From nobody Wed Dec 17 14:19:43 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 99257EED623 for ; Fri, 15 Sep 2023 17:17:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235694AbjIORR3 (ORCPT ); Fri, 15 Sep 2023 13:17:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41110 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235406AbjIORRE (ORCPT ); Fri, 15 Sep 2023 13:17:04 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C89E983 for ; Fri, 15 Sep 2023 10:16:58 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-58cb845f2f2so30033847b3.1 for ; Fri, 15 Sep 2023 10:16:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694798218; x=1695403018; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=2+XiNiWEf251Iz3xOw4YUG2UqwBimdJvIy1HEfuEnSg=; b=J4MOPGm0NWXviE1DNk1bGezDYWUR0+MZZVfeO/SzRUalCn982h6AfVENFGOFlBGHbf RqYXVAw7d0B6d4jHL1xU7lhWDbqQM4xkIdsc7P7fzdyJ6ydnTsOzaf5b66segkZEykDO mYICrViLZykdF5/Elj+2evyvXjdNnzRGxdr1x5FAW7ZKbVTo+GVa8rDh4vkSTF1Ni9ZZ 8YPoqMqri1nxjdr3HudaCbfxj2YWCjbVto26iRhDvO9HI3N4SOY/OrTdaq61LedcgSos hKljtXPshgVqIbnJ4hHmonhUztESA11Ye+DQzeFOyqd9ID954W6ISu9slWYzyJG9ekRL wuIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694798218; x=1695403018; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2+XiNiWEf251Iz3xOw4YUG2UqwBimdJvIy1HEfuEnSg=; b=fhMnzrL7pqZIAv8vLLjD0CK68ijTMTOXPv4sQICLqnBu7O2HLH28801iurLxigSR3q ERo9ScO7nhNrITTGIMnqp6aBI4qfS4eanpQktUViI9HWwsf6+K8q52cMDHdM0zcrGtTy Cyb9NlKK3n12cXAI5YYGszTX/D0Twa/z2kgczWIXMQScU2UBAwCAjMnlaPbkiVKA1Mt5 fqARH1bNo3lpIrhlnDI2DIHa/JoAMasKTQ0j96msJWBcjzSSmqStcK5jfN7IaUQYieiQ 7+vg66FioYBb2Uk/N3WM7mkFPvnX0XESZ6BaCBv8WmI4Jp14qJDaZmSvnW5hjaf4FsTG vaVQ== X-Gm-Message-State: AOJu0YyRiyrmjPq4Cl4bQhvLFeepxFLTX+SGaJaB0imT8gsVZ/HhkDTi gqV4BGVQYxZroZI0uIqrtfwcLm/j X-Google-Smtp-Source: AGHT+IFOJ0KrqVILcHhkVKb6Ee13KgW6BNhCZT1TnEu+UQLY4mXifux8qVoAdpolqk1Asz1/Ln8fZ0IW X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a05:690c:709:b0:586:a8ab:f8fe with SMTP id bs9-20020a05690c070900b00586a8abf8femr68945ywb.10.1694798217995; Fri, 15 Sep 2023 10:16:57 -0700 (PDT) Date: Fri, 15 Sep 2023 17:16:25 +0000 In-Reply-To: <20230915171623.655440-10-ardb@google.com> Mime-Version: 1.0 References: <20230915171623.655440-10-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=2070; i=ardb@kernel.org; h=from:subject; bh=ITMg7m1+VhxJhnxMcZQMFuDNZhrgfOlkladfzJ9STDE=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYkbk2R871n31c7dvnOAdqVrx/UHtrNc3fvft75nLM yFAV2ZJRykLgxgHg6yYIovA7L/vdp6eKFXrPEsWZg4rE8gQBi5OAZiImTUjw4qplxN6n6czFWeq 3N3+fuml0yfSPme4br5R7fW4K83gcwEjw47vMTZuL8KWKzlPu5SyMO/3/aXMUzWY6qrO7v+1IG7 naR4A X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog Message-ID: <20230915171623.655440-11-ardb@google.com> Subject: [PATCH v3 1/8] x86/boot: Grab kernel_info offset from zoffset header directly From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Instead of parsing zoffset.h and poking the kernel_info offset value into the header from the build tool, just grab the value directly in the asm file that describes this header. This change has no impact on the resulting bzImage binary. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/header.S | 2 +- arch/x86/boot/tools/build.c | 4 ---- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index 6059f87b159d..5575d0f06bab 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -526,7 +526,7 @@ pref_address: .quad LOAD_PHYSICAL_ADDR # preferred loa= d addr =20 init_size: .long INIT_SIZE # kernel initialization size handover_offset: .long 0 # Filled in by build.c -kernel_info_offset: .long 0 # Filled in by build.c +kernel_info_offset: .long ZO_kernel_info =20 # End of setup header ##################################################### =20 diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index 10b0207a6b18..14ef13fe7ab0 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -59,7 +59,6 @@ static unsigned long efi32_stub_entry; static unsigned long efi64_stub_entry; static unsigned long efi_pe_entry; static unsigned long efi32_pe_entry; -static unsigned long kernel_info; static unsigned long _end; =20 /*----------------------------------------------------------------------*/ @@ -337,7 +336,6 @@ static void parse_zoffset(char *fname) PARSE_ZOFS(p, efi64_stub_entry); PARSE_ZOFS(p, efi_pe_entry); PARSE_ZOFS(p, efi32_pe_entry); - PARSE_ZOFS(p, kernel_info); PARSE_ZOFS(p, _end); =20 p =3D strchr(p, '\n'); @@ -419,8 +417,6 @@ int main(int argc, char ** argv) update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); =20 efi_stub_entry_update(); - /* Update kernel_info offset. */ - put_unaligned_le32(kernel_info, &buf[0x268]); =20 crc =3D partial_crc32(buf, i, crc); if (fwrite(buf, 1, i, dest) !=3D i) --=20 2.42.0.459.ge4e396fd5e-goog From nobody Wed Dec 17 14:19:43 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AB65FEED626 for ; Fri, 15 Sep 2023 17:17:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235753AbjIORRa (ORCPT ); Fri, 15 Sep 2023 13:17:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41156 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235470AbjIORRH (ORCPT ); Fri, 15 Sep 2023 13:17:07 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84D06186 for ; Fri, 15 Sep 2023 10:17:01 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-59c081a44afso15785557b3.3 for ; Fri, 15 Sep 2023 10:17:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694798220; x=1695403020; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=E9eWcbH+X5RovGSPuQxChs9MvgHe0ps0mCUAD008mTw=; b=XH4eTEjXWhSQmEhHMHHZYXCQLXMyqB9TLK33pjqdElp0xlkujB0YLJ8bazM465IyWF f9KGdslZnpIRC5jfIyiXguM4HbTAeRFK0mMXU0jS6Ui3JmdHj4wEDvqew6E+P0Z4PV0b lyFPkFMInVQkfPfZEjAxl7gi4Z1bNvaUNXr+rKQSEcbFPXMv1MIaTpUWcH4xMXSfxXHe TgcSf8bsfLu+NlEVjUked5w/nzugYIFUKXa9C/i6iOM29Cq3AC6UliFgvFtPxHBU7OOR LvdTv/3orZDTc7msw9U1S/p49Pu/K+nN0Z+3uL5O8EnId0eLhfpJ5yMYikfiJGaTgeek /E5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694798221; x=1695403021; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=E9eWcbH+X5RovGSPuQxChs9MvgHe0ps0mCUAD008mTw=; b=iDSTQzKeqaOsJee34FbQ4cQ9T7WgUvsuMXwtM/ywr3lawp6yoEvU2F2rysq0VGZOm4 saP10pcIUCA3u5Zie4FsFUrPPAhDKtPH/ecEGCkDisWdY4zGI7OtqyERX/eitLZ9V1dp DXmeGJBk7r8jpSxeznOfH5k0rqYKJxJ3P4IInqCAkxI6wi3/nh6kKCbsF7QERKS/3T2u DgMY704VoVryfF9C9NeIxv64jo3FMl93R4lz6hDExBxXyGU2lrAYPBmHQZFx6jb8+kcp AgC0AzHli84RMZDC5OJAyzeiDzUxxkBc3Jq1ad0LfCuopOsea/9SGHAvWOHQOA6PFKAt qfqw== X-Gm-Message-State: AOJu0Yw/9Q6kTtyf8E6Xp2kxeQVOYpCEU3HgQAUekoGeF2NPsq+stHVa xK6z1ijsMVJ4yjsP/WHR0cupS1yT X-Google-Smtp-Source: AGHT+IFtQXI11txgKs/647s9qdsCl7yLhMru8nI1binF3h1LHoJBEeCf/lDSyWZL5m4sNqFHFYeFg4jr X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a25:ad4b:0:b0:d7e:b82a:ef68 with SMTP id l11-20020a25ad4b000000b00d7eb82aef68mr47501ybe.3.1694798220818; Fri, 15 Sep 2023 10:17:00 -0700 (PDT) Date: Fri, 15 Sep 2023 17:16:26 +0000 In-Reply-To: <20230915171623.655440-10-ardb@google.com> Mime-Version: 1.0 References: <20230915171623.655440-10-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=3304; i=ardb@kernel.org; h=from:subject; bh=OUd8E2aciVCnJVkSx3yx1dxd9pxNed9z5i4jS/GHCYk=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYhaTwk2vRL0Z514lbzwsMa1y/Z9da0OK1umvYV5g3 q2e17auo5SFQYyDQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAExE6xojwzS5awVtJ1R2lvzk 7P6bH2N5Tr3NccqNz/kPX2Y9TLwpK8nI8Kx0Zb5A+k1pLRv+D7euxd/8ljdhetPnlBy/7OXiFx4 6swAA X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog Message-ID: <20230915171623.655440-12-ardb@google.com> Subject: [PATCH v3 2/8] x86/boot: Set EFI handover offset directly in header asm From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel The offsets of the EFI handover entrypoints are available to the assembler when constructing the header, so there is no need to set them from the build tool afterwards. This change has no impact on the resulting bzImage binary. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/header.S | 18 ++++++++++++++- arch/x86/boot/tools/build.c | 24 -------------------- 2 files changed, 17 insertions(+), 25 deletions(-) diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index 5575d0f06bab..72744ba440f6 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -524,8 +524,24 @@ pref_address: .quad LOAD_PHYSICAL_ADDR # preferred lo= ad addr # define INIT_SIZE VO_INIT_SIZE #endif =20 + .macro __handover_offset +#ifndef CONFIG_EFI_HANDOVER_PROTOCOL + .long 0 +#elif !defined(CONFIG_X86_64) + .long ZO_efi32_stub_entry +#else + /* Yes, this is really how we defined it :( */ + .long ZO_efi64_stub_entry - 0x200 +#ifdef CONFIG_EFI_MIXED + .if ZO_efi32_stub_entry !=3D ZO_efi64_stub_entry - 0x200 + .error "32-bit and 64-bit EFI entry points do not match" + .endif +#endif +#endif + .endm + init_size: .long INIT_SIZE # kernel initialization size -handover_offset: .long 0 # Filled in by build.c +handover_offset: __handover_offset kernel_info_offset: .long ZO_kernel_info =20 # End of setup header ##################################################### diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index 14ef13fe7ab0..069497543164 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -55,8 +55,6 @@ u8 buf[SETUP_SECT_MAX*512]; #define PECOFF_COMPAT_RESERVE 0x0 #endif =20 -static unsigned long efi32_stub_entry; -static unsigned long efi64_stub_entry; static unsigned long efi_pe_entry; static unsigned long efi32_pe_entry; static unsigned long _end; @@ -265,31 +263,12 @@ static void efi_stub_defaults(void) #endif } =20 -static void efi_stub_entry_update(void) -{ - unsigned long addr =3D efi32_stub_entry; - -#ifdef CONFIG_EFI_HANDOVER_PROTOCOL -#ifdef CONFIG_X86_64 - /* Yes, this is really how we defined it :( */ - addr =3D efi64_stub_entry - 0x200; -#endif - -#ifdef CONFIG_EFI_MIXED - if (efi32_stub_entry !=3D addr) - die("32-bit and 64-bit EFI entry points do not match\n"); -#endif -#endif - put_unaligned_le32(addr, &buf[0x264]); -} - #else =20 static inline void update_pecoff_setup_and_reloc(unsigned int size) {} static inline void update_pecoff_text(unsigned int text_start, unsigned int file_sz) {} static inline void efi_stub_defaults(void) {} -static inline void efi_stub_entry_update(void) {} =20 static inline int reserve_pecoff_reloc_section(int c) { @@ -332,8 +311,6 @@ static void parse_zoffset(char *fname) p =3D (char *)buf; =20 while (p && *p) { - PARSE_ZOFS(p, efi32_stub_entry); - PARSE_ZOFS(p, efi64_stub_entry); PARSE_ZOFS(p, efi_pe_entry); PARSE_ZOFS(p, efi32_pe_entry); PARSE_ZOFS(p, _end); @@ -416,7 +393,6 @@ int main(int argc, char ** argv) =20 update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); =20 - efi_stub_entry_update(); =20 crc =3D partial_crc32(buf, i, crc); if (fwrite(buf, 1, i, dest) !=3D i) --=20 2.42.0.459.ge4e396fd5e-goog From nobody Wed Dec 17 14:19:43 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BA92DEED625 for ; Fri, 15 Sep 2023 17:17:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235831AbjIORRc (ORCPT ); Fri, 15 Sep 2023 13:17:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41216 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235495AbjIORRL (ORCPT ); Fri, 15 Sep 2023 13:17:11 -0400 Received: from mail-wr1-x449.google.com (mail-wr1-x449.google.com [IPv6:2a00:1450:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5AE3B83 for ; Fri, 15 Sep 2023 10:17:05 -0700 (PDT) Received: by mail-wr1-x449.google.com with SMTP id ffacd0b85a97d-31fb093a53aso1537096f8f.0 for ; Fri, 15 Sep 2023 10:17:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694798223; x=1695403023; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=89g8O0FeFLI+vAm3VnFZD9BW/eMlaApKHGhLfa7SlGI=; b=sqt3v+Gslbmwnsz9rQ7GnAQ5ScLQDz6UeJXuiKYq9fEQhB7XYS5CRRQhxMRiTAE4Tj URORcrpwnusJmj67M0QDuhT7T7kjKkYBKwL8+19vUV/i09vSU3oN/ER9etjRGxCPuEN/ 672CxdpiBJmfQmFYxkwFi6Txy2jYuzc8CL0AVxyJqFhAu/nrfiQo+21MrB9d8tZLY1dK yz+AHFi9j1WNeZFu7VS3nEhodnqjFNL5sMFvoX50E53Jxm7qg3BsEIET2Q6R1HA01hCm 5cECVXPtAFPEPb2ebBgVwHgCo0bxxX1FZ6LbGB19SCZ2T1JlEEdOLE9zdPXpHKcpEZeU DNIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694798223; x=1695403023; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=89g8O0FeFLI+vAm3VnFZD9BW/eMlaApKHGhLfa7SlGI=; b=liF1vg9399qJT/PC1MVSwzUbbDnrxuewNLML2h/+kU186iaezkmM27O5Guk8HXbUzm 9o5j/aglX6rSOrd5XSiRRH2bU7y37CFGiF+GHPrgIBGTyGMDZVk7Tf39JSDZL/jVVjKQ sAp7u+vIT1K5fpjFIVaqHeX89qemaTwd8cDmO+PAiVkUC25sa2BBB9slAB5uM2hPLkZM +ZXDFYbEq1Je1Nq2fdHLecgKIVHqdbYo4Zbmi4tNMMbKeEwbu5xYGi6xfIaRV+cRsW/z 45YyzAhJ3MGYsxk5RqDVbsNnoBo4R8AuHj6fDeYymNprG9zySWkqDj8uqtUc4XVZpDCA nDNw== X-Gm-Message-State: AOJu0YyQBcYO9Xaz+A/Wj3rMv/ci3IQd9wq8g/ZllCAi854n5G1xxwOW doa9qDs12PkHT8cPZnfL0tY1cnJq X-Google-Smtp-Source: AGHT+IFMSui6f+3/+Y4hY8Qz91p3kTgd5GjtcwDQx1xLiE0TLyDco4yn73I+CQFu3f+LXtULspQ/3LFq X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a5d:4152:0:b0:319:6fc6:151 with SMTP id c18-20020a5d4152000000b003196fc60151mr26188wrq.10.1694798223502; Fri, 15 Sep 2023 10:17:03 -0700 (PDT) Date: Fri, 15 Sep 2023 17:16:27 +0000 In-Reply-To: <20230915171623.655440-10-ardb@google.com> Mime-Version: 1.0 References: <20230915171623.655440-10-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=3059; i=ardb@kernel.org; h=from:subject; bh=be7iDzl8pMuNbGRQpSLTpnBfKOp7BhO0eZKOBUcXTVM=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYvarrBa1T7tCypYv8zz8v+iMLdPCvVM+nX3w+OanZ cFPl3uIdZSyMIhxMMiKKbIIzP77bufpiVK1zrNkYeawMoEMYeDiFICJuDxn+KdeJ977bN5qft94 28rfTS+DYouehc9+F5q8M2euULvph3mMDJPyd9+YwTAj3815m+mSQ4YOWgvWloc+1rurapWRerX Ngw0A X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog Message-ID: <20230915171623.655440-13-ardb@google.com> Subject: [PATCH v3 3/8] x86/boot: Define setup size in linker script From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel The setup block contains the real mode startup code that is used when booting from a legacy BIOS, along with the boot_params/setup_data that is used by legacy x86 bootloaders to pass the command line and initial ramdisk parameters, among other things. The setup block also contains the PE/COFF header of the entire combined image, which includes the compressed kernel image, the decompressor and the EFI stub. This PE header describes the layout of the executable image in memory, and currently, the fact that the setup block precedes it makes it rather fiddly to get the right values into the right place in the final image. Let's make things a bit easier by defining the setup_size in the linker script so it can be referenced from the asm code directly, rather than having to rely on the build tool to calculate it. For the time being, add 64 bytes of fixed padding for the .reloc and .compat sections - this will be removed in a subsequent patch after the PE/COFF header has been reorganized. This change has no impact on the resulting bzImage binary when configured with CONFIG_EFI_MIXED=3Dy. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/header.S | 2 +- arch/x86/boot/setup.ld | 4 ++++ arch/x86/boot/tools/build.c | 6 ------ 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index 72744ba440f6..06bd72a324c1 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -231,7 +231,7 @@ sentinel: .byte 0xff, 0xff /* Used to detect bro= ken loaders */ =20 .globl hdr hdr: -setup_sects: .byte 0 /* Filled in by build.c */ + .byte setup_sects - 1 root_flags: .word ROOT_RDONLY syssize: .long 0 /* Filled in by build.c */ ram_size: .word 0 /* Obsolete */ diff --git a/arch/x86/boot/setup.ld b/arch/x86/boot/setup.ld index b11c45b9e51e..9bd5c1ada599 100644 --- a/arch/x86/boot/setup.ld +++ b/arch/x86/boot/setup.ld @@ -39,6 +39,10 @@ SECTIONS .signature : { setup_sig =3D .; LONG(0x5a5aaa55) + + /* Reserve some extra space for the reloc and compat sections */ + setup_size =3D ALIGN(ABSOLUTE(.) + 64, 512); + setup_sects =3D ABSOLUTE(setup_size / 512); } =20 =20 diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index 069497543164..745d64b6d930 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -48,12 +48,7 @@ typedef unsigned int u32; u8 buf[SETUP_SECT_MAX*512]; =20 #define PECOFF_RELOC_RESERVE 0x20 - -#ifdef CONFIG_EFI_MIXED #define PECOFF_COMPAT_RESERVE 0x20 -#else -#define PECOFF_COMPAT_RESERVE 0x0 -#endif =20 static unsigned long efi_pe_entry; static unsigned long efi32_pe_entry; @@ -388,7 +383,6 @@ int main(int argc, char ** argv) #endif =20 /* Patch the setup code with the appropriate size parameters */ - buf[0x1f1] =3D setup_sectors-1; put_unaligned_le32(sys_size, &buf[0x1f4]); =20 update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); --=20 2.42.0.459.ge4e396fd5e-goog From nobody Wed Dec 17 14:19:43 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CF1AEEED628 for ; Fri, 15 Sep 2023 17:17:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235869AbjIORRd (ORCPT ); Fri, 15 Sep 2023 13:17:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41230 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235520AbjIORRM (ORCPT ); Fri, 15 Sep 2023 13:17:12 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0831A186 for ; Fri, 15 Sep 2023 10:17:07 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-597f461adc5so30987857b3.1 for ; Fri, 15 Sep 2023 10:17:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694798226; x=1695403026; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=dns2e/ei4HJSlkg9p+qs7vYRajpuivxlD+SN4Zxl2pk=; b=pqpk2r9XYHF+apKjWTnl/WWsCOmsuUnMtJa/Na2vk6HgEx4DwaIzYZ/5YQvWFG+bQf tZ2Ogf+JRHstddgdgFrMNM0pC3ZwN7Jj+KPXEB8FDZijW6DnpmV1lLV66aaFHcmzCw/l nmM0lyh1Am4TqwjxFgYC3m4ejm8ZKT7JSBZhI68FjkXc2UBOQwoz6D72W7y7aIUt1J6b H1iRD2M7Z6RHUW6W/6UoVtG5beFy+g1l/ewqL9usGtjilh+ZqywszlHQoEjlIwcII/k1 ZBnMXwjSe/ZldqPsOJnpT6EApQTdT/zxZPcfl/AlQde/fRpqBp5zYLX3+UrYxnOkY3vZ GVgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694798226; x=1695403026; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=dns2e/ei4HJSlkg9p+qs7vYRajpuivxlD+SN4Zxl2pk=; b=Rkrja8YqaA7jvfPLEjcR1X37KuzVxTNedjOeOAxup1zXzPKaVzXgPvSNcHBJH6NHyY Nw750EiyQ2OeXtl78tYllGXEpwhmeKT93evi0BrfrWKNynTJtyQ2i+j2r4Gue4gq+Jx9 kUec9Vwio87NXGOicc7NRARjcJT/Ii9v8IA5or0GZeldnh9b5PyzhpzmGcDmU/dXfAzU WHGoXEMiumPyTCps0BhsR0197vMTm38ZybNmpgOeyU/PJkuWToSLqGAC1VMQahrrroqb GF0c6jbY5ksKxRJGo0Fuk1HmRe8X18rglyTrJcBpPzZAkWgf0n0oSPyNejF8Gq5TNdBl 3woQ== X-Gm-Message-State: AOJu0YwBtT1jLKDMFcQFQHl4XNQ4xBSMBM+03bFkZFmkaK0Swfx9AqId dZMzZY4qjWPvo3dgYzrweO99Ap99 X-Google-Smtp-Source: AGHT+IHLYL8pZ9okrcG3wXehu9nmH1Z33BBwmEsvO4umKO/EgeDtMVmWiIqhuzTiuT2DYjHRN0TVE4Ud X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a81:ad41:0:b0:59b:ea96:8875 with SMTP id l1-20020a81ad41000000b0059bea968875mr54512ywk.2.1694798226304; Fri, 15 Sep 2023 10:17:06 -0700 (PDT) Date: Fri, 15 Sep 2023 17:16:28 +0000 In-Reply-To: <20230915171623.655440-10-ardb@google.com> Mime-Version: 1.0 References: <20230915171623.655440-10-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=5004; i=ardb@kernel.org; h=from:subject; bh=el53dGhwvl4Ez0cZfyU3upsy6TEtXMx3UHruCwXxMPY=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYo5J9+M7uWI7vxu/lDir/0upt0H11td3znGrynsqa sPurXDrKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABNJ5GL4H3NT3Yk9tfppY83Z U9P6D+n0pX9eMrs6aV3TtP/X5h7e4szIsGWZyPTt1gVrQxTs1nLM3mshu2yH3E4Ro1/x06crve2 LYwEA X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog Message-ID: <20230915171623.655440-14-ardb@google.com> Subject: [PATCH v3 4/8] x86/boot: Derive file size from _edata symbol From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Tweak the linker script so that the value of _edata represents the decompressor binary's file size rounded up to the appropriate alignment. This removes the need to calculate it in the build tool, and will make it easier to refer to the file size from the header directly in subsequent changes to the PE header layout. While adding _edata to the sed regex that parses the compressed vmlinux's symbol list, tweak the regex a bit for conciseness. This change has no impact on the resulting bzImage binary when configured with CONFIG_EFI_STUB=3Dy. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/Makefile | 2 +- arch/x86/boot/compressed/vmlinux.lds.S | 3 ++ arch/x86/boot/header.S | 2 +- arch/x86/boot/tools/build.c | 30 +++++--------------- 4 files changed, 12 insertions(+), 25 deletions(-) diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile index 0e98bc503699..cc04917b1ac6 100644 --- a/arch/x86/boot/Makefile +++ b/arch/x86/boot/Makefile @@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vmlinux FORCE =20 SETUP_OBJS =3D $(addprefix $(obj)/,$(setup-y)) =20 -sed-zoffset :=3D -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi32_stub= _entry\|efi64_stub_entry\|efi_pe_entry\|efi32_pe_entry\|input_data\|kernel_= info\|_end\|_ehead\|_text\|z_.*\)$$/\#define ZO_\2 0x\1/p' +sed-zoffset :=3D -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub= _entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\= |_edata\|z_.*\)$$/\#define ZO_\2 0x\1/p' =20 quiet_cmd_zoffset =3D ZOFFSET $@ cmd_zoffset =3D $(NM) $< | sed -n $(sed-zoffset) > $@ diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compres= sed/vmlinux.lds.S index 4ff6ab1b67d9..b688598db28e 100644 --- a/arch/x86/boot/compressed/vmlinux.lds.S +++ b/arch/x86/boot/compressed/vmlinux.lds.S @@ -47,6 +47,9 @@ SECTIONS _data =3D . ; *(.data) *(.data.*) + + /* Add 4 bytes of extra space for a CRC-32 checksum */ + . =3D ALIGN(. + 4, 0x20); _edata =3D . ; } . =3D ALIGN(L1_CACHE_BYTES); diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index 06bd72a324c1..34e9b35b827c 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -233,7 +233,7 @@ sentinel: .byte 0xff, 0xff /* Used to detect bro= ken loaders */ hdr: .byte setup_sects - 1 root_flags: .word ROOT_RDONLY -syssize: .long 0 /* Filled in by build.c */ +syssize: .long ZO__edata / 16 ram_size: .word 0 /* Obsolete */ vid_mode: .word SVGA_MODE root_dev: .word 0 /* Default to major/minor 0/0 */ diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index 745d64b6d930..e792c6c5a634 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -52,6 +52,7 @@ u8 buf[SETUP_SECT_MAX*512]; =20 static unsigned long efi_pe_entry; static unsigned long efi32_pe_entry; +static unsigned long _edata; static unsigned long _end; =20 /*----------------------------------------------------------------------*/ @@ -308,6 +309,7 @@ static void parse_zoffset(char *fname) while (p && *p) { PARSE_ZOFS(p, efi_pe_entry); PARSE_ZOFS(p, efi32_pe_entry); + PARSE_ZOFS(p, _edata); PARSE_ZOFS(p, _end); =20 p =3D strchr(p, '\n'); @@ -320,7 +322,6 @@ int main(int argc, char ** argv) { unsigned int i, sz, setup_sectors; int c; - u32 sys_size; struct stat sb; FILE *file, *dest; int fd; @@ -368,24 +369,14 @@ int main(int argc, char ** argv) die("Unable to open `%s': %m", argv[2]); if (fstat(fd, &sb)) die("Unable to stat `%s': %m", argv[2]); - sz =3D sb.st_size; + if (_edata !=3D sb.st_size) + die("Unexpected file size `%s': %u !=3D %u", argv[2], _edata, + sb.st_size); + sz =3D _edata - 4; kernel =3D mmap(NULL, sz, PROT_READ, MAP_SHARED, fd, 0); if (kernel =3D=3D MAP_FAILED) die("Unable to mmap '%s': %m", argv[2]); - /* Number of 16-byte paragraphs, including space for a 4-byte CRC */ - sys_size =3D (sz + 15 + 4) / 16; -#ifdef CONFIG_EFI_STUB - /* - * COFF requires minimum 32-byte alignment of sections, and - * adding a signature is problematic without that alignment. - */ - sys_size =3D (sys_size + 1) & ~1; -#endif - - /* Patch the setup code with the appropriate size parameters */ - put_unaligned_le32(sys_size, &buf[0x1f4]); - - update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); + update_pecoff_text(setup_sectors * 512, i + _edata); =20 =20 crc =3D partial_crc32(buf, i, crc); @@ -397,13 +388,6 @@ int main(int argc, char ** argv) if (fwrite(kernel, 1, sz, dest) !=3D sz) die("Writing kernel failed"); =20 - /* Add padding leaving 4 bytes for the checksum */ - while (sz++ < (sys_size*16) - 4) { - crc =3D partial_crc32_one('\0', crc); - if (fwrite("\0", 1, 1, dest) !=3D 1) - die("Writing padding failed"); - } - /* Write the CRC */ put_unaligned_le32(crc, buf); if (fwrite(buf, 1, 4, dest) !=3D 4) --=20 2.42.0.459.ge4e396fd5e-goog From nobody Wed Dec 17 14:19:43 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DDFF1EED627 for ; Fri, 15 Sep 2023 17:17:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235907AbjIORRg (ORCPT ); Fri, 15 Sep 2023 13:17:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235554AbjIORRQ (ORCPT ); Fri, 15 Sep 2023 13:17:16 -0400 Received: from mail-wm1-x34a.google.com (mail-wm1-x34a.google.com [IPv6:2a00:1450:4864:20::34a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 03975E6D for ; Fri, 15 Sep 2023 10:17:11 -0700 (PDT) Received: by mail-wm1-x34a.google.com with SMTP id 5b1f17b1804b1-401d8873904so19334505e9.0 for ; Fri, 15 Sep 2023 10:17:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694798229; x=1695403029; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=L1gO2kCdMVaucAMeTOT10qYv1tzC+9yo5OSZCzbyFtM=; b=M66l5U2BNn5RHUJuZh6SrEaxx8dhmAs3CpkTfMy6RiTwcPxFiiAS8J04y4LHJ2m2tO AZVwUHnmT7fjjiCxNJm36zLU+dMA1Bf4xrSVZrJrGzcU4SkSMDCHQQItWJWhM+sMK/p/ gSG3FzN8695yp199Qfqeahi4S+zPaJfG3tKsYN0AmPshzHOfROK8gIftmi7rHuHkHs1A NYM3czidgZDZTWprxjdq5khUSB0aGb1vL9nS4qB03o3fqJxgUTvu73l9j2D+kgiwEf1P iSXUjHX0n5kwozYJDZBXOE/WCeQVFE5fPCNFwcRMEqjagMa+7m/JMYFmYNocwQAlzGyG JY5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694798229; x=1695403029; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=L1gO2kCdMVaucAMeTOT10qYv1tzC+9yo5OSZCzbyFtM=; b=rRLqcSvUkNfnIInEAGGMSznOTSpmxpTfuMjkBNgm9LR1/RhFNQgluYvDFPolT8PeM8 qfPZAHaoR2wmPaPhO23bzC7/iew4jxRWm7DneFHvjX4wFx207itxaWLF64+FeKFB6GRO uDLPr7TNOdNSqAIj8xjeQFqLs5prCcoHUozFOMiLBRyKCfxrf5EeElAb/KvZKVIfGJIv I3zLoFYrOIv+auXPlEnoE1fiTPovqD53YKpmmFqgwKfkGmvBdFFzcvZW/oyf4zX0K2vB W+JfpcPy6AXWnUbi+SLaf0Skr0n0qsSYdIIwIvW2D1ajzTdz0HbWhBfJseg869YtnyVx x7oQ== X-Gm-Message-State: AOJu0YxnMbd6YoRafQPz/r/aw1w0BmxWQ30WdeRDfKcqQeoIkK+RZcby /r8iDWmNwXsjz+S7Tq56PZcg9BlD X-Google-Smtp-Source: AGHT+IG2RDfNh3Fjx2YGgCw0Md9EbqHP0+PcgjAT/yS+Bz5MOrJPmvAiyEg8aCxQs/1MCbu9JJ9Xx4J+ X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:adf:e18b:0:b0:31f:fa4a:b6e1 with SMTP id az11-20020adfe18b000000b0031ffa4ab6e1mr16121wrb.2.1694798229564; Fri, 15 Sep 2023 10:17:09 -0700 (PDT) Date: Fri, 15 Sep 2023 17:16:29 +0000 In-Reply-To: <20230915171623.655440-10-ardb@google.com> Mime-Version: 1.0 References: <20230915171623.655440-10-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=5078; i=ardb@kernel.org; h=from:subject; bh=DU0r2iy2nqtNsHxloC1WgGeN+dGK1P7AGRjmhDsQHb4=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYo5LuJn99qmbJqitX17E1zKrX+DXJ3mJed7nOYJEM uUylr3rKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABNZzsXI8LPOU6K/RnTuzeZm c9aDu68Wbsmtqox4LJLvvXjrz/0HJjMyXJ+dzWokltHcPLNWXSk/2OvRlpD7OzrmHLvIXXBS+vU UJgA= X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog Message-ID: <20230915171623.655440-15-ardb@google.com> Subject: [PATCH v3 5/8] x86/boot: Construct PE/COFF .text section from assembler From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Now that the size of the setup block is visible to the assembler, it is possible to populate the PE/COFF header fields from the asm code directly, instead of poking the values into the binary using the build tool. This will make it easier to reorganize the section layout without having to tweak the build tool in lockstep. This change has no impact on the resulting bzImage binary. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/header.S | 22 +++------ arch/x86/boot/tools/build.c | 47 -------------------- 2 files changed, 7 insertions(+), 62 deletions(-) diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index 34e9b35b827c..2b07bc596c39 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -75,14 +75,12 @@ optional_header: .byte 0x02 # MajorLinkerVersion .byte 0x14 # MinorLinkerVersion =20 - # Filled in by build.c - .long 0 # SizeOfCode + .long setup_size + ZO__end - 0x200 # SizeOfCode =20 .long 0 # SizeOfInitializedData .long 0 # SizeOfUninitializedData =20 - # Filled in by build.c - .long 0x0000 # AddressOfEntryPoint + .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint =20 .long 0x0200 # BaseOfCode #ifdef CONFIG_X86_32 @@ -105,10 +103,7 @@ extra_header_fields: .word 0 # MinorSubsystemVersion .long 0 # Win32VersionValue =20 - # - # The size of the bzImage is written in tools/build.c - # - .long 0 # SizeOfImage + .long setup_size + ZO__end # SizeOfImage =20 .long 0x200 # SizeOfHeaders .long 0 # CheckSum @@ -199,18 +194,15 @@ section_table: IMAGE_SCN_MEM_DISCARDABLE # Characteristics #endif =20 - # - # The offset & size fields are filled in by build.c. - # .ascii ".text" .byte 0 .byte 0 .byte 0 - .long 0 - .long 0x0 # startup_{32,64} - .long 0 # Size of initialized data + .long ZO__end + .long setup_size + .long ZO__edata # Size of initialized data # on disk - .long 0x0 # startup_{32,64} + .long setup_size .long 0 # PointerToRelocations .long 0 # PointerToLineNumbers .word 0 # NumberOfRelocations diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index e792c6c5a634..9712f27e32c1 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -50,10 +50,8 @@ u8 buf[SETUP_SECT_MAX*512]; #define PECOFF_RELOC_RESERVE 0x20 #define PECOFF_COMPAT_RESERVE 0x20 =20 -static unsigned long efi_pe_entry; static unsigned long efi32_pe_entry; static unsigned long _edata; -static unsigned long _end; =20 /*----------------------------------------------------------------------*/ =20 @@ -216,32 +214,6 @@ static void update_pecoff_setup_and_reloc(unsigned int= size) #endif } =20 -static void update_pecoff_text(unsigned int text_start, unsigned int file_= sz) -{ - unsigned int pe_header; - unsigned int text_sz =3D file_sz - text_start; - unsigned int bss_sz =3D _end - text_sz; - - pe_header =3D get_unaligned_le32(&buf[0x3c]); - - /* - * Size of code: Subtract the size of the first sector (512 bytes) - * which includes the header. - */ - put_unaligned_le32(file_sz - 512 + bss_sz, &buf[pe_header + 0x1c]); - - /* Size of image */ - put_unaligned_le32(file_sz + bss_sz, &buf[pe_header + 0x50]); - - /* - * Address of entry point for PE/COFF executable - */ - put_unaligned_le32(text_start + efi_pe_entry, &buf[pe_header + 0x28]); - - update_pecoff_section_header_fields(".text", text_start, text_sz + bss_sz, - text_sz, text_start); -} - static int reserve_pecoff_reloc_section(int c) { /* Reserve 0x20 bytes for .reloc section */ @@ -249,22 +221,9 @@ static int reserve_pecoff_reloc_section(int c) return PECOFF_RELOC_RESERVE; } =20 -static void efi_stub_defaults(void) -{ - /* Defaults for old kernel */ -#ifdef CONFIG_X86_32 - efi_pe_entry =3D 0x10; -#else - efi_pe_entry =3D 0x210; -#endif -} - #else =20 static inline void update_pecoff_setup_and_reloc(unsigned int size) {} -static inline void update_pecoff_text(unsigned int text_start, - unsigned int file_sz) {} -static inline void efi_stub_defaults(void) {} =20 static inline int reserve_pecoff_reloc_section(int c) { @@ -307,10 +266,8 @@ static void parse_zoffset(char *fname) p =3D (char *)buf; =20 while (p && *p) { - PARSE_ZOFS(p, efi_pe_entry); PARSE_ZOFS(p, efi32_pe_entry); PARSE_ZOFS(p, _edata); - PARSE_ZOFS(p, _end); =20 p =3D strchr(p, '\n'); while (p && (*p =3D=3D '\r' || *p =3D=3D '\n')) @@ -328,8 +285,6 @@ int main(int argc, char ** argv) void *kernel; u32 crc =3D 0xffffffffUL; =20 - efi_stub_defaults(); - if (argc !=3D 5) usage(); parse_zoffset(argv[3]); @@ -376,8 +331,6 @@ int main(int argc, char ** argv) kernel =3D mmap(NULL, sz, PROT_READ, MAP_SHARED, fd, 0); if (kernel =3D=3D MAP_FAILED) die("Unable to mmap '%s': %m", argv[2]); - update_pecoff_text(setup_sectors * 512, i + _edata); - =20 crc =3D partial_crc32(buf, i, crc); if (fwrite(buf, 1, i, dest) !=3D i) --=20 2.42.0.459.ge4e396fd5e-goog From nobody Wed Dec 17 14:19:43 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EF1D0EED62A for ; Fri, 15 Sep 2023 17:17:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235936AbjIORRh (ORCPT ); Fri, 15 Sep 2023 13:17:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57950 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235599AbjIORRS (ORCPT ); Fri, 15 Sep 2023 13:17:18 -0400 Received: from mail-wr1-x44a.google.com (mail-wr1-x44a.google.com [IPv6:2a00:1450:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8F74883 for ; Fri, 15 Sep 2023 10:17:13 -0700 (PDT) Received: by mail-wr1-x44a.google.com with SMTP id ffacd0b85a97d-30e3ee8a42eso1570583f8f.1 for ; Fri, 15 Sep 2023 10:17:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694798232; x=1695403032; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=hNDDZ79AxT4g2TPKcz16ks6CPU320NZDmUakc4ak4Sc=; b=VSjumqBUcNt3M/IG45mRDWdyccph651YDhWniHXvXKIHpC3qSDr+Zdo7MU48lP2x8j Qo5/5G4y0ONTAh+uOI07T8zf9LqnaFg6pSKaWQMmCxsIyc1+No/HRMLgqnZ8w3izdkwS KGNgDK3Q9PEk/bS37xhg6N+Z2q626PncKsuHZ1WpasVV0ZMWzctOK2ngxMtxaRnQLnao j6qGuS0N82lHSMXT9WffvXA+Msro8nnpuAzZip3yc3ToAz4chXCSVtmfIbH2Wt7t0+zV EzZOsb06lPV8bSjefgOiisHz2oxa4LaNqRb4e4dNm0+s7Zz0WM+sRyieq/gVCWMVFMRg 21og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694798232; x=1695403032; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=hNDDZ79AxT4g2TPKcz16ks6CPU320NZDmUakc4ak4Sc=; b=Jreo1560oXoDZOIgeK77YhiK/U6PAAvX8eE4aBRBGNgJzT1ILoLK5b9SoiDYN9uBTV 2Uk+bh7K2ZD6SwBxViVcEHQaTU2jTXl9J+Qq775ZBMTaR93TqK86KjVWylsZ8MeEsyCI qg0pGGIcsft54OGhn+bJH45How7rhMOamC72fdAKvL4It6khuvwjJRj0SAXKAen/jBZR AtKG5Mce6kUGJzhqVSE1+PEFYwbNS6/LyydUBB+OsX8ZWxd/tHkRKSrnG4BMradn6+Ta 7sSTHQF3aUKnFSXA0wmoyXFk3ER/CIHCglZfXUqmoXAILiLEafDrC0EMJzAZCABm768o Lgpg== X-Gm-Message-State: AOJu0Yz4syF3t4Gu4TPcEHQcINs2pbcICX0z3To7w71u+GUivXEXJYDJ 1D4bXMXPBZet3OaOMZBr+T+4bkXZ X-Google-Smtp-Source: AGHT+IG6QAy9Fdi0JUJcZIYN2wXGYZH5SR8kKa0FCnK3gziKYK1Gn5/+E/zqQG+/Tj8rDderEnn5/Wsp X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:adf:fa0c:0:b0:314:182c:1a2b with SMTP id m12-20020adffa0c000000b00314182c1a2bmr26528wrr.4.1694798231874; Fri, 15 Sep 2023 10:17:11 -0700 (PDT) Date: Fri, 15 Sep 2023 17:16:30 +0000 In-Reply-To: <20230915171623.655440-10-ardb@google.com> Mime-Version: 1.0 References: <20230915171623.655440-10-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=4623; i=ardb@kernel.org; h=from:subject; bh=hPsLZEg3qTJM8NI0DEH7io0JT9O+qGRluAaJd+WveNE=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYm5V34V9qbWSHlf8ErRU5s5zncgZN3FX4Cy/1h3/j 931nnCto5SFQYyDQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAExEYzYjw5Tu3LitlwL+bzfa vaXxh4T5z8Viq8qep3Q1B37m0z/1mZmR4fm0b715vfw/Jtu9/XJeSXFKeRv3LoWpU2W+yOkd136 bwgUA X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog Message-ID: <20230915171623.655440-16-ardb@google.com> Subject: [PATCH v3 6/8] x86/boot: Drop PE/COFF .reloc section From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Ancient buggy EFI loaders may have required a .reloc section to be present at some point in time, but this has not been true for a long time so the .reloc section can just be dropped. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/header.S | 20 ------------ arch/x86/boot/setup.ld | 4 +-- arch/x86/boot/tools/build.c | 34 +++----------------- 3 files changed, 7 insertions(+), 51 deletions(-) diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index 2b07bc596c39..9e9641e220a7 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -155,26 +155,6 @@ section_table: IMAGE_SCN_MEM_READ | \ IMAGE_SCN_MEM_EXECUTE # Characteristics =20 - # - # The EFI application loader requires a relocation section - # because EFI applications must be relocatable. The .reloc - # offset & size fields are filled in by build.c. - # - .ascii ".reloc" - .byte 0 - .byte 0 - .long 0 - .long 0 - .long 0 # SizeOfRawData - .long 0 # PointerToRawData - .long 0 # PointerToRelocations - .long 0 # PointerToLineNumbers - .word 0 # NumberOfRelocations - .word 0 # NumberOfLineNumbers - .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ - IMAGE_SCN_MEM_READ | \ - IMAGE_SCN_MEM_DISCARDABLE # Characteristics - #ifdef CONFIG_EFI_MIXED # # The offset & size fields are filled in by build.c. diff --git a/arch/x86/boot/setup.ld b/arch/x86/boot/setup.ld index 9bd5c1ada599..6d389499565c 100644 --- a/arch/x86/boot/setup.ld +++ b/arch/x86/boot/setup.ld @@ -40,8 +40,8 @@ SECTIONS setup_sig =3D .; LONG(0x5a5aaa55) =20 - /* Reserve some extra space for the reloc and compat sections */ - setup_size =3D ALIGN(ABSOLUTE(.) + 64, 512); + /* Reserve some extra space for the compat section */ + setup_size =3D ALIGN(ABSOLUTE(.) + 32, 512); setup_sects =3D ABSOLUTE(setup_size / 512); } =20 diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index 9712f27e32c1..faccff9743a3 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -47,7 +47,6 @@ typedef unsigned int u32; /* This must be large enough to hold the entire setup */ u8 buf[SETUP_SECT_MAX*512]; =20 -#define PECOFF_RELOC_RESERVE 0x20 #define PECOFF_COMPAT_RESERVE 0x20 =20 static unsigned long efi32_pe_entry; @@ -180,24 +179,13 @@ static void update_pecoff_section_header(char *sectio= n_name, u32 offset, u32 siz update_pecoff_section_header_fields(section_name, offset, size, size, off= set); } =20 -static void update_pecoff_setup_and_reloc(unsigned int size) +static void update_pecoff_setup(unsigned int size) { u32 setup_offset =3D 0x200; - u32 reloc_offset =3D size - PECOFF_RELOC_RESERVE - PECOFF_COMPAT_RESERVE; -#ifdef CONFIG_EFI_MIXED - u32 compat_offset =3D reloc_offset + PECOFF_RELOC_RESERVE; -#endif - u32 setup_size =3D reloc_offset - setup_offset; + u32 compat_offset =3D size - PECOFF_COMPAT_RESERVE; + u32 setup_size =3D compat_offset - setup_offset; =20 update_pecoff_section_header(".setup", setup_offset, setup_size); - update_pecoff_section_header(".reloc", reloc_offset, PECOFF_RELOC_RESERVE= ); - - /* - * Modify .reloc section contents with a single entry. The - * relocation is applied to offset 10 of the relocation section. - */ - put_unaligned_le32(reloc_offset + 10, &buf[reloc_offset]); - put_unaligned_le32(10, &buf[reloc_offset + 4]); =20 #ifdef CONFIG_EFI_MIXED update_pecoff_section_header(".compat", compat_offset, PECOFF_COMPAT_RESE= RVE); @@ -214,21 +202,10 @@ static void update_pecoff_setup_and_reloc(unsigned in= t size) #endif } =20 -static int reserve_pecoff_reloc_section(int c) -{ - /* Reserve 0x20 bytes for .reloc section */ - memset(buf+c, 0, PECOFF_RELOC_RESERVE); - return PECOFF_RELOC_RESERVE; -} - #else =20 -static inline void update_pecoff_setup_and_reloc(unsigned int size) {} +static inline void update_pecoff_setup(unsigned int size) {} =20 -static inline int reserve_pecoff_reloc_section(int c) -{ - return 0; -} #endif /* CONFIG_EFI_STUB */ =20 static int reserve_pecoff_compat_section(int c) @@ -307,7 +284,6 @@ int main(int argc, char ** argv) fclose(file); =20 c +=3D reserve_pecoff_compat_section(c); - c +=3D reserve_pecoff_reloc_section(c); =20 /* Pad unused space with zeros */ setup_sectors =3D (c + 511) / 512; @@ -316,7 +292,7 @@ int main(int argc, char ** argv) i =3D setup_sectors*512; memset(buf+c, 0, i-c); =20 - update_pecoff_setup_and_reloc(i); + update_pecoff_setup(i); =20 /* Open and stat the kernel file */ fd =3D open(argv[2], O_RDONLY); --=20 2.42.0.459.ge4e396fd5e-goog From nobody Wed Dec 17 14:19:43 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0ABD0EED629 for ; Fri, 15 Sep 2023 17:17:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235996AbjIORRj (ORCPT ); Fri, 15 Sep 2023 13:17:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57976 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235618AbjIORRV (ORCPT ); Fri, 15 Sep 2023 13:17:21 -0400 Received: from mail-wm1-x34a.google.com (mail-wm1-x34a.google.com [IPv6:2a00:1450:4864:20::34a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6789483 for ; Fri, 15 Sep 2023 10:17:16 -0700 (PDT) Received: by mail-wm1-x34a.google.com with SMTP id 5b1f17b1804b1-4043bc7c6c3so16850355e9.0 for ; Fri, 15 Sep 2023 10:17:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694798235; x=1695403035; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=dkTB3o3SPk7wjY/BW3gazMut0HVQWM74hCgIhcCAFcM=; b=ZWXxIkRh9nRkC94H5YYVb8JyyyoyH56QsJDdB4IOp4vjiCcPJlL6vIiw8kbRaCufeN F+7ObMm43lNO28RDFCJR69rlLvAPLD16lZdxfO959qXRPuNqdsDF57uP8hBSRsQKUInl ftSFXRt6mCsSA4zgBBMNVS5hXSuikpxYhTXJUR4YqS/krlft1M0CRw5Yttb4AZMTpevM 6V9fsVP+vi8QpMHDWchn/M9kqZIxKiby1eMYz7fxA5ogNSdmLPhODCzNlyV8zDRY4f6G mbq/RK/68eoZdE2+o0KciXIHSgjQMpPvlo4zcS+M47reCtcCOwEb2FjOAc2d7zkeVjai 2lkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694798235; x=1695403035; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=dkTB3o3SPk7wjY/BW3gazMut0HVQWM74hCgIhcCAFcM=; b=MB+ZqwcAKw/cC8vufV64f36lxOxCetbrtfEsmfN5329MtC0t2nSCkfR38GjZvB61r9 kURzU+e6fLPKPwYa/flkdleyALcQEIdd//A+VjuHV3aKDl3nIWiK145QKYnmvzEFyJhr agvVUQzJZKIDcmL6nNgTA+G7HQhn11RNIGqEnbNfq1gsRYOgNVpIo/Nr7YUSY7v+KnE9 kzD0KvM39cR/JwSGTV1eLNVVlSLGbD5VqgqPAETXOtxpl1a6pm05utG2dbjCE+emrpjR ZyfplnTk1TgBDmJX9BTCLpshhsILMGZBHdCPeN2eZlE/6ZMBn4Du6x7eHMiFgKn5eJoQ JkkQ== X-Gm-Message-State: AOJu0YyJWpoxgd9tdZVOVlj4LBXZa8vW20i1pnpk9t4J+jG3TkVIRaJ0 Tg8N9Qsg3ceC+QJ8esg25a9FRKVL X-Google-Smtp-Source: AGHT+IFe27YEZhA0sbvSt/cpekqWltdeIKy+EnsuI1eFAF6hPycSPLLkz1Qdaat1fmsMKURuaqfdnOtx X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a05:6000:1083:b0:31f:fb07:71e7 with SMTP id y3-20020a056000108300b0031ffb0771e7mr7394wrw.11.1694798234796; Fri, 15 Sep 2023 10:17:14 -0700 (PDT) Date: Fri, 15 Sep 2023 17:16:31 +0000 In-Reply-To: <20230915171623.655440-10-ardb@google.com> Mime-Version: 1.0 References: <20230915171623.655440-10-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=2782; i=ardb@kernel.org; h=from:subject; bh=JN1IibTT0fAem44DQARhAKlugEKQ8yHMl5ANx7IKCog=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYt4UH8XjFRfNkhO9PjNPdIvT/2p0lIvL/Ib3wYqbV 38WWe3qKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABO5/Jfhv9PJvXdPTz65ueLs 5eernJ5+Et/NahCcGs4ecrZEetJdy72MDB8PhB2/8NEkZmmWU0kYQ2HRH7NzfYzhUy07U1qXFe1 7yw8A X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog Message-ID: <20230915171623.655440-17-ardb@google.com> Subject: [PATCH v3 7/8] x86/boot: Split off PE/COFF .data section From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Describe the code and data of the decompressor binary using separate .text and .data PE/COFF sections, so that we will be able to map them using restricted permissions once we increase the section and file alignment sufficiently. This avoids the need for memory mappings that are writable and executable at the same time, which is something that is best avoided for security reasons. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/Makefile | 2 +- arch/x86/boot/header.S | 19 +++++++++++++++---- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile index cc04917b1ac6..3cece19b7473 100644 --- a/arch/x86/boot/Makefile +++ b/arch/x86/boot/Makefile @@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vmlinux FORCE =20 SETUP_OBJS =3D $(addprefix $(obj)/,$(setup-y)) =20 -sed-zoffset :=3D -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub= _entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\= |_edata\|z_.*\)$$/\#define ZO_\2 0x\1/p' +sed-zoffset :=3D -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub= _entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\= |_e\?data\|z_.*\)$$/\#define ZO_\2 0x\1/p' =20 quiet_cmd_zoffset =3D ZOFFSET $@ cmd_zoffset =3D $(NM) $< | sed -n $(sed-zoffset) > $@ diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index 9e9641e220a7..a1f986105f00 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -75,9 +75,9 @@ optional_header: .byte 0x02 # MajorLinkerVersion .byte 0x14 # MinorLinkerVersion =20 - .long setup_size + ZO__end - 0x200 # SizeOfCode + .long ZO__data # SizeOfCode =20 - .long 0 # SizeOfInitializedData + .long ZO__end - ZO__data # SizeOfInitializedData .long 0 # SizeOfUninitializedData =20 .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint @@ -178,9 +178,9 @@ section_table: .byte 0 .byte 0 .byte 0 - .long ZO__end + .long ZO__data .long setup_size - .long ZO__edata # Size of initialized data + .long ZO__data # Size of initialized data # on disk .long setup_size .long 0 # PointerToRelocations @@ -191,6 +191,17 @@ section_table: IMAGE_SCN_MEM_READ | \ IMAGE_SCN_MEM_EXECUTE # Characteristics =20 + .ascii ".data\0\0\0" + .long ZO__end - ZO__data # VirtualSize + .long setup_size + ZO__data # VirtualAddress + .long ZO__edata - ZO__data # SizeOfRawData + .long setup_size + ZO__data # PointerToRawData + + .long 0, 0, 0 + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_WRITE # Characteristics + .set section_count, (. - section_table) / 40 #endif /* CONFIG_EFI_STUB */ =20 --=20 2.42.0.459.ge4e396fd5e-goog From nobody Wed Dec 17 14:19:43 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 764ADEED61A for ; Fri, 15 Sep 2023 17:18:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235495AbjIORR5 (ORCPT ); Fri, 15 Sep 2023 13:17:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48520 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235489AbjIORRZ (ORCPT ); Fri, 15 Sep 2023 13:17:25 -0400 Received: from mail-wr1-x449.google.com (mail-wr1-x449.google.com [IPv6:2a00:1450:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 58C7783 for ; Fri, 15 Sep 2023 10:17:19 -0700 (PDT) Received: by mail-wr1-x449.google.com with SMTP id ffacd0b85a97d-31ad77537ebso1541324f8f.0 for ; Fri, 15 Sep 2023 10:17:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694798238; x=1695403038; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Igp2u3iCFoQ+ul8/EKEO/kGXUxIcMMS01YyM7SofEY0=; b=O8uyAvKGCTfCWdzRz3XxIGrk5FYYV3Qq7oL3CtgkWF+zj2FZDEOH0YmlJCXqkqlLWW R2ZD3fwA6qgwTCm5+GssvEdk0Sj2Yixu12TXYJILC954pvBKx5W1GUB+0+o9Fu+OD9d/ wNYOWOKGnggedJtzokO6pmvhiBB56bEgUDGwkDxeZxCu7mxti0IwumxXF0iUqyVi4UC6 AURKtAjoa7jxAe34jHOzi2d39zGXm/snPwwDTyj2UKJ2N+aA6u57vWzxd6EHoq8+4jeM rVCmjlerbhAfg27rv7VKvlcDIPiTk+aqOPIxR2+ZAgwBzzfHKMB70unP0mXVjrOxVqaE DfSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694798238; x=1695403038; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Igp2u3iCFoQ+ul8/EKEO/kGXUxIcMMS01YyM7SofEY0=; b=Nmgch5CEpGa3o925An/B7m4k0aio5dAQF4HuvvtE1P0T/wPpSKYEBYis3B/MQoA/bD qK1C/XFPsK5WS9hKhjTjx6CP594zL65EWGY0wDkTOxwp8k1k8Tb0DA1lGZV3cejAfk6q wnA8p8odGo8pmazgFzM15ciX8vPNHRSs0wdfVO+/hkPYzOy13Kk8isz4Vobvtv8jnI0M PNo3Qe66aK7iI8y1ysPFWegF9fg2q6NkwUusPkIU2WKHWOsjeSagurGHaAAmIW795ubi CWpGApnW/8f5rrB5PcQMUpKpy2VpyFQmE2rFIEXeXl0ivAIoBaoaZnqc/NPelJGbdQ3b I7yw== X-Gm-Message-State: AOJu0Yzrsb7s4dekXnRJl5aNEVAYhzLozwlggL22naTxSJoB9JTZFlAA 2ASKEKVzJuPcC6LVWicpderxduL3 X-Google-Smtp-Source: AGHT+IE1C8LRh03kp7q3I3bgmzh5lk1ENd2pPVZGx5Wm7Yd6SAKZ5uPzqzi4kQTvMaGF05RfRv2bD10P X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:adf:cf0f:0:b0:314:1ac7:2763 with SMTP id o15-20020adfcf0f000000b003141ac72763mr31953wrj.0.1694798237748; Fri, 15 Sep 2023 10:17:17 -0700 (PDT) Date: Fri, 15 Sep 2023 17:16:32 +0000 In-Reply-To: <20230915171623.655440-10-ardb@google.com> Mime-Version: 1.0 References: <20230915171623.655440-10-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=10099; i=ardb@kernel.org; h=from:subject; bh=t1Y7fjR3ASci9QCQAmL7fizNw19QbZQQvciLm9pIPVE=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYn7XblUzDVXnzdfWimTMnHi15evGmuyfa/0Yu5kmK GuKzknsKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABPxnMTI0KL53nbuOpOIZ+YG E9kWLTnSXq3tqRvwYEb1tTzbeaKP3zIynFb6uK+UMfZe8LcK7d8rPyc25AU/P1zdIhaeI858afc MDgA= X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog Message-ID: <20230915171623.655440-18-ardb@google.com> Subject: [PATCH v3 8/8] x86/boot: Increase section and file alignment to 4k/512 From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Align x86 with other EFI architectures, and increase the section alignment to the EFI page size (4k), so that firmware is able to honour the section permission attributes and map code read-only and data non-executable. There are a number of requirements that have to be taken into account: - the sign tools get cranky when there are gaps between sections in the file view of the image - the virtual offset of each section must be aligned to the image's section alignment - the file offset *and size* of each section must be aligned to the image's file alignment - the image size must be aligned to the section alignment - each section's virtual offset must be greater than or equal to the size of the headers. In order to meet all these requirements, while avoiding the need for lots of padding to accommodate the .compat section, the latter is placed at an arbitrary offset towards the end of the image, but aligned to the minimum file alignment (512 bytes). The space before the .text section is therefore distributed between the PE header, the .setup section and the .compat section, leaving no gaps in the file coverage, making the signing tools happy. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/vmlinux.lds.S | 4 +- arch/x86/boot/header.S | 75 +++++++++------- arch/x86/boot/setup.ld | 7 +- arch/x86/boot/tools/build.c | 90 +------------------- 4 files changed, 51 insertions(+), 125 deletions(-) diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compres= sed/vmlinux.lds.S index b688598db28e..083ec6d7722a 100644 --- a/arch/x86/boot/compressed/vmlinux.lds.S +++ b/arch/x86/boot/compressed/vmlinux.lds.S @@ -43,13 +43,13 @@ SECTIONS *(.rodata.*) _erodata =3D . ; } - .data : { + .data : ALIGN(0x1000) { _data =3D . ; *(.data) *(.data.*) =20 /* Add 4 bytes of extra space for a CRC-32 checksum */ - . =3D ALIGN(. + 4, 0x20); + . =3D ALIGN(. + 4, 0x200); _edata =3D . ; } . =3D ALIGN(L1_CACHE_BYTES); diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index a1f986105f00..b2771710ed98 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -36,6 +36,9 @@ SYSSEG =3D 0x1000 /* historical load address >> 4 */ #define ROOT_RDONLY 1 #endif =20 + .set salign, 0x1000 + .set falign, 0x200 + .code16 .section ".bstext", "ax" #ifdef CONFIG_EFI_STUB @@ -82,7 +85,7 @@ optional_header: =20 .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint =20 - .long 0x0200 # BaseOfCode + .long setup_size # BaseOfCode #ifdef CONFIG_X86_32 .long 0 # data #endif @@ -93,8 +96,8 @@ extra_header_fields: #else .quad 0 # ImageBase #endif - .long 0x20 # SectionAlignment - .long 0x20 # FileAlignment + .long salign # SectionAlignment + .long falign # FileAlignment .word 0 # MajorOperatingSystemVersion .word 0 # MinorOperatingSystemVersion .word LINUX_EFISTUB_MAJOR_VERSION # MajorImageVersion @@ -103,9 +106,10 @@ extra_header_fields: .word 0 # MinorSubsystemVersion .long 0 # Win32VersionValue =20 - .long setup_size + ZO__end # SizeOfImage + .long setup_size + ZO__end + pecompat_vsize + # SizeOfImage =20 - .long 0x200 # SizeOfHeaders + .long salign # SizeOfHeaders .long 0 # CheckSum .word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application) #ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES @@ -136,44 +140,51 @@ extra_header_fields: =20 # Section table section_table: - # - # The offset & size fields are filled in by build.c. - # .ascii ".setup" .byte 0 .byte 0 - .long 0 - .long 0x0 # startup_{32,64} - .long 0 # Size of initialized data - # on disk - .long 0x0 # startup_{32,64} - .long 0 # PointerToRelocations - .long 0 # PointerToLineNumbers - .word 0 # NumberOfRelocations - .word 0 # NumberOfLineNumbers - .long IMAGE_SCN_CNT_CODE | \ + .long setup_size - salign # VirtualSize + .long salign # VirtualAddress + .long pecompat_fstart - salign # SizeOfRawData + .long salign # PointerToRawData + + .long 0, 0, 0 + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ IMAGE_SCN_MEM_READ | \ - IMAGE_SCN_MEM_EXECUTE # Characteristics + IMAGE_SCN_MEM_DISCARDABLE # Characteristics =20 #ifdef CONFIG_EFI_MIXED - # - # The offset & size fields are filled in by build.c. - # .asciz ".compat" - .long 0 - .long 0x0 - .long 0 # Size of initialized data - # on disk - .long 0x0 - .long 0 # PointerToRelocations - .long 0 # PointerToLineNumbers - .word 0 # NumberOfRelocations - .word 0 # NumberOfLineNumbers + + .long 8 # VirtualSize + .long setup_size + ZO__end # VirtualAddress + .long pecompat_fsize # SizeOfRawData + .long pecompat_fstart # PointerToRawData + + .long 0, 0, 0 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ IMAGE_SCN_MEM_READ | \ IMAGE_SCN_MEM_DISCARDABLE # Characteristics -#endif =20 + /* + * Put the IA-32 machine type and the associated entry point address in + * the .compat section, so loaders can figure out which other execution + * modes this image supports. + */ + .pushsection ".pecompat", "a", @progbits + .balign falign + .set pecompat_vsize, salign + .globl pecompat_fstart +pecompat_fstart: + .byte 0x1 # Version + .byte 8 # Size + .word IMAGE_FILE_MACHINE_I386 # PE machine type + .long setup_size + ZO_efi32_pe_entry # Entrypoint + .popsection +#else + .set pecompat_vsize, 0 + .set pecompat_fstart, setup_size +#endif .ascii ".text" .byte 0 .byte 0 diff --git a/arch/x86/boot/setup.ld b/arch/x86/boot/setup.ld index 6d389499565c..83bb7efad8ae 100644 --- a/arch/x86/boot/setup.ld +++ b/arch/x86/boot/setup.ld @@ -36,16 +36,17 @@ SECTIONS . =3D ALIGN(16); .data : { *(.data*) } =20 + .pecompat : { *(.pecompat) } + PROVIDE(pecompat_fsize =3D setup_size - pecompat_fstart); + .signature : { setup_sig =3D .; LONG(0x5a5aaa55) =20 - /* Reserve some extra space for the compat section */ - setup_size =3D ALIGN(ABSOLUTE(.) + 32, 512); + setup_size =3D ALIGN(ABSOLUTE(.), 4096); setup_sects =3D ABSOLUTE(setup_size / 512); } =20 - . =3D ALIGN(16); .bss : { diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index faccff9743a3..10311d77c67f 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -47,9 +47,6 @@ typedef unsigned int u32; /* This must be large enough to hold the entire setup */ u8 buf[SETUP_SECT_MAX*512]; =20 -#define PECOFF_COMPAT_RESERVE 0x20 - -static unsigned long efi32_pe_entry; static unsigned long _edata; =20 /*----------------------------------------------------------------------*/ @@ -136,85 +133,6 @@ static void usage(void) die("Usage: build setup system zoffset.h image"); } =20 -#ifdef CONFIG_EFI_STUB - -static void update_pecoff_section_header_fields(char *section_name, u32 vm= a, u32 size, u32 datasz, u32 offset) -{ - unsigned int pe_header; - unsigned short num_sections; - u8 *section; - - pe_header =3D get_unaligned_le32(&buf[0x3c]); - num_sections =3D get_unaligned_le16(&buf[pe_header + 6]); - -#ifdef CONFIG_X86_32 - section =3D &buf[pe_header + 0xa8]; -#else - section =3D &buf[pe_header + 0xb8]; -#endif - - while (num_sections > 0) { - if (strncmp((char*)section, section_name, 8) =3D=3D 0) { - /* section header size field */ - put_unaligned_le32(size, section + 0x8); - - /* section header vma field */ - put_unaligned_le32(vma, section + 0xc); - - /* section header 'size of initialised data' field */ - put_unaligned_le32(datasz, section + 0x10); - - /* section header 'file offset' field */ - put_unaligned_le32(offset, section + 0x14); - - break; - } - section +=3D 0x28; - num_sections--; - } -} - -static void update_pecoff_section_header(char *section_name, u32 offset, u= 32 size) -{ - update_pecoff_section_header_fields(section_name, offset, size, size, off= set); -} - -static void update_pecoff_setup(unsigned int size) -{ - u32 setup_offset =3D 0x200; - u32 compat_offset =3D size - PECOFF_COMPAT_RESERVE; - u32 setup_size =3D compat_offset - setup_offset; - - update_pecoff_section_header(".setup", setup_offset, setup_size); - -#ifdef CONFIG_EFI_MIXED - update_pecoff_section_header(".compat", compat_offset, PECOFF_COMPAT_RESE= RVE); - - /* - * Put the IA-32 machine type (0x14c) and the associated entry point - * address in the .compat section, so loaders can figure out which other - * execution modes this image supports. - */ - buf[compat_offset] =3D 0x1; - buf[compat_offset + 1] =3D 0x8; - put_unaligned_le16(0x14c, &buf[compat_offset + 2]); - put_unaligned_le32(efi32_pe_entry + size, &buf[compat_offset + 4]); -#endif -} - -#else - -static inline void update_pecoff_setup(unsigned int size) {} - -#endif /* CONFIG_EFI_STUB */ - -static int reserve_pecoff_compat_section(int c) -{ - /* Reserve 0x20 bytes for .compat section */ - memset(buf+c, 0, PECOFF_COMPAT_RESERVE); - return PECOFF_COMPAT_RESERVE; -} - /* * Parse zoffset.h and find the entry points. We could just #include zoffs= et.h * but that would mean tools/build would have to be rebuilt every time. It= 's @@ -243,7 +161,6 @@ static void parse_zoffset(char *fname) p =3D (char *)buf; =20 while (p && *p) { - PARSE_ZOFS(p, efi32_pe_entry); PARSE_ZOFS(p, _edata); =20 p =3D strchr(p, '\n'); @@ -283,17 +200,14 @@ int main(int argc, char ** argv) die("Boot block hasn't got boot flag (0xAA55)"); fclose(file); =20 - c +=3D reserve_pecoff_compat_section(c); - /* Pad unused space with zeros */ - setup_sectors =3D (c + 511) / 512; + setup_sectors =3D (c + 4095) / 4096; + setup_sectors *=3D 8; if (setup_sectors < SETUP_SECT_MIN) setup_sectors =3D SETUP_SECT_MIN; i =3D setup_sectors*512; memset(buf+c, 0, i-c); =20 - update_pecoff_setup(i); - /* Open and stat the kernel file */ fd =3D open(argv[2], O_RDONLY); if (fd < 0) --=20 2.42.0.459.ge4e396fd5e-goog