lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 22 Aug 2019 13:12:53 +0200
From:   Florian Weimer <fweimer@...hat.com>
To:     Dave Martin <Dave.Martin@....com>
Cc:     "H.J. Lu" <hjl.tools@...il.com>,
        Yu-cheng Yu <yu-cheng.yu@...el.com>, binutils@...rceware.org,
        linux-kernel@...r.kernel.org
Subject: Re: ELF NT_GNU_PROPERTY_TYPE_0 Questions

* Dave Martin:

> Hi there,
>
> Can you clarify a couple of points about the SysV ABI Linux
> Extensions [1] for me?
>
> 1) Can there be more than one NT_GNU_PROPERTY_TYPE_0 note in a valid
> ELF file?  I think the answer should be "no".

Yes, if it has been produced by a link editors which does not about
property notes.  The ELF file still needs to be treated as valid, but
the note should be ignored.

> 2) Is is permissible for an ELF ET_EXEC or ET_DYN file that contains
> an NT_GNU_PROPERTY_TYPE_0 property not to have a PT_GNU_PROPERTY phdrs
> entry mapping it?  Except for historical usage by RedHat (which
> apparently can be worked round in userspace) it seems reasonable for
> the answer to be "no", at least for Linux.

Using an older link editor on a CET-enabled distribution will produce
such binaries, too.  The ELF file still needs to be treated as valid,
but the property date should be ignored.

> 3) Is it permissible for the PT_GNU_PROPERTY phdr (if present) to
> map anything other than precisely one NT_GNU_PROPERTY_TYPE_0
> note?  I think the answer should be "no".

Correct.  Additional processing logic in the link editor is needed.

> 4) Is an NT_GNU_PROPERTY_TYPE_0 note allowed to contain two or more
> properties with the same pr_type?  I think the answer should be "no".

H.J. needs to answer that.

> 5) What's the rationale for sorting the properties by pr_type?  I can
> see this would make it easier for the linker to merge
> NT_GNU_PROPERTY_TYPE_0 notes from different files, but I'm wondering
> whether the kernel really needs to enforce the ordering when loading
> an ELF.  The kernel doesn't need to merge property lists together.

Likewise.

> 6) Do you have a view on the best way to define the Elf_Prop type in
> headers?  bfd elf-bfd.h seems to have elf_property, but this doesn't
> follow the style of the public ELF headers.

We should put it into <elf.h> in glibc.  We don't want to rely on UAPI
headers there because this version of <elf.h> is used in many places.

Thanks,
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ