diff mbox series

[v10,01/15] modpost: fix removing numeric suffixes

Message ID 20220209185752.1226407-2-alexandr.lobakin@intel.com (mailing list archive)
State New, archived
Headers show
Series Function Granular KASLR | expand

Commit Message

Alexander Lobakin Feb. 9, 2022, 6:57 p.m. UTC
`-z unique-symbol` linker flag which is planned to use with FG-KASLR
to simplify livepatching (hopefully globally later on) triggers the
following:

ERROR: modpost: "param_set_uint.0" [vmlinux] is a static EXPORT_SYMBOL

The reason is that for now the condition from remove_dot():

if (m && (s[n + m] == '.' || s[n + m] == 0))

which was designed to test if it's a dot or a '\0' after the suffix
is never satisfied.
This is due to that `s[n + m]` always points to the last digit of a
numeric suffix, not on the symbol next to it (from a custom debug
print added to modpost):

param_set_uint.0, s[n + m] is '0', s[n + m + 1] is '\0'

So it's off-by-one and was like that since 2014.
Fix this for the sake of upcoming features, but don't bother
stable-backporting, as it's well hidden -- apart from that LD flag,
can be triggered only by GCC LTO which never landed upstream.

Fixes: fcd38ed0ff26 ("scripts: modpost: fix compilation warning")
Signed-off-by: Alexander Lobakin <alexandr.lobakin@intel.com>
---
 scripts/mod/modpost.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Masahiro Yamada May 3, 2022, 12:57 a.m. UTC | #1
On Thu, Feb 10, 2022 at 3:59 AM Alexander Lobakin
<alexandr.lobakin@intel.com> wrote:
>
> `-z unique-symbol` linker flag which is planned to use with FG-KASLR
> to simplify livepatching (hopefully globally later on) triggers the
> following:
>
> ERROR: modpost: "param_set_uint.0" [vmlinux] is a static EXPORT_SYMBOL
>
> The reason is that for now the condition from remove_dot():
>
> if (m && (s[n + m] == '.' || s[n + m] == 0))
>
> which was designed to test if it's a dot or a '\0' after the suffix
> is never satisfied.
> This is due to that `s[n + m]` always points to the last digit of a
> numeric suffix, not on the symbol next to it (from a custom debug
> print added to modpost):
>
> param_set_uint.0, s[n + m] is '0', s[n + m + 1] is '\0'
>
> So it's off-by-one and was like that since 2014.
> Fix this for the sake of upcoming features, but don't bother
> stable-backporting, as it's well hidden -- apart from that LD flag,
> can be triggered only by GCC LTO which never landed upstream.
>
> Fixes: fcd38ed0ff26 ("scripts: modpost: fix compilation warning")
> Signed-off-by: Alexander Lobakin <alexandr.lobakin@intel.com>
> ---


Acked-by: Masahiro Yamada <masahiroy@kernel.org>



>  scripts/mod/modpost.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
> index 6bfa33217914..4648b7afe5cc 100644
> --- a/scripts/mod/modpost.c
> +++ b/scripts/mod/modpost.c
> @@ -1986,7 +1986,7 @@ static char *remove_dot(char *s)
>
>         if (n && s[n]) {
>                 size_t m = strspn(s + n + 1, "0123456789");
> -               if (m && (s[n + m] == '.' || s[n + m] == 0))
> +               if (m && (s[n + m + 1] == '.' || s[n + m + 1] == 0))
>                         s[n] = 0;
>
>                 /* strip trailing .lto */
> --
> 2.34.1
>
Petr Mladek May 3, 2022, 7:31 a.m. UTC | #2
On Wed 2022-02-09 19:57:38, Alexander Lobakin wrote:
> `-z unique-symbol` linker flag which is planned to use with FG-KASLR
> to simplify livepatching (hopefully globally later on) triggers the
> following:
> 
> ERROR: modpost: "param_set_uint.0" [vmlinux] is a static EXPORT_SYMBOL
> 
> The reason is that for now the condition from remove_dot():
> 
> if (m && (s[n + m] == '.' || s[n + m] == 0))
> 
> which was designed to test if it's a dot or a '\0' after the suffix
> is never satisfied.
> This is due to that `s[n + m]` always points to the last digit of a
> numeric suffix, not on the symbol next to it (from a custom debug
> print added to modpost):
> 
> param_set_uint.0, s[n + m] is '0', s[n + m + 1] is '\0'

Yup, the + 1  is for the '.' between the symbol name and the number.
In the order of apperance it would be: n + 1 + m

> So it's off-by-one and was like that since 2014.
> Fix this for the sake of upcoming features, but don't bother
> stable-backporting, as it's well hidden -- apart from that LD flag,
> can be triggered only by GCC LTO which never landed upstream.
> 
> Fixes: fcd38ed0ff26 ("scripts: modpost: fix compilation warning")
> Signed-off-by: Alexander Lobakin <alexandr.lobakin@intel.com>

Reviewed-by: Petr Mladek <pmladek@suse.com>

Best Regards,
Petr
Masahiro Yamada May 23, 2022, 6:04 p.m. UTC | #3
On Thu, Feb 10, 2022 at 3:59 AM Alexander Lobakin
<alexandr.lobakin@intel.com> wrote:
>
> `-z unique-symbol` linker flag which is planned to use with FG-KASLR
> to simplify livepatching (hopefully globally later on) triggers the
> following:
>
> ERROR: modpost: "param_set_uint.0" [vmlinux] is a static EXPORT_SYMBOL
>
> The reason is that for now the condition from remove_dot():
>
> if (m && (s[n + m] == '.' || s[n + m] == 0))
>
> which was designed to test if it's a dot or a '\0' after the suffix
> is never satisfied.
> This is due to that `s[n + m]` always points to the last digit of a
> numeric suffix, not on the symbol next to it (from a custom debug
> print added to modpost):
>
> param_set_uint.0, s[n + m] is '0', s[n + m + 1] is '\0'
>
> So it's off-by-one and was like that since 2014.
> Fix this for the sake of upcoming features, but don't bother
> stable-backporting, as it's well hidden -- apart from that LD flag,
> can be triggered only by GCC LTO which never landed upstream.
>
> Fixes: fcd38ed0ff26 ("scripts: modpost: fix compilation warning")
> Signed-off-by: Alexander Lobakin <alexandr.lobakin@intel.com>
> ---
>  scripts/mod/modpost.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
> index 6bfa33217914..4648b7afe5cc 100644
> --- a/scripts/mod/modpost.c
> +++ b/scripts/mod/modpost.c
> @@ -1986,7 +1986,7 @@ static char *remove_dot(char *s)
>
>         if (n && s[n]) {
>                 size_t m = strspn(s + n + 1, "0123456789");
> -               if (m && (s[n + m] == '.' || s[n + m] == 0))
> +               if (m && (s[n + m + 1] == '.' || s[n + m + 1] == 0))
>                         s[n] = 0;
>
>                 /* strip trailing .lto */
> --
> 2.34.1
>

This trivial patch has not been picked up yet.

I can apply this to my tree, if you want.

Please let me know your thoughts.
Alexander Lobakin May 24, 2022, 11:33 a.m. UTC | #4
From: Masahiro Yamada <masahiroy@kernel.org>
Date: Tue, 24 May 2022 03:04:00 +0900

> On Thu, Feb 10, 2022 at 3:59 AM Alexander Lobakin
> <alexandr.lobakin@intel.com> wrote:
> >
> > `-z unique-symbol` linker flag which is planned to use with FG-KASLR
> > to simplify livepatching (hopefully globally later on) triggers the
> > following:
> >
> > ERROR: modpost: "param_set_uint.0" [vmlinux] is a static EXPORT_SYMBOL
> >
> > The reason is that for now the condition from remove_dot():
> >
> > if (m && (s[n + m] == '.' || s[n + m] == 0))
> >
> > which was designed to test if it's a dot or a '\0' after the suffix
> > is never satisfied.
> > This is due to that `s[n + m]` always points to the last digit of a
> > numeric suffix, not on the symbol next to it (from a custom debug
> > print added to modpost):
> >
> > param_set_uint.0, s[n + m] is '0', s[n + m + 1] is '\0'
> >
> > So it's off-by-one and was like that since 2014.
> > Fix this for the sake of upcoming features, but don't bother
> > stable-backporting, as it's well hidden -- apart from that LD flag,
> > can be triggered only by GCC LTO which never landed upstream.
> >
> > Fixes: fcd38ed0ff26 ("scripts: modpost: fix compilation warning")
> > Signed-off-by: Alexander Lobakin <alexandr.lobakin@intel.com>
> > ---
> >  scripts/mod/modpost.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
> > index 6bfa33217914..4648b7afe5cc 100644
> > --- a/scripts/mod/modpost.c
> > +++ b/scripts/mod/modpost.c
> > @@ -1986,7 +1986,7 @@ static char *remove_dot(char *s)
> >
> >         if (n && s[n]) {
> >                 size_t m = strspn(s + n + 1, "0123456789");
> > -               if (m && (s[n + m] == '.' || s[n + m] == 0))
> > +               if (m && (s[n + m + 1] == '.' || s[n + m + 1] == 0))
> >                         s[n] = 0;
> >
> >                 /* strip trailing .lto */
> > --
> > 2.34.1
> >
> 
> This trivial patch has not been picked up yet.
> 
> I can apply this to my tree, if you want.

It's a good idea, I'd like to!
I don't use `-z unique-symbol` for FG-KALSR anymore*, but this fix
is not directly related to it and can be taken independently.
Should I change the commit message or it's ok to take it as it is?

> 
> Please let me know your thoughts.
> 
> 
> -- 
> Best Regards
> Masahiro Yamada

* I'm planning to submit a new rev of FG-KASLR series soon, but
since I'm too busy with XDP for now, it will happen no sooner than
in a couple months =\

Thanks!
Al
Masahiro Yamada May 24, 2022, 1:40 p.m. UTC | #5
On Tue, May 24, 2022 at 8:34 PM Alexander Lobakin
<alexandr.lobakin@intel.com> wrote:
>
> From: Masahiro Yamada <masahiroy@kernel.org>
> Date: Tue, 24 May 2022 03:04:00 +0900
>
> > On Thu, Feb 10, 2022 at 3:59 AM Alexander Lobakin
> > <alexandr.lobakin@intel.com> wrote:
> > >
> > > `-z unique-symbol` linker flag which is planned to use with FG-KASLR
> > > to simplify livepatching (hopefully globally later on) triggers the
> > > following:
> > >
> > > ERROR: modpost: "param_set_uint.0" [vmlinux] is a static EXPORT_SYMBOL
> > >
> > > The reason is that for now the condition from remove_dot():
> > >
> > > if (m && (s[n + m] == '.' || s[n + m] == 0))
> > >
> > > which was designed to test if it's a dot or a '\0' after the suffix
> > > is never satisfied.
> > > This is due to that `s[n + m]` always points to the last digit of a
> > > numeric suffix, not on the symbol next to it (from a custom debug
> > > print added to modpost):
> > >
> > > param_set_uint.0, s[n + m] is '0', s[n + m + 1] is '\0'
> > >
> > > So it's off-by-one and was like that since 2014.
> > > Fix this for the sake of upcoming features, but don't bother
> > > stable-backporting, as it's well hidden -- apart from that LD flag,
> > > can be triggered only by GCC LTO which never landed upstream.
> > >
> > > Fixes: fcd38ed0ff26 ("scripts: modpost: fix compilation warning")
> > > Signed-off-by: Alexander Lobakin <alexandr.lobakin@intel.com>
> > > ---
> > >  scripts/mod/modpost.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
> > > index 6bfa33217914..4648b7afe5cc 100644
> > > --- a/scripts/mod/modpost.c
> > > +++ b/scripts/mod/modpost.c
> > > @@ -1986,7 +1986,7 @@ static char *remove_dot(char *s)
> > >
> > >         if (n && s[n]) {
> > >                 size_t m = strspn(s + n + 1, "0123456789");
> > > -               if (m && (s[n + m] == '.' || s[n + m] == 0))
> > > +               if (m && (s[n + m + 1] == '.' || s[n + m + 1] == 0))
> > >                         s[n] = 0;
> > >
> > >                 /* strip trailing .lto */
> > > --
> > > 2.34.1
> > >
> >
> > This trivial patch has not been picked up yet.
> >
> > I can apply this to my tree, if you want.
>
> It's a good idea, I'd like to!
> I don't use `-z unique-symbol` for FG-KALSR anymore*, but this fix
> is not directly related to it and can be taken independently.
> Should I change the commit message or it's ok to take it as it is?


I am fine with either way.

If you want to resubmit this with a fresh commit log,
please send it to:
  linux-kbuild@vger.kernel.org

Then, I will take care of it in this MW.

Thanks.




> >
> > Please let me know your thoughts.
> >
> >
> > --
> > Best Regards
> > Masahiro Yamada
>
> * I'm planning to submit a new rev of FG-KASLR series soon, but
> since I'm too busy with XDP for now, it will happen no sooner than
> in a couple months =\
>
> Thanks!
> Al
diff mbox series

Patch

diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
index 6bfa33217914..4648b7afe5cc 100644
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -1986,7 +1986,7 @@  static char *remove_dot(char *s)
 
 	if (n && s[n]) {
 		size_t m = strspn(s + n + 1, "0123456789");
-		if (m && (s[n + m] == '.' || s[n + m] == 0))
+		if (m && (s[n + m + 1] == '.' || s[n + m + 1] == 0))
 			s[n] = 0;
 
 		/* strip trailing .lto */