lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMzpN2gsaDs=q5ymvS_R=qf7_AiSqZeQ1-Go=x-Ete=2W=st3A@mail.gmail.com>
Date:	Fri, 26 Feb 2016 09:42:14 -0500
From:	Brian Gerst <brgerst@...il.com>
To:	Boris Ostrovsky <boris.ostrovsky@...cle.com>
Cc:	Roger Pau Monné <roger.pau@...rix.com>,
	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
	David Vrabel <david.vrabel@...rix.com>,
	andrew.cooper3@...rix.com,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	mcgrof@...nel.org, xen-devel@...ts.xenproject.org
Subject: Re: [Xen-devel] [PATCH v3 0/2] Clear .bss for VP guests

On Fri, Feb 26, 2016 at 8:51 AM, Boris Ostrovsky
<boris.ostrovsky@...cle.com> wrote:
> On 02/26/2016 05:53 AM, Roger Pau Monné wrote:
>>
>> El 25/2/16 a les 16:16, Boris Ostrovsky ha escrit:
>>>
>>> PV guests need to have their .bss zeroed out since it is not guaranteed
>>> to be cleared by Xen's domain builder
>>
>> I guess I'm missing something, but elf_load_image (in libelf-loader.c)
>> seems to be able to clear segments (it will zero the memory between
>> p_paddr + p_filesz and p_paddr + p_memsz) while loading the ELF into
>> memory, so if the program headers are correctly setup the .bss should be
>> zeroed out AFAICT.
>
>
> Right, but I don't think this is guaranteed. It's uninitialized data so in
> principle it can be anything.
>
> The ELF spec says "the system initializes the data with zero when the
> program begins to run" which I read as it's up to runtime and not the loader
> to do so.
>
> And since kernel does it explicitly on baremetal path I think it's a good
> idea for PV to do the same.

It does it on bare metal because bzImage is a raw binary image, not ELF.

--
Brian Gerst

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ