From nobody Fri Oct 18 06:21:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+101131+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+101131+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1678727928; cv=none; d=zohomail.com; s=zohoarc; b=bfBMpt2NALzhqXyR4tS0xn6eMhUPefB33yD9jvMLGEGZUd3Tp7haaf0FkOzmeg4k9CKaG9EZrpgs94h8ktERRr7Nas9BkITSOKnOGkWEcAaMgZmgwUXm7pVhZUy0kRFcBViwg3y+O/0q2g/tLb1mt9/3BR6cZkSzPhw/PfYYdW4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678727928; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=WwlCGHMne4BFrFM12zEO12vOA/YtkmgK3MvE9pzoU10=; b=Ghii6di3jGoc1vLhRumbnSiVtrwnoUM+M9yi1CzLtUMZCdPthxAuv8xNpmQvdHzF0wQq7yTd+NdrAC2hiiGHPcS1Wsy1pES1kv0nMD4qrwKGQVQyLdCpZ6L5UxRSY6v0lVw8mYkjOgyCPqGU+w1DfrdbaNmlbNreOgrvBbZG2ro= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+101131+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 167872792818720.42659734084316; Mon, 13 Mar 2023 10:18:48 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id QhT4YY1788612x2Tss2gxnH0; Mon, 13 Mar 2023 10:18:47 -0700 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web10.25818.1678727926852812568 for ; Mon, 13 Mar 2023 10:18:47 -0700 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 445F9B811AC; Mon, 13 Mar 2023 17:18:45 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id BBF93C433EF; Mon, 13 Mar 2023 17:18:42 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v5 27/38] BaseTools/GccBase AARCH64: Avoid page sharing between code and data Date: Mon, 13 Mar 2023 18:17:03 +0100 Message-Id: <20230313171714.3866151-28-ardb@kernel.org> In-Reply-To: <20230313171714.3866151-1-ardb@kernel.org> References: <20230313171714.3866151-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: vdHDJ92SvPT0MntbzdLxkXgax1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678727927; bh=wyMvAbLrEUns50mVJp55fjolPFIVjLJoXtOQ577mxGY=; h=Cc:Date:From:Reply-To:Subject:To; b=hDhj1M/utvsIobpGGAgZ3EdMQXoG4Sll8rkl13S5INwEOsANnV/Aj1S9QVYwcexiIER f3MiyknMyBtXlhpphGI0ojdhwoiYyUf5u6j81ulC/L158CEv6eElZiHFxMgM5NeYRHEQg e3IAZJTeTObQv8/yTylMCANgpa2Ka4u/oXs= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678727930344100001 Content-Type: text/plain; charset="utf-8" The AArch64 ARM architecture supports a hardware enforcement mode for mutual exclusion between code and data: any page that is mapped writable is implicitly non-executable as well. This means that remapping part of a runtime image for reapplying relocation fixups may result in any code sharing the same page to lose its executable permissions. Let's avoid this, by moving all quantities that are subject to relocation fixups to a separate page if the build is using 64k section alignment, which is only the case when building a runtime driver for AArch64. Signed-off-by: Ard Biesheuvel --- BaseTools/Scripts/GccBase.lds | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/BaseTools/Scripts/GccBase.lds b/BaseTools/Scripts/GccBase.lds index 83cebd29d599..63e097e0727c 100644 --- a/BaseTools/Scripts/GccBase.lds +++ b/BaseTools/Scripts/GccBase.lds @@ -21,9 +21,8 @@ SECTIONS { . =3D PECOFF_HEADER_SIZE; =20 .text : ALIGN(CONSTANT(COMMONPAGESIZE)) { - *(.text .text.* .stub .gnu.linkonce.t.*) + *(.text .text.* .stub .gnu.linkonce.t.* .plt) *(.rodata .rodata.* .gnu.linkonce.r.*) - *(.got .got.*) =20 /* * The contents of AutoGen.c files are mostly constant from the POV of= the @@ -34,6 +33,16 @@ SECTIONS { * emitted GUIDs here. */ *:AutoGen.obj(.data.g*Guid) + + /* + * AArch64 runtime drivers use 64k alignment, and may run in a mode wh= ere + * mutual exclusion of RO and XP mappings are hardware enforced. In su= ch + * cases, the input sections below, which carry any quantities that are + * subject to relocation fixups at runtime, must not share a 4 KiB page + * with any code content. + */ + . =3D ALIGN(CONSTANT(COMMONPAGESIZE) > 0x1000 ? 0x1000 : 0x20); + *(.got .got.* .data.rel.ro) } =20 /* --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#101131): https://edk2.groups.io/g/devel/message/101131 Mute This Topic: https://groups.io/mt/97586036/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-