lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 16 Sep 2016 11:12:10 -0700
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
Cc:     Peter Zijlstra <peterz@...radead.org>,
        Stephane Eranian <eranian@...gle.com>,
        Vince Weaver <vincent.weaver@...ne.edu>,
        LKML <linux-kernel@...r.kernel.org>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Ingo Molnar <mingo@...nel.org>,
        Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH] scripts: add script for translating stack dump function offsets

On Fri, Sep 16, 2016 at 7:48 AM, Josh Poimboeuf <jpoimboe@...hat.com> wrote:
>
> Here's something a lot faster than gdb, which also handles duplicate
> symbols properly.

Ack.

Side note: I find addr2line almost completely useless in many cases
not because of address space randomization, but because of how complex
the inlining often is. I just had something where I decided to use
addr2line and it just pointed me to the __read_once_size_nocheck()
line in <linux/compiler.h>. That was not very useful.

I ended up actually looking at the instructions *around* it, to find
where that one instruction had been inlined from.

So I'm wondering if this kind of helper script could be extended to
have that "look around it" thing to help.

Finally, I note that *if* you hit the "multiple copies of the same
function name" issue, it might be a good idea to limit the function
name copies by their size/offset. Also, shouldn't you filter the
objdump for just functions Both the size and the function filtering
should be possible with some additional awk script magic.

For example, in my current kernel build, I have the following object
names that are both functions and non-functions:

  event_function, irq_trigger, p_start, tbl_size, verbose, watchdog

and I have 10 different versions of the function ("type_show()", with
sizes ranging from 26 bytes to 166 bytes. So both the function offset
filtering and the type filtering could definitely make a difference.

            Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ