Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp3093694ybb; Mon, 6 Apr 2020 01:48:12 -0700 (PDT) X-Google-Smtp-Source: APiQypL2Ob3md2DJUmHA15TffLYPNSOM/IlfeAFPGUywXrD7jwfYrQ+K9/nb2atoEEaIwINC3AXX X-Received: by 2002:a4a:2a47:: with SMTP id x7mr16390732oox.23.1586162892460; Mon, 06 Apr 2020 01:48:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586162892; cv=none; d=google.com; s=arc-20160816; b=FwPSBzJ0FmS35z/vmf7JfgIgI/dUdm1eWrUIgbHnAq8sAcmTfC5/8hFVlkJfNLNQx8 PD9StmDHxwDoLCt/2ysry3S00Z5eil+www7zPsf0WE/08OQAUtOPKNZyAh8FOo4fODtA bGJWRPx60dYLXFPUfz61ZAV6jket6gYCUyjEs0yv+cl3Ic3CqkoAmrH5mcUXxIBmxP3z vYZMdBumREbK0va6Bfe7fyOWvbs4diWDPuA/hgFls5oPPDjyy4wUSp7e7HVKb/Qw6o/x IPkQ45ZNs0UWydSUpLH9NVPdKF2SNlhZP4XLph1PidHwMrvV5Rl/J7O0rN4TmMAlLq4M kU3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=LtQeVXhd6t1VNfge4oRaGKt5hUgdeZfgTsbHMVc4gxI=; b=LvqbyQucgeA+Pu1iuHcJ4GOmVpIu7fkrGkMyq+QFnjGsaXvKVnNMnngk5INW+Z+I5q I20JiJ1bq2sXuNMreKnmxhZoWp0HjlZv7R5d4IkyXk1WaxMidgcwtrjKbtCBaLh+XIty ArRYD29ECd3k3EiilyNHAbjlIC7TkoFD0KKfrjAu1ujbOl+7H1D0+T4gcxZ9aMhltY97 eDl2iZLYjDe32YUOS/KcL1ezdO5JddfIWXHZDxgRhrLY3qeQZu6pCPCQcQdM5S/UoDt0 BgioqmHOuFJs/4z2VLK1R44Nnxix52DhY6XUFeBSSwZI4U0Rc58apIu2xUvH9gGd714p GmKw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=T6JsH00B; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f46si7349567otf.146.2020.04.06.01.47.59; Mon, 06 Apr 2020 01:48:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=T6JsH00B; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726648AbgDFIrp (ORCPT + 99 others); Mon, 6 Apr 2020 04:47:45 -0400 Received: from mail.skyhub.de ([5.9.137.197]:57762 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726514AbgDFIro (ORCPT ); Mon, 6 Apr 2020 04:47:44 -0400 Received: from zn.tnic (p200300EC2F04F600D9A931531DF0897F.dip0.t-ipconnect.de [IPv6:2003:ec:2f04:f600:d9a9:3153:1df0:897f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 3FF611EC0273; Mon, 6 Apr 2020 10:47:43 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1586162863; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=LtQeVXhd6t1VNfge4oRaGKt5hUgdeZfgTsbHMVc4gxI=; b=T6JsH00Bl/7vxIiN+7jxEKxwrZtDHcvOIuls/u6wabFbREOPT8cntND7Nq1pMhie5G5Uvv pI9pNanN0F+G7ajsjHG4QdQwl7iRAnzzQm41lPZBVFefHLTve7GSgkZ1WcrarQh8PAouPt WkQXUGp6jehPSDYnfAqYglHTSz+lmHM= Date: Mon, 6 Apr 2020 10:47:38 +0200 From: Borislav Petkov To: Ard Biesheuvel Cc: Arvind Sankar , Sergey Shatunov , hpa@zytor.com, Linux Kernel Mailing List , mingo@redhat.com, Thomas Gleixner , x86@kernel.org, linux-efi , initramfs@vger.kernel.org, Donovan Tremura , Harald Hoyer Subject: Re: [PATCH 1/2] x86/boot/compressed/64: Remove .bss/.pgtable from bzImage Message-ID: <20200406084738.GA2520@zn.tnic> References: <20200109150218.16544-1-nivedita@alum.mit.edu> <20200405154245.11972-1-me@prok.pw> <20200405231845.GA3095309@rani.riverdale.lan> <20200406035110.GA3241052@rani.riverdale.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 06, 2020 at 09:32:47AM +0200, Ard Biesheuvel wrote: > The EFI handover protocol strikes again :-( > > It seems we did not include any guidance in the documentation in > Documentation/x86/boot.rst regarding zero-initializing BSS, and come > to think of it, we don't include any other requirements either, i.e., > regarding placement wrt section alignment etc. This is a serious bug. > Even though EFI usually lays out PE/COFF images in files the exact way > they appear in memory, this is not actually required by the spec. Most > notably, the virtual size can be smaller than the file size, and the > loader is expected to zero-initialize the difference as well. Is that expectation stated explicitly somewhere? > Since the EFI handover protocol should be considered deprecated at > this point (and is never going to be supported in upstream GRUB > either, for instance), I would recommend the systemd-boot developers > to start looking into deprecating this as well, and switch to the > ordinary PE/COFF entry point, and use the new initrd callback protocol > for initrd loading. Any pointers to that new initrd callback protocol? In any case, I'd really appreciate a patch to boot.rst formulating those requirements so that they're written down and people can find them. > On the Linux/x86 side, we should at least add some code to the EFI > handover protocol entry point to zero initialize BSS, and ensure that > it is either not needed in other places, or add the code to deal with > those as well. Sounds like a simple fix, if that would fix it. Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette