Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

can't find switch jump table in drivers/ata/sata_dwc_460ex.c #485

Closed
nickdesaulniers opened this issue May 20, 2019 · 7 comments
Closed

can't find switch jump table in drivers/ata/sata_dwc_460ex.c #485

nickdesaulniers opened this issue May 20, 2019 · 7 comments
Labels
[ARCH] x86_64 This bug impacts ARCH=x86_64 [BUG] linux A bug that should be fixed in the mainline kernel. [FIXED][LINUX] 5.7 This bug was fixed in Linux 5.7 [TOOL] objtool warning is produced by the kernel's objtool

Comments

@nickdesaulniers
Copy link
Member 

$ ./scripts/config -e CONFIG_SATA_DWC

drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table
@nickdesaulniers nickdesaulniers added [BUG] Untriaged Something isn't working [ARCH] x86_64 This bug impacts ARCH=x86_64 low priority This bug is not critical and not a priority [TOOL] objtool warning is produced by the kernel's objtool labels May 20, 2019
@nickdesaulniers
Copy link
Member Author

hmm...seems like I only see it with allyesconfig...

@ihalip
Copy link

ihalip commented May 23, 2019

I'm seeing this with clang-8, but adding -fno-jump-tables to the compiler cmdline makes the warning goes away.

When building with GCC, -fno-jump-tables is added here.

@nickdesaulniers
Copy link
Member Author

nickdesaulniers commented Jul 11, 2019
edited by nathanchance
Loading

So @arndb and Jann may have a fix for this: https://lore.kernel.org/r/CAG48ez3ipuPHLxbqqc50=Kn4QuoNczkd7VqEoLPVd3WWLk2s+Q@mail.gmail.com/

@nathanchance
Copy link
Member

Still relevant with tip of tree LLVM and Linux:

drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table

I will try to creduce something later.

@nathanchance nathanchance mentioned this issue Feb 13, 2020
Closed
@nickdesaulniers nickdesaulniers removed the low priority This bug is not critical and not a priority label Feb 13, 2020
@jpoimboe
Copy link

Potential fix: https://git.kernel.org/pub/scm/linux/kernel/git/jpoimboe/linux.git/commit/?h=objtool-clang-switch-fix&id=c796eeb0b88f95b2de9a4041a268f7f7d54735c6

@jpoimboe jpoimboe mentioned this issue Feb 14, 2020
Closed
@nickdesaulniers nickdesaulniers added [BUG] linux A bug that should be fixed in the mainline kernel. [PATCH] Exists There is a patch that fixes this issue and removed [BUG] Untriaged Something isn't working labels Feb 14, 2020
@nickdesaulniers
Copy link
Member Author

nickdesaulniers commented Feb 18, 2020
edited by nathanchance
Loading

fixes: https://lore.kernel.org/r/cover.1581997059.git.jpoimboe@redhat.com/

@nickdesaulniers nickdesaulniers added [PATCH] Submitted A patch has been submitted for review and removed [PATCH] Exists There is a patch that fixes this issue labels Feb 18, 2020
fengguang pushed a commit to 0day-ci/linux that referenced this issue Feb 19, 2020
@jpoimboe @intel-lab-lkp
objtool: Fix clang switch table edge case
cca0091 
Clang has the ability to create a switch table which is not a jump
table, but is rather a table of string pointers.  This confuses objtool,
because it sees the relocations for the string pointers and assumes
they're part of a jump table:

  drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table
  net/ceph/messenger.o: warning: objtool: ceph_con_workfn()+0x47c: can't find switch jump table

Make objtool's find_jump_table() smart enough to distinguish between a
switch jump table (which has relocations to text addresses in the same
function as the original instruction) and other anonymous rodata (which
may have relocations to elsewhere).

Link: ClangBuiltLinux#485
Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
ruscur pushed a commit to ruscur/linux that referenced this issue Feb 24, 2020
@jpoimboe
objtool: Fix clang switch table edge case
113d4bc 
Clang has the ability to create a switch table which is not a jump
table, but is rather a table of string pointers.  This confuses objtool,
because it sees the relocations for the string pointers and assumes
they're part of a jump table:

  drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table
  net/ceph/messenger.o: warning: objtool: ceph_con_workfn()+0x47c: can't find switch jump table

Make objtool's find_jump_table() smart enough to distinguish between a
switch jump table (which has relocations to text addresses in the same
function as the original instruction) and other anonymous rodata (which
may have relocations to elsewhere).

Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Link: ClangBuiltLinux#485
Link: https://lkml.kernel.org/r/263f6aae46d33da0b86d7030ced878cb5cab1788.1581997059.git.jpoimboe@redhat.com
@nickdesaulniers nickdesaulniers added [PATCH] Accepted A submitted patch has been accepted upstream and removed [PATCH] Submitted A patch has been submitted for review labels Mar 16, 2020
@nathanchance
Copy link
Member

Merged into mainline: https://git.kernel.org/linus/113d4bc9048336ba7c3d2ad972dbad4aef6e148a

@nathanchance nathanchance added [FIXED][LINUX] 5.7 This bug was fixed in Linux 5.7 and removed [PATCH] Accepted A submitted patch has been accepted upstream labels Mar 31, 2020
krasCGQ pushed a commit to krasCGQ/linux that referenced this issue Apr 8, 2020
@jpoimboe @krasCGQ
objtool: Fix clang switch table edge case
b7274e2 
Clang has the ability to create a switch table which is not a jump
table, but is rather a table of string pointers.  This confuses objtool,
because it sees the relocations for the string pointers and assumes
they're part of a jump table:

  drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table
  net/ceph/messenger.o: warning: objtool: ceph_con_workfn()+0x47c: can't find switch jump table

Make objtool's find_jump_table() smart enough to distinguish between a
switch jump table (which has relocations to text addresses in the same
function as the original instruction) and other anonymous rodata (which
may have relocations to elsewhere).

Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Link: ClangBuiltLinux/linux#485
Link: https://lkml.kernel.org/r/263f6aae46d33da0b86d7030ced878cb5cab1788.1581997059.git.jpoimboe@redhat.com
Signed-off-by: Albert I <kras@raphielgang.org>
krasCGQ pushed a commit to krasCGQ/linux that referenced this issue Apr 8, 2020
@jpoimboe @krasCGQ
objtool: Fix clang switch table edge case
c3afd99 
Clang has the ability to create a switch table which is not a jump
table, but is rather a table of string pointers.  This confuses objtool,
because it sees the relocations for the string pointers and assumes
they're part of a jump table:

  drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table
  net/ceph/messenger.o: warning: objtool: ceph_con_workfn()+0x47c: can't find switch jump table

Make objtool's find_jump_table() smart enough to distinguish between a
switch jump table (which has relocations to text addresses in the same
function as the original instruction) and other anonymous rodata (which
may have relocations to elsewhere).

Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Link: ClangBuiltLinux/linux#485
Link: https://lkml.kernel.org/r/263f6aae46d33da0b86d7030ced878cb5cab1788.1581997059.git.jpoimboe@redhat.com
Signed-off-by: Albert I <kras@raphielgang.org>
raphielscape pushed a commit to raphielscape/linux-scape-workstation that referenced this issue Apr 12, 2020
@jpoimboe @raphielscape
objtool: Fix clang switch table edge case
30a341c 
Clang has the ability to create a switch table which is not a jump
table, but is rather a table of string pointers.  This confuses objtool,
because it sees the relocations for the string pointers and assumes
they're part of a jump table:

  drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table
  net/ceph/messenger.o: warning: objtool: ceph_con_workfn()+0x47c: can't find switch jump table

Make objtool's find_jump_table() smart enough to distinguish between a
switch jump table (which has relocations to text addresses in the same
function as the original instruction) and other anonymous rodata (which
may have relocations to elsewhere).

Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Link: ClangBuiltLinux/linux#485
Link: https://lkml.kernel.org/r/263f6aae46d33da0b86d7030ced878cb5cab1788.1581997059.git.jpoimboe@redhat.com
Signed-off-by: Albert I <kras@raphielgang.org>
Signed-off-by: Rapherion Rollerscaperers <rapherion@raphielgang.org>
xdevs23 pushed a commit to xdevs23/linux-nitrous that referenced this issue May 31, 2022
@jpoimboe @xdevs23
objtool: Fix clang switch table edge case
28cffac 
Clang has the ability to create a switch table which is not a jump
table, but is rather a table of string pointers.  This confuses objtool,
because it sees the relocations for the string pointers and assumes
they're part of a jump table:

  drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table
  net/ceph/messenger.o: warning: objtool: ceph_con_workfn()+0x47c: can't find switch jump table

Make objtool's find_jump_table() smart enough to distinguish between a
switch jump table (which has relocations to text addresses in the same
function as the original instruction) and other anonymous rodata (which
may have relocations to elsewhere).

Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Link: ClangBuiltLinux/linux#485
Link: https://lkml.kernel.org/r/263f6aae46d33da0b86d7030ced878cb5cab1788.1581997059.git.jpoimboe@redhat.com
Signed-off-by: Simao Gomes Viana <devel@superboring.dev>
oraclelinuxkernel pushed a commit to oracle/linux-uek that referenced this issue Jul 29, 2022
@jpoimboe
objtool: Fix clang switch table edge case
d2e9f00 
Clang has the ability to create a switch table which is not a jump
table, but is rather a table of string pointers.  This confuses objtool,
because it sees the relocations for the string pointers and assumes
they're part of a jump table:

  drivers/ata/sata_dwc_460ex.o: warning: objtool: sata_dwc_bmdma_start_by_tag()+0x3a2: can't find switch jump table
  net/ceph/messenger.o: warning: objtool: ceph_con_workfn()+0x47c: can't find switch jump table

Make objtool's find_jump_table() smart enough to distinguish between a
switch jump table (which has relocations to text addresses in the same
function as the original instruction) and other anonymous rodata (which
may have relocations to elsewhere).

Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Link: ClangBuiltLinux/linux#485
Link: https://lkml.kernel.org/r/263f6aae46d33da0b86d7030ced878cb5cab1788.1581997059.git.jpoimboe@redhat.com
(cherry picked from commit 113d4bc)

Orabug: 34335632
CVE: CVE-2022-29901
CVE: CVE-2022-23816

Signed-off-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Reviewed-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
[ARCH] x86_64 This bug impacts ARCH=x86_64 [BUG] linux A bug that should be fixed in the mainline kernel. [FIXED][LINUX] 5.7 This bug was fixed in Linux 5.7 [TOOL] objtool warning is produced by the kernel's objtool
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jpoimboe @nickdesaulniers @ihalip @nathanchance