lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20181204182932.GB17374@linux.intel.com>
Date:   Tue, 4 Dec 2018 10:29:32 -0800
From:   Sean Christopherson <sean.j.christopherson@...el.com>
To:     Andy Lutomirski <luto@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        x86@...nel.org
Cc:     "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org,
        Andy Lutomirski <luto@...capital.net>
Subject: Re: [PATCH 1/2] x86/vdso: Remove obsolete "fake section table"
 reservation

On Tue, Dec 04, 2018 at 10:22:39AM -0800, Sean Christopherson wrote:
> On Tue, Dec 04, 2018 at 08:17:40AM -0800, Sean Christopherson wrote:
> > At one point the vDSO image was manually stripped down by vdso2c in an
> > attempt to minimize the size of the image mapped into userspace.  Part
> > of that stripping process involved building a fake section table so as
> > not to break userspace processes that parse the section table.  Memory
> > for the fake section table was reserved in the .rodata section so that
> > vdso2c could simply copy the entire PT_LOAD segment into the userspace
> > image after building the fake table.
> > 
> > Eventually, the entire fake section table approach was dropped in favor
> > of stripping the vdso "the old fashioned way", i.e. via objdump -S.
> > But, the reservation in .rodata for the fake table was left behind.
> > Remove the reserveration along with a few other related defines and
> > section entries.
> > 
> > Removing the fake section table placeholder zaps a whopping 0x340 bytes
> > from the 64-bit vDSO image, which drops the current image's size to
> > under 4k, i.e. reduces the effective size of the userspace vDSO mapping
> > by a full page.
> > 
> > Fixes: da861e18eccc ("x86, vdso: Get rid of the fake section mechanism")
> > Cc: Andy Lutomirski <luto@...capital.net>
> > Signed-off-by: Sean Christopherson <sean.j.christopherson@...el.com>
> > ---
> > diff --git a/arch/x86/entry/vdso/vdso2c.c b/arch/x86/entry/vdso/vdso2c.c
> > index 4674f58581a1..2479a454b15c 100644
> > --- a/arch/x86/entry/vdso/vdso2c.c
> > +++ b/arch/x86/entry/vdso/vdso2c.c
> > @@ -98,12 +98,6 @@ struct vdso_sym required_syms[] = {
> >  	[sym_hpet_page] = {"hpet_page", true},
> >  	[sym_pvclock_page] = {"pvclock_page", true},
> >  	[sym_hvclock_page] = {"hvclock_page", true},
> > -	[sym_VDSO_FAKE_SECTION_TABLE_START] = {
> > -		"VDSO_FAKE_SECTION_TABLE_START", false
> > -	},
> > -	[sym_VDSO_FAKE_SECTION_TABLE_END] = {
> > -		"VDSO_FAKE_SECTION_TABLE_END", false
> > -	},
> 
> Doh, I missed removing the definitions for sym_VDSO_FAKE_SECTION_TABLE_*.

And with sym_VDSO_FAKE_SECTION_TABLE_* gone all symbols are exported,
meaning required_syms can be a char* array and struct vdso_sym can be
removed.

> >  	{"VDSO32_NOTE_MASK", true},
> >  	{"__kernel_vsyscall", true},
> >  	{"__kernel_sigreturn", true},
> > -- 
> > 2.19.2
> > 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ