|
Size: 2967
Comment:
|
Size: 3002
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
| The binary image of kernel [["vmlinux"]] contains [http://en.wikipedia.org/wiki/Executable_and_Linkable_Format|ELF-section] named '''".notes"'''. | The binary image of kernel ["vmlinux"] contains [http://en.wikipedia.org/wiki/Executable_and_Linkable_Format|ELF-section] named '''".notes"'''. |
| Line 9: | Line 9: |
| Downside of this notes could be that if they are random like '''--build-id''' then they might block [[Reproducible]] property of kernel, and overall they can stop certain embbed architectures from working (but this is by default handled and this section is removed). | Downside of this notes could be that if they are random like '''--build-id''' then they might block [[SameBuild]] (reproducible, deterministic, verifiable) property of kernel, and overall they can stop certain embbed architectures from working (but this is by default handled and this section is removed). |
| Line 21: | Line 21: |
| * TODO: we're ([[Mempo]]) now looking for a way to remove the --build-id or make it deterministic, please tell us if you know how to | * TODO: we're ([Mempo]) now looking for a way to remove the --build-id or make it deterministic, please tell us if you know how to |
up-to-date: kernel 3.2.54. (Always read kernel sources to be sure!)
The binary image of kernel ["vmlinux"] contains [http://en.wikipedia.org/wiki/Executable_and_Linkable_Format|ELF-section] named ".notes".
In it there are short data, binary and text, that can be easily read and may contain some hints about kernel version, Xen compatibility, etc.
The purpose is to have very easy to read (from bootloader???) data (probably Xen loader uses that???).
Downside of this notes could be that if they are random like --build-id then they might block SameBuild (reproducible, deterministic, verifiable) property of kernel, and overall they can stop certain embbed architectures from working (but this is by default handled and this section is removed).
Source of notes
What part of source code generates the notes?
* grep sources for "ELFNOTE" * --build-id is in Makefile * btw see include/linux/elfnote.h to see that macros
Removing notes
* certain Makefile in arch/ do remove the flag using objcopy, grep for $OBJCOPY to see how it works * TODO: we're ([Mempo]) now looking for a way to remove the --build-id or make it deterministic, please tell us if you know how to
Reading notes
To decode meaning of the flags:
* see list of information, e.g. in include/xen/interface/elfnote.h and other places that Generate the info
* view the data content:
To see the value of fields use "-n" and "-x .notes" and "-p .notes"
readelf -n vmlinux readelf -p .notes vmlinux readelf -x .notes vmlinux
readelf -n vmlinux.1
Notes at offset 0x0061c000 with length 0x0000017c:
Owner Data size Description
Xen 0x00000006 Unknown note type: (0x00000006)
Xen 0x00000004 Unknown note type: (0x00000007)
Xen 0x00000008 Unknown note type: (0x00000005)
Xen 0x00000008 Unknown note type: (0x00000003)
Xen 0x00000008 NT_VERSION (version)
Xen 0x00000008 NT_ARCH (architecture)
Xen 0x0000002a Unknown note type: (0x0000000a)
Xen 0x00000004 Unknown note type: (0x00000009)
Xen 0x00000008 Unknown note type: (0x00000008)
Xen 0x00000010 Unknown note type: (0x0000000d)
Xen 0x00000004 Unknown note type: (0x0000000e)
Xen 0x00000008 Unknown note type: (0x0000000c)
Xen 0x00000008 Unknown note type: (0x00000004)
GNU 0x00000014 NT_GNU_BUILD_ID (unique build ID bitstring)
Build ID: 64cefe0d9cac80f64493500978a3722c0246d506readelf -p .notes vmlinux.1 String dump of section '.notes': [ c] Xen [ 10] linux [ 24] Xen ... [ 98] Xen [ 9c] !writable_page_tables|pae_pgdir_above_4gb