lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMe9rOp-UoQFBvvorZA8-jBXk5JobkVa+trUH7ihHLxNyqMuWw@mail.gmail.com>
Date:	Fri, 18 May 2012 09:16:41 -0700
From:	"H.J. Lu" <hjl.tools@...il.com>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Ingo Molnar <mingo@...e.hu>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Greg KH <gregkh@...e.de>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Jarkko Sakkinen <jarkko.sakkinen@...el.com>
Subject: Re: Urgent: x86-32 and GNU ld 2.22.52.0.1

On Fri, May 18, 2012 at 9:14 AM, H.J. Lu <hjl.tools@...il.com> wrote:
> On Fri, May 18, 2012 at 8:56 AM, H. Peter Anvin <hpa@...or.com> wrote:
>> I need an urgent opinion.  It seems we have an epic mess on our hands.
>>
>> GNU ld 2.22.52.0.1 silently changed the semantics of section-relative
>> symbols that are part of otherwise empty sections, and silently changes
>> them to absolute.  We rely on section-relative symbols staying
>> section-relative, and actually have several sections in the linker
>> script solely for this purpose.
>
> That is I talked to you a couple days ago:
>
> http://sourceware.org/bugzilla/show_bug.cgi?id=14052
>
>> The postprocessor for the x86-32 kernel, relocs.c, currently doesn't
>> enforce its audited absolute symbols list.  As part of the
>> tip:x86/trampoline rework, however, I made it error out rather that
>> silently producing bad output.
>>
>> Ingo has found that with this particular version of GNU ld, the error
>> triggers.  I want to emphasize that this merely catches an error which
>> the current version of the tool would have allowed to silently go by,
>> which would have (possibly) caused a failure if the kernel was
>> subsequently booted in anything but its default location.
>>
>> There are a few ways we can deal with this, but I think we need to do
>> one or the other:
>>
>> 1. We can blacklist this version of GNU ld.
>
> I think this is the best approach.
>

Please verify that binutils 2.22.52.0.2 is broken
and binutils 2.22.52.0.1 is OK.


-- 
H.J.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ