From nobody Wed Dec 17 16:02:03 2025
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 0ABD0EED629
	for <linux-kernel@archiver.kernel.org>; Fri, 15 Sep 2023 17:17:53 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235996AbjIORRj (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 15 Sep 2023 13:17:39 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57976 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235618AbjIORRV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 15 Sep 2023 13:17:21 -0400
Received: from mail-wm1-x34a.google.com (mail-wm1-x34a.google.com
 [IPv6:2a00:1450:4864:20::34a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6789483
        for <linux-kernel@vger.kernel.org>;
 Fri, 15 Sep 2023 10:17:16 -0700 (PDT)
Received: by mail-wm1-x34a.google.com with SMTP id
 5b1f17b1804b1-4043bc7c6c3so16850355e9.0
        for <linux-kernel@vger.kernel.org>;
 Fri, 15 Sep 2023 10:17:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1694798235; x=1695403035;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=dkTB3o3SPk7wjY/BW3gazMut0HVQWM74hCgIhcCAFcM=;
        b=ZWXxIkRh9nRkC94H5YYVb8JyyyoyH56QsJDdB4IOp4vjiCcPJlL6vIiw8kbRaCufeN
         F+7ObMm43lNO28RDFCJR69rlLvAPLD16lZdxfO959qXRPuNqdsDF57uP8hBSRsQKUInl
         ftSFXRt6mCsSA4zgBBMNVS5hXSuikpxYhTXJUR4YqS/krlft1M0CRw5Yttb4AZMTpevM
         6V9fsVP+vi8QpMHDWchn/M9kqZIxKiby1eMYz7fxA5ogNSdmLPhODCzNlyV8zDRY4f6G
         mbq/RK/68eoZdE2+o0KciXIHSgjQMpPvlo4zcS+M47reCtcCOwEb2FjOAc2d7zkeVjai
         2lkQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1694798235; x=1695403035;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=dkTB3o3SPk7wjY/BW3gazMut0HVQWM74hCgIhcCAFcM=;
        b=MB+ZqwcAKw/cC8vufV64f36lxOxCetbrtfEsmfN5329MtC0t2nSCkfR38GjZvB61r9
         kURzU+e6fLPKPwYa/flkdleyALcQEIdd//A+VjuHV3aKDl3nIWiK145QKYnmvzEFyJhr
         agvVUQzJZKIDcmL6nNgTA+G7HQhn11RNIGqEnbNfq1gsRYOgNVpIo/Nr7YUSY7v+KnE9
         kzD0KvM39cR/JwSGTV1eLNVVlSLGbD5VqgqPAETXOtxpl1a6pm05utG2dbjCE+emrpjR
         ZyfplnTk1TgBDmJX9BTCLpshhsILMGZBHdCPeN2eZlE/6ZMBn4Du6x7eHMiFgKn5eJoQ
         JkkQ==
X-Gm-Message-State: AOJu0YyJWpoxgd9tdZVOVlj4LBXZa8vW20i1pnpk9t4J+jG3TkVIRaJ0
        Tg8N9Qsg3ceC+QJ8esg25a9FRKVL
X-Google-Smtp-Source: 
 AGHT+IFe27YEZhA0sbvSt/cpekqWltdeIKy+EnsuI1eFAF6hPycSPLLkz1Qdaat1fmsMKURuaqfdnOtx
X-Received: from palermo.c.googlers.com
 ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a])
 (user=ardb job=sendgmr) by 2002:a05:6000:1083:b0:31f:fb07:71e7 with SMTP id
 y3-20020a056000108300b0031ffb0771e7mr7394wrw.11.1694798234796; Fri, 15 Sep
 2023 10:17:14 -0700 (PDT)
Date: Fri, 15 Sep 2023 17:16:31 +0000
In-Reply-To: <20230915171623.655440-10-ardb@google.com>
Mime-Version: 1.0
References: <20230915171623.655440-10-ardb@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=2782; i=ardb@kernel.org;
 h=from:subject; bh=JN1IibTT0fAem44DQARhAKlugEKQ8yHMl5ANx7IKCog=;
 b=owGbwMvMwCFmkMcZplerG8N4Wi2JIZVlYt4UH8XjFRfNkhO9PjNPdIvT/2p0lIvL/Ib3wYqbV
 38WWe3qKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABO5/Jfhv9PJvXdPTz65ueLs
 5eernJ5+Et/NahCcGs4ecrZEetJdy72MDB8PhB2/8NEkZmmWU0kYQ2HRH7NzfYzhUy07U1qXFe1
 7yw8A
X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog
Message-ID: <20230915171623.655440-17-ardb@google.com>
Subject: [PATCH v3 7/8] x86/boot: Split off PE/COFF .data section
From: Ard Biesheuvel <ardb@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
        Evgeniy Baskov <baskov@ispras.ru>,
        Borislav Petkov <bp@alien8.de>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Ingo Molnar <mingo@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Peter Jones <pjones@redhat.com>,
        Matthew Garrett <mjg59@srcf.ucam.org>,
        Gerd Hoffmann <kraxel@redhat.com>,
        Kees Cook <keescook@chromium.org>,
        "H. Peter Anvin" <hpa@zytor.com>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

Describe the code and data of the decompressor binary using separate
.text and .data PE/COFF sections, so that we will be able to map them
using restricted permissions once we increase the section and file
alignment sufficiently. This avoids the need for memory mappings that
are writable and executable at the same time, which is something that
is best avoided for security reasons.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/x86/boot/Makefile |  2 +-
 arch/x86/boot/header.S | 19 +++++++++++++++----
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile
index cc04917b1ac6..3cece19b7473 100644
--- a/arch/x86/boot/Makefile
+++ b/arch/x86/boot/Makefile
@@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vmlinux FORCE
=20
 SETUP_OBJS =3D $(addprefix $(obj)/,$(setup-y))
=20
-sed-zoffset :=3D -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub=
_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\=
|_edata\|z_.*\)$$/\#define ZO_\2 0x\1/p'
+sed-zoffset :=3D -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub=
_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\=
|_e\?data\|z_.*\)$$/\#define ZO_\2 0x\1/p'
=20
 quiet_cmd_zoffset =3D ZOFFSET $@
       cmd_zoffset =3D $(NM) $< | sed -n $(sed-zoffset) > $@
diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
index 9e9641e220a7..a1f986105f00 100644
--- a/arch/x86/boot/header.S
+++ b/arch/x86/boot/header.S
@@ -75,9 +75,9 @@ optional_header:
 	.byte	0x02				# MajorLinkerVersion
 	.byte	0x14				# MinorLinkerVersion
=20
-	.long	setup_size + ZO__end - 0x200	# SizeOfCode
+	.long	ZO__data			# SizeOfCode
=20
-	.long	0				# SizeOfInitializedData
+	.long	ZO__end - ZO__data		# SizeOfInitializedData
 	.long	0				# SizeOfUninitializedData
=20
 	.long	setup_size + ZO_efi_pe_entry	# AddressOfEntryPoint
@@ -178,9 +178,9 @@ section_table:
 	.byte	0
 	.byte	0
 	.byte	0
-	.long	ZO__end
+	.long	ZO__data
 	.long	setup_size
-	.long	ZO__edata			# Size of initialized data
+	.long	ZO__data			# Size of initialized data
 						# on disk
 	.long	setup_size
 	.long	0				# PointerToRelocations
@@ -191,6 +191,17 @@ section_table:
 		IMAGE_SCN_MEM_READ		| \
 		IMAGE_SCN_MEM_EXECUTE		# Characteristics
=20
+	.ascii	".data\0\0\0"
+	.long	ZO__end - ZO__data		# VirtualSize
+	.long	setup_size + ZO__data		# VirtualAddress
+	.long	ZO__edata - ZO__data		# SizeOfRawData
+	.long	setup_size + ZO__data		# PointerToRawData
+
+	.long	0, 0, 0
+	.long	IMAGE_SCN_CNT_INITIALIZED_DATA	| \
+		IMAGE_SCN_MEM_READ		| \
+		IMAGE_SCN_MEM_WRITE		# Characteristics
+
 	.set	section_count, (. - section_table) / 40
 #endif /* CONFIG_EFI_STUB */
=20
--=20
2.42.0.459.ge4e396fd5e-goog