| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 Jan 2023 22:44:09 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Ard Biesheuvel <ardb@...nel.org>,
Guenter Roeck <linux@...ck-us.net>,
"Jason A. Donenfeld" <Jason@...c4.com>,
Yoshinori Sato <ysato@...rs.sourceforge.jp>,
Rich Felker <dalias@...c.org>, Arnd Bergmann <arnd@...db.de>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Palmer Dabbelt <palmer@...osinc.com>
Subject: Re: Linux 6.2-rc2
On Wed, Jan 4, 2023 at 3:34 AM Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
>
> On Tue, Jan 3, 2023 at 2:59 AM Ard Biesheuvel <ardb@...nel.org> wrote:
> >
> > The purpose of this change is to prevent .note.GNU-stack from deciding
> > the section type of the .notes output section, and so keeping it in
> > its own section should be sufficient. E.g.,
> >
> > - /DISCARD/ : { *(.note.GNU-stack) } \
> > + .note.GNU-stack : { *(.note.GNU-stack) } \
>
> This seems to work for everybody, so let's go with this. Masahiro?
>
> Linus
Sorry for the delay, I completely missed this thread.
Tested-by: Masahiro Yamada <masahiroy@...nel.org>
It works for me, but the comment block above should be
changed accordingly, for example:
/*
- * Discard .note.GNU-stack, which is emitted as PROGBITS by the compiler.
+ * Separte note.GNU-stack, which is emitted as PROGBITS by the compiler.
* Otherwise, the type of .notes section would become PROGBITS
instead of NOTES.
*/
This change, however, leaves an empty .note.GNU-stack section in vmlinux.
I personally prefer discarding .note.GNU-stack entirely because
GNU linker does not leave empty .note.GNU-stack when linking
user-space programs.
Because I did not notice the discussion was happening in this thread,
I submitted a different approach for fixing s390, and it was quickly merged:
https://lore.kernel.org/lkml/20230105031306.1455409-1-masahiroy@kernel.org/
This approach requires RUNTIME_DISCARD_EXIT for each architecture, though.
I do not know how Michael will fix powerpc.
While I was looking into this issue,
I noticed the real issue is,
how to discard sections is up to arch maintainers.
[1] Most architectures discard .exit.* sections at run-time.
Just run
git grep EXIT_TEXT
or
find . -name vmlinux.lds.S | xargs grep "at runtime"
[2] If .exit.* is allocated, then later discarded, it is kept.
(the first occurrence wins, in other words,
the sections defined in /DISCARD/ are not necessarily discarded)
[3] Despite the fact of [1], many architectures forget to
define RUNTIME_DISCARD_EXIT.
They still work because they put DISCARD
at the end of their linker scripts.
[4] arm64 puts DISCARD at the beginning of the linker
script, and defines RUNTIME_DISCARD_EXIT because otherwise
.exit* are discarded due to the "first wins" rule.
[5] If we really want to discard more sections, we often end
up with moving DISCARD up, and at this point, we realize
that RUNTIME_DISCARD_EXIT is missing.
I think it is unreadable (and fragile)
to keep/discard sections depending on the particular
order in the linker scripts.
Is there any better approach to make sure to discard
sections defined in DISCARDS?
--
Best Regards
Masahiro Yamada
Powered by blists - more mailing lists