lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Aug 2022 13:53:03 +0200
From:   Alexander Lobakin <alexandr.lobakin@...el.com>
To:     linux-kernel@...r.kernel.org
Cc:     Masahiro Yamada <masahiroy@...nel.org>,
        Michal Marek <michal.lkml@...kovi.net>,
        "Naveen N. Rao" <naveen.n.rao@...ux.ibm.com>,
        Anil S Keshavamurthy <anil.s.keshavamurthy@...el.com>,
        "David S. Miller" <davem@...emloft.net>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Josh Poimboeuf <jpoimboe@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Jiri Kosina <jikos@...nel.org>,
        Miroslav Benes <mbenes@...e.cz>,
        Petr Mladek <pmladek@...e.com>,
        Joe Lawrence <joe.lawrence@...hat.com>,
        linux-kbuild@...r.kernel.org, live-patching@...r.kernel.org,
        lkp@...el.com, stable@...r.kernel.org,
        Alexander Lobakin <alexandr.lobakin@...el.com>
Subject: [RFC PATCH 0/3] kallsyms: add option to include relative filepaths into kallsyms

This is an early RFC to not rewrite stuff one more time later on if
the implementation is not acceptable or any major design changes are
required. For the TODO list, please scroll to the end.

Make kallsyms independent of symbols positions in vmlinux (or module)
by including relative filepath in each symbol's kallsyms value. I.e.

dev_gro_receive -> net/core/gro.c:dev_gro_receive

For the implementation details, please look at the patch 3/3.
Patch 2/3 is just a stub, I plan to reuse kallsyms enhancement from
the Rust series for it.
Patch 1/3 is a fix of one modpost macro straight from 2.6.12-rc2.

A nice side effect is that it's now easier to debug the kernel, as
stacktraces will now tell every call's place in the file tree:

[    0.733191] Call Trace:
[    0.733668]  <TASK>
[    0.733980]  lib/dump_stack.c:dump_stack_lvl+0x48/0x68
[    0.734689]  kernel/panic.c:panic+0xf8/0x2ae
[    0.735291]  init/do_mounts.c:mount_block_root+0x143/0x1ea
[    0.736046]  init/do_mounts.c:prepare_namespace+0x13f/0x16e
[    0.736798]  init/main.c:kernel_init_freeable+0x240/0x24f
[    0.737549]  ? init/main.c:rest_init+0xc0/0xc0
[    0.738171]  init/main.c:kernel_init+0x1a/0x140
[    0.738765]  arch/x86/entry/entry_64.S:ret_from_fork+0x1f/0x30
[    0.739529]  </TASK>

Here are some stats:

Despite running a small utility on each object file and a script on
each built-in.a plus one at the kallsyms generation process, it adds
only 3 seconds to the whole clean build time:

make -j$(($(nproc) + 1)) all compile_commands.json  19071.12s user 3481.97s system 4587% cpu 8:11.64 total
make -j$(($(nproc) + 1)) all compile_commands.json  19202.88s user 3598.80s system 4607% cpu 8:14.85 total

Compressed kallsyms become bigger by 1.4 Mbytes on x86_64 standard
distroconfig - 60% of the kallsyms and 2.4% of the decompressed
vmlinux in the memory:

ffffffff8259ab30 D kallsyms_offsets
ffffffff82624ed0 D kallsyms_relative_base
ffffffff82624ed8 D kallsyms_num_syms
ffffffff82624ee0 D kallsyms_names
ffffffff827e9c68 D kallsyms_markers
ffffffff827ea510 D kallsyms_token_table
ffffffff827ea8c0 D kallsyms_token_index
ffffffff827eaac0 d .LC1

->

ffffffff8259ac30 D kallsyms_offsets
ffffffff82624fb8 D kallsyms_relative_base
ffffffff82624fc0 D kallsyms_num_syms
ffffffff82624fc8 D kallsyms_names
ffffffff8294de50 D kallsyms_markers
ffffffff8294e6f8 D kallsyms_token_table
ffffffff8294eac8 D kallsyms_token_index
ffffffff8294ecc8 d .LC1

TODO:
 * ELF rel and MIPS relocation support (only rela currently, just
   to test on x86_64);
 * modules support. Currently, the kernel reuses standard ELF strtab
   for module kallsyms. My plan is to create a new section which will
   have the same symbol order as symtab, but point to new complete
   strings with filepaths, and use this section solely for kallsyms
   (leaving symtab alone);
 * LTO support (now relies on that object files are ELFs);
 * the actual kallsyms/livepatching/probes code which will use
   filepaths instead of indexes/positions.

Have fun!

Alexander Lobakin (3):
  modpost: fix TO_NATIVE() with expressions and consts
  [STUB] increase kallsyms length limit
  kallsyms: add option to include relative filepaths into kallsyms

 .gitignore                |   1 +
 Makefile                  |   2 +-
 include/linux/kallsyms.h  |   2 +-
 init/Kconfig              |  26 ++-
 kernel/livepatch/core.c   |   4 +-
 scripts/Makefile.build    |   7 +-
 scripts/Makefile.lib      |  10 +-
 scripts/Makefile.modfinal |   3 +-
 scripts/gen_sympaths.pl   | 270 ++++++++++++++++++++++++++
 scripts/kallsyms.c        |  89 +++++++--
 scripts/link-vmlinux.sh   |  14 +-
 scripts/mod/.gitignore    |   1 +
 scripts/mod/Makefile      |   9 +
 scripts/mod/modpost.h     |   7 +-
 scripts/mod/sympath.c     | 385 ++++++++++++++++++++++++++++++++++++++
 15 files changed, 796 insertions(+), 34 deletions(-)
 create mode 100755 scripts/gen_sympaths.pl
 create mode 100644 scripts/mod/sympath.c

-- 
2.37.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ