Received: by 2002:a25:2c96:0:0:0:0:0 with SMTP id s144csp577739ybs; Sun, 24 May 2020 14:30:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxaVHyEpmNAji89iCAYDLT+To/AoT4Xyp1sBiYHbUFvJCRsxs4dvlvzLaW14HvBwJ6E6yoo X-Received: by 2002:aa7:cd01:: with SMTP id b1mr12786836edw.10.1590355836009; Sun, 24 May 2020 14:30:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590355836; cv=none; d=google.com; s=arc-20160816; b=DRihj0YiMLo4pQZeyAPhEfkTSudE57U+iEh/DZkqRDk65vkStZVBoZkHL/VmSWXoA/ k8Dc+US04jH+uxVjkCdfowR12Q1w95Vj2UOvAhZyDzIwzzWVNsZ0N+pCzg0GWIHWoVyC meTRiOWUfraTlkmTBttAFOQnA+hpALdBuKY7tsQl1pbUH9EeNyR6YCdvj/UPIbhE0cMd Q4PEa5kuRtv7uyIeArOmdC1dqfkfCREyZ+nGkjNIyrHCp2IDla4HE6Nu3V5pjCtLHKPs mfyfCzDyQDrb4O8XuIK8jLmr4jx6RdF0UuyqHh/G8IUvR67dzNfeXnIulpCFYzgIWv/T TUrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=k86zNxnaewD/kcJp/CHjCp3w81OEIlc7GLgOACCIBWU=; b=ImhPbP0YeZcMfhHMkJY530lABma5nEz7gsb2l7mVkLkTiX0/kR3h55uiGcPR1QHwqC zHC1dxWTsQYzYHIobbgjjE04c1pp5UOTgux4IGLxZYHG21RUOTPwYnhM0Mz5OEmfT24q 2aczOvVCzw+ftjkHQoBNJKhQmEtOGPFMXsAaKdcJ+n2zg2nkArvpR4qID4GtKuQde7kb VKZtCArVF2jnFtop8mq1k1Dq7GUhv3TesBKM3wFfzUfgxbCpiTqcLt2ebwWtkaNLZCTe jT3CM7gasG+ZRub58Yh1q8XXOtI7t9GvWd4YAG5leRnF0wsu2dc905zJK1nz3e7GwGlq 1nqw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ca1si8088015ejb.42.2020.05.24.14.30.13; Sun, 24 May 2020 14:30:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388366AbgEXV2X (ORCPT + 99 others); Sun, 24 May 2020 17:28:23 -0400 Received: from mail-qt1-f196.google.com ([209.85.160.196]:38515 "EHLO mail-qt1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388331AbgEXV2V (ORCPT ); Sun, 24 May 2020 17:28:21 -0400 Received: by mail-qt1-f196.google.com with SMTP id i68so12599957qtb.5 for ; Sun, 24 May 2020 14:28:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=k86zNxnaewD/kcJp/CHjCp3w81OEIlc7GLgOACCIBWU=; b=UYvlqrmkiLh7zeUh09xKzOX5e5PCssoSQCBAUbjtBLgiwUkgf2CeO0vjtF/7rHQZKX 75feJIh4eoeDznVvL2/rp9M+BpDF96pt4ryAw5BZNNLwgiKWFNFS+QK2xAQiVRBD7yaY pAj9iHyverFpERhmniW8k8C6GEYHBAPn9PR2+5N1D7dHkHa27Uu21/vi1DFGPY3+afKU d+9TJufGbwQPOJp1yGeKUELrR6VXOdViKFqIOfTwBrcdxE++ZyqQE9RHEFCd153IwOjv iVKkI7wbsjlhNEp6kn2MkJOwVTNqky38+gvncreiowRy7X3qzxuOBFIetW+5YYKQ+PHT hV/g== X-Gm-Message-State: AOAM533fi3ekaHOJPNfKmLFbWSN5BIVaFz+VXeO8KD5c/3D2UW18w5kp 8ZOmLuMDJw3FRD0JXBoCMrk= X-Received: by 2002:aed:2213:: with SMTP id n19mr25897885qtc.246.1590355698528; Sun, 24 May 2020 14:28:18 -0700 (PDT) Received: from rani.riverdale.lan ([2001:470:1f07:5f3::b55f]) by smtp.gmail.com with ESMTPSA id d14sm3665729qkg.25.2020.05.24.14.28.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 24 May 2020 14:28:18 -0700 (PDT) From: Arvind Sankar To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , x86@kernel.org Cc: Nick Desaulniers , Fangrui Song , Dmitry Golovin , clang-built-linux@googlegroups.com, Ard Biesheuvel , Masahiro Yamada , Daniel Kiper , linux-kernel@vger.kernel.org Subject: [PATCH 0/4] x86/boot: Remove runtime relocations from compressed kernel Date: Sun, 24 May 2020 17:28:12 -0400 Message-Id: <20200524212816.243139-1-nivedita@alum.mit.edu> X-Mailer: git-send-email 2.26.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The compressed kernel currently contains bogus runtime relocations in the startup code in head_{32,64}.S, which are generated by the linker, but must not actually be processed at runtime. This generates warnings when linking with the BFD linker, and errors with LLD, which defaults to erroring on runtime relocations in read-only sections. It also requires the -z noreloc-overflow hack for the 64-bit kernel, which prevents us from linking it as -pie on an older BFD linker (<= 2.26) or on LLD, because the locations that are to be apparently relocated are only 32-bits in size and so cannot normally have R_X86_64_RELATIVE relocations. This series aims to get rid of these relocations. It is based on efi/next (efi-changes-for-v5.8), where the latest patches touch the head code to eliminate the global offset table. The first patch is an independent fix for LLD, to avoid an orphan section in arch/x86/boot/setup.elf [0]. The second patch gets rid of almost all the relocations. It uses standard PIC addressing technique for 32-bit, i.e. loading a register with the address of _GLOBAL_OFFSET_TABLE_ and then using GOTOFF references to access variables. For 64-bit, there is 32-bit code that cannot use RIP-relative addressing, and also cannot use the 32-bit method, since GOTOFF references are 64-bit only. This is instead handled using a macro to replace a reference like gdt with (gdt-startup_32) instead. The assembler will generate a PC32 relocation entry, with addend set to (.-startup_32), and these will be replaced with constants at link time. This works as long as all the code using such references lives in the same section as startup_32, i.e. in .head.text. The third patch addresses a remaining issue with the BFD linker, which insists on generating runtime relocations for absolute symbols. We use z_input_len and z_output_len, defined in the generated piggy.S file, as symbols whose absolute "addresses" are actually the size of the compressed payload and the size of the decompressed kernel image respectively. LLD does not generate relocations for these two symbols, but the BFD linker does. To get around this, piggy.S is extended to also define two u32 variables (in .rodata) with the lengths, and the head code is modified to use those instead of the symbol addresses. An alternative way to handle z_input_len/z_output_len would be to just include piggy.S in head_{32,64}.S instead of as a separate object file, since the GNU assembler doesn't generate relocations for symbols set to constants. The last patch adds a check in the linker script to ensure that no runtime relocations get reintroduced. Since the GOT has been eliminated as well, the compressed kernel has no runtime relocations whatsoever any more. [0] https://lore.kernel.org/lkml/20200521152459.558081-1-nivedita@alum.mit.edu/ Arvind Sankar (4): x86/boot: Add .text.startup to setup.ld x86/boot: Remove runtime relocations from .head.text code x86/boot: Remove runtime relocations from head_{32,64}.S x86/boot: Check that there are no runtime relocations arch/x86/boot/compressed/Makefile | 36 +--------- arch/x86/boot/compressed/head_32.S | 59 +++++++-------- arch/x86/boot/compressed/head_64.S | 99 +++++++++++++++----------- arch/x86/boot/compressed/mkpiggy.c | 6 ++ arch/x86/boot/compressed/vmlinux.lds.S | 11 +++ arch/x86/boot/setup.ld | 2 +- 6 files changed, 109 insertions(+), 104 deletions(-) -- 2.26.2