| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMj1kXHQAQwcRFnhiFPySmMEruJPc1gSvWr-1ui-qaiNBV4ZNw@mail.gmail.com> Date: Fri, 4 Oct 2024 09:59:46 +0200 From: Ard Biesheuvel <ardb@...nel.org> To: Josh Poimboeuf <jpoimboe@...nel.org> Cc: x86@...nel.org, linux-kernel@...r.kernel.org, Peter Zijlstra <peterz@...radead.org> Subject: Re: [PATCH] objtool: Detect non-relocated text references On Fri, 4 Oct 2024 at 09:28, Josh Poimboeuf <jpoimboe@...nel.org> wrote: > > On Fri, Oct 04, 2024 at 08:54:16AM +0200, Ard Biesheuvel wrote: > > On Fri, 4 Oct 2024 at 02:31, Josh Poimboeuf <jpoimboe@...nel.org> wrote: > > > However there are some "lea xxx(%rip)" cases which don't use relocations > > > because they're referencing code in the same translation unit. > > > > input section > > "in the same translation unit and section" ? > Yeah, something like that. The point is really that the only way we might end up in this case is when the LEA offset is known at assembly time. > > > However if we enable -fpie, the compiler would start generating them and > > > there would definitely be bugs in the IBT sealing. > > > > > > > -fpie is guaranteed to break things, but even without it, Clang may > > issue RIP-relative LEA instructions (or LLD when it performs > > relaxations), so this is definitely worth addressing even if we don't > > enable -fpie. > > I haven't seen this with Clang either. Also, objtool runs before the > linker so LLD relaxations shouldn't matter. > Fair enough.
Powered by blists - more mailing lists