lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 5 Nov 2023 13:35:11 -0800
From:   Fangrui Song <i@...kray.me>
To:     Yuan Tan <tanyuan@...ylab.org>
Cc:     falcon@...ylab.org, arnd@...db.de, linux-kernel@...r.kernel.org,
        linux-mips@...r.kernel.org, linux-riscv@...ts.infradead.org,
        luc.vanoostenryck@...il.com, linux-sparse@...r.kernel.org,
        linux@...ssschuh.net, palmer@...osinc.com,
        paul.walmsley@...ive.com, paulburton@...nel.org,
        paulmck@...nel.org, tim.bird@...y.com, tsbogend@...ha.franken.de,
        w@....eu
Subject: Re: [PATCH v1 08/14] DCE/DSE: add choice of methods to build
 reference for orphan sections

On Fri, Nov 3, 2023 at 9:01 AM Yuan Tan <tanyuan@...ylab.org> wrote:
>
> Due to .pushsection producing orphan sections, the kernel currently uses
> `KEEP()` in the linker script to address this issue.
>
> Here we purpose two methods to build reference for pushed section,
> SHF_LINK_ORDER method and SECTION_SHF_GROUP method.
>
> The binary files compiled using both methods turn out to be identical,
> and it doesn't produce any side effects.
>
> Signed-off-by: Yuan Tan <tanyuan@...ylab.org>
> Signed-off-by: Zhangjin Wu <falcon@...ylab.org>
> ---
>  init/Kconfig | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 50 insertions(+)
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 9834dbb0ddae..9599d2de44e8 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -1740,6 +1740,56 @@ config USED_SYSCALLS
>
>           If unsure, please disable TRIM_UNUSED_SYSCALLS.
>
> +choice
> +       prompt "Trim methods" if EXPERT
> +       default RESTRICTED_TRIM_UNUSED_SYSCALLS
> +       depends on TRIM_UNUSED_SYSCALLS
> +       help
> +         This option selects the method to trim unused syscall wrongly kept.
> +
> +         The binary files compiled using both methods are identical.
> +
> +         If the trim methods is not specified, some syscalls are kept by
> +         linker script and can not be trimmed.
> +
> +config RESTRICTED_TRIM_UNUSED_SYSCALLS
> +       bool "Leave some kept syscalls (EXPERIMENTAL)" if EXPERT
> +       help
> +         Say Y here to trim 'unused' syscalls wrongly kept by __ex_table
> +         like sections in kernel space.
> +
> +         Some syscalls are kept by linker script and can not be trimmed.
> +
> +         If unsure, choose this.
> +
> +config SECTION_SHF_LINK_ORDER_SUPPORT
> +       bool "Using SHF_LINK_ORDER attribute (EXPERIMENTAL)" if EXPERT
> +       depends on HAVE_SECTION_SHF_LINK_ORDER_SUPPORT
> +       help
> +         Say Y here to trim more 'unused' syscalls wrongly kept by __ex_table
> +         like sections in kernel space.

SHF_LINK_ORDER can be used for other metadata sections. The help
message reads as that __ex_table is the only use case.
It can be rephrased to us __ex_table as an example.

> +         This option uses the SHF_LINK_ORDER attribute to build references for
> +         orphan sections. Therefore, these sections are no longer kept in the
> +         linker script.

https://sourceware.org/binutils/docs/ld/Orphan-Sections.html
"Orphan sections are sections present in the input files which are not
explicitly placed into the output file by the linker script."

If the linker script still references the relevant sections, they are
not orphan.
I think it's best to focus on the semantics (metadata sections),
rather than the linker input property (orphan).

Suggest:

This option allows the use of SHF_LINK_ORDER to mark a metadata
section as discardable when the linker discards its referenced
section.
The linker semantics require that the metadata section is not
referenced by any other section.

> +         If unsure, not choose this.
> +


> +config SECTION_SHF_GROUP_SUPPORT
> +       bool "Using SHF_GROUP attribute (EXPERIMENTAL)" if EXPERT
> +       depends on HAVE_SECTION_SHF_GROUP_SUPPORT
> +       help
> +         Say Y here to trim more 'unused' syscalls wrongly kept by __ex_table
> +         like sections in kernel space.
> +
> +         This option uses the SHF_GROUP attribute to build references for
> +         orphan sections. Therefore, these sections are no longer kept in the
> +         linker script.
> +
> +         If unsure, not choose this.
> +
> +endchoice
> +

SHF_GROUP has size overhead in relocatable object files. If
SHF_LINK_ORDER works for __extable, I suggest that we postpone
SECTION_SHF_GROUP_SUPPORT until it is absolutely needed.

As I mentioned in a binutils thread, .attach_to_group is not supported
by LLVM integrated assembler and it could be tricky to implement.
The toolchain requirement (2020) is no better than SHF_LINK_ORDER.

>  config KALLSYMS
>         bool "Load all symbols for debugging/ksymoops" if EXPERT
>         default y
> --
> 2.34.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ