| Message ID | 20250409160409.work.168-kees@kernel.org (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | gcc-plugins: Remove ARM_SSP_PER_TASK plugin | expand |
On Wed, 9 Apr 2025 at 18:04, Kees Cook <kees@kernel.org> wrote: > > As part of trying to remove GCC plugins from Linux, drop the > ARM_SSP_PER_TASK plugin. The feature is available upstream since GCC > 12, so anyone needing newer kernels with per-task ssp can update their > compiler[1]. > > Suggested-by: Arnd Bergmann <arnd@arndb.de> > Link: https://lore.kernel.org/all/08393aa3-05a3-4e3f-8004-f374a3ec4b7e@app.fastmail.com/ [1] > Signed-off-by: Kees Cook <kees@kernel.org> > --- > Cc: Ard Biesheuvel <ardb@kernel.org> > Cc: Chris Packham <chris.packham@alliedtelesis.co.nz> > Cc: Douglas Anderson <dianders@chromium.org> > Cc: Russell King <linux@armlinux.org.uk> > Cc: Masahiro Yamada <masahiroy@kernel.org> > Cc: Nathan Chancellor <nathan@kernel.org> > Cc: Nicolas Schier <nicolas@fjasle.eu> > Cc: "Russell King (Oracle)" <rmk+kernel@armlinux.org.uk> > Cc: Linus Walleij <linus.walleij@linaro.org> > Cc: Andrew Davis <afd@ti.com> > Cc: Seung-Woo Kim <sw0312.kim@samsung.com> > Cc: Xin Li <xin3.li@intel.com> > Cc: Jinjie Ruan <ruanjinjie@huawei.com> > Cc: linux-arm-kernel@lists.infradead.org > Cc: linux-hardening@vger.kernel.org > Cc: linux-kbuild@vger.kernel.org > --- > arch/arm/Kconfig | 3 +- > arch/arm/boot/compressed/Makefile | 2 +- > scripts/Makefile.gcc-plugins | 6 - > scripts/gcc-plugins/Kconfig | 4 - > scripts/gcc-plugins/arm_ssp_per_task_plugin.c | 107 ------------------ > 5 files changed, 2 insertions(+), 120 deletions(-) > delete mode 100644 scripts/gcc-plugins/arm_ssp_per_task_plugin.c > Acked-by: Ard Biesheuvel <ardb@kernel.org> > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig > index 835b5f100e92..6f037edf0f41 100644 > --- a/arch/arm/Kconfig > +++ b/arch/arm/Kconfig > @@ -1379,8 +1379,7 @@ config CC_HAVE_STACKPROTECTOR_TLS > config STACKPROTECTOR_PER_TASK > bool "Use a unique stack canary value for each task" > depends on STACKPROTECTOR && CURRENT_POINTER_IN_TPIDRURO && !XIP_DEFLATED_DATA > - depends on GCC_PLUGINS || CC_HAVE_STACKPROTECTOR_TLS > - select GCC_PLUGIN_ARM_SSP_PER_TASK if !CC_HAVE_STACKPROTECTOR_TLS > + depends on CC_HAVE_STACKPROTECTOR_TLS > default y > help > Due to the fact that GCC uses an ordinary symbol reference from > diff --git a/arch/arm/boot/compressed/Makefile b/arch/arm/boot/compressed/Makefile > index 945b5975fce2..d61369b1eabe 100644 > --- a/arch/arm/boot/compressed/Makefile > +++ b/arch/arm/boot/compressed/Makefile > @@ -96,7 +96,7 @@ KBUILD_CFLAGS += -DDISABLE_BRANCH_PROFILING > > ccflags-y := -fpic $(call cc-option,-mno-single-pic-base,) -fno-builtin \ > -I$(srctree)/scripts/dtc/libfdt -fno-stack-protector \ > - -I$(obj) $(DISABLE_ARM_SSP_PER_TASK_PLUGIN) > + -I$(obj) > ccflags-remove-$(CONFIG_FUNCTION_TRACER) += -pg > asflags-y := -DZIMAGE > > diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins > index 6da109d563a5..194122d969a8 100644 > --- a/scripts/Makefile.gcc-plugins > +++ b/scripts/Makefile.gcc-plugins > @@ -36,12 +36,6 @@ ifdef CONFIG_GCC_PLUGIN_STACKLEAK > endif > export DISABLE_STACKLEAK_PLUGIN > > -gcc-plugin-$(CONFIG_GCC_PLUGIN_ARM_SSP_PER_TASK) += arm_ssp_per_task_plugin.so > -ifdef CONFIG_GCC_PLUGIN_ARM_SSP_PER_TASK > - DISABLE_ARM_SSP_PER_TASK_PLUGIN += -fplugin-arg-arm_ssp_per_task_plugin-disable > -endif > -export DISABLE_ARM_SSP_PER_TASK_PLUGIN > - > # All the plugin CFLAGS are collected here in case a build target needs to > # filter them out of the KBUILD_CFLAGS. > GCC_PLUGINS_CFLAGS := $(strip $(addprefix -fplugin=$(objtree)/scripts/gcc-plugins/, $(gcc-plugin-y)) $(gcc-plugin-cflags-y)) > diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig > index ba868d1eef3d..6b34ba19358d 100644 > --- a/scripts/gcc-plugins/Kconfig > +++ b/scripts/gcc-plugins/Kconfig > @@ -36,8 +36,4 @@ config GCC_PLUGIN_LATENT_ENTROPY > * https://grsecurity.net/ > * https://pax.grsecurity.net/ > > -config GCC_PLUGIN_ARM_SSP_PER_TASK > - bool > - depends on GCC_PLUGINS && ARM > - > endif > diff --git a/scripts/gcc-plugins/arm_ssp_per_task_plugin.c b/scripts/gcc-plugins/arm_ssp_per_task_plugin.c > deleted file mode 100644 > index 7328d037f975..000000000000 > --- a/scripts/gcc-plugins/arm_ssp_per_task_plugin.c > +++ /dev/null > @@ -1,107 +0,0 @@ > -// SPDX-License-Identifier: GPL-2.0 > - > -#include "gcc-common.h" > - > -__visible int plugin_is_GPL_compatible; > - > -static unsigned int canary_offset; > - > -static unsigned int arm_pertask_ssp_rtl_execute(void) > -{ > - rtx_insn *insn; > - > - for (insn = get_insns(); insn; insn = NEXT_INSN(insn)) { > - const char *sym; > - rtx body; > - rtx current; > - > - /* > - * Find a SET insn involving a SYMBOL_REF to __stack_chk_guard > - */ > - if (!INSN_P(insn)) > - continue; > - body = PATTERN(insn); > - if (GET_CODE(body) != SET || > - GET_CODE(SET_SRC(body)) != SYMBOL_REF) > - continue; > - sym = XSTR(SET_SRC(body), 0); > - if (strcmp(sym, "__stack_chk_guard")) > - continue; > - > - /* > - * Replace the source of the SET insn with an expression that > - * produces the address of the current task's stack canary value > - */ > - current = gen_reg_rtx(Pmode); > - > - emit_insn_before(gen_load_tp_hard(current), insn); > - > - SET_SRC(body) = gen_rtx_PLUS(Pmode, current, > - GEN_INT(canary_offset)); > - } > - return 0; > -} > - > -#define PASS_NAME arm_pertask_ssp_rtl > - > -#define NO_GATE > -#include "gcc-generate-rtl-pass.h" > - > -#if BUILDING_GCC_VERSION >= 9000 > -static bool no(void) > -{ > - return false; > -} > - > -static void arm_pertask_ssp_start_unit(void *gcc_data, void *user_data) > -{ > - targetm.have_stack_protect_combined_set = no; > - targetm.have_stack_protect_combined_test = no; > -} > -#endif > - > -__visible int plugin_init(struct plugin_name_args *plugin_info, > - struct plugin_gcc_version *version) > -{ > - const char * const plugin_name = plugin_info->base_name; > - const int argc = plugin_info->argc; > - const struct plugin_argument *argv = plugin_info->argv; > - int i; > - > - if (!plugin_default_version_check(version, &gcc_version)) { > - error(G_("incompatible gcc/plugin versions")); > - return 1; > - } > - > - for (i = 0; i < argc; ++i) { > - if (!strcmp(argv[i].key, "disable")) > - return 0; > - > - /* all remaining options require a value */ > - if (!argv[i].value) { > - error(G_("no value supplied for option '-fplugin-arg-%s-%s'"), > - plugin_name, argv[i].key); > - return 1; > - } > - > - if (!strcmp(argv[i].key, "offset")) { > - canary_offset = atoi(argv[i].value); > - continue; > - } > - error(G_("unknown option '-fplugin-arg-%s-%s'"), > - plugin_name, argv[i].key); > - return 1; > - } > - > - PASS_INFO(arm_pertask_ssp_rtl, "expand", 1, PASS_POS_INSERT_AFTER); > - > - register_callback(plugin_info->base_name, PLUGIN_PASS_MANAGER_SETUP, > - NULL, &arm_pertask_ssp_rtl_pass_info); > - > -#if BUILDING_GCC_VERSION >= 9000 > - register_callback(plugin_info->base_name, PLUGIN_START_UNIT, > - arm_pertask_ssp_start_unit, NULL); > -#endif > - > - return 0; > -} > -- > 2.34.1 >
On Wed, Apr 9, 2025, at 18:08, Ard Biesheuvel wrote: > On Wed, 9 Apr 2025 at 18:04, Kees Cook <kees@kernel.org> wrote: >> >> As part of trying to remove GCC plugins from Linux, drop the >> ARM_SSP_PER_TASK plugin. The feature is available upstream since GCC >> 12, so anyone needing newer kernels with per-task ssp can update their >> compiler[1]. >> >> Suggested-by: Arnd Bergmann <arnd@arndb.de> >> Link: https://lore.kernel.org/all/08393aa3-05a3-4e3f-8004-f374a3ec4b7e@app.fastmail.com/ [1] >> Signed-off-by: Kees Cook <kees@kernel.org> > > Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Arnd Bergmann <arnd@arndb.de> I was going to send the same patch and double-checked it to make sure they are actually identical. Arnd
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 835b5f100e92..6f037edf0f41 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -1379,8 +1379,7 @@ config CC_HAVE_STACKPROTECTOR_TLS config STACKPROTECTOR_PER_TASK bool "Use a unique stack canary value for each task" depends on STACKPROTECTOR && CURRENT_POINTER_IN_TPIDRURO && !XIP_DEFLATED_DATA - depends on GCC_PLUGINS || CC_HAVE_STACKPROTECTOR_TLS - select GCC_PLUGIN_ARM_SSP_PER_TASK if !CC_HAVE_STACKPROTECTOR_TLS + depends on CC_HAVE_STACKPROTECTOR_TLS default y help Due to the fact that GCC uses an ordinary symbol reference from diff --git a/arch/arm/boot/compressed/Makefile b/arch/arm/boot/compressed/Makefile index 945b5975fce2..d61369b1eabe 100644 --- a/arch/arm/boot/compressed/Makefile +++ b/arch/arm/boot/compressed/Makefile @@ -96,7 +96,7 @@ KBUILD_CFLAGS += -DDISABLE_BRANCH_PROFILING ccflags-y := -fpic $(call cc-option,-mno-single-pic-base,) -fno-builtin \ -I$(srctree)/scripts/dtc/libfdt -fno-stack-protector \ - -I$(obj) $(DISABLE_ARM_SSP_PER_TASK_PLUGIN) + -I$(obj) ccflags-remove-$(CONFIG_FUNCTION_TRACER) += -pg asflags-y := -DZIMAGE diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins index 6da109d563a5..194122d969a8 100644 --- a/scripts/Makefile.gcc-plugins +++ b/scripts/Makefile.gcc-plugins @@ -36,12 +36,6 @@ ifdef CONFIG_GCC_PLUGIN_STACKLEAK endif export DISABLE_STACKLEAK_PLUGIN -gcc-plugin-$(CONFIG_GCC_PLUGIN_ARM_SSP_PER_TASK) += arm_ssp_per_task_plugin.so -ifdef CONFIG_GCC_PLUGIN_ARM_SSP_PER_TASK - DISABLE_ARM_SSP_PER_TASK_PLUGIN += -fplugin-arg-arm_ssp_per_task_plugin-disable -endif -export DISABLE_ARM_SSP_PER_TASK_PLUGIN - # All the plugin CFLAGS are collected here in case a build target needs to # filter them out of the KBUILD_CFLAGS. GCC_PLUGINS_CFLAGS := $(strip $(addprefix -fplugin=$(objtree)/scripts/gcc-plugins/, $(gcc-plugin-y)) $(gcc-plugin-cflags-y)) diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig index ba868d1eef3d..6b34ba19358d 100644 --- a/scripts/gcc-plugins/Kconfig +++ b/scripts/gcc-plugins/Kconfig @@ -36,8 +36,4 @@ config GCC_PLUGIN_LATENT_ENTROPY * https://grsecurity.net/ * https://pax.grsecurity.net/ -config GCC_PLUGIN_ARM_SSP_PER_TASK - bool - depends on GCC_PLUGINS && ARM - endif diff --git a/scripts/gcc-plugins/arm_ssp_per_task_plugin.c b/scripts/gcc-plugins/arm_ssp_per_task_plugin.c deleted file mode 100644 index 7328d037f975..000000000000 --- a/scripts/gcc-plugins/arm_ssp_per_task_plugin.c +++ /dev/null @@ -1,107 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0 - -#include "gcc-common.h" - -__visible int plugin_is_GPL_compatible; - -static unsigned int canary_offset; - -static unsigned int arm_pertask_ssp_rtl_execute(void) -{ - rtx_insn *insn; - - for (insn = get_insns(); insn; insn = NEXT_INSN(insn)) { - const char *sym; - rtx body; - rtx current; - - /* - * Find a SET insn involving a SYMBOL_REF to __stack_chk_guard - */ - if (!INSN_P(insn)) - continue; - body = PATTERN(insn); - if (GET_CODE(body) != SET || - GET_CODE(SET_SRC(body)) != SYMBOL_REF) - continue; - sym = XSTR(SET_SRC(body), 0); - if (strcmp(sym, "__stack_chk_guard")) - continue; - - /* - * Replace the source of the SET insn with an expression that - * produces the address of the current task's stack canary value - */ - current = gen_reg_rtx(Pmode); - - emit_insn_before(gen_load_tp_hard(current), insn); - - SET_SRC(body) = gen_rtx_PLUS(Pmode, current, - GEN_INT(canary_offset)); - } - return 0; -} - -#define PASS_NAME arm_pertask_ssp_rtl - -#define NO_GATE -#include "gcc-generate-rtl-pass.h" - -#if BUILDING_GCC_VERSION >= 9000 -static bool no(void) -{ - return false; -} - -static void arm_pertask_ssp_start_unit(void *gcc_data, void *user_data) -{ - targetm.have_stack_protect_combined_set = no; - targetm.have_stack_protect_combined_test = no; -} -#endif - -__visible int plugin_init(struct plugin_name_args *plugin_info, - struct plugin_gcc_version *version) -{ - const char * const plugin_name = plugin_info->base_name; - const int argc = plugin_info->argc; - const struct plugin_argument *argv = plugin_info->argv; - int i; - - if (!plugin_default_version_check(version, &gcc_version)) { - error(G_("incompatible gcc/plugin versions")); - return 1; - } - - for (i = 0; i < argc; ++i) { - if (!strcmp(argv[i].key, "disable")) - return 0; - - /* all remaining options require a value */ - if (!argv[i].value) { - error(G_("no value supplied for option '-fplugin-arg-%s-%s'"), - plugin_name, argv[i].key); - return 1; - } - - if (!strcmp(argv[i].key, "offset")) { - canary_offset = atoi(argv[i].value); - continue; - } - error(G_("unknown option '-fplugin-arg-%s-%s'"), - plugin_name, argv[i].key); - return 1; - } - - PASS_INFO(arm_pertask_ssp_rtl, "expand", 1, PASS_POS_INSERT_AFTER); - - register_callback(plugin_info->base_name, PLUGIN_PASS_MANAGER_SETUP, - NULL, &arm_pertask_ssp_rtl_pass_info); - -#if BUILDING_GCC_VERSION >= 9000 - register_callback(plugin_info->base_name, PLUGIN_START_UNIT, - arm_pertask_ssp_start_unit, NULL); -#endif - - return 0; -}
As part of trying to remove GCC plugins from Linux, drop the ARM_SSP_PER_TASK plugin. The feature is available upstream since GCC 12, so anyone needing newer kernels with per-task ssp can update their compiler[1]. Suggested-by: Arnd Bergmann <arnd@arndb.de> Link: https://lore.kernel.org/all/08393aa3-05a3-4e3f-8004-f374a3ec4b7e@app.fastmail.com/ [1] Signed-off-by: Kees Cook <kees@kernel.org> --- Cc: Ard Biesheuvel <ardb@kernel.org> Cc: Chris Packham <chris.packham@alliedtelesis.co.nz> Cc: Douglas Anderson <dianders@chromium.org> Cc: Russell King <linux@armlinux.org.uk> Cc: Masahiro Yamada <masahiroy@kernel.org> Cc: Nathan Chancellor <nathan@kernel.org> Cc: Nicolas Schier <nicolas@fjasle.eu> Cc: "Russell King (Oracle)" <rmk+kernel@armlinux.org.uk> Cc: Linus Walleij <linus.walleij@linaro.org> Cc: Andrew Davis <afd@ti.com> Cc: Seung-Woo Kim <sw0312.kim@samsung.com> Cc: Xin Li <xin3.li@intel.com> Cc: Jinjie Ruan <ruanjinjie@huawei.com> Cc: linux-arm-kernel@lists.infradead.org Cc: linux-hardening@vger.kernel.org Cc: linux-kbuild@vger.kernel.org --- arch/arm/Kconfig | 3 +- arch/arm/boot/compressed/Makefile | 2 +- scripts/Makefile.gcc-plugins | 6 - scripts/gcc-plugins/Kconfig | 4 - scripts/gcc-plugins/arm_ssp_per_task_plugin.c | 107 ------------------ 5 files changed, 2 insertions(+), 120 deletions(-) delete mode 100644 scripts/gcc-plugins/arm_ssp_per_task_plugin.c