lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20231007100139.3501-1-tanyuan@tinylab.org>
Date:   Sat,  7 Oct 2023 18:01:39 +0800
From:   Yuan Tan <tanyuan@...ylab.org>
To:     falcon@...ylab.org
Cc:     arnd@...db.de, linux-kernel@...r.kernel.org,
        linux-mips@...r.kernel.org, linux-riscv@...ts.infradead.org,
        linux@...ssschuh.net, palmer@...osinc.com,
        paul.walmsley@...ive.com, paulburton@...nel.org,
        paulmck@...nel.org, tim.bird@...y.com, tsbogend@...ha.franken.de,
        w@....eu
Subject: Re: [PATCH v1 2/7] DCE/DSE: add unused syscalls elimination configure support

Hi Zhangjin,
 
> A minimal embedded Linux system may only has a very few of functions and
> only uses a minimal subset of the posix syscalls, the unused syscalls
> will never be used and eventually in a dead status, that also means disk
> storage and memory footprint waste.
> 
> Based on dead code elimination support, it is able to further eliminate
> the above dead or unused syscalls.
> 
> Firstly, both a new common CONFIG_TRIM_UNUSED_SYSCALLS option and a new
> architecture specific HAVE_TRIM_UNUSED_SYSCALLS are added to enable or
> disable such feature.
> 
> Secondly, a new CONFIG_USED_SYSCALLS option is added to allow configure
> the syscalls used in a target system. CONFIG_USED_SYSCALLS can be a list
> of the used syscalls or a file to store such a list.
> 
> Based on the above options, it is able to only reserve the used syscalls
> and let CONFIG_LD_DEAD_CODE_DATA_ELIMINATION trim the unused ones for us
> automatically.
> 
> Signed-off-by: Zhangjin Wu <falcon@...ylab.org>
> ---
>  init/Kconfig | 42 ++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 42 insertions(+)
> 
> diff --git a/init/Kconfig b/init/Kconfig
> index 4350d8ba7db4..aa648ce8bca1 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -1457,6 +1457,11 @@ config BPF
>  	bool
>  	select CRYPTO_LIB_SHA1
>  
> +config HAVE_TRIM_UNUSED_SYSCALLS
> +	bool
> +	depends on HAVE_LD_DEAD_CODE_DATA_ELIMINATION
> +	default n
> +
>  menuconfig EXPERT
>  	bool "Configure standard kernel features (expert users)"
>  	# Unhide debug options, to make the on-by-default options visible
> @@ -1683,6 +1688,43 @@ config MEMBARRIER
>  
>  	  If unsure, say Y.
>  
> +config TRIM_UNUSED_SYSCALLS
> +	bool "Trim unused syscalls (EXPERIMENTAL)" if EXPERT
> +	default n
> +	depends on HAVE_TRIM_UNUSED_SYSCALLS
> +	depends on HAVE_LD_DEAD_CODE_DATA_ELIMINATION
> +	select LD_DEAD_CODE_DATA_ELIMINATION
> +	help
> +	  Say Y here to trim all of the unused syscalls for a target system.

I think changing this sentence to "Say Y here to trim all of the unused
syscalls, excluding those defined in USED_SYSCALLS." would be clearer.

By the way, consider adding the three files syscall_table_used.c,
compat_syscall_table_used.c, and traps_used.c to the .gitignore file.

> +
> +	  Note, this is only for minimal embedded systems, please don't use it
> +	  for generic Linux distributions.
> +
> +	  If unsure, say N.
> +
> +config USED_SYSCALLS
> +	string "Configure used syscalls (EXPERIMENTAL)" if EXPERT
> +	depends on TRIM_UNUSED_SYSCALLS
> +	default ""
> +	help
> +	  This option allows to configure the syscalls used in a target system,
> +	  the unused ones will be disabled and trimmed by TRIM_UNUSED_SYSCALLS.
> +
> +	  The used syscalls should be listed one by one like this:
> +
> +	      write exit reboot
> +
> +	  Or put them into a file specified by this option, one syscall per
> +	  line is recommended for such a config file:
> +
> +	      write
> +	      exit
> +	      reboot
> +
> +	  Note, If keep this empty, all of the syscalls will be trimmed.
> +
> +	  If unsure, please disable TRIM_UNUSED_SYSCALLS.
> +
>  config KALLSYMS
>  	bool "Load all symbols for debugging/ksymoops" if EXPERT
>  	default y
> -- 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ