tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge tag 'core-build-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull orphan section checking from Ingo Molnar:
"Orphan link sections were a long-standing source of obscure bugs,
because the heuristics that various linkers & compilers use to handle
them (include these bits into the output image vs discarding them
silently) are both highly idiosyncratic and also version dependent.

Instead of this historically problematic mess, this tree by Kees Cook
(et al) adds build time asserts and build time warnings if there's any
orphan section in the kernel or if a section is not sized as expected.

And because we relied on so many silent assumptions in this area, fix
a metric ton of dependencies and some outright bugs related to this,
before we can finally enable the checks on the x86, ARM and ARM64
platforms"

* tag 'core-build-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (36 commits)
x86/boot/compressed: Warn on orphan section placement
x86/build: Warn on orphan section placement
arm/boot: Warn on orphan section placement
arm/build: Warn on orphan section placement
arm64/build: Warn on orphan section placement
x86/boot/compressed: Add missing debugging sections to output
x86/boot/compressed: Remove, discard, or assert for unwanted sections
x86/boot/compressed: Reorganize zero-size section asserts
x86/build: Add asserts for unwanted sections
x86/build: Enforce an empty .got.plt section
x86/asm: Avoid generating unused kprobe sections
arm/boot: Handle all sections explicitly
arm/build: Assert for unwanted sections
arm/build: Add missing sections
arm/build: Explicitly keep .ARM.attributes sections
arm/build: Refactor linker script headers
arm64/build: Assert for unwanted sections
arm64/build: Add missing DWARF sections
arm64/build: Use common DISCARDS in linker script
arm64/build: Remove .eh_frame* sections due to unwind tables
...

Linus Torvalds 34eb62d8 e6412f98

+377 -252
+1
arch/alpha/kernel/vmlinux.lds.S
··· 72 72 73 73 STABS_DEBUG 74 74 DWARF_DEBUG 75 + ELF_DETAILS 75 76 76 77 DISCARDS 77 78 }
+1
arch/arc/kernel/vmlinux.lds.S
··· 122 122 _end = . ; 123 123 124 124 STABS_DEBUG 125 + ELF_DETAILS 125 126 DISCARDS 126 127 127 128 .arcextmap 0 : {
+4
arch/arm/Makefile
··· 16 16 KBUILD_LDFLAGS_MODULE += --be8 17 17 endif 18 18 19 + # We never want expected sections to be placed heuristically by the 20 + # linker. All sections should be explicitly named in the linker script. 21 + LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn) 22 + 19 23 ifeq ($(CONFIG_ARM_MODULE_PLTS),y) 20 24 KBUILD_LDS_MODULE += $(srctree)/arch/arm/kernel/module.lds 21 25 endif
+2
arch/arm/boot/compressed/Makefile
··· 123 123 LDFLAGS_vmlinux += --no-undefined 124 124 # Delete all temporary local symbols 125 125 LDFLAGS_vmlinux += -X 126 + # Report orphan sections 127 + LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn) 126 128 # Next argument is a linker script 127 129 LDFLAGS_vmlinux += -T 128 130
+10 -10
arch/arm/boot/compressed/vmlinux.lds.S
··· 2 2 /* 3 3 * Copyright (C) 2000 Russell King 4 4 */ 5 + #include <asm/vmlinux.lds.h> 5 6 6 7 #ifdef CONFIG_CPU_ENDIAN_BE8 7 8 #define ZIMAGE_MAGIC(x) ( (((x) >> 24) & 0x000000ff) | \ ··· 18 17 SECTIONS 19 18 { 20 19 /DISCARD/ : { 20 + COMMON_DISCARDS 21 21 *(.ARM.exidx*) 22 22 *(.ARM.extab*) 23 + *(.note.*) 24 + *(.rel.*) 23 25 /* 24 26 * Discard any r/w data - this produces a link error if we have any, 25 27 * which is required for PIC decompression. Local data generates ··· 40 36 *(.start) 41 37 *(.text) 42 38 *(.text.*) 43 - *(.gnu.warning) 44 - *(.glue_7t) 45 - *(.glue_7) 39 + ARM_STUBS_TEXT 46 40 } 47 41 .table : ALIGN(4) { 48 42 _table_start = .; ··· 130 128 PROVIDE(__pecoff_data_size = ALIGN(512) - ADDR(.data)); 131 129 PROVIDE(__pecoff_end = ALIGN(512)); 132 130 133 - .stab 0 : { *(.stab) } 134 - .stabstr 0 : { *(.stabstr) } 135 - .stab.excl 0 : { *(.stab.excl) } 136 - .stab.exclstr 0 : { *(.stab.exclstr) } 137 - .stab.index 0 : { *(.stab.index) } 138 - .stab.indexstr 0 : { *(.stab.indexstr) } 139 - .comment 0 : { *(.comment) } 131 + STABS_DEBUG 132 + DWARF_DEBUG 133 + ARM_DETAILS 134 + 135 + ARM_ASSERTS 140 136 } 141 137 ASSERT(_edata_real == _edata, "error: zImage file size is incorrect");
+5 -3
arch/arm/kernel/vmlinux-xip.lds.S
··· 9 9 10 10 #include <linux/sizes.h> 11 11 12 - #include <asm-generic/vmlinux.lds.h> 12 + #include <asm/vmlinux.lds.h> 13 13 #include <asm/cache.h> 14 14 #include <asm/thread_info.h> 15 15 #include <asm/memory.h> 16 16 #include <asm/mpu.h> 17 17 #include <asm/page.h> 18 - 19 - #include "vmlinux.lds.h" 20 18 21 19 OUTPUT_ARCH(arm) 22 20 ENTRY(stext) ··· 150 152 _end = .; 151 153 152 154 STABS_DEBUG 155 + DWARF_DEBUG 156 + ARM_DETAILS 157 + 158 + ARM_ASSERTS 153 159 } 154 160 155 161 /*
+5 -3
arch/arm/kernel/vmlinux.lds.S
··· 9 9 #else 10 10 11 11 #include <linux/pgtable.h> 12 - #include <asm-generic/vmlinux.lds.h> 12 + #include <asm/vmlinux.lds.h> 13 13 #include <asm/cache.h> 14 14 #include <asm/thread_info.h> 15 15 #include <asm/memory.h> 16 16 #include <asm/mpu.h> 17 17 #include <asm/page.h> 18 - 19 - #include "vmlinux.lds.h" 20 18 21 19 OUTPUT_ARCH(arm) 22 20 ENTRY(stext) ··· 149 151 _end = .; 150 152 151 153 STABS_DEBUG 154 + DWARF_DEBUG 155 + ARM_DETAILS 156 + 157 + ARM_ASSERTS 152 158 } 153 159 154 160 #ifdef CONFIG_STRICT_KERNEL_RWX
+25 -5
arch/arm/kernel/vmlinux.lds.h arch/arm/include/asm/vmlinux.lds.h
··· 1 1 /* SPDX-License-Identifier: GPL-2.0 */ 2 + #include <asm-generic/vmlinux.lds.h> 2 3 3 4 #ifdef CONFIG_HOTPLUG_CPU 4 5 #define ARM_CPU_DISCARD(x) ··· 50 49 EXIT_CALL \ 51 50 ARM_MMU_DISCARD(*(.text.fixup)) \ 52 51 ARM_MMU_DISCARD(*(__ex_table)) \ 53 - *(.discard) \ 54 - *(.discard.*) 52 + COMMON_DISCARDS 53 + 54 + /* 55 + * Sections that should stay zero sized, which is safer to explicitly 56 + * check instead of blindly discarding. 57 + */ 58 + #define ARM_ASSERTS \ 59 + .plt : { \ 60 + *(.iplt) *(.rel.iplt) *(.iplt) *(.igot.plt) \ 61 + } \ 62 + ASSERT(SIZEOF(.plt) == 0, \ 63 + "Unexpected run-time procedure linkages detected!") 64 + 65 + #define ARM_DETAILS \ 66 + ELF_DETAILS \ 67 + .ARM.attributes 0 : { *(.ARM.attributes) } 68 + 69 + #define ARM_STUBS_TEXT \ 70 + *(.gnu.warning) \ 71 + *(.glue_7) \ 72 + *(.glue_7t) \ 73 + *(.vfp11_veneer) \ 74 + *(.v4_bx) 55 75 56 76 #define ARM_TEXT \ 57 77 IDMAP_TEXT \ ··· 86 64 CPUIDLE_TEXT \ 87 65 LOCK_TEXT \ 88 66 KPROBES_TEXT \ 89 - *(.gnu.warning) \ 90 - *(.glue_7) \ 91 - *(.glue_7t) \ 67 + ARM_STUBS_TEXT \ 92 68 . = ALIGN(4); \ 93 69 *(.got) /* Global offset table */ \ 94 70 ARM_CPU_KEEP(PROC_INFO)
+8 -1
arch/arm64/Makefile
··· 28 28 endif 29 29 endif 30 30 31 + # We never want expected sections to be placed heuristically by the 32 + # linker. All sections should be explicitly named in the linker script. 33 + LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn) 34 + 31 35 ifeq ($(CONFIG_ARM64_USE_LSE_ATOMICS), y) 32 36 ifneq ($(CONFIG_ARM64_LSE_ATOMICS), y) 33 37 $(warning LSE atomics not supported by binutils) ··· 50 46 51 47 KBUILD_CFLAGS += -mgeneral-regs-only \ 52 48 $(compat_vdso) $(cc_has_k_constraint) 53 - KBUILD_CFLAGS += -fno-asynchronous-unwind-tables 54 49 KBUILD_CFLAGS += $(call cc-disable-warning, psabi) 55 50 KBUILD_AFLAGS += $(compat_vdso) 56 51 57 52 KBUILD_CFLAGS += $(call cc-option,-mabi=lp64) 58 53 KBUILD_AFLAGS += $(call cc-option,-mabi=lp64) 54 + 55 + # Avoid generating .eh_frame* sections. 56 + KBUILD_CFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables 57 + KBUILD_AFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables 59 58 60 59 ifeq ($(CONFIG_STACKPROTECTOR_PER_TASK),y) 61 60 prepare: stack_protector_prepare
-2
arch/arm64/kernel/smccc-call.S
··· 9 9 #include <asm/assembler.h> 10 10 11 11 .macro SMCCC instr 12 - .cfi_startproc 13 12 \instr #0 14 13 ldr x4, [sp] 15 14 stp x0, x1, [x4, #ARM_SMCCC_RES_X0_OFFS] ··· 20 21 b.ne 1f 21 22 str x6, [x4, ARM_SMCCC_QUIRK_STATE_OFFS] 22 23 1: ret 23 - .cfi_endproc 24 24 .endm 25 25 26 26 /*
+24 -4
arch/arm64/kernel/vmlinux.lds.S
··· 6 6 */ 7 7 8 8 #define RO_EXCEPTION_TABLE_ALIGN 8 9 + #define RUNTIME_DISCARD_EXIT 9 10 10 11 #include <asm-generic/vmlinux.lds.h> 11 12 #include <asm/cache.h> ··· 97 96 * matching the same input section name. There is no documented 98 97 * order of matching. 99 98 */ 99 + DISCARDS 100 100 /DISCARD/ : { 101 - EXIT_CALL 102 - *(.discard) 103 - *(.discard.*) 104 101 *(.interp .dynamic) 105 102 *(.dynsym .dynstr .hash .gnu.hash) 106 - *(.eh_frame) 107 103 } 108 104 109 105 . = KIMAGE_VADDR; ··· 128 130 . = ALIGN(16); 129 131 *(.got) /* Global offset table */ 130 132 } 133 + 134 + /* 135 + * Make sure that the .got.plt is either completely empty or it 136 + * contains only the lazy dispatch entries. 137 + */ 138 + .got.plt : { *(.got.plt) } 139 + ASSERT(SIZEOF(.got.plt) == 0 || SIZEOF(.got.plt) == 0x18, 140 + "Unexpected GOT/PLT entries detected!") 131 141 132 142 . = ALIGN(SEGMENT_ALIGN); 133 143 _etext = .; /* End of text section */ ··· 255 249 _end = .; 256 250 257 251 STABS_DEBUG 252 + DWARF_DEBUG 253 + ELF_DETAILS 258 254 259 255 HEAD_SYMBOLS 256 + 257 + /* 258 + * Sections that should stay zero sized, which is safer to 259 + * explicitly check instead of blindly discarding. 260 + */ 261 + .plt : { 262 + *(.plt) *(.plt.*) *(.iplt) *(.igot) 263 + } 264 + ASSERT(SIZEOF(.plt) == 0, "Unexpected run-time procedure linkages detected!") 265 + 266 + .data.rel.ro : { *(.data.rel.ro) } 267 + ASSERT(SIZEOF(.data.rel.ro) == 0, "Unexpected RELRO detected!") 260 268 } 261 269 262 270 #include "image-vars.h"
+1 -1
arch/arm64/mm/mmu.c
··· 43 43 u64 idmap_t0sz = TCR_T0SZ(VA_BITS); 44 44 u64 idmap_ptrs_per_pgd = PTRS_PER_PGD; 45 45 46 - u64 __section(".mmuoff.data.write") vabits_actual; 46 + u64 __section(.mmuoff.data.write) vabits_actual; 47 47 EXPORT_SYMBOL(vabits_actual); 48 48 49 49 u64 kimage_voffset __ro_after_init;
+1
arch/csky/kernel/vmlinux.lds.S
··· 109 109 110 110 STABS_DEBUG 111 111 DWARF_DEBUG 112 + ELF_DETAILS 112 113 113 114 DISCARDS 114 115 }
+1
arch/hexagon/kernel/vmlinux.lds.S
··· 67 67 68 68 STABS_DEBUG 69 69 DWARF_DEBUG 70 + ELF_DETAILS 70 71 71 72 }
+1
arch/ia64/kernel/vmlinux.lds.S
··· 218 218 219 219 STABS_DEBUG 220 220 DWARF_DEBUG 221 + ELF_DETAILS 221 222 222 223 /* Default discards */ 223 224 DISCARDS
+1
arch/mips/kernel/vmlinux.lds.S
··· 202 202 203 203 STABS_DEBUG 204 204 DWARF_DEBUG 205 + ELF_DETAILS 205 206 206 207 /* These must appear regardless of . */ 207 208 .gptab.sdata : {
+1
arch/nds32/kernel/vmlinux.lds.S
··· 64 64 65 65 STABS_DEBUG 66 66 DWARF_DEBUG 67 + ELF_DETAILS 67 68 68 69 DISCARDS 69 70 }
+1
arch/nios2/kernel/vmlinux.lds.S
··· 58 58 59 59 STABS_DEBUG 60 60 DWARF_DEBUG 61 + ELF_DETAILS 61 62 62 63 DISCARDS 63 64 }
+1
arch/openrisc/kernel/vmlinux.lds.S
··· 103 103 /* Throw in the debugging sections */ 104 104 STABS_DEBUG 105 105 DWARF_DEBUG 106 + ELF_DETAILS 106 107 107 108 /* Sections to be discarded -- must be last */ 108 109 DISCARDS
+1
arch/parisc/boot/compressed/vmlinux.lds.S
··· 84 84 } 85 85 86 86 STABS_DEBUG 87 + ELF_DETAILS 87 88 .note 0 : { *(.note) } 88 89 89 90 /* Sections to be discarded */
+1
arch/parisc/kernel/vmlinux.lds.S
··· 164 164 _end = . ; 165 165 166 166 STABS_DEBUG 167 + ELF_DETAILS 167 168 .note 0 : { *(.note) } 168 169 169 170 /* Sections to be discarded */
+1 -1
arch/powerpc/kernel/vmlinux.lds.S
··· 360 360 PROVIDE32 (end = .); 361 361 362 362 STABS_DEBUG 363 - 364 363 DWARF_DEBUG 364 + ELF_DETAILS 365 365 366 366 DISCARDS 367 367 /DISCARD/ : {
+1
arch/riscv/kernel/vmlinux.lds.S
··· 98 98 99 99 STABS_DEBUG 100 100 DWARF_DEBUG 101 + ELF_DETAILS 101 102 102 103 DISCARDS 103 104 }
+1
arch/s390/kernel/vmlinux.lds.S
··· 181 181 /* Debugging sections. */ 182 182 STABS_DEBUG 183 183 DWARF_DEBUG 184 + ELF_DETAILS 184 185 185 186 /* Sections to be discarded */ 186 187 DISCARDS
+1
arch/sh/kernel/vmlinux.lds.S
··· 76 76 77 77 STABS_DEBUG 78 78 DWARF_DEBUG 79 + ELF_DETAILS 79 80 80 81 DISCARDS 81 82 }
+1
arch/sparc/kernel/vmlinux.lds.S
··· 187 187 188 188 STABS_DEBUG 189 189 DWARF_DEBUG 190 + ELF_DETAILS 190 191 191 192 DISCARDS 192 193 }
+1 -1
arch/um/kernel/dyn.lds.S
··· 164 164 PROVIDE (end = .); 165 165 166 166 STABS_DEBUG 167 - 168 167 DWARF_DEBUG 168 + ELF_DETAILS 169 169 170 170 DISCARDS 171 171 }
+1 -1
arch/um/kernel/uml.lds.S
··· 108 108 PROVIDE (end = .); 109 109 110 110 STABS_DEBUG 111 - 112 111 DWARF_DEBUG 112 + ELF_DETAILS 113 113 114 114 DISCARDS 115 115 }
+4
arch/x86/Makefile
··· 209 209 LDFLAGS_vmlinux += -z max-page-size=0x200000 210 210 endif 211 211 212 + # We never want expected sections to be placed heuristically by the 213 + # linker. All sections should be explicitly named in the linker script. 214 + LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn) 215 + 212 216 archscripts: scripts_basic 213 217 $(Q)$(MAKE) $(build)=arch/x86/tools relocs 214 218
+7 -34
arch/x86/boot/compressed/Makefile
··· 29 29 vmlinux.bin.xz vmlinux.bin.lzo vmlinux.bin.lz4 vmlinux.bin.zst 30 30 31 31 KBUILD_CFLAGS := -m$(BITS) -O2 32 - KBUILD_CFLAGS += -fno-strict-aliasing $(call cc-option, -fPIE, -fPIC) 32 + KBUILD_CFLAGS += -fno-strict-aliasing -fPIE 33 33 KBUILD_CFLAGS += -DDISABLE_BRANCH_PROFILING 34 34 cflags-$(CONFIG_X86_32) := -march=i386 35 35 cflags-$(CONFIG_X86_64) := -mcmodel=small ··· 45 45 KBUILD_CFLAGS += -D__DISABLE_EXPORTS 46 46 # Disable relocation relaxation in case the link is not PIE. 47 47 KBUILD_CFLAGS += $(call as-option,-Wa$(comma)-mrelax-relocations=no) 48 + KBUILD_CFLAGS += -include $(srctree)/include/linux/hidden.h 48 49 49 50 KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__ASSEMBLY__ 50 51 GCOV_PROFILE := n 51 52 UBSAN_SANITIZE :=n 52 53 53 54 KBUILD_LDFLAGS := -m elf_$(UTS_MACHINE) 55 + KBUILD_LDFLAGS += $(call ld-option,--no-ld-generated-unwind-info) 54 56 # Compressed kernel should be built as PIE since it may be loaded at any 55 57 # address by the bootloader. 56 - ifeq ($(CONFIG_X86_32),y) 57 - KBUILD_LDFLAGS += $(call ld-option, -pie) $(call ld-option, --no-dynamic-linker) 58 - else 59 - # To build 64-bit compressed kernel as PIE, we disable relocation 60 - # overflow check to avoid relocation overflow error with a new linker 61 - # command-line option, -z noreloc-overflow. 62 - KBUILD_LDFLAGS += $(shell $(LD) --help 2>&1 | grep -q "\-z noreloc-overflow" \ 63 - && echo "-z noreloc-overflow -pie --no-dynamic-linker") 64 - endif 65 - LDFLAGS_vmlinux := -T 58 + LDFLAGS_vmlinux := -pie $(call ld-option, --no-dynamic-linker) 59 + LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn) 60 + LDFLAGS_vmlinux += -T 66 61 67 62 hostprogs := mkpiggy 68 63 HOST_EXTRACFLAGS += -I$(srctree)/tools/include ··· 91 96 vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o 92 97 efi-obj-$(CONFIG_EFI_STUB) = $(objtree)/drivers/firmware/efi/libstub/lib.a 93 98 94 - # The compressed kernel is built with -fPIC/-fPIE so that a boot loader 95 - # can place it anywhere in memory and it will still run. However, since 96 - # it is executed as-is without any ELF relocation processing performed 97 - # (and has already had all relocation sections stripped from the binary), 98 - # none of the code can use data relocations (e.g. static assignments of 99 - # pointer values), since they will be meaningless at runtime. This check 100 - # will refuse to link the vmlinux if any of these relocations are found. 101 - quiet_cmd_check_data_rel = DATAREL $@ 102 - define cmd_check_data_rel 103 - for obj in $(filter %.o,$^); do \ 104 - $(READELF) -S $$obj | grep -qF .rel.local && { \ 105 - echo "error: $$obj has data relocations!" >&2; \ 106 - exit 1; \ 107 - } || true; \ 108 - done 109 - endef 110 - 111 - # We need to run two commands under "if_changed", so merge them into a 112 - # single invocation. 113 - quiet_cmd_check-and-link-vmlinux = LD $@ 114 - cmd_check-and-link-vmlinux = $(cmd_check_data_rel); $(cmd_ld) 115 - 116 99 $(obj)/vmlinux: $(vmlinux-objs-y) $(efi-obj-y) FORCE 117 - $(call if_changed,check-and-link-vmlinux) 100 + $(call if_changed,ld) 118 101 119 102 OBJCOPYFLAGS_vmlinux.bin := -R .comment -S 120 103 $(obj)/vmlinux.bin: vmlinux FORCE
+33 -64
arch/x86/boot/compressed/head_32.S
··· 33 33 #include <asm/bootparam.h> 34 34 35 35 /* 36 - * The 32-bit x86 assembler in binutils 2.26 will generate R_386_GOT32X 37 - * relocation to get the symbol address in PIC. When the compressed x86 38 - * kernel isn't built as PIC, the linker optimizes R_386_GOT32X 39 - * relocations to their fixed symbol addresses. However, when the 40 - * compressed x86 kernel is loaded at a different address, it leads 41 - * to the following load failure: 42 - * 43 - * Failed to allocate space for phdrs 44 - * 45 - * during the decompression stage. 46 - * 47 - * If the compressed x86 kernel is relocatable at run-time, it should be 48 - * compiled with -fPIE, instead of -fPIC, if possible and should be built as 49 - * Position Independent Executable (PIE) so that linker won't optimize 50 - * R_386_GOT32X relocation to its fixed symbol address. Older 51 - * linkers generate R_386_32 relocations against locally defined symbols, 52 - * _bss, _ebss, _got, _egot and _end, in PIE. It isn't wrong, just less 53 - * optimal than R_386_RELATIVE. But the x86 kernel fails to properly handle 54 - * R_386_32 relocations when relocating the kernel. To generate 55 - * R_386_RELATIVE relocations, we mark _bss, _ebss, _got, _egot and _end as 56 - * hidden: 36 + * These symbols needed to be marked as .hidden to prevent the BFD linker from 37 + * generating R_386_32 (rather than R_386_RELATIVE) relocations for them when 38 + * the 32-bit compressed kernel is linked as PIE. This is no longer necessary, 39 + * but it doesn't hurt to keep them .hidden. 57 40 */ 58 41 .hidden _bss 59 42 .hidden _ebss 60 - .hidden _got 61 - .hidden _egot 62 43 .hidden _end 63 44 64 45 __HEAD ··· 58 77 leal (BP_scratch+4)(%esi), %esp 59 78 call 1f 60 79 1: popl %edx 61 - subl $1b, %edx 80 + addl $_GLOBAL_OFFSET_TABLE_+(.-1b), %edx 62 81 63 82 /* Load new GDT */ 64 - leal gdt(%edx), %eax 83 + leal gdt@GOTOFF(%edx), %eax 65 84 movl %eax, 2(%eax) 66 85 lgdt (%eax) 67 86 ··· 74 93 movl %eax, %ss 75 94 76 95 /* 77 - * %edx contains the address we are loaded at by the boot loader and %ebx 78 - * contains the address where we should move the kernel image temporarily 79 - * for safe in-place decompression. %ebp contains the address that the kernel 80 - * will be decompressed to. 96 + * %edx contains the address we are loaded at by the boot loader (plus the 97 + * offset to the GOT). The below code calculates %ebx to be the address where 98 + * we should move the kernel image temporarily for safe in-place decompression 99 + * (again, plus the offset to the GOT). 100 + * 101 + * %ebp is calculated to be the address that the kernel will be decompressed to. 81 102 */ 82 103 83 104 #ifdef CONFIG_RELOCATABLE 84 - movl %edx, %ebx 105 + leal startup_32@GOTOFF(%edx), %ebx 85 106 86 107 #ifdef CONFIG_EFI_STUB 87 108 /* ··· 94 111 * image_offset = startup_32 - image_base 95 112 * Otherwise image_offset will be zero and has no effect on the calculations. 96 113 */ 97 - subl image_offset(%edx), %ebx 114 + subl image_offset@GOTOFF(%edx), %ebx 98 115 #endif 99 116 100 117 movl BP_kernel_alignment(%esi), %eax ··· 111 128 movl %ebx, %ebp // Save the output address for later 112 129 /* Target address to relocate to for decompression */ 113 130 addl BP_init_size(%esi), %ebx 114 - subl $_end, %ebx 131 + subl $_end@GOTOFF, %ebx 115 132 116 133 /* Set up the stack */ 117 - leal boot_stack_end(%ebx), %esp 134 + leal boot_stack_end@GOTOFF(%ebx), %esp 118 135 119 136 /* Zero EFLAGS */ 120 137 pushl $0 ··· 125 142 * where decompression in place becomes safe. 126 143 */ 127 144 pushl %esi 128 - leal (_bss-4)(%edx), %esi 129 - leal (_bss-4)(%ebx), %edi 145 + leal (_bss@GOTOFF-4)(%edx), %esi 146 + leal (_bss@GOTOFF-4)(%ebx), %edi 130 147 movl $(_bss - startup_32), %ecx 131 148 shrl $2, %ecx 132 149 std ··· 139 156 * during extract_kernel below. To avoid any issues, repoint the GDTR 140 157 * to the new copy of the GDT. 141 158 */ 142 - leal gdt(%ebx), %eax 159 + leal gdt@GOTOFF(%ebx), %eax 143 160 movl %eax, 2(%eax) 144 161 lgdt (%eax) 145 162 146 163 /* 147 164 * Jump to the relocated address. 148 165 */ 149 - leal .Lrelocated(%ebx), %eax 166 + leal .Lrelocated@GOTOFF(%ebx), %eax 150 167 jmp *%eax 151 168 SYM_FUNC_END(startup_32) 152 169 ··· 156 173 add $0x4, %esp 157 174 movl 8(%esp), %esi /* save boot_params pointer */ 158 175 call efi_main 159 - leal startup_32(%eax), %eax 176 + /* efi_main returns the possibly relocated address of startup_32 */ 160 177 jmp *%eax 161 178 SYM_FUNC_END(efi32_stub_entry) 162 179 SYM_FUNC_END_ALIAS(efi_stub_entry) ··· 169 186 * Clear BSS (stack is currently empty) 170 187 */ 171 188 xorl %eax, %eax 172 - leal _bss(%ebx), %edi 173 - leal _ebss(%ebx), %ecx 189 + leal _bss@GOTOFF(%ebx), %edi 190 + leal _ebss@GOTOFF(%ebx), %ecx 174 191 subl %edi, %ecx 175 192 shrl $2, %ecx 176 193 rep stosl 177 194 178 195 /* 179 - * Adjust our own GOT 180 - */ 181 - leal _got(%ebx), %edx 182 - leal _egot(%ebx), %ecx 183 - 1: 184 - cmpl %ecx, %edx 185 - jae 2f 186 - addl %ebx, (%edx) 187 - addl $4, %edx 188 - jmp 1b 189 - 2: 190 - 191 - /* 192 196 * Do the extraction, and jump to the new kernel.. 193 197 */ 194 - /* push arguments for extract_kernel: */ 195 - pushl $z_output_len /* decompressed length, end of relocs */ 198 + /* push arguments for extract_kernel: */ 196 199 197 - pushl %ebp /* output address */ 198 - 199 - pushl $z_input_len /* input_len */ 200 - leal input_data(%ebx), %eax 201 - pushl %eax /* input_data */ 202 - leal boot_heap(%ebx), %eax 203 - pushl %eax /* heap area */ 204 - pushl %esi /* real mode pointer */ 205 - call extract_kernel /* returns kernel location in %eax */ 200 + pushl output_len@GOTOFF(%ebx) /* decompressed length, end of relocs */ 201 + pushl %ebp /* output address */ 202 + pushl input_len@GOTOFF(%ebx) /* input_len */ 203 + leal input_data@GOTOFF(%ebx), %eax 204 + pushl %eax /* input_data */ 205 + leal boot_heap@GOTOFF(%ebx), %eax 206 + pushl %eax /* heap area */ 207 + pushl %esi /* real mode pointer */ 208 + call extract_kernel /* returns kernel location in %eax */ 206 209 addl $24, %esp 207 210 208 211 /*
+67 -98
arch/x86/boot/compressed/head_64.S
··· 40 40 */ 41 41 .hidden _bss 42 42 .hidden _ebss 43 - .hidden _got 44 - .hidden _egot 45 43 .hidden _end 46 44 47 45 __HEAD 46 + 47 + /* 48 + * This macro gives the relative virtual address of X, i.e. the offset of X 49 + * from startup_32. This is the same as the link-time virtual address of X, 50 + * since startup_32 is at 0, but defining it this way tells the 51 + * assembler/linker that we do not want the actual run-time address of X. This 52 + * prevents the linker from trying to create unwanted run-time relocation 53 + * entries for the reference when the compressed kernel is linked as PIE. 54 + * 55 + * A reference X(%reg) will result in the link-time VA of X being stored with 56 + * the instruction, and a run-time R_X86_64_RELATIVE relocation entry that 57 + * adds the 64-bit base address where the kernel is loaded. 58 + * 59 + * Replacing it with (X-startup_32)(%reg) results in the offset being stored, 60 + * and no run-time relocation. 61 + * 62 + * The macro should be used as a displacement with a base register containing 63 + * the run-time address of startup_32 [i.e. rva(X)(%reg)], or as an immediate 64 + * [$ rva(X)]. 65 + * 66 + * This macro can only be used from within the .head.text section, since the 67 + * expression requires startup_32 to be in the same section as the code being 68 + * assembled. 69 + */ 70 + #define rva(X) ((X) - startup_32) 71 + 48 72 .code32 49 73 SYM_FUNC_START(startup_32) 50 74 /* ··· 91 67 leal (BP_scratch+4)(%esi), %esp 92 68 call 1f 93 69 1: popl %ebp 94 - subl $1b, %ebp 70 + subl $ rva(1b), %ebp 95 71 96 72 /* Load new GDT with the 64bit segments using 32bit descriptor */ 97 - leal gdt(%ebp), %eax 73 + leal rva(gdt)(%ebp), %eax 98 74 movl %eax, 2(%eax) 99 75 lgdt (%eax) 100 76 ··· 107 83 movl %eax, %ss 108 84 109 85 /* setup a stack and make sure cpu supports long mode. */ 110 - leal boot_stack_end(%ebp), %esp 86 + leal rva(boot_stack_end)(%ebp), %esp 111 87 112 88 call verify_cpu 113 89 testl %eax, %eax ··· 134 110 * image_offset = startup_32 - image_base 135 111 * Otherwise image_offset will be zero and has no effect on the calculations. 136 112 */ 137 - subl image_offset(%ebp), %ebx 113 + subl rva(image_offset)(%ebp), %ebx 138 114 #endif 139 115 140 116 movl BP_kernel_alignment(%esi), %eax ··· 150 126 151 127 /* Target address to relocate to for decompression */ 152 128 addl BP_init_size(%esi), %ebx 153 - subl $_end, %ebx 129 + subl $ rva(_end), %ebx 154 130 155 131 /* 156 132 * Prepare for entering 64 bit mode ··· 178 154 1: 179 155 180 156 /* Initialize Page tables to 0 */ 181 - leal pgtable(%ebx), %edi 157 + leal rva(pgtable)(%ebx), %edi 182 158 xorl %eax, %eax 183 159 movl $(BOOT_INIT_PGT_SIZE/4), %ecx 184 160 rep stosl 185 161 186 162 /* Build Level 4 */ 187 - leal pgtable + 0(%ebx), %edi 163 + leal rva(pgtable + 0)(%ebx), %edi 188 164 leal 0x1007 (%edi), %eax 189 165 movl %eax, 0(%edi) 190 166 addl %edx, 4(%edi) 191 167 192 168 /* Build Level 3 */ 193 - leal pgtable + 0x1000(%ebx), %edi 169 + leal rva(pgtable + 0x1000)(%ebx), %edi 194 170 leal 0x1007(%edi), %eax 195 171 movl $4, %ecx 196 172 1: movl %eax, 0x00(%edi) ··· 201 177 jnz 1b 202 178 203 179 /* Build Level 2 */ 204 - leal pgtable + 0x2000(%ebx), %edi 180 + leal rva(pgtable + 0x2000)(%ebx), %edi 205 181 movl $0x00000183, %eax 206 182 movl $2048, %ecx 207 183 1: movl %eax, 0(%edi) ··· 212 188 jnz 1b 213 189 214 190 /* Enable the boot page tables */ 215 - leal pgtable(%ebx), %eax 191 + leal rva(pgtable)(%ebx), %eax 216 192 movl %eax, %cr3 217 193 218 194 /* Enable Long mode in EFER (Extended Feature Enable Register) */ ··· 237 213 * We place all of the values on our mini stack so lret can 238 214 * used to perform that far jump. 239 215 */ 240 - leal startup_64(%ebp), %eax 216 + leal rva(startup_64)(%ebp), %eax 241 217 #ifdef CONFIG_EFI_MIXED 242 - movl efi32_boot_args(%ebp), %edi 218 + movl rva(efi32_boot_args)(%ebp), %edi 243 219 cmp $0, %edi 244 220 jz 1f 245 - leal efi64_stub_entry(%ebp), %eax 246 - movl efi32_boot_args+4(%ebp), %esi 247 - movl efi32_boot_args+8(%ebp), %edx // saved bootparams pointer 221 + leal rva(efi64_stub_entry)(%ebp), %eax 222 + movl rva(efi32_boot_args+4)(%ebp), %esi 223 + movl rva(efi32_boot_args+8)(%ebp), %edx // saved bootparams pointer 248 224 cmpl $0, %edx 249 225 jnz 1f 250 226 /* ··· 255 231 * the correct stack alignment for entry. 256 232 */ 257 233 subl $40, %esp 258 - leal efi_pe_entry(%ebp), %eax 234 + leal rva(efi_pe_entry)(%ebp), %eax 259 235 movl %edi, %ecx // MS calling convention 260 236 movl %esi, %edx 261 237 1: ··· 281 257 282 258 call 1f 283 259 1: pop %ebp 284 - subl $1b, %ebp 260 + subl $ rva(1b), %ebp 285 261 286 - movl %esi, efi32_boot_args+8(%ebp) 262 + movl %esi, rva(efi32_boot_args+8)(%ebp) 287 263 SYM_INNER_LABEL(efi32_pe_stub_entry, SYM_L_LOCAL) 288 - movl %ecx, efi32_boot_args(%ebp) 289 - movl %edx, efi32_boot_args+4(%ebp) 290 - movb $0, efi_is64(%ebp) 264 + movl %ecx, rva(efi32_boot_args)(%ebp) 265 + movl %edx, rva(efi32_boot_args+4)(%ebp) 266 + movb $0, rva(efi_is64)(%ebp) 291 267 292 268 /* Save firmware GDTR and code/data selectors */ 293 - sgdtl efi32_boot_gdt(%ebp) 294 - movw %cs, efi32_boot_cs(%ebp) 295 - movw %ds, efi32_boot_ds(%ebp) 269 + sgdtl rva(efi32_boot_gdt)(%ebp) 270 + movw %cs, rva(efi32_boot_cs)(%ebp) 271 + movw %ds, rva(efi32_boot_ds)(%ebp) 296 272 297 273 /* Disable paging */ 298 274 movl %cr0, %eax ··· 371 347 372 348 /* Target address to relocate to for decompression */ 373 349 movl BP_init_size(%rsi), %ebx 374 - subl $_end, %ebx 350 + subl $ rva(_end), %ebx 375 351 addq %rbp, %rbx 376 352 377 353 /* Set up the stack */ 378 - leaq boot_stack_end(%rbx), %rsp 379 - 380 - /* 381 - * paging_prepare() and cleanup_trampoline() below can have GOT 382 - * references. Adjust the table with address we are running at. 383 - * 384 - * Zero RAX for adjust_got: the GOT was not adjusted before; 385 - * there's no adjustment to undo. 386 - */ 387 - xorq %rax, %rax 388 - 389 - /* 390 - * Calculate the address the binary is loaded at and use it as 391 - * a GOT adjustment. 392 - */ 393 - call 1f 394 - 1: popq %rdi 395 - subq $1b, %rdi 396 - 397 - call .Ladjust_got 354 + leaq rva(boot_stack_end)(%rbx), %rsp 398 355 399 356 /* 400 357 * At this point we are in long mode with 4-level paging enabled, ··· 449 444 lretq 450 445 trampoline_return: 451 446 /* Restore the stack, the 32-bit trampoline uses its own stack */ 452 - leaq boot_stack_end(%rbx), %rsp 447 + leaq rva(boot_stack_end)(%rbx), %rsp 453 448 454 449 /* 455 450 * cleanup_trampoline() would restore trampoline memory. ··· 461 456 * this function call. 462 457 */ 463 458 pushq %rsi 464 - leaq top_pgtable(%rbx), %rdi 459 + leaq rva(top_pgtable)(%rbx), %rdi 465 460 call cleanup_trampoline 466 461 popq %rsi 467 462 ··· 469 464 pushq $0 470 465 popfq 471 466 472 - /* 473 - * Previously we've adjusted the GOT with address the binary was 474 - * loaded at. Now we need to re-adjust for relocation address. 475 - * 476 - * Calculate the address the binary is loaded at, so that we can 477 - * undo the previous GOT adjustment. 478 - */ 479 - call 1f 480 - 1: popq %rax 481 - subq $1b, %rax 482 - 483 - /* The new adjustment is the relocation address */ 484 - movq %rbx, %rdi 485 - call .Ladjust_got 486 - 487 467 /* 488 468 * Copy the compressed kernel to the end of our buffer 489 469 * where decompression in place becomes safe. 490 470 */ 491 471 pushq %rsi 492 472 leaq (_bss-8)(%rip), %rsi 493 - leaq (_bss-8)(%rbx), %rdi 494 - movq $_bss /* - $startup_32 */, %rcx 495 - shrq $3, %rcx 473 + leaq rva(_bss-8)(%rbx), %rdi 474 + movl $(_bss - startup_32), %ecx 475 + shrl $3, %ecx 496 476 std 497 477 rep movsq 498 478 cld ··· 488 498 * during extract_kernel below. To avoid any issues, repoint the GDTR 489 499 * to the new copy of the GDT. 490 500 */ 491 - leaq gdt64(%rbx), %rax 492 - leaq gdt(%rbx), %rdx 501 + leaq rva(gdt64)(%rbx), %rax 502 + leaq rva(gdt)(%rbx), %rdx 493 503 movq %rdx, 2(%rax) 494 504 lgdt (%rax) 495 505 496 506 /* 497 507 * Jump to the relocated address. 498 508 */ 499 - leaq .Lrelocated(%rbx), %rax 509 + leaq rva(.Lrelocated)(%rbx), %rax 500 510 jmp *%rax 501 511 SYM_CODE_END(startup_64) 502 512 ··· 508 518 movq %rdx, %rbx /* save boot_params pointer */ 509 519 call efi_main 510 520 movq %rbx,%rsi 511 - leaq startup_64(%rax), %rax 521 + leaq rva(startup_64)(%rax), %rax 512 522 jmp *%rax 513 523 SYM_FUNC_END(efi64_stub_entry) 514 524 SYM_FUNC_END_ALIAS(efi_stub_entry) ··· 534 544 movq %rsi, %rdi /* real mode address */ 535 545 leaq boot_heap(%rip), %rsi /* malloc area for uncompression */ 536 546 leaq input_data(%rip), %rdx /* input_data */ 537 - movl $z_input_len, %ecx /* input_len */ 547 + movl input_len(%rip), %ecx /* input_len */ 538 548 movq %rbp, %r8 /* output target address */ 539 - movl $z_output_len, %r9d /* decompressed length, end of relocs */ 549 + movl output_len(%rip), %r9d /* decompressed length, end of relocs */ 540 550 call extract_kernel /* returns kernel location in %rax */ 541 551 popq %rsi 542 552 ··· 545 555 */ 546 556 jmp *%rax 547 557 SYM_FUNC_END(.Lrelocated) 548 - 549 - /* 550 - * Adjust the global offset table 551 - * 552 - * RAX is the previous adjustment of the table to undo (use 0 if it's the 553 - * first time we touch GOT). 554 - * RDI is the new adjustment to apply. 555 - */ 556 - .Ladjust_got: 557 - /* Walk through the GOT adding the address to the entries */ 558 - leaq _got(%rip), %rdx 559 - leaq _egot(%rip), %rcx 560 - 1: 561 - cmpq %rcx, %rdx 562 - jae 2f 563 - subq %rax, (%rdx) /* Undo previous adjustment */ 564 - addq %rdi, (%rdx) /* Apply the new adjustment */ 565 - addq $8, %rdx 566 - jmp 1b 567 - 2: 568 - ret 569 558 570 559 .code32 571 560 /* ··· 671 702 #define BS32_handle_protocol 88 // offsetof(efi_boot_services_32_t, handle_protocol) 672 703 #define LI32_image_base 32 // offsetof(efi_loaded_image_32_t, image_base) 673 704 674 - .text 705 + __HEAD 675 706 .code32 676 707 SYM_FUNC_START(efi32_pe_entry) 677 708 /* ··· 693 724 694 725 call 1f 695 726 1: pop %ebx 696 - subl $1b, %ebx 727 + subl $ rva(1b), %ebx 697 728 698 729 /* Get the loaded image protocol pointer from the image handle */ 699 730 leal -4(%ebp), %eax 700 731 pushl %eax // &loaded_image 701 - leal loaded_image_proto(%ebx), %eax 732 + leal rva(loaded_image_proto)(%ebx), %eax 702 733 pushl %eax // pass the GUID address 703 734 pushl 8(%ebp) // pass the image handle 704 735 ··· 733 764 * use it before we get to the 64-bit efi_pe_entry() in C code. 734 765 */ 735 766 subl %esi, %ebx 736 - movl %ebx, image_offset(%ebp) // save image_offset 767 + movl %ebx, rva(image_offset)(%ebp) // save image_offset 737 768 jmp efi32_pe_stub_entry 738 769 739 770 2: popl %edi // restore callee-save registers
+6
arch/x86/boot/compressed/mkpiggy.c
··· 60 60 printf(".incbin \"%s\"\n", argv[1]); 61 61 printf("input_data_end:\n"); 62 62 63 + printf(".section \".rodata\",\"a\",@progbits\n"); 64 + printf(".globl input_len\n"); 65 + printf("input_len:\n\t.long %lu\n", ilen); 66 + printf(".globl output_len\n"); 67 + printf("output_len:\n\t.long %lu\n", (unsigned long)olen); 68 + 63 69 retval = 0; 64 70 bail: 65 71 if (f)
+44 -6
arch/x86/boot/compressed/vmlinux.lds.S
··· 42 42 *(.rodata.*) 43 43 _erodata = . ; 44 44 } 45 - .got : { 46 - _got = .; 47 - KEEP(*(.got.plt)) 48 - KEEP(*(.got)) 49 - _egot = .; 50 - } 51 45 .data : { 52 46 _data = . ; 53 47 *(.data) ··· 69 75 . = ALIGN(PAGE_SIZE); /* keep ZO size page aligned */ 70 76 _end = .; 71 77 78 + STABS_DEBUG 79 + DWARF_DEBUG 80 + ELF_DETAILS 81 + 72 82 DISCARDS 83 + /DISCARD/ : { 84 + *(.dynamic) *(.dynsym) *(.dynstr) *(.dynbss) 85 + *(.hash) *(.gnu.hash) 86 + *(.note.*) 87 + } 88 + 89 + .got.plt (INFO) : { 90 + *(.got.plt) 91 + } 92 + ASSERT(SIZEOF(.got.plt) == 0 || 93 + #ifdef CONFIG_X86_64 94 + SIZEOF(.got.plt) == 0x18, 95 + #else 96 + SIZEOF(.got.plt) == 0xc, 97 + #endif 98 + "Unexpected GOT/PLT entries detected!") 99 + 100 + /* 101 + * Sections that should stay zero sized, which is safer to 102 + * explicitly check instead of blindly discarding. 103 + */ 104 + .got : { 105 + *(.got) 106 + } 107 + ASSERT(SIZEOF(.got) == 0, "Unexpected GOT entries detected!") 108 + 109 + .plt : { 110 + *(.plt) *(.plt.*) 111 + } 112 + ASSERT(SIZEOF(.plt) == 0, "Unexpected run-time procedure linkages detected!") 113 + 114 + .rel.dyn : { 115 + *(.rel.*) *(.rel_*) 116 + } 117 + ASSERT(SIZEOF(.rel.dyn) == 0, "Unexpected run-time relocations (.rel) detected!") 118 + 119 + .rela.dyn : { 120 + *(.rela.*) *(.rela_*) 121 + } 122 + ASSERT(SIZEOF(.rela.dyn) == 0, "Unexpected run-time relocations (.rela) detected!") 73 123 }
+1 -1
arch/x86/boot/setup.ld
··· 20 20 .initdata : { *(.initdata) } 21 21 __end_init = .; 22 22 23 - .text : { *(.text) } 23 + .text : { *(.text .text.*) } 24 24 .text32 : { *(.text32) } 25 25 26 26 . = ALIGN(16);
+5 -1
arch/x86/include/asm/asm.h
··· 141 141 # define _ASM_EXTABLE_FAULT(from, to) \ 142 142 _ASM_EXTABLE_HANDLE(from, to, ex_handler_fault) 143 143 144 - # define _ASM_NOKPROBE(entry) \ 144 + # ifdef CONFIG_KPROBES 145 + # define _ASM_NOKPROBE(entry) \ 145 146 .pushsection "_kprobe_blacklist","aw" ; \ 146 147 _ASM_ALIGN ; \ 147 148 _ASM_PTR (entry); \ 148 149 .popsection 150 + # else 151 + # define _ASM_NOKPROBE(entry) 152 + # endif 149 153 150 154 #else /* ! __ASSEMBLY__ */ 151 155 # define _EXPAND_EXTABLE_HANDLE(x) #x
+38 -1
arch/x86/kernel/vmlinux.lds.S
··· 411 411 412 412 STABS_DEBUG 413 413 DWARF_DEBUG 414 + ELF_DETAILS 414 415 415 416 DISCARDS 416 - } 417 417 418 + /* 419 + * Make sure that the .got.plt is either completely empty or it 420 + * contains only the lazy dispatch entries. 421 + */ 422 + .got.plt (INFO) : { *(.got.plt) } 423 + ASSERT(SIZEOF(.got.plt) == 0 || 424 + #ifdef CONFIG_X86_64 425 + SIZEOF(.got.plt) == 0x18, 426 + #else 427 + SIZEOF(.got.plt) == 0xc, 428 + #endif 429 + "Unexpected GOT/PLT entries detected!") 430 + 431 + /* 432 + * Sections that should stay zero sized, which is safer to 433 + * explicitly check instead of blindly discarding. 434 + */ 435 + .got : { 436 + *(.got) *(.igot.*) 437 + } 438 + ASSERT(SIZEOF(.got) == 0, "Unexpected GOT entries detected!") 439 + 440 + .plt : { 441 + *(.plt) *(.plt.*) *(.iplt) 442 + } 443 + ASSERT(SIZEOF(.plt) == 0, "Unexpected run-time procedure linkages detected!") 444 + 445 + .rel.dyn : { 446 + *(.rel.*) *(.rel_*) 447 + } 448 + ASSERT(SIZEOF(.rel.dyn) == 0, "Unexpected run-time relocations (.rel) detected!") 449 + 450 + .rela.dyn : { 451 + *(.rela.*) *(.rela_*) 452 + } 453 + ASSERT(SIZEOF(.rela.dyn) == 0, "Unexpected run-time relocations (.rela) detected!") 454 + } 418 455 419 456 #ifdef CONFIG_X86_32 420 457 /*
+9 -2
drivers/firmware/efi/libstub/Makefile
··· 18 18 # arm64 uses the full KBUILD_CFLAGS so it's necessary to explicitly 19 19 # disable the stackleak plugin 20 20 cflags-$(CONFIG_ARM64) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ 21 - -fpie $(DISABLE_STACKLEAK_PLUGIN) 21 + -fpie $(DISABLE_STACKLEAK_PLUGIN) \ 22 + $(call cc-option,-mbranch-protection=none) 22 23 cflags-$(CONFIG_ARM) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ 23 24 -fno-builtin -fpic \ 24 25 $(call cc-option,-mno-single-pic-base) ··· 27 26 cflags-$(CONFIG_EFI_GENERIC_STUB) += -I$(srctree)/scripts/dtc/libfdt 28 27 29 28 KBUILD_CFLAGS := $(cflags-y) -Os -DDISABLE_BRANCH_PROFILING \ 30 - -include $(srctree)/drivers/firmware/efi/libstub/hidden.h \ 29 + -include $(srctree)/include/linux/hidden.h \ 31 30 -D__NO_FORTIFY \ 32 31 -ffreestanding \ 33 32 -fno-stack-protector \ ··· 65 64 lib-$(CONFIG_ARM64) += arm64-stub.o 66 65 lib-$(CONFIG_X86) += x86-stub.o 67 66 CFLAGS_arm32-stub.o := -DTEXT_OFFSET=$(TEXT_OFFSET) 67 + 68 + # Even when -mbranch-protection=none is set, Clang will generate a 69 + # .note.gnu.property for code-less object files (like lib/ctype.c), 70 + # so work around this by explicitly removing the unwanted section. 71 + # https://bugs.llvm.org/show_bug.cgi?id=46480 72 + STUBCOPY_FLAGS-y += --remove-section=.note.gnu.property 68 73 69 74 # 70 75 # For x86, bootloaders like systemd-boot or grub-efi do not zero-initialize the
-6
drivers/firmware/efi/libstub/hidden.h
··· 1 - /* SPDX-License-Identifier: GPL-2.0 */ 2 - /* 3 - * To prevent the compiler from emitting GOT-indirected (and thus absolute) 4 - * references to any global symbols, override their visibility as 'hidden' 5 - */ 6 - #pragma GCC visibility push(hidden)
+42 -7
include/asm-generic/vmlinux.lds.h
··· 34 34 * 35 35 * STABS_DEBUG 36 36 * DWARF_DEBUG 37 + * ELF_DETAILS 37 38 * 38 39 * DISCARDS // must be the last 39 40 * } ··· 582 581 */ 583 582 #define TEXT_TEXT \ 584 583 ALIGN_FUNCTION(); \ 585 - *(.text.hot TEXT_MAIN .text.fixup .text.unlikely) \ 584 + *(.text.hot .text.hot.*) \ 585 + *(TEXT_MAIN .text.fixup) \ 586 + *(.text.unlikely .text.unlikely.*) \ 587 + *(.text.unknown .text.unknown.*) \ 586 588 NOINSTR_TEXT \ 587 589 *(.text..refcount) \ 588 590 *(.ref.text) \ ··· 816 812 .debug_macro 0 : { *(.debug_macro) } \ 817 813 .debug_addr 0 : { *(.debug_addr) } 818 814 819 - /* Stabs debugging sections. */ 815 + /* Stabs debugging sections. */ 820 816 #define STABS_DEBUG \ 821 817 .stab 0 : { *(.stab) } \ 822 818 .stabstr 0 : { *(.stabstr) } \ 823 819 .stab.excl 0 : { *(.stab.excl) } \ 824 820 .stab.exclstr 0 : { *(.stab.exclstr) } \ 825 821 .stab.index 0 : { *(.stab.index) } \ 826 - .stab.indexstr 0 : { *(.stab.indexstr) } \ 827 - .comment 0 : { *(.comment) } 822 + .stab.indexstr 0 : { *(.stab.indexstr) } 823 + 824 + /* Required sections not related to debugging. */ 825 + #define ELF_DETAILS \ 826 + .comment 0 : { *(.comment) } \ 827 + .symtab 0 : { *(.symtab) } \ 828 + .strtab 0 : { *(.strtab) } \ 829 + .shstrtab 0 : { *(.shstrtab) } 828 830 829 831 #ifdef CONFIG_GENERIC_BUG 830 832 #define BUG_TABLE \ ··· 965 955 EXIT_DATA 966 956 #endif 967 957 958 + /* 959 + * Clang's -fsanitize=kernel-address and -fsanitize=thread produce 960 + * unwanted sections (.eh_frame and .init_array.*), but 961 + * CONFIG_CONSTRUCTORS wants to keep any .init_array.* sections. 962 + * https://bugs.llvm.org/show_bug.cgi?id=46478 963 + */ 964 + #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KCSAN) 965 + # ifdef CONFIG_CONSTRUCTORS 966 + # define SANITIZER_DISCARDS \ 967 + *(.eh_frame) 968 + # else 969 + # define SANITIZER_DISCARDS \ 970 + *(.init_array) *(.init_array.*) \ 971 + *(.eh_frame) 972 + # endif 973 + #else 974 + # define SANITIZER_DISCARDS 975 + #endif 976 + 977 + #define COMMON_DISCARDS \ 978 + SANITIZER_DISCARDS \ 979 + *(.discard) \ 980 + *(.discard.*) \ 981 + *(.modinfo) \ 982 + /* ld.bfd warns about .gnu.version* even when not emitted */ \ 983 + *(.gnu.version*) \ 984 + 968 985 #define DISCARDS \ 969 986 /DISCARD/ : { \ 970 987 EXIT_DISCARDS \ 971 988 EXIT_CALL \ 972 - *(.discard) \ 973 - *(.discard.*) \ 974 - *(.modinfo) \ 989 + COMMON_DISCARDS \ 975 990 } 976 991 977 992 /**
+19
include/linux/hidden.h
··· 1 + /* SPDX-License-Identifier: GPL-2.0 */ 2 + /* 3 + * When building position independent code with GCC using the -fPIC option, 4 + * (or even the -fPIE one on older versions), it will assume that we are 5 + * building a dynamic object (either a shared library or an executable) that 6 + * may have symbol references that can only be resolved at load time. For a 7 + * variety of reasons (ELF symbol preemption, the CoW footprint of the section 8 + * that is modified by the loader), this results in all references to symbols 9 + * with external linkage to go via entries in the Global Offset Table (GOT), 10 + * which carries absolute addresses which need to be fixed up when the 11 + * executable image is loaded at an offset which is different from its link 12 + * time offset. 13 + * 14 + * Fortunately, there is a way to inform the compiler that such symbol 15 + * references will be satisfied at link time rather than at load time, by 16 + * giving them 'hidden' visibility. 17 + */ 18 + 19 + #pragma GCC visibility push(hidden)