diff options
author | Sami Tolvanen | 2023-06-23 00:11:43 +0000 |
---|---|---|
committer | Greg Kroah-Hartman | 2023-07-19 16:21:44 +0200 |
commit | 1e596c181c5344979c99ca1ee69517abeda645ff (patch) | |
tree | f65d907c25e8099b2b60a496676aa298dcb4cd8e /fs | |
parent | c5696a8a5484c8b6d6c5d3d4f7a3ef5fd46f2358 (diff) |
kbuild: Disable GCOV for *.mod.o
[ Upstream commit 25a21fbb934a0d989e1858f83c2ddf4cfb2ebe30 ]
With GCOV_PROFILE_ALL, Clang injects __llvm_gcov_* functions to each
object file, including the *.mod.o. As we filter out CC_FLAGS_CFI
for *.mod.o, the compiler won't generate type hashes for the
injected functions, and therefore indirectly calling them during
module loading trips indirect call checking.
Enabling CFI for *.mod.o isn't sufficient to fix this issue after
commit 0c3e806ec0f9 ("x86/cfi: Add boot time hash randomization"),
as *.mod.o aren't processed by objtool, which means any hashes
emitted there won't be randomized. Therefore, in addition to
disabling CFI for *.mod.o, also disable GCOV, as the object files
don't otherwise contain any executable code.
Fixes: cf68fffb66d6 ("add support for Clang CFI")
Reported-by: Joe Fradley <joefradley@google.com>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'fs')
0 files changed, 0 insertions, 0 deletions