'Re: [gentoo-embedded] Tool for eliminating non used code or symbols?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-embedded
Subject:    Re: [gentoo-embedded] Tool for eliminating non used code or symbols?
From:       Kfir Lavi <lavi.kfir () gmail ! com>
Date:       2013-04-29 3:58:52
Message-ID: CAHNvW1KnrEECoL8aLHFfVekMorWtuXE4MVrdW9DuYQ1V0qiHaQ () mail ! gmail ! com
[Download RAW message or body]

On Fri, Apr 26, 2013 at 11:03 PM, Mike Frysinger <vapier@gentoo.org> wrote:

> On Monday 25 March 2013 03:01:51 Kfir Lavi wrote:
> > I'm looking for a way to reduce glibc code size.
> > It can be a way to make system smaller and minimize the impact
> > of attack vectors in glibc, as in return-to-libc attack.
> >
> > Lets say I'm deleting the program 'mkdir', and mkdir uses a function
> > in glibc that non of the other parts of the system uses.
> > Then I want to eliminate this function from glibc. This leads to smaller
> > code and if this function is used in some attack scenario, maybe prevent
> > it.
> >
> > Is there a way to do it?
> > Can you help me think how to build a tool like this? or, integrate
> > with existing tools.
>
> the only thing i've seen in the past was a hacky script that utilize the
> uClibc build system to cull objects until things stopped linking.  it had
> very
> constrained use where i'd safely work, and was never generalized.  i don't
> remember the name of it now (was a few years ago), but having read the
> [limited] source, i wouldn't bother using it as a base.
>
> otherwise, i haven't heard of any tools that do what you want, but i've
> seen
> many people request it.  unfortunately, it's a tough nut to crack, and the
> vast majority of people requesting it didn't have the technical skills to
> even
> think about a solution let alone implement it.
>
> i [pessimistically] suspect we're talking many man months here, and the
> skill
> set involves knowledge of the ELF format at a fairly low level.
> -mike
>

You can look at this problem 2 ways:
1. Change the binary created after compilation.
2. Reduce glibc code and compile again. Do this iteratively.

I'm leaning toward the second, as you have the protection of the
compilation.

Kfir

[Attachment #3 (text/html)]

<div dir="ltr"><br><br><div class="gmail_quote">On Fri, Apr 26, 2013 at 11:03 PM, \
Mike Frysinger <span dir="ltr">&lt;<a href="mailto:vapier@gentoo.org" \
target="_blank">vapier@gentoo.org</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex">

<div class="HOEnZb"><div class="h5">On Monday 25 March 2013 03:01:51 Kfir Lavi \
wrote:<br> &gt; I&#39;m looking for a way to reduce glibc code size.<br>
&gt; It can be a way to make system smaller and minimize the impact<br>
&gt; of attack vectors in glibc, as in return-to-libc attack.<br>
&gt;<br>
&gt; Lets say I&#39;m deleting the program &#39;mkdir&#39;, and mkdir uses a \
function<br> &gt; in glibc that non of the other parts of the system uses.<br>
&gt; Then I want to eliminate this function from glibc. This leads to smaller<br>
&gt; code and if this function is used in some attack scenario, maybe prevent<br>
&gt; it.<br>
&gt;<br>
&gt; Is there a way to do it?<br>
&gt; Can you help me think how to build a tool like this? or, integrate<br>
&gt; with existing tools.<br>
<br>
</div></div>the only thing i&#39;ve seen in the past was a hacky script that utilize \
the<br> uClibc build system to cull objects until things stopped linking.   it had \
very<br> constrained use where i&#39;d safely work, and was never generalized.   i \
don&#39;t<br> remember the name of it now (was a few years ago), but having read \
the<br> [limited] source, i wouldn&#39;t bother using it as a base.<br>
<br>
otherwise, i haven&#39;t heard of any tools that do what you want, but i&#39;ve \
seen<br> many people request it.   unfortunately, it&#39;s a tough nut to crack, and \
the<br> vast majority of people requesting it didn&#39;t have the technical skills to \
even<br> think about a solution let alone implement it.<br>
<br>
i [pessimistically] suspect we&#39;re talking many man months here, and the skill<br>
set involves knowledge of the ELF format at a fairly low level.<br>
<span class="HOEnZb"><font color="#888888">-mike<br></font></span></blockquote><div>  \
</div></div>You can look at this problem 2 ways:<br>1. Change the binary created \
after compilation.<br>2. Reduce glibc code and compile again. Do this iteratively. \
<br>

<br>I&#39;m leaning toward the second, as you have the protection of the \
compilation.<br><br>Kfir<br></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic