From nobody Thu Oct 30 18:58:38 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass header.i=yann.sionneau@vates.tech; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=vates.tech ARC-Seal: i=1; a=rsa-sha256; t=1753279018; cv=none; d=zohomail.com; s=zohoarc; b=jMruwEdldfbY26ky89KPC9wnRmFzXGejfVUG6cMxPIXDzV8UZhIALHZC/KElMZT1kX7Uvl8EDlDsVlxWzWeHLJME8uwqz0EFuK0/UiUIoe0r6S5CetZ6rJCxDA9VvJCaDw3NRIUC98/yq3m7fOzJxtM+1D11HhtPrvRpkb9DCOA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1753279018; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=mUk/zx/QTzzyDnJlYO/y+zk8wGz+UZMwGORRuyVlljE=; b=IDkqAnyTYO5Epb1dDqfSyRDEOne2/8wht528V7w81d3PjX9hT2ix5D95Hx1v4fnLQDeIY4ivEai8eSKnbDnPJ/zaOf379l1urOfu7vCNDTa2xNSjhAFutOKnqv+rn47WaWAO548HTjBw/EfRCL19R/8/6vslSGh5P6ZH4/66ulM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=yann.sionneau@vates.tech; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1753279018365895.1067480090674; Wed, 23 Jul 2025 06:56:58 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1054049.1422848 (Exim 4.92) (envelope-from ) id 1ueZxW-0007jd-GE; Wed, 23 Jul 2025 13:56:38 +0000 Received: by outflank-mailman (output) from mailman id 1054049.1422848; Wed, 23 Jul 2025 13:56:38 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ueZxW-0007jW-Dh; Wed, 23 Jul 2025 13:56:38 +0000 Received: by outflank-mailman (input) for mailman id 1054049; Wed, 23 Jul 2025 13:56:37 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ueZxV-0007jQ-CS for xen-devel@lists.xenproject.org; Wed, 23 Jul 2025 13:56:37 +0000 Received: from mail13.wdc04.mandrillapp.com (mail13.wdc04.mandrillapp.com [205.201.139.13]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id d7fa3d0f-67cc-11f0-b895-0df219b8e170; Wed, 23 Jul 2025 15:56:35 +0200 (CEST) Received: from pmta16.mandrill.prod.suw01.rsglab.com (localhost [127.0.0.1]) by mail13.wdc04.mandrillapp.com (Mailchimp) with ESMTP id 4bnFzj4RlZzNCd9SH for ; Wed, 23 Jul 2025 13:56:33 +0000 (GMT) Received: from [37.26.189.201] by mandrillapp.com id e09ecc61c9564a138c55d1808e25a1a8; Wed, 23 Jul 2025 13:56:33 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: d7fa3d0f-67cc-11f0-b895-0df219b8e170 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mandrillapp.com; s=mte1; t=1753278993; x=1753548993; bh=mUk/zx/QTzzyDnJlYO/y+zk8wGz+UZMwGORRuyVlljE=; h=From:Subject:To:Cc:Message-Id:Feedback-ID:Date:MIME-Version: Content-Type:Content-Transfer-Encoding:CC:Date:Subject:From; b=hesEuR3ZT+JqSbIZ/keG8BIMGa8Q2jHaL5otyg+UJzhibJLyUIhmixWycBzYQZlR7 HzgpXn50x8JCiriYdLD8+HQkbYbC1SWGxVIE7eSDL+2qyYClJnA4wDtJ+PLgTe540k BV6uMjeifJ5rADlXeFqDWTuW5YFJr54I4xOnXGU44f0YnSMIoVRZERm8xdsl5oGfrr a1lZFCSG6QpssSRna/3ZUGCqcPIgcHrDUq+6F9cftw/fF1fTRNL51QPiydC/eHiF1Y xrz6Cb4aqadjf7rzkIkyoRiDti6R8bIqQDWt45gbYSnfgA3j0m4OFd5pk4tlmhRJJA /Yuj8T0voDmoA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vates.tech; s=mte1; t=1753278993; x=1753539493; i=yann.sionneau@vates.tech; bh=mUk/zx/QTzzyDnJlYO/y+zk8wGz+UZMwGORRuyVlljE=; h=From:Subject:To:Cc:Message-Id:Feedback-ID:Date:MIME-Version: Content-Type:Content-Transfer-Encoding:CC:Date:Subject:From; b=m/SykoAH2p0j3xHwLIVZUi+H12Ota4CAc74RNP3HHY1al2uJfp7otBFQu5FUr5tj3 kw6GvyyzvBqjeQ69pWcvMaEwSz11OrdWnSBv20o+0gVcvLprPyW2p5ue5BpKbGfNM2 72o6xucki13jpsm1E214TEhOgXsDCSroNgPFVxlCI3OY9cIVDT3BJEXByXlVfJK1EK +y5WMHnvt6JsRIz9Uu3h6TarPWjdtzQl7QpefA3jX+72YbbZ1DNI9YfwjA6C2VxIRR 7gIA6Vts/+fUH2oPDlHr+UHpThrpgKHknDAms+Zv9k5PLJEn7o+ap5maxksXxb/TPb 4pBBEFaOTyKOg== From: "Yann Sionneau" Subject: =?utf-8?Q?[PATCH]=20xen/x86:=20fix=20xen.efi=20boot=20crash=20from=20some=20bootloaders?= X-Mailer: git-send-email 2.43.0 X-Bm-Disclaimer: Yes X-Bm-Milter-Handled: 4ffbd6c1-ee69-4e1b-aabd-f977039bd3e2 X-Bm-Transport-Timestamp: 1753278992020 To: xen-devel@lists.xenproject.org Cc: "Yann Sionneau" , "Andrew Cooper" , "Anthony PERARD" , "Michal Orzel" , "Jan Beulich" , "Julien Grall" , "=?utf-8?Q?Roger=20Pau=20Monn=C3=A9?=" , "Stefano Stabellini" Message-Id: <20250723135620.1327914-1-yann.sionneau@vates.tech> X-Native-Encoded: 1 X-Report-Abuse: =?UTF-8?Q?Please=20forward=20a=20copy=20of=20this=20message,=20including=20all=20headers,=20to=20abuse@mandrill.com.=20You=20can=20also=20report=20abuse=20here:=20https://mandrillapp.com/contact/abuse=3Fid=3D30504962.e09ecc61c9564a138c55d1808e25a1a8?= X-Mandrill-User: md_30504962 Feedback-ID: 30504962:30504962.20250723:md Date: Wed, 23 Jul 2025 13:56:33 +0000 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity yann.sionneau@vates.tech) (identity @mandrillapp.com) X-ZM-MESSAGEID: 1753279021179116600 Content-Type: text/plain; charset="utf-8" xen.efi PE does not boot when loaded from shim or some patched downstream grub2. What happens is the bootloader would honour the MEM_DISCARDABLE flag of the .reloc section meaning it would not load its content into memory. But Xen is parsing the .reloc section content twice at boot: * https://elixir.bootlin.com/xen/v4.20.1/source/xen/common/efi/boot.c#L1362 * https://elixir.bootlin.com/xen/v4.20.1/source/xen/arch/x86/efi/efi-boot.h= #L237 Therefore it would crash with the following message: "Unsupported relocation type" as reported there: * https://github.com/QubesOS/qubes-issues/issues/8206#issuecomment-26190488= 38 * https://lore.kernel.org/xen-devel/7e039262-1f54-46e1-8f70-ac3f03607d5a@su= se.com/T/#me122b9e6c27cd98db917da2c9f67e74a2c6ad7a5 This commit adds a small C host tool named keeprelocs that is called after xen.efi is produced by the build system in order to remove this bit from its .reloc section header. Signed-off-by: Yann Sionneau --- xen/Makefile | 5 +- xen/arch/x86/Makefile | 1 + xen/tools/Makefile | 3 ++ xen/tools/keeprelocs.c | 119 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 127 insertions(+), 1 deletion(-) create mode 100644 xen/tools/keeprelocs.c diff --git a/xen/Makefile b/xen/Makefile index 8fc4e042ff..7dc9cd7e05 100644 --- a/xen/Makefile +++ b/xen/Makefile @@ -299,10 +299,13 @@ export XEN_HAS_CHECKPOLICY :=3D $(call success,$(CHEC= KPOLICY) -h 2>&1 | grep -q xe # =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D # Rules shared between *config targets and build targets =20 -PHONY +=3D tools_fixdep +PHONY +=3D tools_fixdep tools_keeprelocs tools_fixdep: $(Q)$(MAKE) $(build)=3Dtools tools/fixdep =20 +tools_keeprelocs: + $(Q)$(MAKE) $(build)=3Dtools tools/keeprelocs + PHONY +=3D outputmakefile # Before starting out-of-tree build, make sure the source tree is clean. # outputmakefile generates a Makefile in the output directory, if using a diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile index ce724a9daa..9a47002fae 100644 --- a/xen/arch/x86/Makefile +++ b/xen/arch/x86/Makefile @@ -236,6 +236,7 @@ endif $(NM) -pa --format=3Dsysv $@ \ | $(objtree)/tools/symbols --all-symbols --xensyms --sysv --sort \ > $@.map + $(objtree)/tools/keeprelocs -q -i $@ ifeq ($(CONFIG_DEBUG_INFO),y) $(if $(filter --strip-debug,$(EFI_LDFLAGS)),:$(space))$(OBJCOPY) -O elf64= -x86-64 $@ $@.elf endif diff --git a/xen/tools/Makefile b/xen/tools/Makefile index a5078b7cb8..4fd917b398 100644 --- a/xen/tools/Makefile +++ b/xen/tools/Makefile @@ -1,2 +1,5 @@ hostprogs-always-y +=3D symbols hostprogs-always-y +=3D fixdep +hostprogs-always-$(XEN_BUILD_PE) +=3D keeprelocs +# next line is to allow including include/efi/pe.h +HOSTCFLAGS_keeprelocs.o :=3D -I ../include \ No newline at end of file diff --git a/xen/tools/keeprelocs.c b/xen/tools/keeprelocs.c new file mode 100644 index 0000000000..c169ddba1a --- /dev/null +++ b/xen/tools/keeprelocs.c @@ -0,0 +1,119 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#undef DEBUG + +static void print_usage(const char *name) { + printf("%s: [-q] [-h] -i xen.efi\n", name); +} + +int main(int argc, char **argv) +{ + char *filename =3D NULL; + int fd; + char *mem; + struct stat st; + off_t len; + int ret; + struct mz_hdr *mz; + struct pe_hdr *pe; + int opt; + const char *prog_name =3D argv[0]; + int quiet =3D 0; + + while ((opt =3D getopt(argc, argv, ":i:qh")) !=3D -1) + { + switch (opt) { + case 'i': + filename =3D optarg; + break; + case 'q': + quiet =3D 1; + break; + case 'h': + print_usage(prog_name); + return 0; + break; + case '?': + default: + print_usage(prog_name); + return -1; + } + } + + + if (!filename) { + printf("Error: you must provide a `-i xen.efi` argument\n"); + return -1; + } + + fd =3D open(filename, O_RDWR); + if (fd < 0) { + printf("Could not open file %s: %s\n", filename, strerror(errno)); + return -1; + } + + ret =3D fstat(fd, &st); + if (ret < 0) { + perror("Error while getting PE file length"); + return -1; + } + + len =3D st.st_size; + mem =3D mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + + if (mem =3D=3D MAP_FAILED) { + perror("Failed to mmap PE file"); + return -1; + } + + mz =3D (struct mz_hdr *)mem; + if (mz->magic !=3D MZ_MAGIC) { // "MZ" + printf("file has incorrect MZ header 0x%02x instead of 0x5a4d\n", mz->ma= gic); + return -1; + } + + pe =3D (struct pe_hdr *)(mem + mz->peaddr); + if (strncmp((char *)&pe->magic, "PE\0\0", 4)) { + printf("file has incorrect PE header magic %08x instead of 0x00004550\n"= , pe->magic); + return -1; + } + + if (pe->opt_hdr_size =3D=3D 0) { + printf("file has empty OptionalHeader\n"); + return -1; + } + + struct section_header *section =3D (struct section_header *)((uint8_t *)p= e + sizeof(*pe) + pe->opt_hdr_size); + for (unsigned int section_id =3D 0; section_id < pe->sections; section_id= ++, section++) + { +#ifdef DEBUG + printf("section %s\n", section->Name); +#endif + if (strncmp(section->name, ".reloc", strlen(".reloc"))) + continue; + + if (!quiet) + printf(".reloc section characteristics: %08x\n", section->flags); + if (section->flags & IMAGE_SCN_MEM_DISCARDABLE) { + if (!quiet) + printf("MEM_DISCARDABLE flag found! Dropping it.\n"); + section->flags &=3D ~(IMAGE_SCN_MEM_DISCARDABLE); + } + } + + munmap(mem, len); + close(fd); + + if (!quiet) + printf("Ok!\n"); + return 0; +} --=20 2.43.0 Yann Sionneau | Vates XCP-ng Developer XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech