lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMj1kXGtruDm81Yor8hrOnSj7-J1vKKB1c-H0ZAtyMG_mZgWMg@mail.gmail.com>
Date: Mon, 14 Oct 2024 20:19:32 +0200
From: Ard Biesheuvel <ardb@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>, Josh Poimboeuf <jpoimboe@...nel.org>, 
	Jiri Kosina <jikos@...nel.org>, Miroslav Benes <mbenes@...e.cz>, Petr Mladek <pmladek@...e.com>
Cc: Ard Biesheuvel <ardb+git@...gle.com>, linux-kernel@...r.kernel.org, 
	Masahiro Yamada <masahiroy@...nel.org>, Nathan Chancellor <nathan@...nel.org>, 
	Suren Baghdasaryan <surenb@...gle.com>, Kent Overstreet <kent.overstreet@...ux.dev>, 
	Arnd Bergmann <arnd@...db.de>, linux-arch@...r.kernel.org, linux-mm@...ck.org, 
	linux-kbuild@...r.kernel.org
Subject: Re: [PATCH 0/2] Use dot prefixes for section names

On Mon, 14 Oct 2024 at 20:10, Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
>
> On Mon, 14 Oct 2024 at 10:44, Ard Biesheuvel <ardb@...nel.org> wrote:
> >
> > We have this code in arch/x86/Makefile.postlink:
> >
> > quiet_cmd_strip_relocs = RSTRIP  $@
> >       cmd_strip_relocs = \
> >         $(OBJCOPY) --remove-section='.rel.*' --remove-section='.rel__*' \
> >                    --remove-section='.rela.*' --remove-section='.rela__*' $@
> >
> > Of course, that could easily be fixed, I was just being cautious in
> > case there is other, out-of-tree tooling for live patch or kexec etc
> > that has similar assumptions wrt section names.
>
> I'd actually much rather just make strip_relocs not have that "." and
> "__" pattern at all, and just say "we strip all sections that start
> with '.rel'".
>
> And then we make the rule that we do *not* create sections named ".rel*".
>
> That seems like a much simpler rule, and would seem to simplify
> strip_relocs too, which would just become
>
>         $(OBJCOPY) --remove-section='.rel*' $@
>
> (We seem to have three different copies of that complex pattern with
> .rel vs .rela and "." vs "__" - it's in s390, riscv, and x86. So we'd
> do that simplification in three places)
>
> IOW, I'd much rather make our section rules simpler rather than more complex.
>
> Of course, if there is some active and acute problem report with this
> thing, we might not have that option, but in the absence of any
> *known* issue with just simplifying things, I'd rather do that.
>

I don't disagree with any of this. CC'ing folks working on live patch
in case they have any insights.

Full thread here:
https://lore.kernel.org/all/20241014125703.2287936-4-ardb+git@google.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ