lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210430081632.GS9028@arm.com>
Date:   Fri, 30 Apr 2021 09:16:33 +0100
From:   Szabolcs Nagy <szabolcs.nagy@....com>
To:     Bill Wendling <morbo@...gle.com>
Cc:     Mark Brown <broonie@...nel.org>,
        Catalin Marinas <catalin.marinas@....com>,
        Kees Cook <keescook@...gle.com>,
        Ard Biesheuvel <ardb@...nel.org>,
        Will Deacon <will@...nel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        linux-arm-kernel@...ts.infradead.org,
        Daniel Kiss <Daniel.Kiss@....com>
Subject: Re: [PATCH] arm64/vdso: Discard .note.gnu.property sections in vDSO

The 04/29/2021 11:52, Bill Wendling wrote:
> $ readelf -lW arch/arm64/kernel/vdso/vdso.so
> 
> Elf file type is DYN (Shared object file)
> Entry point 0x300
> There are 4 program headers, starting at offset 64
> 
> Program Headers:
>   Type           Offset   VirtAddr           PhysAddr
> FileSiz  MemSiz   Flg Align
>   LOAD           0x000000 0x0000000000000000 0x0000000000000000
> 0x000968 0x000968 R E 0x8
>   DYNAMIC        0x0008a8 0x00000000000008a8 0x00000000000008a8
> 0x0000c0 0x0000c0 R   0x8
>   NOTE           0x000288 0x0000000000000288 0x0000000000000288
> 0x000074 0x000074 R   0x8
>   GNU_EH_FRAME   0x0008a4 0x00000000000008a4 0x00000000000008a4
> 0x000000 0x000000 R E 0x1

this is wrong because the abi specifically says properties
are in PT_GNU_PROPERTY, not in PT_NOTE.

so the original patch that removes them from notes is fine,
but ideally they should be readded under PT_GNU_PROPERTY.

(x86 needs it there too, but also needs it under PT_NOTE for
historical reasons. ideally the section would have been named
other than .note and was not marked as SHF_NOTE, because
properties are merged completely differently by the linker
than notes, so now linkers have to special case it by section
name. properties should have been designed like the
 .ARM.attributes section except that is not in a load segment
and thus has no runtime semantics while the key feature of
properties is the runtime semantics. however accessing the
program headers of the vdso is not trivial at runtime from
user code so dropping the properties might work too, but can
bite us in the future depending on how they evolve: the ld.so
can look at vdso program headers.)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ