| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Feb 2022 10:10:00 -0800
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Alexander Lobakin <alexandr.lobakin@...el.com>
Cc: Fāng-ruì Sòng <maskray@...gle.com>,
linux-hardening@...r.kernel.org, x86@...nel.org,
Borislav Petkov <bp@...en8.de>,
Jesse Brandeburg <jesse.brandeburg@...el.com>,
Kristen Carlson Accardi <kristen@...ux.intel.com>,
Kees Cook <keescook@...omium.org>,
Miklos Szeredi <miklos@...redi.hu>,
Ard Biesheuvel <ardb@...nel.org>,
Tony Luck <tony.luck@...el.com>,
Bruce Schlobohm <bruce.schlobohm@...el.com>,
Jessica Yu <jeyu@...nel.org>,
kernel test robot <lkp@...el.com>,
Miroslav Benes <mbenes@...e.cz>,
Evgenii Shatokhin <eshatokhin@...tuozzo.com>,
Jonathan Corbet <corbet@....net>,
Masahiro Yamada <masahiroy@...nel.org>,
Michal Marek <michal.lkml@...kovi.net>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>,
Thomas Gleixner <tglx@...utronix.de>,
Will Deacon <will@...nel.org>, Ingo Molnar <mingo@...hat.com>,
Christoph Hellwig <hch@....de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
"H. Peter Anvin" <hpa@...or.com>,
Andy Lutomirski <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Arnd Bergmann <arnd@...db.de>,
Nathan Chancellor <nathan@...nel.org>,
Masami Hiramatsu <mhiramat@...nel.org>,
Marios Pomonis <pomonis@...gle.com>,
Sami Tolvanen <samitolvanen@...gle.com>,
"H.J. Lu" <hjl.tools@...il.com>, Nicolas Pitre <nico@...xnic.net>,
linux-kernel@...r.kernel.org, linux-kbuild@...r.kernel.org,
linux-arch@...r.kernel.org, live-patching@...r.kernel.org,
llvm@...ts.linux.dev
Subject: Re: [PATCH v10 02/15] livepatch: avoid position-based search if `-z
unique-symbol` is available
On Mon, Feb 14, 2022 at 01:24:33PM +0100, Alexander Lobakin wrote:
> > One idea I mentioned before, it may be worth exploring changing the "F"
> > in FGKASLR to "File" instead of "Function". In other words, only
> > shuffle at an object-file granularity. Then, even with duplicates, the
> > <file+function> symbol pair doesn't change in the symbol table. And as
> > a bonus, it should help FGKASLR i-cache performance, significantly.
>
> Yeah, I keep that in mind. However, this wouldn't solve the
> duplicate static function names problem, right?
> Let's say you have a static function f() in file1 and f() in file2,
> then the layout each boot can be
>
> .text.file1 or .text.file2
> f() f()
> .text.file2 .text.file1
> f() f()
>
> and position-based search won't work anyway, right?
Right, so we'd have to abandon position-based search in favor of
file+func based search.
It's not perfect because there are still a few file+func duplicates.
But it might be good enough. We would presumably just refuse to patch a
duplicate. Or we could remove them (and enforce their continued removal
with tooling-based warnings).
Another variant of this which I described here
https://lore.kernel.org/all/20210125172124.awabevkpvq4poqxf@treble/
would be to keep it function-granular, but have kallsyms keep track of
what file each func belongs to. Then livepatch could still do the
file+func based search.
--
Josh
Powered by blists - more mailing lists