lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 5 Jul 2021 22:41:22 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Toke Høiland-Jørgensen <toke@...hat.com>,
        Andrii Nakryiko <andrii@...nel.org>
Cc:     bpf@...r.kernel.org, netdev@...r.kernel.org, yhs@...com
Subject: Re: [PATCH bpf-next] libbpf: ignore .eh_frame sections when parsing
 elf files

On 7/5/21 12:33 PM, Toke Høiland-Jørgensen wrote:
> Daniel Borkmann <daniel@...earbox.net> writes:
>> On 6/29/21 1:09 PM, Toke Høiland-Jørgensen wrote:
>>> The .eh_frame and .rel.eh_frame sections will be present in BPF object
>>> files when compiled using a multi-stage compile pipe like in samples/bpf.
>>> This produces errors when loading such a file with libbpf. While the errors
>>> are technically harmless, they look odd and confuse users. So add .eh_frame
>>> sections to is_sec_name_dwarf() so they will also be ignored by libbpf
>>> processing. This gets rid of output like this from samples/bpf:
>>>
>>> libbpf: elf: skipping unrecognized data section(32) .eh_frame
>>> libbpf: elf: skipping relo section(33) .rel.eh_frame for section(32) .eh_frame
>>>
>>> Signed-off-by: Toke Høiland-Jørgensen <toke@...hat.com>
>>
>> For the samples/bpf case, could we instead just add a -fno-asynchronous-unwind-tables
>> to clang as cflags to avoid .eh_frame generation in the first place?
> 
> Ah, great suggestion! Was trying, but failed, to figure out how to do
> that. Just tested it, and yeah, that does fix samples; will send a
> separate patch to add that.

Sounds good, just applied.

> I still think filtering this section name in libbpf is worthwhile,
> though, as the error message is really just noise... WDYT?

No strong opinion from my side, I can also see the argument that Andrii made some
time ago [0] in that normally you should never see these in a BPF object file.
But then ... there's BPF samples giving a wrong sample. ;( And I bet some users
might have copied from there, and it's generally confusing from a user experience
in libbpf on whether it's harmless or not.

Side-question: Did you check if it is still necessary in general to have this
multi-stage compile pipe in samples with the native clang frontend invocation
(instead of bpf target one)? (Maybe it's time to get rid of it in general.)

Anyway, would be nice to add further context/description about it to the commit
message at least for future reference on what the .eh_frame sections contain
exactly and why it's harmless. (Right now it only states that it is but without
more concrete rationale, would be good to still add.)

Thanks,
Daniel

   [0] https://lore.kernel.org/bpf/CAEf4BzbCiMkQazSe2hky=Jx6QXZiZ2jyf+AuzMJEyAv+_B7vug@mail.gmail.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ