On Thu, May 19, 2016 at 11:41 PM, Ingo Molnar wrote:
>
> * Kees Cook wrote:
>
>> On Wed, May 18, 2016 at 4:29 AM, Ingo Molnar wrote:
>> >
>> > * Kees Cook wrote:
>> >
>> >> > I think there is something way more subtle going on here, and it
>> >> > bothers me
>> >> > exactly because it is subtl
* Kees Cook wrote:
> On Wed, May 18, 2016 at 4:29 AM, Ingo Molnar wrote:
> >
> > * Kees Cook wrote:
> >
> >> > I think there is something way more subtle going on here, and it bothers
> >> > me
> >> > exactly because it is subtle. It may be that it is OK right now, but
> >> > there
> >> > a
On Wed, May 18, 2016 at 4:29 AM, Ingo Molnar wrote:
>
> * Kees Cook wrote:
>
>> > I think there is something way more subtle going on here, and it bothers me
>> > exactly because it is subtle. It may be that it is OK right now, but there
>> > are alarm bells going on all over my brain on this.
* Kees Cook wrote:
> > I think there is something way more subtle going on here, and it bothers me
> > exactly because it is subtle. It may be that it is OK right now, but there
> > are alarm bells going on all over my brain on this. I'm going to stare at
> > this for a bit and see if I can
On 05/17/16 12:28, Kees Cook wrote:
>>
>> I think there is something way more subtle going on here, and it bothers
>> me exactly because it is subtle. It may be that it is OK right now, but
>> there are alarm bells going on all over my brain on this. I'm going to
>> stare at this for a bit and se
On Tue, May 17, 2016 at 12:56 PM, H. Peter Anvin wrote:
> On 05/17/16 06:53, Kees Cook wrote:
>>>
>>> Either look at the inputs, or add the -q option to the link line
>>> (--emit-relocs); that preserves the relocations into the output file
>>> (the same we use to generate the relocation tables to
On 05/17/16 06:53, Kees Cook wrote:
>>
>> Either look at the inputs, or add the -q option to the link line
>> (--emit-relocs); that preserves the relocations into the output file
>> (the same we use to generate the relocation tables to be able to
>> relocate the kernel proper.)
>
> (FWIW, this add
On Tue, May 17, 2016 at 5:31 AM, H. Peter Anvin wrote:
> On 05/17/16 01:13, Kees Cook wrote:
>> On Mon, May 16, 2016 at 3:30 AM, Ingo Molnar wrote:
>>>
>>> * H. Peter Anvin wrote:
>>>
On 05/12/16 15:54, Kees Cook wrote:
>>
>> It would be far better to warn on the *type* of relocatio
On 05/17/16 01:13, Kees Cook wrote:
> On Mon, May 16, 2016 at 3:30 AM, Ingo Molnar wrote:
>>
>> * H. Peter Anvin wrote:
>>
>>> On 05/12/16 15:54, Kees Cook wrote:
>
> It would be far better to warn on the *type* of relocations rather than
> in which section they feel.
I'm o
On Mon, May 16, 2016 at 3:30 AM, Ingo Molnar wrote:
>
> * H. Peter Anvin wrote:
>
>> On 05/12/16 15:54, Kees Cook wrote:
>> >>
>> >> It would be far better to warn on the *type* of relocations rather than
>> >> in which section they feel.
>> >
>> > I'm open to specific changes. What's the best w
On Thu, May 12, 2016 at 01:31:04PM -0700, Kees Cook wrote:
> diff --git a/arch/x86/boot/compressed/Makefile
> b/arch/x86/boot/compressed/Makefile
> index cfdd8c3f8af2..25d477fcd5b4 100644
> --- a/arch/x86/boot/compressed/Makefile
> +++ b/arch/x86/boot/compressed/Makefile
> @@ -85,7 +85,25 @@ vmlin
* H. Peter Anvin wrote:
> On 05/12/16 15:54, Kees Cook wrote:
> >>
> >> It would be far better to warn on the *type* of relocations rather than in
> >> which section they feel.
> >
> > I'm open to specific changes. What's the best way to detect what you want
> > here?
> >
>
> Use readelf -r
On 05/12/16 15:54, Kees Cook wrote:
>>
>> It would be far better to warn on the *type* of relocations rather than in
>> which section they feel.
>
> I'm open to specific changes. What's the best way to detect what you want
> here?
>
Use readelf -r and look for inappropriate relocation types (w
On Thu, May 12, 2016 at 3:29 PM, H. Peter Anvin wrote:
> On May 12, 2016 1:31:04 PM PDT, Kees Cook wrote:
>>The compressed kernel is built with -fPIC/-fPIE so that it can run in
>>any
>>location a bootloader happens to put it. However, since ELF relocation
>>processing is not happening (and all t
On May 12, 2016 1:31:04 PM PDT, Kees Cook wrote:
>The compressed kernel is built with -fPIC/-fPIE so that it can run in
>any
>location a bootloader happens to put it. However, since ELF relocation
>processing is not happening (and all the relocation information has
>already been stripped at link t
15 matches
Mail list logo
