On Tue, 18 Aug 2020 at 00:02, Nick Desaulniers <ndesaulniers@xxxxxxxxxx> wrote: > > LLVM implemented a recent "libcall optimization" that lowers calls to > `sprintf(dest, "%s", str)` where the return value is used to > `stpcpy(dest, str) - dest`. This generally avoids the machinery involved > in parsing format strings. This optimization was introduced into > clang-12. Because the kernel does not provide an implementation of > stpcpy, we observe linkage failures for almost all targets when building > with ToT clang. > > The interface is unsafe as it does not perform any bounds checking. > Disable this "libcall optimization" via `-fno-builtin-stpcpy`. > > Unlike > commit 5f074f3e192f ("lib/string.c: implement a basic bcmp") > which cited failures with `-fno-builtin-*` flags being retained in LLVM > LTO, that bug seems to have been fixed by > https://reviews.llvm.org/D71193, so the above sha can now be reverted in > favor of `-fno-builtin-bcmp`. > > Cc: stable@xxxxxxxxxxxxxxx # 4.4 Why does a fix for Clang-12 have to be backported all the way to v4.4? How does that meet the requirements for stable patches? > Link: https://bugs.llvm.org/show_bug.cgi?id=47162 > Link: https://github.com/ClangBuiltLinux/linux/issues/1126 > Link: https://reviews.llvm.org/D85963 > Reported-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx> > Suggested-by: Dávid Bolvanský <david.bolvansky@xxxxxxxxx> > Suggested-by: Kees Cook <keescook@xxxxxxxxxxxx> > Signed-off-by: Nick Desaulniers <ndesaulniers@xxxxxxxxxx> > --- > Makefile | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/Makefile b/Makefile > index 9cac6fde3479..211a1b6f6478 100644 > --- a/Makefile > +++ b/Makefile > @@ -959,6 +959,12 @@ ifdef CONFIG_RETPOLINE > KBUILD_CFLAGS += $(call cc-option,-fcf-protection=none) > endif > > +# The compiler may "libcall optimize" certain function calls into the below > +# functions, for architectures that don't use -ffreestanding. If we don't plan > +# to provide implementations of these routines, then prevent the compiler from > +# emitting calls to what will be undefined symbols. > +KBUILD_CFLAGS += -fno-builtin-stpcpy > + > # include additional Makefiles when needed > include-y := scripts/Makefile.extrawarn > include-$(CONFIG_KASAN) += scripts/Makefile.kasan > -- > 2.28.0.220.ged08abb693-goog >