| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMuHMdXz5Q+V3eAePLOdBgGjecs1aZmjka3PAphVsHV+Mu3u=Q@mail.gmail.com>
Date: Tue, 27 Oct 2020 18:55:56 +0100
From: Geert Uytterhoeven <geert@...ux-m68k.org>
To: Ard Biesheuvel <ardb@...nel.org>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
Will Deacon <will@...nel.org>,
Catalin Marinas <catalin.marinas@....com>,
Jessica Yu <jeyu@...nel.org>,
Kees Cook <keescook@...omium.org>,
Nick Desaulniers <ndesaulniers@...gle.com>
Subject: Re: [PATCH] module: use hidden visibility for weak symbol references
On Tue, Oct 27, 2020 at 4:11 PM Ard Biesheuvel <ardb@...nel.org> wrote:
> Geert reports that commit be2881824ae9eb92 ("arm64/build: Assert for
> unwanted sections") results in build errors on arm64 for configurations
> that have CONFIG_MODULES disabled.
>
> The commit in question added ASSERT()s to the arm64 linker script to
> ensure that linker generated sections such as .got, .plt etc are empty,
> but as it turns out, there are corner cases where the linker does emit
> content into those sections. More specifically, weak references to
> function symbols (which can remain unsatisfied, and can therefore not
> be emitted as relative references) will be emitted as GOT and PLT
> entries when linking the kernel in PIE mode (which is the case when
> CONFIG_RELOCATABLE is enabled, which is on by default).
>
> What happens is that code such as
>
> struct device *(*fn)(struct device *dev);
> struct device *iommu_device;
>
> fn = symbol_get(mdev_get_iommu_device);
> if (fn) {
> iommu_device = fn(dev);
>
> essentially gets converted into the following when CONFIG_MODULES is off:
>
> struct device *iommu_device;
>
> if (&mdev_get_iommu_device) {
> iommu_device = mdev_get_iommu_device(dev);
>
> where mdev_get_iommu_device is emitted as a weak symbol reference into
> the object file. The first reference is decorated with an ordinary
> ABS64 data relocation (which yields 0x0 if the reference remains
> unsatisfied). However, the indirect call is turned into a direct call
> covered by a R_AARCH64_CALL26 relocation, which is converted into a
> call via a PLT entry taking the target address from the associated
> GOT entry.
>
> Given that such GOT and PLT entries are unnecessary for fully linked
> binaries such as the kernel, let's give these weak symbol references
> hidden visibility, so that the linker knows that the weak reference
> via R_AARCH64_CALL26 can simply remain unsatisfied.
>
> Cc: Jessica Yu <jeyu@...nel.org>
> Cc: Kees Cook <keescook@...omium.org>
> Cc: Geert Uytterhoeven <geert@...ux-m68k.org>
> Cc: Nick Desaulniers <ndesaulniers@...gle.com>
> Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
Thanks, this get rids of
aarch64-linux-gnu-ld: Unexpected GOT/PLT entries detected!
aarch64-linux-gnu-ld: Unexpected run-time procedure linkages detected!
which you may want to mention in the patch description, to make
it easier to be found.
Tested-by: Geert Uytterhoeven <geert+renesas@...der.be>
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
Powered by blists - more mailing lists