| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241004082029.GG18071@noisy.programming.kicks-ass.net> Date: Fri, 4 Oct 2024 10:20:29 +0200 From: Peter Zijlstra <peterz@...radead.org> To: Josh Poimboeuf <jpoimboe@...nel.org> Cc: Ard Biesheuvel <ardb@...nel.org>, x86@...nel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] objtool: Detect non-relocated text references On Fri, Oct 04, 2024 at 12:28:47AM -0700, Josh Poimboeuf wrote: > On Fri, Oct 04, 2024 at 08:54:16AM +0200, Ard Biesheuvel wrote: > > On Fri, 4 Oct 2024 at 02:31, Josh Poimboeuf <jpoimboe@...nel.org> wrote: > > > However there are some "lea xxx(%rip)" cases which don't use relocations > > > because they're referencing code in the same translation unit. > > > > input section > > "in the same translation unit and section" ? > > > > However if we enable -fpie, the compiler would start generating them and > > > there would definitely be bugs in the IBT sealing. > > > > > > > -fpie is guaranteed to break things, but even without it, Clang may > > issue RIP-relative LEA instructions (or LLD when it performs > > relaxations), so this is definitely worth addressing even if we don't > > enable -fpie. > > I haven't seen this with Clang either. Also, objtool runs before the > linker so LLD relaxations shouldn't matter. LTO might have a few more cases, the input sections are bigger there. But even there we run before the final link stage.
Powered by blists - more mailing lists