lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMj1kXFu=fABi+d=A5PL2yNx2b70toT9KtDfnvU=8mmUBHMutg@mail.gmail.com>
Date: Mon, 14 Oct 2024 19:43:52 +0200
From: Ard Biesheuvel <ardb@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Ard Biesheuvel <ardb+git@...gle.com>, linux-kernel@...r.kernel.org, 
	Masahiro Yamada <masahiroy@...nel.org>, Nathan Chancellor <nathan@...nel.org>, 
	Suren Baghdasaryan <surenb@...gle.com>, Kent Overstreet <kent.overstreet@...ux.dev>, 
	Arnd Bergmann <arnd@...db.de>, linux-arch@...r.kernel.org, linux-mm@...ck.org, 
	linux-kbuild@...r.kernel.org
Subject: Re: [PATCH 0/2] Use dot prefixes for section names

On Mon, 14 Oct 2024 at 19:29, Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
>
> On Mon, 14 Oct 2024 at 05:57, Ard Biesheuvel <ardb+git@...gle.com> wrote:
> >
> > Pre-existing code uses a dot prefix or double underscore to prefix ELF
> > section names. strip_relocs on x86 relies on this, and other out of tree
> > tools that mangle vmlinux (kexec or live patching) may rely on this as
> > well.
> >
> > So let's not deviate from this and use a dot prefix for runtime-const
> > and alloc_tags sections.
>
> I'm not following what the actual problem is. Yes, I see that you
> report that it results in section names like ".relaalloc_tags", but
> what's the actual _issue_ with that? It seems entirely harmless.
>
> In fact, when I was going the runtime sections, I was thinking how
> convenient it was for the linker to generate the start/stop symbols
> for us, and that we should perhaps *expand* on that pattern.
>
> So this seems a step backwards to me, with no real explanation of what
> the actual problem is.
>
> Yes, we have (two different) pre-existing patterns, but neither
> pattern seems to be an actual improvement.
>

We have this code in arch/x86/Makefile.postlink:

quiet_cmd_strip_relocs = RSTRIP  $@
      cmd_strip_relocs = \
        $(OBJCOPY) --remove-section='.rel.*' --remove-section='.rel__*' \
                   --remove-section='.rela.*' --remove-section='.rela__*' $@

Of course, that could easily be fixed, I was just being cautious in
case there is other, out-of-tree tooling for live patch or kexec etc
that has similar assumptions wrt section names.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ