lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Yuzl64bME7GUWo10@zn.tnic>
Date:   Fri, 5 Aug 2022 11:42:03 +0200
From:   Borislav Petkov <bp@...e.de>
To:     Can Sun <cansun@...sta.com>
Cc:     Kevin Mitchell <kevmitch@...sta.com>,
        Ivan Delalande <colona@...sta.com>,
        weidonghui <weidonghui@...winnertech.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] scripts/decodecode: add the ability to find code sequence

On Thu, Aug 04, 2022 at 04:46:16PM -0500, Can Sun wrote:
>  It adds a tool to search code sequence from vmlinux. If additional
>  parameters (vmlinux and kernel build path) are provided to decodecode
>  command, it will try to search the code sequence in the binary, and
>  provide a code block surrounding the target.

The use case being?

objdump -d vmlinux and searching for the rIP is too much typing?

Besides, with the kernel being more and more runtime-patched and
rewritten, the live code differs more and more from the actual compiled
opcode bytes in vmlinux, as you noticed yourself with restoredcode
below.

So maybe I'm missing some important use case but right now this looks
pointless to me.

Thx.

-- 
Regards/Gruss,
    Boris.

SUSE Software Solutions Germany GmbH
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman
(HRB 36809, AG Nürnberg)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ