[PATCH] Recognize and parse GNU Property notes.

Mark Wielaard mark@klomp.org
Mon Oct 29 00:12:00 GMT 2018


On Fri, 2018-10-19 at 12:26 +0200, Mark Wielaard wrote:
> GNU Property notes are different from normal notes because they use
> variable alignment/padding of their fields. They are 8 byte aligned,
> but use 4 byte fields. The name is aligned at 4 bytes and padded so
> that, the desc is aligned at 8 bytes. The whole note is padded to
> 8 bytes again. For normal notes all fields are both 4 bytes wide and
> 4 bytes aligned.
> 
> To recognize these new kind of ELF Notes a new Elf_Type is
> introduced,
> ELF_T_NHDR8. This type is used in the xlate functions to determine
> how to align and pad the various fields. Since the fields themselves
> can now have different alignments we will have to keep track of the
> current alignement and use either NOTE_ALIGN4 or NOTE_ALIGN8 tor
> determine the padding.
> 
> To set the correct Elf_Type on the Elf_Data we use either the section
> sh_addralign or the segment p_align values. Assuming 8 means the
> section or segment contains the new style notes, otherwise normal
> notes.
> 
> When we cannot determine the "alignment" directly, like when parsing
> special kernel sys files, we check the name "GNU" and type
> "GNU_PROPERTY_TYPE_0" fields.
> 
> ebl_object_note now parses the new NT_GNU_PROPERTY_TYPE_0 and can
> extract the GNU_PROPERTY_STACK_SIZE,
> GNU_PROPERTY_NO_COPY_ON_PROTECTED
> and GNU_PROPERTY_X86_FEATURE_1_AND types
> GNU_PROPERTY_X86_FEATURE_1_IBT
> and GNU_PROPERTY_X86_FEATURE_1_SHSTK.
> 
> Tests are added for extracting the note from sections or segments
> as set by gcc -fcf-protection.

I pushed this to master.

There is some other information that might come from these notes, but
there are various open questions about what, how and the backwards
compatibility story.
See https://sourceware.org/ml/libc-alpha/2018-10/msg00495.html

Cheers,

Mark



More information about the Elfutils-devel mailing list