On Thu, Oct 20, 2022 at 11:57:12AM -0700, Kees Cook wrote:
> On Thu, Oct 20, 2022 at 10:42:25AM -0700, Linus Torvalds wrote:
> > On Thu, Oct 20, 2022 at 10:33 AM Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
> > >
> > > Or sometimes with objdump, I've had more success by keeping debug
> > > symbols, and then trimming offsets from jmps.
> >
> > objdump is what I'm using, and it actually seems ok on individual object files.
> >
> > Now I just need to script the "do all the object files" and see how
> > massive the end result is.
>
> For the a/b build, I start with all*config, then:
>
> # Stop painful noise
> CONFIG_KCOV=n
> CONFIG_GCOV_KERNEL=n
> CONFIG_GCC_PLUGINS=n
> CONFIG_IKHEADERS=n
> CONFIG_KASAN=n
> CONFIG_UBSAN=n
> CONFIG_KCSAN=n
> CONFIG_KMSAN=n
> # Get us source/line details
> CONFIG_DEBUG_KERNEL=y
> CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y
> CONFIG_DEBUG_INFO_REDUCED=n CONFIG_DEBUG_INFO_COMPRESSED=n
> CONFIG_DEBUG_INFO_SPLIT=n
>
> And to keep other build-time junk stabilized[1], I build with these make
> options:
>
> KBUILD_BUILD_TIMESTAMP=1970-01-01
> KBUILD_BUILD_USER=user
> KBUILD_BUILD_HOST=host
> KBUILD_BUILD_VERSION=1
The LLVM `.ll` file thing I tried turned out to be a disaster. Too much
noise, as this is too early of a stage.
The traditional objdump comparison does work, though. It produces a good
amount of noise, but still yields a manageable amount of diffs -- 882 --
which can then be paired down more with heuristics.
I've been using this script below to compare `linux-schar/` with
`linux-uchar/`, which creates a directory `linux-schar-uchar/` filled
with color diffs that I can then flip through using
`less -R linux-schar-uchar/*.diff`. Seems to work okay, so I'll post it
here in case others are curious about looking through these.
Jason
------8<--------------------------------
#!/bin/bash
asm_diff() {
objdump \
--disassemble \
--demangle \
--no-show-raw-insn \
--no-addresses \
--section=.text \
--disassembler-options=intel \
"$1" | \
sed \
-e 's/[0-9a-f]\+ \(<[a-zA-Z0-9_+-]\+>\)/?? \1/g' \
-e 's/<\([a-zA-Z0-9_-]\+\)+0x[a-f0-9]\+>/<\1>/g' \
-e '/\/[a-zA-Z0-9._-]\+\.o:/d'
}
A=linux-schar
B=linux-uchar
C=linux-schar-uchar
rm -rf "$C"
mkdir -p "$C"
while read -r obj_a; do
obj_b="$B/${obj_a#$A/}"
diff_c="${obj_a#$A/}"
diff_c="$C/${diff_c//\//--}.diff"
[[ -f $obj_b ]] || { echo "ERROR: $obj_b is missing" >&2; exit 1; }
echo "${obj_a#$A/}" >&2
diff --color=always --text --unified=10 \
<(asm_diff "$obj_a") <(asm_diff "$obj_b") > "$diff_c" && \
rm -f "$diff_c"
done < <(exec find "$A" -name '*.o')
