lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20240507032400.gxorrjm3q7mg5cac@treble>
Date: Mon, 6 May 2024 20:24:00 -0700
From: Josh Poimboeuf <jpoimboe@...nel.org>
To: Kees Cook <keescook@...omium.org>
Cc: Peter Zijlstra <peterz@...radead.org>, linux-kernel@...r.kernel.org,
	linux-hardening@...r.kernel.org
Subject: Re: [PATCH v2] objtool: Report section name in
 elf_init_reloc_text_sym() warning

On Mon, May 06, 2024 at 08:55:54AM -0700, Kees Cook wrote:
> While tracking down issues with LKDTM's .rodata "function", I found
> the warning from elf_init_reloc_text_sym() to be unhelpful because it
> wasn't clear which calling path it was coming from. Report the sec->name
> and rephrase the warning a bit. Additionally check for NULL sym->name,
> which may happen.

Hm, as far as I know sym->name shouldn't ever be NULL.

Though, looking at this code again I'm realizing that 'sym' could be
NULL because it refers to the symbol for the function's *section* rather
than for the function itself.  And sometimes the toolchain doesn't
generate symbols for some sections, if they're not referenced anywhere.
(Note the code immediately below your patch actually makes a section
symbol if it doesn't exist.)

But also, this warning doesn't even need the section's symbol.  It can
just get the name from the section directly (insn_sec->name).  And it
would probably also be useful to print the offset (insn_off), like
".rodata+0x1234".

Though, even better, we have an offstr() helper which can pretty-print
the name of the function or variable, if one exists at that address.

tl;dr, does the following work?

		WARN("%s: unexpected reference to non-executable '%s'",
		     sec->name, offstr(insn_sec, insn_off));

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ