| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Dec 2018 10:29:32 -0800
From: Sean Christopherson <sean.j.christopherson@...el.com>
To: Andy Lutomirski <luto@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
x86@...nel.org
Cc: "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>
Subject: Re: [PATCH 1/2] x86/vdso: Remove obsolete "fake section table"
reservation
On Tue, Dec 04, 2018 at 10:22:39AM -0800, Sean Christopherson wrote:
> On Tue, Dec 04, 2018 at 08:17:40AM -0800, Sean Christopherson wrote:
> > At one point the vDSO image was manually stripped down by vdso2c in an
> > attempt to minimize the size of the image mapped into userspace. Part
> > of that stripping process involved building a fake section table so as
> > not to break userspace processes that parse the section table. Memory
> > for the fake section table was reserved in the .rodata section so that
> > vdso2c could simply copy the entire PT_LOAD segment into the userspace
> > image after building the fake table.
> >
> > Eventually, the entire fake section table approach was dropped in favor
> > of stripping the vdso "the old fashioned way", i.e. via objdump -S.
> > But, the reservation in .rodata for the fake table was left behind.
> > Remove the reserveration along with a few other related defines and
> > section entries.
> >
> > Removing the fake section table placeholder zaps a whopping 0x340 bytes
> > from the 64-bit vDSO image, which drops the current image's size to
> > under 4k, i.e. reduces the effective size of the userspace vDSO mapping
> > by a full page.
> >
> > Fixes: da861e18eccc ("x86, vdso: Get rid of the fake section mechanism")
> > Cc: Andy Lutomirski <luto@...capital.net>
> > Signed-off-by: Sean Christopherson <sean.j.christopherson@...el.com>
> > ---
> > diff --git a/arch/x86/entry/vdso/vdso2c.c b/arch/x86/entry/vdso/vdso2c.c
> > index 4674f58581a1..2479a454b15c 100644
> > --- a/arch/x86/entry/vdso/vdso2c.c
> > +++ b/arch/x86/entry/vdso/vdso2c.c
> > @@ -98,12 +98,6 @@ struct vdso_sym required_syms[] = {
> > [sym_hpet_page] = {"hpet_page", true},
> > [sym_pvclock_page] = {"pvclock_page", true},
> > [sym_hvclock_page] = {"hvclock_page", true},
> > - [sym_VDSO_FAKE_SECTION_TABLE_START] = {
> > - "VDSO_FAKE_SECTION_TABLE_START", false
> > - },
> > - [sym_VDSO_FAKE_SECTION_TABLE_END] = {
> > - "VDSO_FAKE_SECTION_TABLE_END", false
> > - },
>
> Doh, I missed removing the definitions for sym_VDSO_FAKE_SECTION_TABLE_*.
And with sym_VDSO_FAKE_SECTION_TABLE_* gone all symbols are exported,
meaning required_syms can be a char* array and struct vdso_sym can be
removed.
> > {"VDSO32_NOTE_MASK", true},
> > {"__kernel_vsyscall", true},
> > {"__kernel_sigreturn", true},
> > --
> > 2.19.2
> >
Powered by blists - more mailing lists