| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bef8875c-a7c1-4ae2-abc4-ce279e9d4778@arm.com>
Date: Sat, 12 Jul 2025 13:49:59 -0500
From: Jeremy Linton <jeremy.linton@....com>
To: Masahiro Yamada <masahiroy@...nel.org>
Cc: linux-kbuild@...r.kernel.org, nathan@...nel.org,
nicolas.schier@...ux.dev, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/1] scripts: add zboot support to extract-vmlinux
Hi,
On 7/12/25 10:47 AM, Masahiro Yamada wrote:
> On Sat, Jul 12, 2025 at 1:26 AM Jeremy Linton <jeremy.linton@....com> wrote:
>>
>> Zboot compressed kernel images are used for arm64 kernels on various
>> distros.
>>
>> extract-vmlinux fails with those kernels because the wrapped image is
>> another PE. While this could be a bit confusing, the tools primary
>> purpose of unwrapping and decompressing the contained kernel image
>> makes it the obvious place for this functionality.
>>
>> Add a 'file' check in check_vmlinux() that detects a contained PE
>> image before trying readelf. Recent (FILES_39, Jun/2020) file
>> implementations output something like:
>>
>> "Linux kernel ARM64 boot executable Image, little-endian, 4K pages"
>>
>> Which is also a stronger statement than readelf provides so drop that
>> part of the comment. At the same time this means that kernel images
>> which don't appear to contain a compressed image will be returned
>> rather than reporting an error. Which matches the behavior for
>> existing ELF files.
>>
>> The extracted PE image can then be inspected, or used as would any
>> other kernel PE.
>>
>> Signed-off-by: Jeremy Linton <jeremy.linton@....com>
>> ---
>> scripts/extract-vmlinux | 13 ++++++-------
>> 1 file changed, 6 insertions(+), 7 deletions(-)
>>
>> diff --git a/scripts/extract-vmlinux b/scripts/extract-vmlinux
>> index 8995cd304e6e..049bab337f0e 100755
>> --- a/scripts/extract-vmlinux
>> +++ b/scripts/extract-vmlinux
>> @@ -12,13 +12,12 @@
>>
>> check_vmlinux()
>> {
>> - # Use readelf to check if it's a valid ELF
>> - # TODO: find a better to way to check that it's really vmlinux
>> - # and not just an elf
>> - readelf -h $1 > /dev/null 2>&1 || return 1
>> -
>> - cat $1
>> - exit 0
>> + if file "$1" | grep -q 'Linux kernel.*boot executable' \
>
> Sorry for my nit-picking, but I'd like to get rid of this back-slash
> by breaking the line _after_ the OR operator, not before.
>
> That is,
>
>
> if command1 ||
> command2
> then
> ...
> fi
>
>
> rather than
>
> if command1 \
> || command2
> then
> ...
> fi
Moving the || is no problem, but I am/was under the impression that
implicit line continuation is a posix shell gray area? Particularly when
its outside of an explicit compound statement. This AFAIK was one of the
things bash clarifed.
>
>> + || readelf -h "$1" > /dev/null 2>&1
>> + then
>> + cat "$1"
>> + exit 0
>> + fi
>> }
>>
>> try_decompress()
>> --
>> 2.50.1
>>
>
>
Powered by blists - more mailing lists