| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Jul 2018 12:57:36 +0900
From: Masahiro Yamada <yamada.masahiro@...ionext.com>
To: Laura Abbott <labbott@...hat.com>
Cc: Andy Lutomirski <luto@...nel.org>,
Mark Wielaard <mjw@...oraproject.org>,
"H . J . Lu" <hjl.tools@...il.com>,
Michael Ellerman <mpe@...erman.id.au>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will.deacon@....com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
X86 ML <x86@...nel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Nick Clifton <nickc@...hat.com>,
Cary Coutant <ccoutant@...il.com>,
Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
linuxppc-dev <linuxppc-dev@...ts.ozlabs.org>,
linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCHv5 0/4] Salted build ids via ELF notes
Hi.
2018-07-04 8:21 GMT+09:00 Laura Abbott <labbott@...hat.com>:
>
> Hi,
>
> This is v5 of the series to allow unique build ids in the kernel. As a
> reminder of the context:
> ""
> In Fedora, the debug information is packaged separately (foo-debuginfo) and
> can be installed separately. There's been a long standing issue where only one
> version of a debuginfo info package can be installed at a time. Mark Wielaard
> made an effort for Fedora 27 to allow parallel installation of debuginfo (see
> https://fedoraproject.org/wiki/Changes/ParallelInstallableDebuginfo for
> more details)
>
> Part of the requirement to allow this to work is that build ids are
> unique between builds. The existing upstream rpm implementation ensures
> this by re-calculating the build-id using the version and release as a
> seed. This doesn't work 100% for the kernel because of the vDSO which is
> its own binary and doesn't get updated. After poking holes in a few of my
> ideas, there was a discussion with some people from the binutils team about
> adding --build-id-salt to let ld do the calculation debugedit is doing. There
> was a counter proposal made to add in the salt while building. The
> easiest proposal was to add an item in the linker script vs. linking in
> an object since we need the salt to go in every module as well as the
> kernel and vmlinux.
> ""
I think this information is helpful to explain the background
of this work, but the cover letter cannot be committed in git.
Could you add this in 1/4 please?
If I read only the simple log in 1/4,
I would wonder why it is useful...
> v5 uses the approach suggested by Masahiro Yamada which uses the
> existing ELF note macro to more easily add the salt (vs previous
> approaches which tried to adjust via linker section).
>
> If arch maintainers are okay, I'd like acks for this so this can go
> through the kbuild tree.
>
> Thanks,
> Laura
>
> Laura Abbott (4):
> kbuild: Add build salt to the kernel and modules
> x86: Add build salt to the vDSO
> powerpc: Add build salt to the vDSO
> arm64: Add build salt to the vDSO
>
> arch/arm64/kernel/vdso/note.S | 3 +++
> arch/powerpc/kernel/vdso32/note.S | 3 +++
> arch/x86/entry/vdso/vdso-note.S | 3 +++
> arch/x86/entry/vdso/vdso32/note.S | 3 +++
> include/linux/build-salt.h | 20 ++++++++++++++++++++
> init/Kconfig | 9 +++++++++
> init/version.c | 3 +++
> scripts/mod/modpost.c | 3 +++
> 8 files changed, 47 insertions(+)
> create mode 100644 include/linux/build-salt.h
>
> --
> 2.17.1
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Best Regards
Masahiro Yamada
Powered by blists - more mailing lists