On Tue, May 14, 2019 at 02:04:21PM +0200, Johannes Hirte wrote: > On 2019 Apr 23, Kees Cook wrote: > > When building x86 with Clang LTO and CFI, CFI jump regions are > > automatically added to the end of the .text section late in linking. As a > > result, the _etext position was being labelled before the appended jump > > regions, causing confusion about where the boundaries of the executable > > region actually are in the running kernel, and broke at least the fault > > injection code. This moves the _etext mark to outside (and immediately > > after) the .text area, as it already the case on other architectures > > (e.g. arm64, arm). > > > > Reported-and-tested-by: Sami Tolvanen <samitolva...@google.com> > > Signed-off-by: Kees Cook <keesc...@chromium.org> > > --- > > arch/x86/kernel/vmlinux.lds.S | 6 +++--- > > 1 file changed, 3 insertions(+), 3 deletions(-) > > > > diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S > > index bad8c51fee6e..de94da2366e7 100644 > > --- a/arch/x86/kernel/vmlinux.lds.S > > +++ b/arch/x86/kernel/vmlinux.lds.S > > @@ -141,11 +141,11 @@ SECTIONS > > *(.text.__x86.indirect_thunk) > > __indirect_thunk_end = .; > > #endif > > - > > - /* End of text section */ > > - _etext = .; > > } :text = 0x9090 > > > > + /* End of text section */ > > + _etext = .; > > + > > NOTES :text :note > > > > EXCEPTION_TABLE(16) :text = 0x9090 > > -- > > 2.17.1 > > This breaks the build on my system: > > RELOCS arch/x86/boot/compressed/vmlinux.relocs > CC arch/x86/boot/compressed/early_serial_console.o > CC arch/x86/boot/compressed/kaslr.o > AS arch/x86/boot/compressed/mem_encrypt.o > CC arch/x86/boot/compressed/kaslr_64.o > Invalid absolute R_X86_64_32S relocation: _etext > make[2]: *** [arch/x86/boot/compressed/Makefile:130: > arch/x86/boot/compressed/vmlinux.relocs] Error 1 > make[2]: *** Deleting file 'arch/x86/boot/compressed/vmlinux.relocs' > make[2]: *** Waiting for unfinished jobs.... > make[1]: *** [arch/x86/boot/Makefile:112: arch/x86/boot/compressed/vmlinux] > Error 2 > make: *** [arch/x86/Makefile:283: bzImage] Error 2
Interesting! Can you send along your .config and compiler details? -- Kees Cook