On 2020-05-04, Nick Desaulniers wrote:
On Mon, May 4, 2020 at 1:16 AM Ard Biesheuvel <ardb@xxxxxxxxxx> wrote:
When building the x86 EFI stub with Clang, the libstub Makefile rules
that manipulate the ELF object files may throw an error like:
STUBCPY drivers/firmware/efi/libstub/efi-stub-helper.stub.o
strip: drivers/firmware/efi/libstub/efi-stub-helper.stub.o: Failed to find link section for section 10
objcopy: drivers/firmware/efi/libstub/efi-stub-helper.stub.o: Failed to find link section for section 10
This is the result of a LLVM 'feature' [0] where symbol references are
stored in a LLVM specific .llvm_addrsig section in a non-transparent way,
causing generic ELF tools such as strip or objcopy to choke on them.
So drop the .llvm_addrsig section explicitly as well, to work around
this behavior.
[0] https://sourceware.org/bugzilla/show_bug.cgi?id=23817
This page also has info about the extension:
https://llvm.org/docs/Extensions.html#sht-llvm-addrsig-section-address-significance-table
Peter, do you know if it's possible to prevent the emission of this
section from clang? Scanning through the sources, it looks like it's
set unconditionally during LTO, but I couldn't find where else? Is
this section required for more than LTO?
-faddrsig has been the default for many platforms since clang 7.
You can find the current default state on various platforms here:
https://github.com/llvm/llvm-project/blob/master/clang/lib/Driver/ToolChains/Clang.cpp#L6157
The table may have other benefits but currently the only use case is lld
--icf=safe , which is safer and better than gold's --icf=safe (which
relies on (hacky) relocation scanning).
The current way things work:
(1) clang always emits .llvm_addrsig
(2) if the linker is lld and --icf=safe is specified, .llvm_addrsig is read to perform safe ICF
makes it easy for people to try --icf=safe, otherwise people will need
to change CFLAGS as well to try the linker size optimization.
This section has nothing to do with LTO.
I am a bit surprised that certain strip can error "Failed to find link section for section 10"
They were expected to set sh_link to 0.
We need a generic way to disable LLVM extensions when we're not using
the LLVM binutils. We have a couple cases where `-no-integrated-as`
will prevent AsmStreamer from not using assembler extensions, but in
this case it's the linker+objcopy+strip that don't work with the
extensions.
objcopy -R .llvm_addrsig can be used when it is difficult to pass -fno-addrsig
(it is also used here
https://sourceware.org/git/?p=glibc.git;a=blobdiff;f=csu/Makefile;h=7460bcb0cf1e6cb296cf76d6e8ed9e43044f89f9;hp=f3498960f89e3b31f7cda6969e6eb3393a305241;hb=3628670a04f9a53586bd91c01588c4462b5e01d3;hpb=b9dab9c53496a8cd5bb18342eceff8a584c37a3e
)
If possible, use -fno-addrsig instead.
Cc: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
Reported-by: Arnd Bergmann <arnd@xxxxxxxx>
Do you have a link to the configs or report so we can repro?
Also, scripts/get_maintainer.pl should recommend our list for patches
mentioning clang or llvm, which is a wider audience that can help test
and review. I've been out sick much of the past week, so I appreciate
the shared help with code review. Of course if your intention was to
be more discreet, I'm sorry I may have just messed that up.
Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx>
---
drivers/firmware/efi/libstub/Makefile | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index 8d246b51bd49..4d137615a666 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -66,7 +66,8 @@ CFLAGS_arm64-stub.o := -DTEXT_OFFSET=$(TEXT_OFFSET)
# .data section of the compressed kernel to ensure initialization. Rename the
# .bss section here so it's easy to pick out in the linker script.
#
-STUBCOPY_FLAGS-$(CONFIG_X86) += --rename-section .bss=.bss.efistub,load,alloc
+STUBCOPY_FLAGS-$(CONFIG_X86) += -R .llvm_addrsig \
+ --rename-section .bss=.bss.efistub,load,alloc
Do we only observe this for x86, not ARM?
STUBCOPY_RELOC-$(CONFIG_X86_32) := R_386_32
STUBCOPY_RELOC-$(CONFIG_X86_64) := R_X86_64_64
@@ -111,7 +112,7 @@ $(obj)/%.stub.o: $(obj)/%.o FORCE
#
quiet_cmd_stubcopy = STUBCPY $@
cmd_stubcopy = \
- $(STRIP) --strip-debug -o $@ $<; \
+ $(STRIP) --strip-debug -R .llvm_addrsig -o $@ $<; \
if $(OBJDUMP) -r $@ | grep $(STUBCOPY_RELOC-y); then \
echo "$@: absolute symbol references not allowed in the EFI stub" >&2; \
/bin/false; \
--
2.17.1
In the absence of a linker script where we can use `DISCARD` rules,
this looks like the best approach, though I'm still curious about ARM.
Reviewed-by: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
--
Thanks,
~Nick Desaulniers
