[PATCH] D66426: [lld] Enable a watermark of loadable sections to be generated and placed in a note section
Chris Jackson via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Dec 4 02:17:08 PST 2019
chrisjackson added a comment.
In D66426#1766527 <https://reviews.llvm.org/D66426#1766527>, @JonChesterfield wrote:
> In D66426#1761836 <https://reviews.llvm.org/D66426#1761836>, @chrisjackson wrote:
>
> > A post-link modification could recalculate and update the hash, but this would only occur in a deliberate attempt to subvert the watermark mechanism
>
>
> I think it follows that this patch only detects accidental modifications to the binary that occur after linking. That seems to put it in the realm of network transmission errors, disk bit rot, optical media errors and so forth.
>
> In which case, why only guard a subset of the binary, instead of computing a sha256 of all the compiled artifacts and checking that at install/network copy time? Then there is again no linker patch required.
>
> Unless this is intended to catch people who deliberately change the binary, but lack the skills to then update the hash, which is surely vanishingly few people. Fewer when provided with convenient tools to recalculate the hash.
The watermark is intended to detect changes in the loadable image of the binary, not all of the ELF file e.g. ignore debug data. As you've stated, it is there to detect post-link modifications to the loadable segments.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D66426/new/
https://reviews.llvm.org/D66426
More information about the llvm-commits
mailing list