| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y39lwk3itVnsADrP@zn.tnic>
Date: Thu, 24 Nov 2022 13:38:26 +0100
From: Borislav Petkov <bp@...en8.de>
To: Petr Pavlu <petr.pavlu@...e.com>
Cc: tglx@...utronix.de, mingo@...hat.com, dave.hansen@...ux.intel.com,
x86@...nel.org, hpa@...or.com, nicolas@...sle.eu,
masahiroy@...nel.org, kirill.shutemov@...ux.intel.com,
tony.luck@...el.com, michael.roth@....com, nathan@...nel.org,
ndesaulniers@...gle.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] x86: Avoid relocation information in final vmlinux
On Thu, Nov 24, 2022 at 10:21:33AM +0100, Petr Pavlu wrote:
> Option CONFIG_RANDOMIZE_BASE=y needs to be enabled. Switching it on should
> automatically select also CONFIG_X86_NEED_RELOCS=y which is what actually
> enables use of --emit-relocs in arch/x86/Makefile.
Yeah, as I said in my previous mail:
"and before and after .configs simply have RANDOMIZE_BASE =n and =y,
respectively."
I just did it again to make sure:
-rwxr-xr-x 1 boris boris 377666112 Nov 24 13:28 vmlinux.before
-rwxr-xr-x 1 boris boris 377718768 Nov 24 13:33 vmlinux.after
With
$ grep -E "(NEED_RELOCS|RANDOMIZE)" .config
CONFIG_RANDOMIZE_BASE=y
CONFIG_X86_NEED_RELOCS=y
CONFIG_RANDOMIZE_MEMORY=y
CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0x0
CONFIG_ARCH_HAS_ELF_RANDOMIZE=y
CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET=y
CONFIG_RANDOMIZE_KSTACK_OFFSET=y
that second vmlinux file is even a bit larger (~51K) ...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists