lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 18 May 2012 09:11:17 -0700
From:	"H. Peter Anvin" <h.peter.anvin@...el.com>
To:	Ingo Molnar <mingo@...e.hu>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	"H.J. Lu" <hjl.tools@...il.com>,
	Greg KH <gregkh@...uxfoundation.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Jarkko Sakkinen <jarkko.sakkinen@...el.com>
Subject: Re: Urgent: x86-32 and GNU ld 2.22.52.0.1

On 05/18/2012 08:56 AM, H. Peter Anvin wrote:
> I need an urgent opinion.  It seems we have an epic mess on our hands.
> 
> GNU ld 2.22.52.0.1 silently changed the semantics of section-relative
> symbols that are part of otherwise empty sections, and silently changes
> them to absolute.  We rely on section-relative symbols staying
> section-relative, and actually have several sections in the linker
> script solely for this purpose.
> 
> The postprocessor for the x86-32 kernel, relocs.c, currently doesn't
> enforce its audited absolute symbols list.  As part of the
> tip:x86/trampoline rework, however, I made it error out rather that
> silently producing bad output.
> 
> Ingo has found that with this particular version of GNU ld, the error
> triggers.  I want to emphasize that this merely catches an error which
> the current version of the tool would have allowed to silently go by,
> which would have (possibly) caused a failure if the kernel was
> subsequently booted in anything but its default location.
> 
> There are a few ways we can deal with this, but I think we need to do
> one or the other:
> 
> 1. We can blacklist this version of GNU ld.
> 2. We can uprev the tool to the one from the tip:x86/trampoline work,
>    with error checking, and give it a list of symbols that should
>    be relative but may end up as absolute.  We risk build errors for
>    some people if the list isn't complete.
> 3. We do a minimal forward-port of the error checking into the current
>    tool.
> 4. We add to the list of relative symbols in the current version of
>    the tool without adding the error checking.
> 
> However, since it seems clear that we're silently producing corrupt
> kernels out of the current build, I think we need a fix for this for 3.4.
> 

For the record, these are the checkins out of the -tip tree.  They are a
little bigger than necessary because they move the tool around to make
it available for reuse, and of course introduce additional functionality.

	-hpa

	

View attachment "0001-x86-relocs-Workaround-for-binutils-2.22.52.0.1-secti.patch" of type "text/x-patch" (1134 bytes)

View attachment "0021-x86-realmode-move-relocs-from-scripts-to-arch-x86-to.patch" of type "text/x-patch" (45726 bytes)

View attachment "0033-x86-relocs-Workaround-for-binutils-2.22.52.0.1-secti.patch" of type "text/x-patch" (1141 bytes)

View attachment "0034-x86-relocs-More-relocations-which-may-end-up-as-abso.patch" of type "text/x-patch" (1612 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ