Received: by 2002:a05:7412:bc1a:b0:d7:7d3a:4fe2 with SMTP id ki26csp472062rdb; Sat, 19 Aug 2023 09:01:48 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHlgmLHyIsPOSGwtGyaAfZmt+X6u4P1zNcMejqQMlyHNNJZZdrV4MVtqAFEqkRQOjjDlspH X-Received: by 2002:a17:90a:1348:b0:263:f36e:d610 with SMTP id y8-20020a17090a134800b00263f36ed610mr2237343pjf.0.1692460908424; Sat, 19 Aug 2023 09:01:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692460908; cv=none; d=google.com; s=arc-20160816; b=kEcCg03kEXJCqVGe/yD8baOMy1raJ34v6izMrqPL4NSU63b9uAgKnbUmTjlvvsXXXC h81GmFJdrocpJVsGXM0qneuHth822z3KHf+DgOdrCqiMibSWYJ01T/0gPIEJu/oofHQ8 6KIiuBvbKfCLOsfXIJjjtieMmeP2c0u/P7jIidEPHubQldaQF+5CX/WB+brpUiQLltou f/blyx+99jKszDbuCRgj3AHyXSBrlU0DP9Grx50v5PXlWvAwMWLwna6TLZPbofd5M7Cc DvbzSE+dvG6vNZIf/l0BViSJExSI7dSJpfe2SW7UCmvnClQddRB8rU5pIMV9CBq91YqB x7QA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=VYuMK9lzweKJYyVPBIpfGheW2P59F458KdgLzTm/k4A=; fh=2K0cnVWNN/lSoXOQ2Jt2UifFp/1e7O4elwn57wGf9gU=; b=ldVKmPqI4y6HwmTu9M64yuDlSDba978m06WY22763Odak1tHiFw3lWkKVWXwx7uyYw IP8jMXAFNUCYSa0DTIdsDkkUZTuwfIBcZmuoUGstY857mNXJOBC2BVtiH/i4TGP54nk6 DlWhufq9Gup2wbefXpPF2x/5u7BHDiLRW1uvT/wVkBEGTw2x4+ahayxnj3fTk30aeRoV 7x5YnVgPoIrUYOxQgTUJ1hZYfxqG7kow0dXCziVqoQYR6JSLh11aQ6UC8y9JsFAsgLGu C74AkfoS6iNoWB/rb/bRWopXzZ2zN/TNIczslAN6C+lfO98DQ5zYRRiVF8jtcyRAqCgZ A3+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ctcKeCje; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id j15-20020a17090a738f00b0026ce7763659si3712590pjg.160.2023.08.19.09.01.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 19 Aug 2023 09:01:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ctcKeCje; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 87E32FCC82; Sat, 19 Aug 2023 01:49:39 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377290AbjHRNp3 (ORCPT + 99 others); Fri, 18 Aug 2023 09:45:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49652 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377303AbjHRNpE (ORCPT ); Fri, 18 Aug 2023 09:45:04 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 21F3E3C3C; Fri, 18 Aug 2023 06:44:59 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id A981B66DF3; Fri, 18 Aug 2023 13:44:58 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 47FA1C433C9; Fri, 18 Aug 2023 13:44:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692366298; bh=ZPAhqjwxE/sskeygZ8pPFIw9ZGF696+JeFy5DBEGMD4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ctcKeCjeTqGKSDJnrmhYeHe4bPrMvhKv02wqeQ2slFTSofmQ+O1Ppurfq5CjmFVxu 49/LBYrczUzaT8T2Oemggj+t60L8jpH0MHWwzWsaqEbqtTZzdEON8jU2lQZi6zXPft cyVhBReIJ3TeDmX+xyKVo4eHmnJ+TID/j78yR3c1rtPjvgccQ/dmCioHa+rBy01rXS S8oHBcl/AzRzC1Z19Tb1brqSTPSZjaQMCnwgeHTfJBd6L9SBdawVYw1KHi+vCfUUXe eiS5GSbtARTpz0GlEEAZVLchrLTbpw8SqA6y1ZbvoYYayIzphrCrpnT4sSIHwYCIEx +tWUYa3PtUW8A== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" , =?UTF-8?q?Marvin=20H=C3=A4user?= Subject: [PATCH 05/17] x86/boot: Omit compression buffer from PE/COFF image memory footprint Date: Fri, 18 Aug 2023 15:44:10 +0200 Message-Id: <20230818134422.380032-6-ardb@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230818134422.380032-1-ardb@kernel.org> References: <20230818134422.380032-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5235; i=ardb@kernel.org; h=from:subject; bh=ZPAhqjwxE/sskeygZ8pPFIw9ZGF696+JeFy5DBEGMD4=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIeV+6QLXfr+EHMspFTEpk+Tl4qJ6t8nez/qUKW99R3f7T 1PRZfc6SlkYxDgYZMUUWQRm/3238/REqVrnWbIwc1iZQIYwcHEKwETO32NkeLuCI/4307Tm61c/ lbfP42yansBw5fWUWa9WeEkElryqWM3I8H7ti3r+iG3301UnFt1bdOZoVmXF96WOrqpTpx36v6T qAycA X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Now that the EFI stub decompresses the kernel and hands over to the decompressed image directly, there is no longer a need to provide a decompression buffer as part of the .BSS allocation of the PE/COFF image. It also means the PE/COFF image can be loaded anywhere in memory, and setting the preferred image base is unnecessary. So drop the handling of this from the header and from the build tool. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/header.S | 6 +-- arch/x86/boot/tools/build.c | 50 +++----------------- 2 files changed, 8 insertions(+), 48 deletions(-) diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index b24fa50a98986945..a87d9133384b0986 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -90,12 +90,10 @@ optional_header: #endif extra_header_fields: - # PE specification requires ImageBase to be 64k aligned - .set image_base, (LOAD_PHYSICAL_ADDR + 0xffff) & ~0xffff #ifdef CONFIG_X86_32 - .long image_base # ImageBase + .long 0 # ImageBase #else - .quad image_base # ImageBase + .quad 0 # ImageBase #endif .long 0x20 # SectionAlignment .long 0x20 # FileAlignment diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index bd247692b70174f0..0354c223e35492b6 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -65,7 +65,6 @@ static unsigned long efi_pe_entry; static unsigned long efi32_pe_entry; static unsigned long kernel_info; static unsigned long startup_64; -static unsigned long _ehead; static unsigned long _end; /*----------------------------------------------------------------------*/ @@ -229,27 +228,14 @@ static void update_pecoff_setup_and_reloc(unsigned int size) #endif } -static void update_pecoff_text(unsigned int text_start, unsigned int file_sz, - unsigned int init_sz) +static void update_pecoff_text(unsigned int text_start, unsigned int file_sz) { unsigned int pe_header; unsigned int text_sz = file_sz - text_start; - unsigned int bss_sz = init_sz - file_sz; + unsigned int bss_sz = _end - text_sz; pe_header = get_unaligned_le32(&buf[0x3c]); - /* - * The PE/COFF loader may load the image at an address which is - * misaligned with respect to the kernel_alignment field in the setup - * header. - * - * In order to avoid relocating the kernel to correct the misalignment, - * add slack to allow the buffer to be aligned within the declared size - * of the image. - */ - bss_sz += CONFIG_PHYSICAL_ALIGN; - init_sz += CONFIG_PHYSICAL_ALIGN; - /* * Size of code: Subtract the size of the first sector (512 bytes) * which includes the header. @@ -257,7 +243,7 @@ static void update_pecoff_text(unsigned int text_start, unsigned int file_sz, put_unaligned_le32(file_sz - 512 + bss_sz, &buf[pe_header + 0x1c]); /* Size of image */ - put_unaligned_le32(init_sz, &buf[pe_header + 0x50]); + put_unaligned_le32(file_sz + bss_sz, &buf[pe_header + 0x50]); /* * Address of entry point for PE/COFF executable @@ -308,8 +294,7 @@ static void efi_stub_entry_update(void) static inline void update_pecoff_setup_and_reloc(unsigned int size) {} static inline void update_pecoff_text(unsigned int text_start, - unsigned int file_sz, - unsigned int init_sz) {} + unsigned int file_sz) {} static inline void efi_stub_defaults(void) {} static inline void efi_stub_entry_update(void) {} @@ -360,7 +345,6 @@ static void parse_zoffset(char *fname) PARSE_ZOFS(p, efi32_pe_entry); PARSE_ZOFS(p, kernel_info); PARSE_ZOFS(p, startup_64); - PARSE_ZOFS(p, _ehead); PARSE_ZOFS(p, _end); p = strchr(p, '\n'); @@ -371,7 +355,7 @@ static void parse_zoffset(char *fname) int main(int argc, char ** argv) { - unsigned int i, sz, setup_sectors, init_sz; + unsigned int i, sz, setup_sectors; int c; u32 sys_size; struct stat sb; @@ -442,31 +426,9 @@ int main(int argc, char ** argv) buf[0x1f1] = setup_sectors-1; put_unaligned_le32(sys_size, &buf[0x1f4]); - init_sz = get_unaligned_le32(&buf[0x260]); -#ifdef CONFIG_EFI_STUB - /* - * The decompression buffer will start at ImageBase. When relocating - * the compressed kernel to its end, we must ensure that the head - * section does not get overwritten. The head section occupies - * [i, i + _ehead), and the destination is [init_sz - _end, init_sz). - * - * At present these should never overlap, because 'i' is at most 32k - * because of SETUP_SECT_MAX, '_ehead' is less than 1k, and the - * calculation of INIT_SIZE in boot/header.S ensures that - * 'init_sz - _end' is at least 64k. - * - * For future-proofing, increase init_sz if necessary. - */ - - if (init_sz - _end < i + _ehead) { - init_sz = (i + _ehead + _end + 4095) & ~4095; - put_unaligned_le32(init_sz, &buf[0x260]); - } -#endif - update_pecoff_text(setup_sectors * 512, i + (sys_size * 16), init_sz); + update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); efi_stub_entry_update(); - /* Update kernel_info offset. */ put_unaligned_le32(kernel_info, &buf[0x268]); -- 2.39.2