From patchwork Fri Oct 9 16:13:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sami Tolvanen X-Patchwork-Id: 11826461 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A299815E6 for ; Fri, 9 Oct 2020 16:13:57 +0000 (UTC) Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.kernel.org (Postfix) with SMTP id 6105422261 for ; Fri, 9 Oct 2020 16:13:55 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="vhS3dYYv" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6105422261 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kernel-hardening-return-20131-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com Received: (qmail 1067 invoked by uid 550); 9 Oct 2020 16:13:54 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 1032 invoked from network); 9 Oct 2020 16:13:53 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:message-id:mime-version:subject:from:to:cc; bh=U16gZthY7GiG18hos+s39UYV/dexC5axxz2McFtoNlo=; b=vhS3dYYv7bY+kDyncQJsbZHYYRW1XDqySvWZWDFarm0NAC6t9TncD/IBNB/bSb7aeW yO1QWKnY9zZuRVt0I5ketNvf2kwK6hQr/FtPX4aTTCjPQpQH9Kg5pG4twJezVXWA7gG5 q61G4nTK1e1JfKvUs62OWO2wUvu5uFU95sw9VJOgMZ84UQFi9tifXdq1QzQQb9/Q4Bar SMjL1y00LJghai39w0XQPvPAqn9xpZkft1LV9D9T1plKJclDr7pQLMRdfPsbiVEMAusr HQiAgzqgWCYnbolCw3ACEgXYwB2G6s0voPqAnEYoukixEBca0YeYYXWai/YvJXDmoRdf XvCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:message-id:mime-version:subject:from :to:cc; bh=U16gZthY7GiG18hos+s39UYV/dexC5axxz2McFtoNlo=; b=gQKbMU1yZ7cgDRUodSGUOmTcPInXY8+UU3/g7QyKTv8zvCC3wAK3+C17ocLSUX3I6g y1jgmML2HAsnElOhl3iPUjl4Y/9+/8llfCIfN+klEANRiIonNpxawwBVEoZPrI9BY7ut lvxSXd8fZVUN98RiJJE5Xbnd+Uoy41Tn5NHEI0o/MoQVIb9WFU+zywSKCfMJFfEsQmsP fXdpcABC+q1iLM/o0GQ0luoYCLUkSnBTx3J5aDFV1fzKnmfcdir/w1nJL2m0NYZ5tt8I l5mm/AjnQhDCq1kCCTrMmF5jpSqoCuzwUhcfovkh2H7vw7QO8p2NLuBcqU8dM/WY4itu 4MfQ== X-Gm-Message-State: AOAM532norQSy+cIbGsuqXLQsz2TW4F7n9yEYcZAl4uufoutJj+ALgEG F5yF06a82t3bWpRj0T4Xdm0u7WDwgzq9ao1ME4o= X-Google-Smtp-Source: ABdhPJwbxDO8SrAUtzuxujURZ/yjaUl/YNSKyWSLiFwER3BiW6zhR2u6G2f7Brx3XJ1eZPqqUJbUpRgrV5plJ6K3FIk= Sender: "samitolvanen via sendgmr" X-Received: from samitolvanen1.mtv.corp.google.com ([2620:15c:201:2:f693:9fff:fef4:1b6d]) (user=samitolvanen job=sendgmr) by 2002:aa7:8812:0:b029:154:e0ed:1fed with SMTP id c18-20020aa788120000b0290154e0ed1fedmr12987823pfo.33.1602260020696; Fri, 09 Oct 2020 09:13:40 -0700 (PDT) Date: Fri, 9 Oct 2020 09:13:09 -0700 Message-Id: <20201009161338.657380-1-samitolvanen@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.28.0.1011.ga647a8990f-goog Subject: [PATCH v5 00/29] Add support for Clang LTO From: Sami Tolvanen To: Masahiro Yamada , Will Deacon , Steven Rostedt Cc: Peter Zijlstra , Greg Kroah-Hartman , "Paul E. McKenney" , Kees Cook , Nick Desaulniers , clang-built-linux@googlegroups.com, kernel-hardening@lists.openwall.com, linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-pci@vger.kernel.org, x86@kernel.org, Sami Tolvanen This patch series adds support for building x86_64 and arm64 kernels with Clang's Link Time Optimization (LTO). In addition to performance, the primary motivation for LTO is to allow Clang's Control-Flow Integrity (CFI) to be used in the kernel. Google has shipped millions of Pixel devices running three major kernel versions with LTO+CFI since 2018. Most of the patches are build system changes for handling LLVM bitcode, which Clang produces with LTO instead of ELF object files, postponing ELF processing until a later stage, and ensuring initcall ordering. Note that this version is based on tip/master to reduce the number of prerequisite patches, and to make it easier to manage changes to objtool. Patch 1 is from Masahiro's kbuild tree, and while it's not directly related to LTO, it makes the module linker script changes cleaner. Furthermore, patches 2-6 include Peter's patch for generating __mcount_loc with objtool, and build system changes to enable it on x86. With these patches, we no longer need to annotate functions that have non-call references to __fentry__ with LTO, which greatly simplifies supporting dynamic ftrace. You can also pull this series from https://github.com/samitolvanen/linux.git lto-v5 --- Changes in v5: - Rebased on top of tip/master. - Changed the command line for objtool to use --vmlinux --duplicate to disable warnings about retpoline thunks and to fix .orc_unwind generation for vmlinux.o. - Added --noinstr flag to objtool, so we can use --vmlinux without also enabling noinstr validation. - Disabled objtool's unreachable instruction warnings with LTO to disable false positives for the int3 padding in vmlinux.o. - Added ANNOTATE_RETPOLINE_SAFE annotations to the indirect jumps in x86 assembly code to fix objtool warnings with retpoline. - Fixed modpost warnings about missing version information with CONFIG_MODVERSIONS. - Included Makefile.lib into Makefile.modpost for ld_flags. Thanks to Sedat for pointing this out. - Updated the help text for ThinLTO to better explain the trade-offs. - Updated commit messages with better explanations. Changes in v4: - Fixed a typo in Makefile.lib to correctly pass --no-fp to objtool. - Moved ftrace configs related to generating __mcount_loc to Kconfig, so they are available also in Makefile.modfinal. - Dropped two prerequisite patches that were merged to Linus' tree. Changes in v3: - Added a separate patch to remove the unused DISABLE_LTO treewide, as filtering out CC_FLAGS_LTO instead is preferred. - Updated the Kconfig help to explain why LTO is behind a choice and disabled by default. - Dropped CC_FLAGS_LTO_CLANG, compiler-specific LTO flags are now appended directly to CC_FLAGS_LTO. - Updated $(AR) flags as KBUILD_ARFLAGS was removed earlier. - Fixed ThinLTO cache handling for external module builds. - Rebased on top of Masahiro's patch for preprocessing modules.lds, and moved the contents of module-lto.lds to modules.lds.S. - Moved objtool_args to Makefile.lib to avoid duplication of the command line parameters in Makefile.modfinal. - Clarified in the commit message for the initcall ordering patch that the initcall order remains the same as without LTO. - Changed link-vmlinux.sh to use jobserver-exec to control the number of jobs started by generate_initcall_ordering.pl. - Dropped the x86/relocs patch to whitelist L4_PAGE_OFFSET as it's no longer needed with ToT kernel. - Disabled LTO for arch/x86/power/cpu.c to work around a Clang bug with stack protector attributes. Changes in v2: - Fixed -Wmissing-prototypes warnings with W=1. - Dropped cc-option from -fsplit-lto-unit and added .thinlto-cache scrubbing to make distclean. - Added a comment about Clang >=11 being required. - Added a patch to disable LTO for the arm64 KVM nVHE code. - Disabled objtool's noinstr validation with LTO unless enabled. - Included Peter's proposed objtool mcount patch in the series and replaced recordmcount with the objtool pass to avoid whitelisting relocations that are not calls. - Updated several commit messages with better explanations. Masahiro Yamada (1): kbuild: preprocess module linker script Peter Zijlstra (1): objtool: Add a pass for generating __mcount_loc Sami Tolvanen (27): objtool: Don't autodetect vmlinux.o tracing: move function tracer options to Kconfig tracing: add support for objtool mcount x86, build: use objtool mcount treewide: remove DISABLE_LTO kbuild: add support for Clang LTO kbuild: lto: fix module versioning objtool: Split noinstr validation from --vmlinux kbuild: lto: postpone objtool kbuild: lto: limit inlining kbuild: lto: merge module sections kbuild: lto: remove duplicate dependencies from .mod files init: lto: ensure initcall ordering init: lto: fix PREL32 relocations PCI: Fix PREL32 relocations for LTO modpost: lto: strip .lto from module names scripts/mod: disable LTO for empty.c efi/libstub: disable LTO drivers/misc/lkdtm: disable LTO for rodata.o arm64: vdso: disable LTO KVM: arm64: disable LTO for the nVHE directory arm64: disable recordmcount with DYNAMIC_FTRACE_WITH_REGS arm64: allow LTO_CLANG and THINLTO to be selected x86/asm: annotate indirect jumps x86, vdso: disable LTO only for vDSO x86, cpu: disable LTO for cpu.c x86, build: allow LTO_CLANG and THINLTO to be selected .gitignore | 1 + Makefile | 68 +++-- arch/Kconfig | 74 +++++ arch/arm/Makefile | 4 - .../module.lds => include/asm/module.lds.h} | 2 + arch/arm64/Kconfig | 4 + arch/arm64/Makefile | 4 - .../module.lds => include/asm/module.lds.h} | 2 + arch/arm64/kernel/vdso/Makefile | 4 +- arch/arm64/kvm/hyp/nvhe/Makefile | 4 +- arch/ia64/Makefile | 1 - .../{module.lds => include/asm/module.lds.h} | 0 arch/m68k/Makefile | 1 - .../module.lds => include/asm/module.lds.h} | 0 arch/powerpc/Makefile | 1 - .../module.lds => include/asm/module.lds.h} | 0 arch/riscv/Makefile | 3 - .../module.lds => include/asm/module.lds.h} | 3 +- arch/sparc/vdso/Makefile | 2 - arch/um/include/asm/Kbuild | 1 + arch/x86/Kconfig | 3 + arch/x86/Makefile | 5 + arch/x86/entry/vdso/Makefile | 5 +- arch/x86/kernel/acpi/wakeup_64.S | 2 + arch/x86/platform/pvh/head.S | 2 + arch/x86/power/Makefile | 4 + arch/x86/power/hibernate_asm_64.S | 3 + drivers/firmware/efi/libstub/Makefile | 2 + drivers/misc/lkdtm/Makefile | 1 + include/asm-generic/Kbuild | 1 + include/asm-generic/module.lds.h | 10 + include/asm-generic/vmlinux.lds.h | 11 +- include/linux/init.h | 79 ++++- include/linux/pci.h | 19 +- kernel/Makefile | 3 - kernel/trace/Kconfig | 29 ++ scripts/.gitignore | 1 + scripts/Makefile | 3 + scripts/Makefile.build | 69 +++-- scripts/Makefile.lib | 17 +- scripts/Makefile.modfinal | 29 +- scripts/Makefile.modpost | 25 +- scripts/generate_initcall_order.pl | 270 ++++++++++++++++++ scripts/link-vmlinux.sh | 98 ++++++- scripts/mod/Makefile | 1 + scripts/mod/modpost.c | 16 +- scripts/mod/modpost.h | 9 + scripts/mod/sumversion.c | 6 +- scripts/{module-common.lds => module.lds.S} | 31 ++ scripts/package/builddeb | 2 +- tools/objtool/builtin-check.c | 10 +- tools/objtool/check.c | 84 +++++- tools/objtool/include/objtool/builtin.h | 2 +- tools/objtool/include/objtool/check.h | 1 + tools/objtool/include/objtool/objtool.h | 1 + tools/objtool/objtool.c | 1 + 56 files changed, 903 insertions(+), 131 deletions(-) rename arch/arm/{kernel/module.lds => include/asm/module.lds.h} (72%) rename arch/arm64/{kernel/module.lds => include/asm/module.lds.h} (76%) rename arch/ia64/{module.lds => include/asm/module.lds.h} (100%) rename arch/m68k/{kernel/module.lds => include/asm/module.lds.h} (100%) rename arch/powerpc/{kernel/module.lds => include/asm/module.lds.h} (100%) rename arch/riscv/{kernel/module.lds => include/asm/module.lds.h} (84%) create mode 100644 include/asm-generic/module.lds.h create mode 100755 scripts/generate_initcall_order.pl rename scripts/{module-common.lds => module.lds.S} (59%) base-commit: 80396d76da65fc8b82581c0260c25a6aa0a495a3