Re: [PATCH 2/2] x86: Discard .note.gnu.property sections in vmlinux
From: Kees Cook
Date: Thu Jan 30 2020 - 14:51:18 EST
On Thu, Jan 30, 2020 at 09:51:38AM -0800, H.J. Lu wrote:
> On Mon, Jan 27, 2020 at 3:34 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >
> > On Fri, Jan 24, 2020 at 10:18:19AM -0800, H.J. Lu wrote:
> > > With the command-line option, -mx86-used-note=yes, the x86 assembler
> > > in binutils 2.32 and above generates a program property note in a note
> > > section, .note.gnu.property, to encode used x86 ISAs and features.
> > > But x86 kernel linker script only contains a signle NOTE segment:
> > >
> > > PHDRS {
> > > text PT_LOAD FLAGS(5);
> > > data PT_LOAD FLAGS(6);
> > > percpu PT_LOAD FLAGS(6);
> > > init PT_LOAD FLAGS(7);
> > > note PT_NOTE FLAGS(0);
> > > }
> > > SECTIONS
> > > {
> > > ...
> > > .notes : AT(ADDR(.notes) - 0xffffffff80000000) { __start_notes = .; KEEP(*(.not
> > > e.*)) __stop_notes = .; } :text :note
> > > ...
> > > }
> > >
> > > which may not be incompatible with note.gnu.property sections. Since
I don't understand this. "may not be incompatible"? Is there an error
generated? If so, what does it look like?
> > > note.gnu.property section in kernel image is unused, this patch discards
> > > .note.gnu.property sections in kernel linker script by adding
> > >
> > > /DISCARD/ : {
> > > *(.note.gnu.property)
> > > }
> >
> > I think this is happening in the wrong place? Shouldn't this be in the
> > DISCARDS macro in include/asm-generic/vmlinux.lds.h instead?
>
> Please read my commit message closely. We can't discard .note.gnu.property
> sections by adding .note.gnu.property to default discarded sections
> since default
> discarded sections are placed AFTER .notes sections in x86 kernel
> linker scripts.
I see what you mean now, /DISCARD/ happens after the NOTES macro (now in
the RO_DATA macro). To this end, I think this should be in
include/asm-generic/vmlinux.lds.h in the NOTES macro? It's x86-specific
right now, but why not make this future-proof?
I'd like to avoid as much arch-specific linker stuff as we can. I spent
a lot of time trying to clean up NOTES specifically. :)
> + /* .note.gnu.property sections should be discarded */
This comment should say _why_ -- the script already shows _what_ is
happening...
> + /DISCARD/ : {
> + *(.note.gnu.property)
> + }
-Kees
--
Kees Cook