lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <0e89bbcf8b8dcfc9c89fb383cd96654754a572f0.1244812577.git.ptesarik@suse.cz>
Date:	Fri, 12 Jun 2009 15:25:41 +0200
From:	Petr Tesarik <ptesarik@...e.cz>
To:	LKML <linux-kernel@...r.kernel.org>
Cc:	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>, Andi Kleen <andi@...stfloor.org>,
	Roland McGrath <roland@...hat.com>,
	Petr Tesarik <ptesarik@...e.cz>
Subject: [PATCH 7/8] x86: check the size of GOT in vDSO

There should be no real entries in the GOT, because they are basically
pointers to dynamic symbols, and that will not work correctly without
a real dynamic linker for the vDSO.

However, the ABI pre-defines three entries in the GOT which are always
present, so the GOT section is never completely empty. We can check
that there are no extra entries beyond these three.

To make it work:
  - move the GOT into a separate section
  - check the size of that section
  - pass -m32 or -m64 to the pre-processor to get the correct
    definition of __SIZEOF_POINTER__

Signed-off-by: Petr Tesarik <ptesarik@...e.cz>
---
 arch/x86/vdso/Makefile          |    5 +++--
 arch/x86/vdso/vdso-layout.lds.S |   20 +++++++++++++++++++-
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/arch/x86/vdso/Makefile b/arch/x86/vdso/Makefile
index 16a9020..8c7f06a 100644
--- a/arch/x86/vdso/Makefile
+++ b/arch/x86/vdso/Makefile
@@ -23,7 +23,8 @@ $(obj)/vdso.o: $(obj)/vdso.so
 
 targets += vdso.so vdso.so.dbg vdso.lds $(vobjs-y)
 
-export CPPFLAGS_vdso.lds += -P -C
+vdso-cppflags = -P -C
+export CPPFLAGS_vdso.lds += -m64 $(vdso-cppflags)
 
 VDSO_LDFLAGS_vdso.lds = -m elf_x86_64 -Wl,-soname=linux-vdso.so.1 \
 		      	-Wl,-z,max-page-size=4096 -Wl,-z,common-page-size=4096
@@ -68,7 +69,7 @@ vdso32.so-$(VDSO32-y)		+= sysenter
 
 vdso32-images			= $(vdso32.so-y:%=vdso32-%.so)
 
-CPPFLAGS_vdso32.lds = $(CPPFLAGS_vdso.lds)
+CPPFLAGS_vdso32.lds = -m32 $(vdso-cppflags)
 VDSO_LDFLAGS_vdso32.lds = -m elf_i386 -Wl,-soname=linux-gate.so.1
 
 # This makes sure the $(obj) subdirectory exists even though vdso32/
diff --git a/arch/x86/vdso/vdso-layout.lds.S b/arch/x86/vdso/vdso-layout.lds.S
index 0da3db0..ea9ef58 100644
--- a/arch/x86/vdso/vdso-layout.lds.S
+++ b/arch/x86/vdso/vdso-layout.lds.S
@@ -44,13 +44,15 @@ SECTIONS
 	.dynamic : {
 		*(.dynamic)
 	} :text :dynamic
+	.got : {
+		*(.got.plt) *(.got)
+	} :text
 
 	.rodata : {
 		*(.rodata* .gnu.linkonce.r.*)
 	} :text
 	.data : {
 		*(.data* .gnu.linkonce.d.*)
-		*(.got.plt) *(.got)
 		*(.bss* .gnu.linkonce.b.*)
 	}
 
@@ -111,6 +113,22 @@ SECTIONS
  */
 ASSERT(!SIZEOF(.broken), "The vdso linker script found a section that is bad. See vdso-layout.lds.S for details.");
 
+/* This assert is triggered if the resulting GOT is larger than the
+ * minimum defined by the ABI, i.e. there is some actual use of the
+ * GOT.
+ *
+ * To find the offending symbols you may:
+ *  1. temporarily disable this check
+ *  2. examine the dynamic relocations of the resulting vDSO with
+ *     objdump -R
+ *
+ * To find the places where the symbols were used, you may:
+ *  1. add -Wl,--emit-relocs to VDSO_LDFLAGS
+ *  2. run objdump -r on the resulting vDSO and look for all
+ *     GOT-type relocations.
+ */
+ASSERT(SIZEOF(.got) == 3*__SIZEOF_POINTER__, "The vdso linker script found a wrong reference to an external object. See vdso-layout.lds.S for details.");
+
 /*
  * Very old versions of ld do not recognize this name token; use the constant.
  */
-- 
1.6.0.2

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ