| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Jan 2023 09:34:44 -0800
From: Namhyung Kim <namhyung@...nel.org>
To: Adrian Hunter <adrian.hunter@...el.com>
Cc: Arnaldo Carvalho de Melo <acme@...nel.org>,
Jiri Olsa <jolsa@...hat.com>, Ian Rogers <irogers@...gle.com>,
linux-kernel@...r.kernel.org, linux-perf-users@...r.kernel.org
Subject: Re: [PATCH 2/9] perf symbols: Add support for x86 .plt.sec
Hi Adrian,
On Fri, Jan 27, 2023 at 9:02 AM Adrian Hunter <adrian.hunter@...el.com> wrote:
>
> The section .plt.sec was originally added for MPX and was first called
> .plt.bnd. While MPX has been deprecated, .plt.sec is now also used for IBT.
> On x86_64, IBT seems to be enabled by default, but can be switched off
> using gcc option -fcf-protection=none. On 32-bit, option -z ibt will
> enable IBT.
>
> With .plt.sec, calls are made into .plt.sec instead of .plt, so it
> makes more sense to put the symbols there instead of .plt. A notable
> difference is that .plt.sec does not have a header entry.
>
> For x86, when synthesizing symbols for plt, use offset and entry size of
> .plt.sec instead of .plt when there is a .plt.sec section.
>
> Example on Ubuntu 22.04 gcc 11.3:
>
> Before:
>
> $ cat tstpltlib.c
> void fn1(void) {}
> void fn2(void) {}
> void fn3(void) {}
> void fn4(void) {}
> $ cat tstplt.c
> void fn1(void);
> void fn2(void);
> void fn3(void);
> void fn4(void);
>
> int main()
> {
> fn4();
> fn1();
> fn2();
> fn3();
> return 0;
> }
> $ gcc --version
> gcc (Ubuntu 11.3.0-1ubuntu1~22.04) 11.3.0
> Copyright (C) 2021 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
> $ gcc -Wall -Wextra -shared -o libtstpltlib.so tstpltlib.c
> $ gcc -Wall -Wextra -o tstplt tstplt.c -L . -ltstpltlib -Wl,-rpath=$(pwd)
> $ readelf -SW tstplt | grep 'plt\|Name'
> [Nr] Name Type Address Off Size ES Flg Lk Inf Al
> [11] .rela.plt RELA 0000000000000698 000698 000060 18 AI 6 24 8
> [13] .plt PROGBITS 0000000000001020 001020 000050 10 AX 0 0 16
> [14] .plt.got PROGBITS 0000000000001070 001070 000010 10 AX 0 0 16
> [15] .plt.sec PROGBITS 0000000000001080 001080 000040 10 AX 0 0 16
On my machine, it's not enabled by default. And it doesn't create .plt.sec
even if I pass -fcf-protection=full option.
$ gcc --version
gcc (Debian 12.2.0-10) 12.2.0
Copyright (C) 2022 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
$ gcc -Wall -Wextra -shared -fcf-protection=full -o libtstplt.so tstpltlib.c
$ gcc -Wall -Wextra -fcf-protection=full -o tstplt tstplt.c -L.
-ltstpltlib -Wl,-rpath,$(pwd)
$ readelf -SW tstplt | grep 'plt\|Name'
[Nr] Name Type Address Off Size
ES Flg Lk Inf Al
[11] .rela.plt RELA 0000000000000688 000688
000060 18 AI 6 24 8
[13] .plt PROGBITS 0000000000001020 001020
000050 10 AX 0 0 16
[14] .plt.got PROGBITS 0000000000001070 001070
000008 08 AX 0 0 8
[24] .got.plt PROGBITS 0000000000003fe8 002fe8
000038 08 WA 0 0 8
Thanks,
Namhyung
Powered by blists - more mailing lists