| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Mar 2020 05:07:41 -0700
From: "H.J. Lu" <hjl.tools@...il.com>
To: Borislav Petkov <bp@...en8.de>
Cc: LKML <linux-kernel@...r.kernel.org>,
Andy Lutomirski <luto@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Kees Cook <keescook@...omium.org>,
Ingo Molnar <mingo@...hat.com>,
"H . Peter Anvin" <hpa@...or.com>,
"the arch/x86 maintainers" <x86@...nel.org>,
Yu-cheng Yu <yu-cheng.yu@...el.com>
Subject: Re: [PATCH] x86: Discard .note.gnu.property sections in vDSO
On Fri, Mar 27, 2020 at 3:44 AM Borislav Petkov <bp@...en8.de> wrote:
>
> On Thu, Mar 26, 2020 at 10:43:14AM -0700, H.J. Lu wrote:
> > With the command-line option, -mx86-used-note=yes, the x86 assembler
>
> I see:
>
> -mx86-used-note=no
> -mx86-used-note=yes
> These options control whether the assembler should generate
> GNU_PROPERTY_X86_ISA_1_USED and GNU_PROPERTY_X86_FEATURE_2_USED GNU property
> notes. The default can be controlled by the --enable-x86-used-note
> configure option.
>
> Is there a plan to use this build option in the kernel in the future or
> all binutils will have it enabled or what's the story here?
>
> Because I don't see -mx86-used-note used anywhere in the kernel...
-mx86-used-note=yes can be enabled by default at binutils configure time:
[hjl@...-cfl-2 ~]$ as --help | grep mx86-used-note
-mx86-used-note=[no|yes] (default: yes)
[hjl@...-cfl-2 ~]$
I am changing the commit log to
---
With the command-line option, -mx86-used-note=yes, which can also be
enabled at binutils build time with
--enable-x86-used-note generate GNU x86 used ISA and feature properties
the x86 assembler in binutils 2.32 and above generates a program property
note in a note section, .note.gnu.property, to encode used x86 ISAs and
features. But kernel linker script only contains a single NOTE segment:
---
> > in binutils 2.32 and above generates a program property note in a note
> > section, .note.gnu.property, to encode used x86 ISAs and features. But
> > x86 kernel vDSO linker script only contains a single NOTE segment:
> >
> > PHDRS
> > {
> > text PT_LOAD FLAGS(5) FILEHDR PHDRS; /* PF_R|PF_X */
> > dynamic PT_DYNAMIC FLAGS(4); /* PF_R */
> > note PT_NOTE FLAGS(4); /* PF_R */
> > eh_frame_hdr 0x6474e550;
> > }
> >
> > The NOTE segment generated by vDSO linker script is aligned to 4 bytes.
> > But .note.gnu.property section must be aligned to 8 bytes on x86-64 and
> > we get
> >
> > [hjl@...-skx-1 vdso]$ readelf -n vdso64.so
> >
> > Displaying notes found in: .note
> > Owner Data size Description
> > Linux 0x00000004 Unknown note type: (0x00000000)
> > description data: 06 00 00 00
> > readelf: Warning: note with invalid namesz and/or descsz found at offset 0x20
> > readelf: Warning: type: 0x78, namesize: 0x00000100, descsize: 0x756e694c, alignment: 8
> > [hjl@...-skx-1 vdso]$
> >
> > Since note.gnu.property section in vDSO is not checked by dynamic linker,
> > this patch discards .note.gnu.property sections in vDSO by adding
>
> Avoid having "This patch" or "This commit" in the commit message. It is
> tautologically useless.
I am changing it to
Since note.gnu.property section in kernel image is never used, discard
.note.gnu.property sections in kernel linker script by adding
/DISCARD/ : {
*(.note.gnu.property)
}
> Also, do
>
> $ git grep 'This patch' Documentation/process
>
> for more details.
Thanks.
--
H.J.
Powered by blists - more mailing lists