diff options
| author | Sami Tolvanen | 2022-12-22 22:57:47 +0000 |
|---|---|---|
| committer | Greg Kroah-Hartman | 2022-12-31 13:33:08 +0100 |
| commit | 810f2cfdfe4e072555781fa5dd188949195dda16 (patch) | |
| tree | 791da4e7ea2a033aee3318ffced036bfaabea3b2 | |
| parent | b4a59fd2e50b733d0182b65266121ffb2e72a8e9 (diff) | |
cfi: Fix CFI failure with KASAN
[ Upstream commit cf8016408d880afe9c5dc495af40dc2932874e77 ]
When CFI_CLANG and KASAN are both enabled, LLVM doesn't generate a
CFI type hash for asan.module_ctor functions in translation units
where CFI is disabled, which leads to a CFI failure during boot when
do_ctors calls the affected constructors:
CFI failure at do_basic_setup+0x64/0x90 (target:
asan.module_ctor+0x0/0x28; expected type: 0xa540670c)
Specifically, this happens because CFI is disabled for
kernel/cfi.c. There's no reason to keep CFI disabled here anymore, so
fix the failure by not filtering out CC_FLAGS_CFI for the file.
Note that https://reviews.llvm.org/rG3b14862f0a96 fixed the issue
where LLVM didn't emit CFI type hashes for any sanitizer constructors,
but now type hashes are emitted correctly for TUs that use CFI.
Link: https://github.com/ClangBuiltLinux/linux/issues/1742
Fixes: 89245600941e ("cfi: Switch to -fsanitize=kcfi")
Reported-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20221222225747.3538676-1-samitolvanen@google.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
| -rw-r--r-- | kernel/Makefile | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/kernel/Makefile b/kernel/Makefile index d754e0be1176..ebc692242b68 100644 --- a/kernel/Makefile +++ b/kernel/Makefile @@ -41,9 +41,6 @@ UBSAN_SANITIZE_kcov.o := n KMSAN_SANITIZE_kcov.o := n CFLAGS_kcov.o := $(call cc-option, -fno-conserve-stack) -fno-stack-protector -# Don't instrument error handlers -CFLAGS_REMOVE_cfi.o := $(CC_FLAGS_CFI) - obj-y += sched/ obj-y += locking/ obj-y += power/ |