$(LIBBPF_BOOTSTRAP_INCLUDE) \ > - -g -O2 -Wall -target bpf -c $< -o $@ > + -g -O2 -Wall -fno-stack-protector -target bpf -c $< -o $@ > $(Q)$(LLVM_STRIP) -g $@ > > $(OUTPUT)%.skel.h: $(OUTPUT)%.bpf.o $(BPFTOOL_BOOTSTRAP) Right, I understand we don't want it when compiling the BPF program from the skeleton. Looks good, thank you! Acked-by: Quentin Monnet <quentin@isovalent.com>
On 1/13/23 3:13 PM, Quentin Monnet wrote: > 2023-01-13 14:49 UTC+0100 ~ Holger Hoffstätte > <holger@applied-asynchrony.com> >> >> When the clang toolchain has stack protection enabled in order to be >> consistent >> with gcc - which just happens to be the case on Gentoo - the bpftool build >> fails: >> >> clang \ >> -I. \ >> -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/include/uapi/ \ >> -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/bpf/bpftool/bootstrap/libbpf/include \ >> -g -O2 -Wall -target bpf -c skeleton/pid_iter.bpf.c -o pid_iter.bpf.o >> clang \ >> -I. \ >> -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/include/uapi/ \ >> -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/bpf/bpftool/bootstrap/libbpf/include \ >> -g -O2 -Wall -target bpf -c skeleton/profiler.bpf.c -o profiler.bpf.o >> skeleton/profiler.bpf.c:40:14: error: A call to built-in function >> '__stack_chk_fail' is not supported. >> int BPF_PROG(fentry_XXX) >> ^ >> skeleton/profiler.bpf.c:94:14: error: A call to built-in function >> '__stack_chk_fail' is not supported. >> int BPF_PROG(fexit_XXX) >> ^ >> 2 errors generated. >> >> Since stack-protector makes no sense for the BPF bits just unconditionally >> disable it. >> >> Bug: https://bugs.gentoo.org/890638 >> Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com> >> >> --snip-- >> >> diff a/src/Makefile b/src/Makefile >> --- a/src/Makefile >> +++ b/src/Makefile >> @@ -205,7 +205,7 @@ $(OUTPUT)%.bpf.o: skeleton/%.bpf.c >> $(OUTPUT)vmlinux.h $(LIBBPF_BOOTSTRAP) >> -I$(or $(OUTPUT),.) \ >> -I$(srctree)/include/uapi/ \ >> -I$(LIBBPF_BOOTSTRAP_INCLUDE) \ >> - -g -O2 -Wall -target bpf -c $< -o $@ >> + -g -O2 -Wall -fno-stack-protector -target bpf -c $< -o $@ >> $(Q)$(LLVM_STRIP) -g $@ >> >> $(OUTPUT)%.skel.h: $(OUTPUT)%.bpf.o $(BPFTOOL_BOOTSTRAP) > > Right, I understand we don't want it when compiling the BPF program from > the skeleton. Looks good, thank you! > > Acked-by: Quentin Monnet <quentin@isovalent.com> LGTM, thanks Holger! Looks like this patch is against GH mirror (https://github.com/libbpf/bpftool). Manually applied it to the upstream tree: https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=878625e1c7a10dfbb1fdaaaae2c4d2a58fbce627 Thanks, Daniel
diff a/src/Makefile b/src/Makefile --- a/src/Makefile +++ b/src/Makefile @@ -205,7 +205,7 @@ $(OUTPUT)%.bpf.o: skeleton/%.bpf.c $(OUTPUT)vmlinux.h $(LIBBPF_BOOTSTRAP) -I$(or $(OUTPUT),.) \ -I$(srctree)/include/uapi/ \ -I$(LIBBPF_BOOTSTRAP_INCLUDE) \ - -g -O2 -Wall -target bpf -c $< -o $@ + -g -O2 -Wall -fno-stack-protector -target bpf -c $< -o $@ $(Q)$(LLVM_STRIP) -g $@ $(OUTPUT)%.skel.h: $(OUTPUT)%.bpf.o $(BPFTOOL_BOOTSTRAP)
When the clang toolchain has stack protection enabled in order to be consistent with gcc - which just happens to be the case on Gentoo - the bpftool build fails: clang \ -I. \ -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/include/uapi/ \ -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/bpf/bpftool/bootstrap/libbpf/include \ -g -O2 -Wall -target bpf -c skeleton/pid_iter.bpf.c -o pid_iter.bpf.o clang \ -I. \ -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/include/uapi/ \ -I/tmp/portage/dev-util/bpftool-6.0.12/work/linux-6.0/tools/bpf/bpftool/bootstrap/libbpf/include \ -g -O2 -Wall -target bpf -c skeleton/profiler.bpf.c -o profiler.bpf.o skeleton/profiler.bpf.c:40:14: error: A call to built-in function '__stack_chk_fail' is not supported. int BPF_PROG(fentry_XXX) ^ skeleton/profiler.bpf.c:94:14: error: A call to built-in function '__stack_chk_fail' is not supported. int BPF_PROG(fexit_XXX) ^ 2 errors generated. Since stack-protector makes no sense for the BPF bits just unconditionally disable it. Bug: https://bugs.gentoo.org/890638 Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com> --snip--