lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250425165448-f2ba7d6d-e54e-4f3e-ac14-5986bb1a74fc@linutronix.de>
Date: Fri, 25 Apr 2025 17:34:46 +0200
From: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
To: Jan Stancek <jstancek@...hat.com>
Cc: Andy Lutomirski <luto@...nel.org>, 
	Thomas Gleixner <tglx@...utronix.de>, Vincenzo Frascino <vincenzo.frascino@....com>, 
	Catalin Marinas <catalin.marinas@....com>, Will Deacon <will@...nel.org>, 
	Anna-Maria Behnsen <anna-maria@...utronix.de>, Frederic Weisbecker <frederic@...nel.org>, 
	Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, 
	Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>, 
	Madhavan Srinivasan <maddy@...ux.ibm.com>, Michael Ellerman <mpe@...erman.id.au>, 
	Nicholas Piggin <npiggin@...il.com>, Christophe Leroy <christophe.leroy@...roup.eu>, 
	Naveen N Rao <naveen@...nel.org>, Heiko Carstens <hca@...ux.ibm.com>, 
	Vasily Gorbik <gor@...ux.ibm.com>, Alexander Gordeev <agordeev@...ux.ibm.com>, 
	Christian Borntraeger <borntraeger@...ux.ibm.com>, Sven Schnelle <svens@...ux.ibm.com>, 
	Arnd Bergmann <arnd@...db.de>, linux-kernel@...r.kernel.org, 
	linux-arm-kernel@...ts.infradead.org, linuxppc-dev@...ts.ozlabs.org, linux-s390@...r.kernel.org, 
	linux-arch@...r.kernel.org, Nam Cao <namcao@...utronix.de>
Subject: Re: [PATCH 08/19] vdso/gettimeofday: Prepare do_hres_timens() for
 introduction of struct vdso_clock

On Fri, Apr 25, 2025 at 04:37:47PM +0200, Jan Stancek wrote:
> On Fri, Apr 25, 2025 at 03:40:55PM +0200, Thomas Weißschuh wrote:
> 
> <snip>
> 
> > 
> > Some more information:
> > 
> > The crash comes from the address arithmetic in "vc = &vc[CS_RAW]" going wrong.
> 
> That appears to be because it's not doing any arithmetic, but using value
> from some linker-generated symbol (I'll refer to it as "7a8").

The compiler emits a absolute relocation:


$ objdump -r --disassemble-all -z arch/arm64/kernel/vdso/vgettimeofday.o
...
Disassembly of section .text:

0000000000000000 <__kernel_clock_gettime>:
...
 29c:   d503201f        nop
 2a0:   00000000        udf     #0
                        2a0: R_AARCH64_ABS64    vdso_u_time_data+0x100e0
 2a4:   00000000        udf     #0


Which then gets resolved by the linker to the absolute address from the
symbol table.
As the vDSO is placed completely dynamically this can't work.
One central idea behind the vDSO is that the compiler will only ever generate
PC-relative relocations. To force this the symbols are marked as "hidden".
But apparently that assumption is not always true.

One way around would be to add an implementation of __arch_get_vdso_u_time_data()
to arch/arm64/include/asm/vdso/gettimeofday.h which mirrors the one from
arch/arm64/include/asm/vdso/compat_gettimeofday.h.
The generated code does look a lot better (to my untrained eye).

(Another workaround I stumbled upon was -fno-ipa-cp)

__arch_get_vdso_u_time_data() can also be simplifed with OPTIMIZER_HIDE_VAR().
I have been wondering before if this should be done in the generic vDSO code.

And on top of that we should validate at buildtime that no absolute relocations
sneak in.


Thomas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ