lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Mon, 7 Jun 2021 01:18:08 -0500
From:   Grzegorz Zdanowski <grzegorz129@...il.com>
To:     linux-kernel@...r.kernel.org, kernel-packagers@...r.kernel.org
Subject: [BUG?] scripts/extract-vmlinux doesn't produce correct images

Hello!

To avoid a XY problem, I will say upfront that I want to:
 1. unpack the x86_64 bzImage
 2. byte-patch it (as the full source is not available)
 3. recompress it back to bzImage to use w/GRUB

Neither the script, commit message
(#09d481270d445d98342d8ab872f05491b6d23f8b) nor LKML thread where the
script was discussed (https://lkml.org/lkml/2011/8/4/168) specified
which "vmlinux" is extracted. I compiled the kernel and ran some tests
after painstakingly analyzing Makefiles.
It looks like "scripts/extract-vmlinux arch/x86/boot/bzImage" extracts
an equivalent of arch/x86/boot/compressed/vmlinux.bin:
# file arch/x86/boot/compressed/vmlinux.bin test-extract
arch/x86/boot/compressed/vmlinux.bin: ELF 64-bit LSB executable,
x86-64, version 1 (SYSV), statically linked,
BuildID[sha1]=2cc29c8d102d8dac8a4cd29539f4364a334f88fd, stripped
test-extract:                         ELF 64-bit LSB executable,
x86-64, version 1 (SYSV), statically linked,
BuildID[sha1]=2cc29c8d102d8dac8a4cd29539f4364a334f88fd, stripped


However the extracted file doesn't match any other file I was able to
find analyzing compilation process. Even with the size of
vmlinux.relocs it will be significantly off.
# ls -1s ... | sort
  11144 arch/x86/boot/compressed/vmlinux.bin.lz4
  11148 arch/x86/boot/compressed/piggy.o
  11200 arch/x86/boot/vmlinux.bin
  11212 arch/x86/boot/compressed/vmlinux
  11416 arch/x86/boot/bzImage
  35752 arch/x86/boot/compressed/vmlinux.bin
  43968 test-extract
      4 arch/x86/boot/compressed/piggy.S
 760924 vmlinux


1. Did I found a problem with extract-vmlinux, or is that script
extracting something else?
2. Is there any other way to binary patch a kernel where only the
bzImage is available?

Apologies if my questions are very basic, I'm just dipping my toes in
the kernel space.

--
Grzegorz "Greg" Zdanowski

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ