Received: by 2002:a89:48b:0:b0:1f5:f2ab:c469 with SMTP id a11csp616588lqd; Wed, 24 Apr 2024 11:32:17 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWLwMJl602bmJr3Ra45kdUhCZjXjbCWpRB5gYuzqIxrQYAD9ERPPq0stV/JEZdVXF5c48ksyprZNMZRPQ8nU1KgGccMC3nb4bOl4gWSFQ== X-Google-Smtp-Source: AGHT+IFCzEnXimA71tNyw1RrA5RALv2gYW5Wr+d2n+KT1XiYT3+iHd3tZyBJpBETe73flcYuIEUU X-Received: by 2002:a19:ca1b:0:b0:518:c959:8be with SMTP id a27-20020a19ca1b000000b00518c95908bemr2358714lfg.58.1713983537324; Wed, 24 Apr 2024 11:32:17 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713983537; cv=pass; d=google.com; s=arc-20160816; b=tPyi/60CQfCE2yR2mPcZNQnFTAXeRWDwdWRn9bIvUArD56Hi6Ngx+R/dgrqoFiSefz Whs28rZpAr3cziTCiF2+h18OFIulLMTyjnn3G2zZLKEcnyRlJGTgbMoBWN8r/2Uefvcm AqKFY+TebYySL47kiHSiYR8ceYXsroLon8wlHRu9TmxKhgI4NsU5nTIlo7jusUNQriSu lJLj7A7/d9p90vdHwr+QTOzLpVteeUEamuxtH+7D/qCXMgix8pkp7+ZlVqVJQGwqiPOH F5OQ+LokVURMAN4shWmwmN5LAuq2GlQ4OfJrdzd1ZpSuHeWcY+JFQ0KFQfcBYiuo2DKE On8Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=wi+Oe6MbKfg3B25RWnbKz3TD7LGLqxKduBlYLVHYmrs=; fh=sIc/vRn0/J1ZGp0SUNc0oV/ykXuQ5K53rzP7bCH3sgg=; b=J1vd3/rbMnc1xhXh0UtER904C1tvFFE5AzqtitnK30TDLcA4tG/w1ZzVJ8Oyco7eOO 9BWV5K/LwvTcw3vlyiBOmvrvXEN4glGpT/JkxQshFB6i/3H9EkTf6aIIxYkwJeNq7YTS l8f7ENzE0sTqZQ5E2uiasGl6flY8oPSzAFfenO/TugAS3k+2xPx75rReU0o/RcobC3Rh ZvwH8cq5piqETWnTx2YSXjkpidk97kfRlmJvk8cTnUt3SVKbmKivjp62R0i/gwElNT60 viIADl0r/EdbbVNpN4evPLEeiueXkeKXFHbNRrPwPLqrX1Ac/FJE3NFJPQWCi/j/DiQQ /EEg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BPh9VQPU; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-157528-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-157528-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id he33-20020a1709073da100b00a589fb5def1si689354ejc.515.2024.04.24.11.32.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Apr 2024 11:32:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-157528-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BPh9VQPU; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-157528-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-157528-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id B7D4F1F24E34 for ; Wed, 24 Apr 2024 18:31:59 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 23E9E16EC15; Wed, 24 Apr 2024 18:27:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="BPh9VQPU" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 49AE816D4D1 for ; Wed, 24 Apr 2024 18:27:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713983222; cv=none; b=dH2Ufnb1ncNE6MwzuOKJtzXwiq0a1MTLqazMkoGLKgztdaDYlUxOVj7Sf1rX71JkOlGmQWeNyJ2Iw/JgXHvC0SUXxWZX1wW9RnZ14s2rrUQzLDuKEYiYc7oCQd+vDxxvx6Eea6vgTBG6ZpScVg0+1J+iKdMvlTMW4Hz3NNIIS0M= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713983222; c=relaxed/simple; bh=abPWopN//NmQWtu+Y5v3ubjHMIaG4BQbX/z10WFr8TY=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=Ow0OEjgF4Fu6pfupPUICmRLzwj6da/ilgOHi57GFk+1dh7zdEl8I1O81q2qMpuFreqm/p59+T6cGC9/EQPvAqmn3MpVfwUvCbNQBKuyKUgFcMsK3NUVoW5ZlMr1aiD+aqzkMkWsV+r2w40IVD5I6q4IczjAvuslTCXgGThaQMAs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=BPh9VQPU; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 29049C2BD11; Wed, 24 Apr 2024 18:27:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1713983221; bh=abPWopN//NmQWtu+Y5v3ubjHMIaG4BQbX/z10WFr8TY=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=BPh9VQPUhow8VDzz2IDIgbDmdiO42O/vPbw96koB2+PvfRyf6roPDkl42O8oVDNN/ /1ANIU1PGVR/XeIMqARTcqin+FAClXOJLMTrb1ojFhzbo2+l3bNruCS0J9dGOHWU4M T8pq9vFS/JHT/snVnmZb1a1wBlXgUMC0yY8j6raHYJzYyEkXqC04fCf5J4LkIsTID+ Xlsb4x0kdLF+A1IjCw14ZFvOlT+gtTmTQa4ZoEejcJx7pklgw3g1ZVxew5COqUtYSy nMrbKwZx8SkBmTSm7RD4aQhrQUpzvmjOaJClOktaNp5rvsP73pn53v7/7MIbkyI070 VcCSD7/i6TL0g== Date: Wed, 24 Apr 2024 11:26:59 -0700 From: Nathan Chancellor To: Ard Biesheuvel Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Arnd Bergmann , Eric Biederman , kexec@lists.infradead.org, Nick Desaulniers , Kees Cook , Bill Wendling , Justin Stitt , Masahiro Yamada Subject: Re: [RFC PATCH 2/9] x86/purgatory: Simplify stack handling Message-ID: <20240424182659.GA2126602@dev-arch.thelio-3990X> References: <20240424155309.1719454-11-ardb+git@google.com> <20240424155309.1719454-13-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240424155309.1719454-13-ardb+git@google.com> On Wed, Apr 24, 2024 at 05:53:12PM +0200, Ard Biesheuvel wrote: > From: Ard Biesheuvel > > The x86 purgatory, which does little more than verify a SHA-256 hash of > the loaded segments, currently uses three different stacks: > - one in .bss that is used to call the purgatory C code > - one in .rodata that is only used to switch to an updated code segment > descriptor in the GDT > - one in .data, which allows it to be prepopulated from the kexec loader > in theory, but this is not actually being taken advantage of. > > Simplify this, by dropping the latter two stacks, as well as the loader > logic that programs RSP. > > Both the stacks in .bss and .data are 4k aligned, but 16 byte alignment > is more than sufficient. > > Signed-off-by: Ard Biesheuvel > --- > arch/x86/include/asm/kexec.h | 1 - > arch/x86/kernel/kexec-bzimage64.c | 8 -------- > arch/x86/purgatory/entry64.S | 8 -------- > arch/x86/purgatory/setup-x86_64.S | 2 +- > arch/x86/purgatory/stack.S | 18 ------------------ This needs a small fix up to build. make[6]: *** No rule to make target 'arch/x86/purgatory/stack.o', needed by 'arch/x86/purgatory/purgatory.ro'. diff --git a/arch/x86/purgatory/Makefile b/arch/x86/purgatory/Makefile index acc09799af2a..2b6b2fb033d6 100644 --- a/arch/x86/purgatory/Makefile +++ b/arch/x86/purgatory/Makefile @@ -1,7 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 OBJECT_FILES_NON_STANDARD := y -purgatory-y := purgatory.o stack.o setup-x86_$(BITS).o sha256.o entry64.o string.o +purgatory-y := purgatory.o setup-x86_$(BITS).o sha256.o entry64.o string.o targets += $(purgatory-y) PURGATORY_OBJS = $(addprefix $(obj)/,$(purgatory-y))