lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK7LNARMJ0WNnxWXPxpyq_K_osBTRZB+0-Vo5XS_ME9GyZ0UxQ@mail.gmail.com>
Date:   Thu, 24 May 2018 09:11:47 +0900
From:   Masahiro Yamada <yamada.masahiro@...ionext.com>
To:     Laura Abbott <labbott@...hat.com>
Cc:     Andy Lutomirski <luto@...nel.org>,
        Mark Wielaard <mjw@...oraproject.org>,
        "H. J. Lu" <hjl.tools@...il.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>,
        Nick Clifton <nickc@...hat.com>,
        Cary Coutant <ccoutant@...il.com>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>
Subject: Re: [PATCHv3 2/2] x86/vdso: Add build salt to the vDSO

2018-05-24 7:53 GMT+09:00 Laura Abbott <labbott@...hat.com>:
> On 05/22/2018 05:33 PM, Andy Lutomirski wrote:
>>
>> On Tue, May 22, 2018 at 5:19 PM Laura Abbott <labbott@...hat.com> wrote:
>>
>>
>>> The vDSO is linked separately from the kernel and modules. Ensure it
>>> picks
>>> up the comment section, if available.
>>
>>
>> Did you end up preferring this to just sticking the kernel version in a
>> .comment in the vDSO for some reason?
>>
>
> Actually I remember now why this is necessary: there is not a simple way
> to encode a string into a linker file as it has to be spit out byte
> by byte. The autogeneration was the easiest way to make that happen.
> Maybe there's some horrific c preprocessing or other generation that
> could happen but I doubt that's any worse than the generated linker
> script.
>


I am personally prefer CONFIG option (as you did in v2) to KERNELVERSION.


If you use "hex" type instead of "string" type in Kconfig,
and LONG() instead of BYTE() in the script script,
this can be much simpler, right?





config BUILD_ID_SALT
        hex "Build ID Salt"
        help
           ...




Then, in scripts/Makefile,


define filechk_build-salt.lds
        { \
                echo "SECTIONS {"; \
                echo ".comment (INFO) : { LONG($(CONFIG_BUILD_ID_SALT)); }"; \
                echo "}"; \
        }
endef

$(obj)/build-salt.lds: $(src)/Makefile FORCE
        $(call filechk,build-salt.lds)




This is now so simple that we can even remove the shell script.





-- 
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ