| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMj1kXGAEc92TfEO-i+9SAmsso-NqqX1HbqFf49CC-QbOmpT1w@mail.gmail.com> Date: Tue, 31 Dec 2024 11:12:55 +0100 From: Ard Biesheuvel <ardb@...nel.org> To: Borislav Petkov <bp@...en8.de> Cc: Ard Biesheuvel <ardb+git@...gle.com>, linux-kernel@...r.kernel.org, x86@...nel.org, Tom Lendacky <thomas.lendacky@....com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>, Andy Lutomirski <luto@...nel.org>, Arnd Bergmann <arnd@...db.de>, Kees Cook <keescook@...omium.org>, Brian Gerst <brgerst@...il.com>, Kevin Loughlin <kevinloughlin@...gle.com>, linux-toolchains@...r.kernel.org Subject: Re: [PATCH v4 0/7] x86: Rid .head.text of all abs references On Tue, 31 Dec 2024 at 11:02, Borislav Petkov <bp@...en8.de> wrote: > > + linux-toolchains. > > Hi Ard, > > On Thu, Dec 05, 2024 at 12:28:05PM +0100, Ard Biesheuvel wrote: > > From: Ard Biesheuvel <ardb@...nel.org> > > > > This series removes the last remaining absolute symbol references from > > .head.text. Doing so is necessary because code in this section may be > > called from a 1:1 mapping of memory, which deviates from the mapping > > this code was linked and/or relocated to run at. This is not something > > that the toolchains support: even PIC/PIE code is still assumed to > > execute from the same mapping that it was relocated to run from by the > > startup code or dynamic loader. This means we are basically on our own > > here, and need to add measures to ensure the code works as expected in > > this manner. > > > > Given that the startup code needs to create the kernel virtual mapping > > in the page tables, early references to some kernel virtual addresses > > are valid even if they cannot be dereferenced yet. To avoid having to > > make this distinction at build time, patches #2 and #3 replace such > > valid references with RIP-relative references with an offset applied. > > > > Patch #1 removes some absolute references from .head.text that don't > > need to be there in the first place. > > dunno if you've seen this already and maybe it is not related but the error > message said ".head.text"... > > Absolute reference to symbol '.data' not permitted in .head.text > make[3]: *** [arch/x86/Makefile.postlink:32: vmlinux] Error 1 > make[2]: *** [scripts/Makefile.vmlinux:77: vmlinux] Error 2 > make[2]: *** Deleting file 'vmlinux' > make[1]: *** [/home/amd/bpetkov/kernel/linux/Makefile:1225: vmlinux] Error 2 > make[1]: *** Waiting for unfinished jobs.... > make: *** [Makefile:251: __sub-make] Error 2 > > That's an allmodconfig with > > Ubuntu clang version 14.0.0-1ubuntu1.1 > Target: x86_64-pc-linux-gnu > Thread model: posix > InstalledDir: /usr/bin > This is definitely related, and likely means the new code is working as expected, and flagging an absolute reference emitted by, e.g., one of the sanitizers that will blow up if it ever gets dereferenced. I'll look into this asap, i.e., in a couple of days.
Powered by blists - more mailing lists