[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Drop ELF notes from non-EFI binary too

  • To: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 14 Mar 2023 07:30:44 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dw6ljLsSE+ZLLg9TU+6OcuJNklBMqa9CuHOfv4lUHeU=; b=A30w4h6pU1onk5Er79CCxP9477rH7fPW0B2ukRZD74XCMSMn6r//+YbMgZ92sclgLbBCyoeHLtW1mDZ3P81PxXUlarFk6rfnuvLsT43O+g+t0Q5DBAjc5mXgkTuZ8TFL/D9FPy58MoDk3dv1qRtqOS+g9A0Ge7T+XZsvjQyf0iFFgBg5Kr+++5dw0UCAELWB7dympHau8KusZIr/6hrbvbpeyJoO0U8qe18KJa1qiXee4F1plGjSGabiwdDlevSss37c0B9FoeLLjZG+oJeWkaJLfR48p0q2U3oUtbfk4TPXJ9SPdJVbhwBsE0hnnbxqP6FcNkLepPr4K6qYfZF9oQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WXDKhc0laKUwPTfN5RlRnMIEOKNSWIgkWcXgmxGVlx2M8Z58mS1aIlya35UD8l5kCbaNhNj3pqgeMoZDn+KKCoG7pFgNf3ZJ7ERAXg22vuy++OH2deEOQTIDJ8nX0yCNFP2bi6mNsH5/VJQFuXo6A5OPe4C8IHUfvR0oGA+EothCFm9afZcHo+g/RVzlKJTSrULdFysP7q89irSRKasIsBJxhVuBDBAkQTp8KL4DzaykZHPCItWcNiVcWcqfRjxIa/AovAoDo41H/9gXJxxh9CGHDtOrIV8bzmtKbKfJiROS4uvM2XWLJpOSwHeLFUEWbSToSWrcGsUKNEdXvomCqg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Tue, 14 Mar 2023 06:31:10 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 14.03.2023 02:46, Marek Marczykowski-Górecki wrote:
> On Mon, Feb 27, 2023 at 11:28:28AM +0100, Jan Beulich wrote:
>> On 26.02.2023 00:56, Marek Marczykowski-Górecki wrote:
>>> The ELF is repacked from from 64bit to 32bit. With CET-related notes,
>>> which use 64bit fields, this results in 32bit binary with corrupted
>>> notes. Drop them all (except build-id and PVH note retained
>>> explicitly).
>>>
>>> Suggested-by: Jan Beulich <jbeulich@xxxxxxxx>
>>
>> Perhaps a misunderstanding: Yes, I did suggest this as a possibility,
>> but I didn't really mean we actually do so. At the very least not
>> without further clarifying what the cons of doing so are. The notes,
>> after all, are actually valid in xen-syms; they become bogus in the
>> course of mkelf32's processing.
>>
>>> --- a/xen/arch/x86/xen.lds.S
>>> +++ b/xen/arch/x86/xen.lds.S
>>> @@ -192,13 +192,6 @@ SECTIONS
>>>  #endif
>>>  #endif
>>>  
>>> -#ifndef EFI
>>> -  /* Retain these just for the purpose of possible analysis tools. */
>>> -  DECL_SECTION(.note) {
>>> -       *(.note.*)
>>> -  } PHDR(note) PHDR(text)
>>> -#endif
>>> -
>>>    _erodata = .;
>>>  
>>>    . = ALIGN(SECTION_ALIGN);
>>
>> Is this sufficient? .note.* isn't part of DISCARD_SECTIONS except for
>> xen.efi. I would expect it needs to move there from DISCARD_EFI_SECTIONS.
>> Otherwise, aiui, the linker's orphan section placement will kick in. 
> 
> What supposedly happens then? By looking at binary produced with this
> patch, I don't see other .note sections included.

The linker can't really discard them without being told so, from all I
know. So the pieces must land somewhere, and considering the special
section type (SHT_NOTE) I would find it odd if they were folded into
some other section.

>> Yet
>> at that point you'd also affect Arm and RISC-V (which, interestingly,
>> don't place .note.* anywhere at all right now, afaics).
> 
> That's interesting observation. For RISC-V, I'm not surprised given how
> fresh it is in tree, but if Arm doesn't need it either, maybe adding to
> DISCARD_SECTIONS isn't such a bad idea?

Well, yes, if we want to get rid of them, putting them there makes
sense. First we need to figure where the notes end up when not placed
explicitly (as that'll tell us whether on Arm they can be useful at all
right now).

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.