[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 2/2] Mini-OS: keep a positive list of externally visible symbols

Juergen Gross, le jeu. 23 nov. 2023 12:45:04 +0100, a ecrit:
> Add a mini-os.map file containing all global symbols that are allowed
> to be referenced by an application or library. Hide all other symbols
> of Mini-OS from being visible externally.
> 
> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>

Reviewed-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>

Thanks!

> ---
> V2:
> - added more symbols (Samuel Thibault)
> - sorted symbols in each section alphabetically
> ---
>  Makefile    |   3 +-
>  mini-os.map | 295 ++++++++++++++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 297 insertions(+), 1 deletion(-)
>  create mode 100644 mini-os.map
> 
> diff --git a/Makefile b/Makefile
> index 85c6db75..d4768110 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -164,8 +164,9 @@ endif
>  $(OBJ_DIR)/arch/x86/minios-x86%.lds:  arch/x86/minios-x86.lds.S
>       $(CPP) $(ASFLAGS) -P $< -o $@
>  
> -$(OBJ_DIR)/$(TARGET)-kern.o: $(OBJS) arch_lib 
> $(OBJ_DIR)/$(TARGET_ARCH_DIR)/minios-$(MINIOS_TARGET_ARCH).lds
> +$(OBJ_DIR)/$(TARGET)-kern.o: $(OBJS) arch_lib 
> $(OBJ_DIR)/$(TARGET_ARCH_DIR)/minios-$(MINIOS_TARGET_ARCH).lds mini-os.map
>       $(LD) -r $(LDFLAGS) $(HEAD_OBJ) $(OBJS) $(LDARCHLIB) -o $@
> +     $(OBJCOPY) -w -G $(GLOBAL_PREFIX)* --keep-global-symbols=mini-os.map $@ 
> $@
>  
>  $(OBJ_DIR)/$(TARGET): $(OBJ_DIR)/$(TARGET)-kern.o $(APP_O)
>       $(LD) -r $(LDFLAGS) $(OBJ_DIR)/$(TARGET)-kern.o $(APP_O) $(LDLIBS) -o 
> $@.o
> diff --git a/mini-os.map b/mini-os.map
> new file mode 100644
> index 00000000..58a3a0ee
> --- /dev/null
> +++ b/mini-os.map
> @@ -0,0 +1,295 @@
> +# Mini-OS symbols being externally visible
> +# entry point
> +_start
> +# Mini-OS service functions
> +alloc_fd
> +alloc_file_type
> +alloc_pages
> +bind_pirq
> +bind_virq
> +block
> +clear_evtchn
> +console_print
> +create_thread
> +do_map_frames
> +event_queue
> +evtchn_alloc_unbound
> +evtchn_bind_interdomain
> +evtchn_get_peercontext
> +exit_thread
> +free_pages
> +get_domid
> +get_file_from_fd
> +gntmap_fini
> +gntmap_init
> +gntmap_map_grant_refs
> +gntmap_munmap
> +gntmap_set_max_grants
> +gnttabop_error
> +gnttab_alloc_and_grant
> +gnttab_grant_access
> +gnttab_grant_transfer
> +gnttab_end_transfer
> +gnttab_end_access
> +hypercall_page
> +ioremap
> +ioremap_nocache
> +iounmap
> +map_frames_ex
> +map_frame_rw
> +map_frame_virt
> +mask_evtchn
> +msleep
> +need_pgt
> +printk
> +schedule
> +stop_kernel
> +unbind_evtchn
> +unmap_frames
> +unmask_evtchn
> +wake
> +xencons_ring_avail
> +xprintk
> +__local_irq_restore
> +__local_irq_save
> +# libgcc
> +__divdi3
> +__moddi3
> +__qdivrem
> +__udivdi3
> +__udivmoddi4
> +__umoddi3
> +# libc
> +accept
> +bind
> +cfmakeraw
> +chdir
> +clock_gettime
> +close
> +closedir
> +closelog
> +connect
> +do_exit
> +dup
> +dup2
> +err
> +errx
> +execv
> +fcntl
> +ffs
> +ffsl
> +ffsll
> +fork
> +free
> +fstat64
> +fsync
> +ftruncate
> +getegid
> +geteuid
> +getgid
> +gethostname
> +getpagesize
> +getpeername
> +getpid
> +getsockname
> +getsockopt
> +gettimeofday
> +getuid
> +htonl
> +htons
> +inet_aton
> +inet_ntoa
> +ioctl
> +isatty
> +kill
> +link
> +listen
> +lockf
> +lseek64
> +malloc
> +memcmp
> +memcpy
> +memset
> +mkdir
> +mmap64
> +munmap
> +nanosleep
> +nice
> +ntohl
> +ntohs
> +open64
> +opendir
> +openlog
> +pipe
> +poll
> +posix_openpt
> +read
> +readdir
> +realloc
> +recv
> +recvfrom
> +rmdir
> +sbrk
> +scnprintf
> +select
> +select_read_flag
> +send
> +sendto
> +setsid
> +setsockopt
> +shutdown
> +sigaction
> +sleep
> +snprintf
> +socket
> +sprintf
> +sscanf
> +stat
> +strcat
> +strchr
> +strcmp
> +strcpy
> +strdup
> +strlen
> +strncmp
> +strncpy
> +strnlen
> +strrchr
> +strstr
> +strtoq
> +strtoul
> +strtouq
> +sysconf
> +syslog
> +tcgetattr
> +tcsetattr
> +umask
> +unlink
> +usleep
> +verr
> +verrx
> +vscnprintf
> +vsnprintf
> +vsprintf
> +vsscanf
> +vsyslog
> +vwarn
> +vwarnx
> +waitpid
> +warn
> +warnx
> +write
> +_ctype
> +_exit
> +_fini
> +_init
> +___lock_acquire
> +___lock_acquire_recursive
> +___lock_init_recursive
> +___lock_release
> +___lock_release_recursive
> +# 9pfront driver
> +init_9pfront
> +shutdown_9pfront
> +# blkfront driver
> +blkfront_aio
> +blkfront_aio_poll
> +blkfront_aio_push_operation
> +blkfront_io
> +blkfront_open
> +blkfront_queue
> +blkfront_sync
> +init_blkfront
> +shutdown_blkfront
> +# fbfront driver
> +fbfront_open
> +fbfront_receive
> +fbfront_resize
> +fbfront_update
> +init_fbfront
> +shutdown_fbfront
> +# kbdfront driver
> +init_kbdfront
> +kbdfront_open
> +kbdfront_receive
> +shutdown_kbdfront
> +# netfront driver
> +init_netfront
> +netfront_get_gateway
> +netfront_get_netmask
> +netfront_receive
> +netfront_tap_open
> +netfront_xmit
> +networking_set_addr
> +resume_netfront
> +shutdown_netfront
> +start_networking
> +stop_networking
> +suspend_netfront
> +# pcifront driver
> +init_pcifront
> +pcifront_conf_read
> +pcifront_conf_write
> +pcifront_disable_msi
> +pcifront_disable_msix
> +pcifront_enable_msi
> +pcifront_enable_msix
> +pcifront_op
> +pcifront_scan
> +shutdown_pcifront
> +# tpmback driver
> +init_tpmback
> +shutdown_tpmback
> +tpmback_get_opaque
> +tpmback_get_peercontext
> +tpmback_get_uuid
> +tpmback_num_frontends
> +tpmback_req
> +tpmback_req_any
> +tpmback_resp
> +tpmback_set_opaque
> +tpmback_wait_for_frontend_connect
> +# tpmfront driver
> +init_tpmfront
> +shutdown_tpmfront
> +tpmfront_cmd
> +tpmfront_open
> +tpmfront_set_locality
> +# tpm_tis driver
> +init_tpm_tis
> +init_tpm2_tis
> +tpm_tis_cmd
> +tpm_tis_open
> +tpm_tis_request_locality
> +# xenbus driver
> +xenbus_get_perms
> +xenbus_get_self_id
> +xenbus_ls
> +xenbus_msg_reply
> +xenbus_printf
> +xenbus_read
> +xenbus_read_integer
> +xenbus_read_uuid
> +xenbus_rm
> +xenbus_set_perms
> +xenbus_transaction_end
> +xenbus_switch_state
> +xenbus_transaction_start
> +xenbus_unwatch_path_token
> +xenbus_wait_for_state_change
> +xenbus_wait_for_value
> +xenbus_wait_for_watch
> +xenbus_wait_for_watch_return
> +xenbus_watch_path_token
> +xenbus_write
> +xenstore_buf
> +xs_daemon_open
> +xs_directory
> +xs_fileno
> +xs_get_domain_path
> +xs_read
> +xs_read_watch
> +xs_rm
> +xs_unwatch
> +xs_watch
> +xs_write
> -- 
> 2.35.3
> 

-- 
Samuel
---
Pour une évaluation indépendante, transparente et rigoureuse !
Je soutiens la Commission d'Évaluation de l'Inria.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.