On Thu, Mar 18, 2021 at 10:11 AM Sami Tolvanen <samitolvanen@xxxxxxxxxx> wrote:
>
> With CONFIG_CFI_CLANG and ThinLTO, Clang appends a hash to the names
> of all static functions not marked __used. This can break userspace
> tools that don't expect the function name to change, so strip out the
> hash from the output.
>
> Suggested-by: Jack Pham <jackp@xxxxxxxxxxxxxx>
> Signed-off-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx>
> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
> ---
> kernel/kallsyms.c | 54 ++++++++++++++++++++++++++++++++++++++++++-----
> 1 file changed, 49 insertions(+), 5 deletions(-)
>
> diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
> index 8043a90aa50e..17d3a704bafa 100644
> --- a/kernel/kallsyms.c
> +++ b/kernel/kallsyms.c
> @@ -161,6 +161,26 @@ static unsigned long kallsyms_sym_address(int idx)
> return kallsyms_relative_base - 1 - kallsyms_offsets[idx];
> }
>
> +#if defined(CONFIG_CFI_CLANG) && defined(CONFIG_LTO_CLANG_THIN)
> +/*
> + * LLVM appends a hash to static function names when ThinLTO and CFI are
> + * both enabled, which causes confusion and potentially breaks user space
Might be nice to add an example, something along the lines of:
ie. foo() becomes foo$asfdasdfasdfasdf()
> + * tools, so we will strip the postfix from expanded symbol names.
s/postfix/suffix/ ?
> + */
> +static inline char *cleanup_symbol_name(char *s)
> +{
> + char *res = NULL;
> +
> + res = strrchr(s, '$');
> + if (res)
> + *res = '\0';
> +
> + return res;
> +}
> +#else
> +static inline char *cleanup_symbol_name(char *s) { return NULL; }
> +#endif
Might be nicer to return a `bool` and have the larger definition
`return res != NULL`). Not sure what a caller would do with `res` if
it was not `NULL`?
> +
> /* Lookup the address for this symbol. Returns 0 if not found. */
> unsigned long kallsyms_lookup_name(const char *name)
> {
> @@ -173,6 +193,9 @@ unsigned long kallsyms_lookup_name(const char *name)
>
> if (strcmp(namebuf, name) == 0)
> return kallsyms_sym_address(i);
> +
> + if (cleanup_symbol_name(namebuf) && strcmp(namebuf, name) == 0)
> + return kallsyms_sym_address(i);
> }
> return module_kallsyms_lookup_name(name);
> }
> @@ -303,7 +326,9 @@ const char *kallsyms_lookup(unsigned long addr,
> namebuf, KSYM_NAME_LEN);
> if (modname)
> *modname = NULL;
> - return namebuf;
> +
> + ret = namebuf;
> + goto found;
> }
>
> /* See if it's in a module or a BPF JITed image. */
> @@ -316,11 +341,16 @@ const char *kallsyms_lookup(unsigned long addr,
> if (!ret)
> ret = ftrace_mod_address_lookup(addr, symbolsize,
> offset, modname, namebuf);
> +
> +found:
> + cleanup_symbol_name(namebuf);
> return ret;
> }
>
> int lookup_symbol_name(unsigned long addr, char *symname)
> {
> + int res;
> +
> symname[0] = '\0';
> symname[KSYM_NAME_LEN - 1] = '\0';
>
> @@ -331,15 +361,23 @@ int lookup_symbol_name(unsigned long addr, char *symname)
> /* Grab name */
> kallsyms_expand_symbol(get_symbol_offset(pos),
> symname, KSYM_NAME_LEN);
> - return 0;
> + goto found;
> }
> /* See if it's in a module. */
> - return lookup_module_symbol_name(addr, symname);
> + res = lookup_module_symbol_name(addr, symname);
> + if (res)
> + return res;
> +
> +found:
> + cleanup_symbol_name(symname);
> + return 0;
> }
>
> int lookup_symbol_attrs(unsigned long addr, unsigned long *size,
> unsigned long *offset, char *modname, char *name)
> {
> + int res;
> +
> name[0] = '\0';
> name[KSYM_NAME_LEN - 1] = '\0';
>
> @@ -351,10 +389,16 @@ int lookup_symbol_attrs(unsigned long addr, unsigned long *size,
> kallsyms_expand_symbol(get_symbol_offset(pos),
> name, KSYM_NAME_LEN);
> modname[0] = '\0';
> - return 0;
> + goto found;
> }
> /* See if it's in a module. */
> - return lookup_module_symbol_attrs(addr, size, offset, modname, name);
> + res = lookup_module_symbol_attrs(addr, size, offset, modname, name);
> + if (res)
> + return res;
> +
> +found:
> + cleanup_symbol_name(name);
> + return 0;
> }
>
> /* Look up a kernel symbol and return it in a text buffer. */
> --
> 2.31.0.291.g576ba9dcdaf-goog
>
--
Thanks,
~Nick Desaulniers
