lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220818135629.1113036-1-alexandr.lobakin@intel.com>
Date:   Thu, 18 Aug 2022 15:56:29 +0200
From:   Alexander Lobakin <alexandr.lobakin@...el.com>
To:     Greg KH <gregkh@...uxfoundation.org>
Cc:     Alexander Lobakin <alexandr.lobakin@...el.com>,
        linux-kernel@...r.kernel.org,
        Masahiro Yamada <masahiroy@...nel.org>,
        Michal Marek <michal.lkml@...kovi.net>,
        "Naveen N. Rao" <naveen.n.rao@...ux.ibm.com>,
        Anil S Keshavamurthy <anil.s.keshavamurthy@...el.com>,
        "David S. Miller" <davem@...emloft.net>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Josh Poimboeuf <jpoimboe@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Jiri Kosina <jikos@...nel.org>,
        Miroslav Benes <mbenes@...e.cz>,
        Petr Mladek <pmladek@...e.com>,
        Joe Lawrence <joe.lawrence@...hat.com>,
        linux-kbuild@...r.kernel.org, live-patching@...r.kernel.org,
        lkp@...el.com, stable@...r.kernel.org
Subject: Re: [RFC PATCH 3/3] kallsyms: add option to include relative filepaths into kallsyms

From: Greg KH <gregkh@...uxfoundation.org>
Date: Thu, 18 Aug 2022 14:23:43 +0200

> On Thu, Aug 18, 2022 at 01:53:06PM +0200, Alexander Lobakin wrote:
> > Currently, kallsyms kernel code copes with symbols with the same
> > name by indexing them according to their position in vmlinux and
> > requiring to provide an index of the desired symbol. This is not
> > really quite reliable and is fragile to any features performing
> > symbol or section manipulations such as FG-KASLR.
> 
> Ah, here's the reasoning, stuff like this should go into the 0/X message
> too, right?
> 
> Anyway, what is currently broken that requires this?  What will this
> make easier in the future?  What in the future will depend on this?

2) FG-KASLR will depend and probably some more crazy hardening
   stuff. And/or perf-based function/symbol placement, which is
   in the "discuss and dream sometimes" stage.

> 
> > So, in order to make kallsyms immune to object code modification
> 
> What do you mean by "object code modification"?

Yeah, probably not a good term. Anything that can change symbol
order in the decompressed kernel in the memory. As for FG-KASLR,
it shuffles functions on each boot randomly, so

> 
> Can that happen now?  What causes it?  What happens if it does happen?

So then, if e.g. we have two functions with the same name:

ffffffff81133700 t func (func one)
ffffffff81733100 t func (func two)

and they got reordered by FG-KASLR

ffffffffdeadbeef t func (func two)
ffffffffe0fffeed t func (func one)

and kallsyms table got reordered too.
So, utilities that rely on vmlinux and kallsyms, like probes,
livepatch etc. will have mismatch in "symbol positions" with the
kernel, so wrong symbols will be patched. So the code will get
broken.

> 
> And why are any of these being cc:ed to the stable mailing list?

I Cced stable in 1/3 and I don't like when someone receives only
some parts of a series, and not only me. So I usually collect all
addresses and make one Tos and Ccs for the whole stuff.

> 
> confused,
> 
> greg k-h

Thanks,
Olek

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ