From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 650F51381F3 for ; Fri, 31 May 2013 18:11:46 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 454FAE0957; Fri, 31 May 2013 18:11:38 +0000 (UTC) Received: from mail-vc0-f174.google.com (mail-vc0-f174.google.com [209.85.220.174]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A8895E0956 for ; Fri, 31 May 2013 18:11:27 +0000 (UTC) Received: by mail-vc0-f174.google.com with SMTP id hr11so1270153vcb.5 for ; Fri, 31 May 2013 11:11:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=b1nW8FebTignQIskJTQ+J4ATgYz2BaFaEZoQKNeR0k0=; b=H5wp6cSobebEsNFpmcCDLpD8lTloffZkCHFDUt/I3JkSbzm5aCi/eq6o625XpqH7rm Ggsa/1Awd814cKXLf/pw8WrA2qjvJSlvA/CV/12yGJ44vNYS0Ys+2vLS4NjRPBuWBCwP 7/eHYRs+gaXVdgSVw3txVUJYfkAz2BDmmobgZhw/GRRIybmE/aA+PfImt7y5k/voazU4 d7jyAzTH01zdG5aab+VySRaJG768NwHGDchYsmtHycOIZyc0OYsxPh1EYeLSvvhGUJiF cScErNIqB2a8wHggvjIkiwjfMssne8CH8U+cvWkowrQ5mPvHGsPsi+KcTY1MDsSbK78h 8Mtg== X-Received: by 10.220.10.212 with SMTP id q20mr11472324vcq.9.1370023881114; Fri, 31 May 2013 11:11:21 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-embedded@lists.gentoo.org Reply-to: gentoo-embedded@lists.gentoo.org MIME-Version: 1.0 Received: by 10.220.24.11 with HTTP; Fri, 31 May 2013 11:11:01 -0700 (PDT) In-Reply-To: References: <7c02c57d1aa3ede3af33f698d80c2eff@mail.meleeweb.net> From: Christopher Friedt Date: Fri, 31 May 2013 14:11:01 -0400 Message-ID: Subject: Re: [gentoo-embedded] Tool for eliminating non used code or symbols? To: gentoo-embedded@lists.gentoo.org Content-Type: multipart/alternative; boundary=001a11c31452c48f5d04de078af6 X-Archives-Salt: 1ad93abe-bf9c-4fdb-a576-3028d3d25923 X-Archives-Hash: e5dbf4c8b136c0fd3998fe3d93a3cb77 --001a11c31452c48f5d04de078af6 Content-Type: text/plain; charset=ISO-8859-1 strip --strip-unneeded On Fri, May 31, 2013 at 2:10 PM, Christopher Friedt wrote: > -Wunused -Werror > > > On Mon, May 27, 2013 at 9:09 AM, Bertrand Jacquin wrote: > >> Hi, >> >> Finally, two months after your mail, I remembered a project I saw last >> year (or so) that might stick your need. >> >> http://anonscm.debian.org/**gitweb/?p=d-i/mklibs.git >> http://anonscm.debian.org/**gitweb/?p=d-i/mklibs.git;a=** >> blob_plain;f=src/mklibs;h=**216b34c1cb221458cd0d26c6bd5c71** >> 9c3bf94ab2;hb=HEAD >> >> As describe, this tool : >> >> - Gather all unresolved symbols and libraries needed by the programs >> and reduced libraries >> - Gather all symbols provided by the already reduced libraries >> (none on the first pass) >> - If all symbols are provided we are done >> - go through all libraries and remember what symbols they provide >> - go through all unresolved/needed symbols and mark them as used >> - for each library: >> - find pic file (if not present copy and strip the so) >> - compile in only used symbols >> - strip >> - back to the top >> >> Beber >> >> >> On 2013-03-25 08:01, Kfir Lavi wrote: >> >>> Hi, >>> I'm looking for a way to reduce glibc code size. >>> It can be a way to make system smaller and minimize the impact >>> of attack vectors in glibc, as in return-to-libc attack. >>> >>> Lets say I'm deleting the program 'mkdir', and mkdir uses a function >>> in glibc that non of the other parts of the system uses. >>> Then I want to eliminate this function from glibc. This leads to smaller >>> code and if this function is used in some attack scenario, maybe prevent >>> it. >>> >>> Is there a way to do it? >>> Can you help me think how to build a tool like this? or, integrate >>> with existing tools. >>> >>> Thanks, >>> Kfir >>> >> >> > --001a11c31452c48f5d04de078af6 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
strip --strip-unneeded

On Fri, May 31, 2013 at 2:10 PM, Christophe= r Friedt <chrisfriedt@gmail.com> wrote:
-Wunused -Werror


On Mon, May 27, 2013 at 9:09 AM, Bertrand Jacquin <beber@meleeweb.net= > wrote:
Hi,

Finally, two months after your mail, I remembered a project I saw last year= (or so) that might stick your need.

http://anonscm.debian.org/gitweb/?p=3Dd-i/mklibs.git
http://anonscm.debian.org/gitweb/?p=3Dd-i/mklibs.g= it;a=3Dblob_plain;f=3Dsrc/mklibs;h=3D216b34c1cb221458cd0d26c6= bd5c719c3bf94ab2;hb=3DHEAD

As describe, this tool :

- Gather all unresolved symbols and libraries needed by the programs
=A0 and reduced libraries
- Gather all symbols provided by the already reduced libraries
=A0 (none on the first pass)
- If all symbols are provided we are done
- go through all libraries and remember what symbols they provide
- go through all unresolved/needed symbols and mark them as used
- for each library:
=A0 - find pic file (if not present copy and strip the so)
=A0 - compile in only used symbols
=A0 - strip
- back to the top

Beber


On 2013-03-25 08:01, Kfir Lavi wrote:
Hi,
I'm looking for a way to reduce glibc code size.
It can be a way to make system smaller and minimize the impact
of attack vectors in glibc, as in return-to-libc attack.

Lets say I'm deleting the program 'mkdir', and mkdir uses a fun= ction
in glibc that non of the other parts of the system uses.
Then I want to eliminate this function from glibc. This leads to smaller code and if this function is used in some attack scenario, maybe prevent it= .

Is there a way to do it?
Can you help me think how to build a tool like this? or, integrate
with existing tools.

Thanks,
Kfir



--001a11c31452c48f5d04de078af6--