1. Patchew
  2. linux
  3. View series

[PATCH v3 0/4] x86: Rid .head.text of all abs references

Ard Biesheuvel posted 4 patches 1 year, 8 months ago
There is a newer version of this series
arch/x86/include/asm/setup.h |  2 +-
arch/x86/kernel/head64.c     | 38 ++++++++++++--------
arch/x86/kernel/head_64.S    |  9 ++++-
arch/x86/kernel/sev.c        | 15 +++-----
arch/x86/platform/pvh/head.S |  2 +-
5 files changed, 38 insertions(+), 28 deletions(-)
[PATCH v3 0/4] x86: Rid .head.text of all abs references
Posted by Ard Biesheuvel 1 year, 8 months ago 
From: Ard Biesheuvel <ardb@kernel.org>

This series removes the last remaining absolute symbol references from
.head.text. Doing so is necessary because code in this section may be
called from a 1:1 mapping of memory, which deviates from the mapping
this code was linked and/or relocated to run at. This is not something
that the toolchains support: even PIC/PIE code is still assumed to
execute from the same mapping that it was relocated to run from by the
startup code or dynamic loader. This means we are basically on our own
here, and need to add measures to ensure the code works as expected in
this manner.

Given that the startup code needs to create the kernel virtual mapping
in the page tables, early references to some kernel virtual addresses
are valid even if they cannot be dereferenced yet. To avoid having to
make this distinction at build time, patches #3 and #4 replace such
valid references with RIP-relative references with an offset applied.

Patches #1 and #2 remove some absolute references from .head.text that
don't need to be there in the first place.

Changes since v2:
- Rebase onto v6.10-rc2
- Tweak commit log of patch #3

Changes since v1/RFC:
- rename va_offset to p2v_offset
- take PA of _text in C code directly

Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Kees Cook <keescook@chromium.org>
Cc: Brian Gerst <brgerst@gmail.com>

Ard Biesheuvel (4):
  x86/sev: Avoid WARN()s in early boot code
  x86/xen/pvh: Move startup code into .ref.text
  x86/boot/64: Determine VA/PA offset before entering C code
  x86/boot/64: Avoid intentional absolute symbol references in
    .head.text

 arch/x86/include/asm/setup.h |  2 +-
 arch/x86/kernel/head64.c     | 38 ++++++++++++--------
 arch/x86/kernel/head_64.S    |  9 ++++-
 arch/x86/kernel/sev.c        | 15 +++-----
 arch/x86/platform/pvh/head.S |  2 +-
 5 files changed, 38 insertions(+), 28 deletions(-)

-- 
2.45.1.288.g0e0cd299f1-goog
Re: [PATCH v3 0/4] x86: Rid .head.text of all abs references
Posted by Borislav Petkov 1 year, 3 months ago 
On Wed, Jun 05, 2024 at 12:16:11PM +0200, Ard Biesheuvel wrote:
> From: Ard Biesheuvel <ardb@kernel.org>
> 
> This series removes the last remaining absolute symbol references from
> .head.text. Doing so is necessary because code in this section may be
> called from a 1:1 mapping of memory, which deviates from the mapping
> this code was linked and/or relocated to run at. This is not something
> that the toolchains support: even PIC/PIE code is still assumed to
> execute from the same mapping that it was relocated to run from by the
> startup code or dynamic loader. This means we are basically on our own
> here, and need to add measures to ensure the code works as expected in
> this manner.
> 
> Given that the startup code needs to create the kernel virtual mapping
> in the page tables, early references to some kernel virtual addresses
> are valid even if they cannot be dereferenced yet. To avoid having to
> make this distinction at build time, patches #3 and #4 replace such
> valid references with RIP-relative references with an offset applied.
> 
> Patches #1 and #2 remove some absolute references from .head.text that
> don't need to be there in the first place.
> 
> Changes since v2:
> - Rebase onto v6.10-rc2
> - Tweak commit log of patch #3
> 
> Changes since v1/RFC:
> - rename va_offset to p2v_offset
> - take PA of _text in C code directly
> 
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Ingo Molnar <mingo@redhat.com>
> Cc: Borislav Petkov <bp@alien8.de>
> Cc: Dave Hansen <dave.hansen@linux.intel.com>
> Cc: Andy Lutomirski <luto@kernel.org>
> Cc: Arnd Bergmann <arnd@arndb.de>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Brian Gerst <brgerst@gmail.com>
> 
> Ard Biesheuvel (4):
>   x86/sev: Avoid WARN()s in early boot code
>   x86/xen/pvh: Move startup code into .ref.text
>   x86/boot/64: Determine VA/PA offset before entering C code
>   x86/boot/64: Avoid intentional absolute symbol references in
>     .head.text

Those look forgotten in my mbox. Do we still want them to go somewhere?

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette
Re: [PATCH v3 0/4] x86: Rid .head.text of all abs references
Posted by Ard Biesheuvel 1 year, 3 months ago 
On Thu, 7 Nov 2024 at 17:00, Borislav Petkov <bp@alien8.de> wrote:
>
> On Wed, Jun 05, 2024 at 12:16:11PM +0200, Ard Biesheuvel wrote:
> > From: Ard Biesheuvel <ardb@kernel.org>
> >
> > This series removes the last remaining absolute symbol references from
> > .head.text. Doing so is necessary because code in this section may be
> > called from a 1:1 mapping of memory, which deviates from the mapping
> > this code was linked and/or relocated to run at. This is not something
> > that the toolchains support: even PIC/PIE code is still assumed to
> > execute from the same mapping that it was relocated to run from by the
> > startup code or dynamic loader. This means we are basically on our own
> > here, and need to add measures to ensure the code works as expected in
> > this manner.
> >
> > Given that the startup code needs to create the kernel virtual mapping
> > in the page tables, early references to some kernel virtual addresses
> > are valid even if they cannot be dereferenced yet. To avoid having to
> > make this distinction at build time, patches #3 and #4 replace such
> > valid references with RIP-relative references with an offset applied.
> >
> > Patches #1 and #2 remove some absolute references from .head.text that
> > don't need to be there in the first place.
> >
> > Changes since v2:
> > - Rebase onto v6.10-rc2
> > - Tweak commit log of patch #3
> >
> > Changes since v1/RFC:
> > - rename va_offset to p2v_offset
> > - take PA of _text in C code directly
> >
> > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > Cc: Thomas Gleixner <tglx@linutronix.de>
> > Cc: Ingo Molnar <mingo@redhat.com>
> > Cc: Borislav Petkov <bp@alien8.de>
> > Cc: Dave Hansen <dave.hansen@linux.intel.com>
> > Cc: Andy Lutomirski <luto@kernel.org>
> > Cc: Arnd Bergmann <arnd@arndb.de>
> > Cc: Kees Cook <keescook@chromium.org>
> > Cc: Brian Gerst <brgerst@gmail.com>
> >
> > Ard Biesheuvel (4):
> >   x86/sev: Avoid WARN()s in early boot code
> >   x86/xen/pvh: Move startup code into .ref.text
> >   x86/boot/64: Determine VA/PA offset before entering C code
> >   x86/boot/64: Avoid intentional absolute symbol references in
> >     .head.text
>
> Those look forgotten in my mbox. Do we still want them to go somewhere?
>

I'll get back to this next cycle. Patch #2 has become redundant now,
and I need to incorporate some feedback from Tom into patch #1.

I imagine #3 and #4 should still apply, and they could be taken
independently, but there is no urgency.

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.