Re: [RFC][PATCH 00/16] objtool: vmlinux.o and noinstr validation
From: Masami Hiramatsu
Date: Mon Mar 16 2020 - 20:56:35 EST
On Thu, 12 Mar 2020 17:23:37 +0100
Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
> On Thu, Mar 12, 2020 at 02:41:07PM +0100, Peter Zijlstra wrote:
> > Hi all,
> >
> > These patches extend objtool to be able to run on vmlinux.o and validate
> > Thomas's proposed noinstr annotation:
> >
> > https://lkml.kernel.org/r/20200310170951.87c29e9c1cfbddd93ccd92b3@xxxxxxxxxx
> >
> > "That's why we want the sections and the annotation. If something calls
> > out of a noinstr section into a regular text section and the call is not
> > annotated at the call site, then objtool can complain and tell you. What
> > Peter and I came up with looks like this:
> >
> > noinstr foo()
> > do_protected(); <- Safe because in the noinstr section
> > instr_begin(); <- Marks the begin of a safe region, ignored
> > by objtool
> > do_stuff(); <- All good
> > instr_end(); <- End of the safe region. objtool starts
> > looking again
> > do_other_stuff(); <- Unsafe because do_other_stuff() is
> > not protected
> >
> > and:
> >
> > noinstr do_protected()
> > bar(); <- objtool will complain here
> > "
> >
> > It should be accompanied by something like the below; which you'll find in a
> > series by Thomas.
> >
>
> So one of the problem i've ran into while playing with this and Thomas'
> patches is that it is 'difficult' to deal with indirect function calls.
>
> objtool basically gives up instantly.
Can we introduce a "safe-call" wrapper function instead of indirect
call, and if objtool found an indirect call without safe-call function,
it can make it an error?
static int __noinstr safe_indirect_callback(int (*fn)(...), real-args)
{
if (!is_instr_text(fn))
return -ERANGE;
return fn(real-args)
}
BTW, out of curiously, if BUG*() or WARN*() cases happens in the noinstr
section, do we also need to move them (register dump, stack unwinding,
printk, console output, etc.) all into noinstr section?
Thank you,
--
Masami Hiramatsu <mhiramat@xxxxxxxxxx>