From nobody Thu Jan 30 19:08:08 2025 Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com [209.85.221.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5288F1FF1B5 for ; Mon, 27 Jan 2025 11:43:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737978235; cv=none; b=CyCiqqzlFjwE9AGG73Mibe39JvG+isBfLHM6BfdfzhDFt0SKj8X8XmZLjmKUY1p0/iEynY5emyc1UL6XF0aX4MNsQDbBgmFHtP0PQSr/ihnGaC+UanK18gGeT2+TNP84Snk9+0Z6/Q9Ldvlj/MOAfgtwa1tFjOlrd6Y6L01xU6M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737978235; c=relaxed/simple; bh=Rw7G1h9Mm5m0Rqqtpv2pG1QAtAwmucAqwhcPdCjMHsE=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=l2eG9FCVWCb889G5WsxN+dI/+LfgOoE1p99XrkN4YThy849vCq0tTuICCUgsIAzk/E+nS76jG0p4ifnoWau45bQErEGlxLNPlR41aB/qF9g4zZEtdxiUO7ABtoqldRQKiPmFJRM2secxBWiPpHJps5UdjCn6IZNK9KhMfdZmd1Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=WyML4/sA; arc=none smtp.client-ip=209.85.221.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="WyML4/sA" Received: by mail-wr1-f74.google.com with SMTP id ffacd0b85a97d-38c24ac3415so3477624f8f.2 for ; Mon, 27 Jan 2025 03:43:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737978231; x=1738583031; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=g5TdEKj++12/9w4Rdmd4D/a0SZj89JUunTQfRarbp/8=; b=WyML4/sAoRPetc9uOAYxXu7wmSJnONS6SNcJmqOD+fAEe/egAMU7lFc4BJuvm2wfXL SUag+c1hUKvBtq0s+uaNCiccN4g50iLiassxZqRxc4RgzAV5nc9XSpy39rDpMqhd9TgF 8L142cQorqo4gDkh9H1zo1PvrGvYlGJJ4tJUD/GiwblDU1gWpXbVZtARckGPbDdrNGDa dcNGo+dfkwZPYX7XjI35JnWfcpZM8FNI8Goe41/+LmS1jjI2JRa3DJRtw8gX5IQ1z/vT SrXlT524avCmeRjQyAtUPaWSJFQjJ3vGhMqcW+djsWKBDqkmqL9d1fjxOmDIbx3g4doz +zpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737978231; x=1738583031; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=g5TdEKj++12/9w4Rdmd4D/a0SZj89JUunTQfRarbp/8=; b=Al6hEUYJmTlouEHDzVnXcPDneiCeRh1MXzOTtbH7EUxg4N7PyUC7mukWU+Ym284lZK eQIapMQEhpC1c2cuE6KGshomlHOeXRYlDg07BSbPHmJrw7bgmUHTeMIrqdISsQVDgs0A k0+C9JXJQz33+EiFzmFty/T7JfREEG8mOu1MFsBQOiIy1Q3M0HEPGQTt762J/n25VFQP ocWuwkep0LZ/q9hmXtpduzpicak+AVUZxcRoRQClwuZ8GfUNUbOU0iCHivIlJhjjhXEy XqPjYwbtwkcCsYwHb2cFRoI4uBZjNeDrsoi+HW/uYXhD9g2aiTuGcKUuw/2ZcKJiV568 sGog== X-Gm-Message-State: AOJu0YyGQr6gROvpy1xr2gzh5uWX+BXqvusPEhNo7gRm8XoFWboXNMWB XQkFMaJ9croxBjZ2VdJkK4Z/TI57sUg1IGFDcbf1hlSiQZu2Koy6Fhj6398APKuCjLuNdFO9q+A MiBXCVcKsPmWqgxRsmVvNqOHesS5Ip9deuTzvgbNxj2Q/4t1GH6Z5COrzQjmNY+gC5mrLq+dwS5 yVdl4IM+YEQsT85v0vqvb6sM3dfTQiHQ== X-Google-Smtp-Source: AGHT+IERjn9RVrdg5Y5Gh6f/IyNBTRjNV/8facnUvIPpUrZjkN2vxlaXMSdH3Y3bJ9TAz6s70/Abb1t7 X-Received: from wrbfu6.prod.google.com ([2002:a05:6000:25e6:b0:38c:3e26:5bd8]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a5d:5906:0:b0:386:43c9:3ac2 with SMTP id ffacd0b85a97d-38bf5659ce2mr31929016f8f.15.1737978231477; Mon, 27 Jan 2025 03:43:51 -0800 (PST) Date: Mon, 27 Jan 2025 12:43:36 +0100 In-Reply-To: <20250127114334.1045857-4-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250127114334.1045857-4-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1710; i=ardb@kernel.org; h=from:subject; bh=+HpXnRUb1oZjeVZUHoeruZsA5gOTtAup4kLlcX8D2c0=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIX16YZZ3aJT9Q98vJQLOx1785vg9L97LW1V8nrjaJi+1j BeZCxw7SlkYxDgYZMUUWQRm/3238/REqVrnWbIwc1iZQIYwcHEKwESWqjL8U968/oDNwXubZ/Rt 3P9u3nTjrU/zfZtTH57/tnel8YqmEj2Gf5q+zWJlnW6tN7q/fa1kPfk1yepqgvW7HQUCn/dXZP2 +zgoA X-Mailer: git-send-email 2.48.1.262.g85cc9f2d1e-goog Message-ID: <20250127114334.1045857-5-ardb+git@google.com> Subject: [RFC PATCH 1/2] x86/relocs: Improve diagnostic for rejected absolute references From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: x86@kernel.org, Ard Biesheuvel , Ingo Molnar , Linus Torvalds , Tom Lendacky , Nathan Chancellor Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Compiler emitted absolute references are often section-relative, as the objects in question sometimes don't even exist in the C code (e.g., jump tables) or have static linkage. Enhance the diagnostic that is printed when detecting absolute references in .head.text, but printing the addend of the symbol reference, and the location in vmlinux where the reference can be found. So instead of printing Absolute reference to symbol '.rodata' detected not permitted in .head.te= xt and failing the build, print the below but only as a warning. Absolute reference to symbol '.rodata+0x180' detected in .head.text (0xff= ffffff820cb4ba). This kernel may might not boot. Not failing the build also works around the issue that the file vmlinux will be deleted by make when an error occurs, which is not very helpful in trying to narrow down the problem. Reported-by: Linus Torvalds Signed-off-by: Ard Biesheuvel --- arch/x86/tools/relocs.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/arch/x86/tools/relocs.c b/arch/x86/tools/relocs.c index e937be979ec8..134cf5cfe7bd 100644 --- a/arch/x86/tools/relocs.c +++ b/arch/x86/tools/relocs.c @@ -901,9 +901,10 @@ static int do_reloc64(struct section *sec, Elf_Rel *re= l, ElfW(Sym) *sym, } =20 if (headtext) { - die("Absolute reference to symbol '%s' not permitted in .head.text\n", - symname); - break; + fprintf(stderr, + "Absolute reference to symbol '%s+0x%lx' detected in .head.text (0x%lx= ).\n" + "This kernel might not boot.\n", + symname, rel->r_addend, offset); } =20 /* --=20 2.48.1.262.g85cc9f2d1e-goog From nobody Thu Jan 30 19:08:08 2025 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8A7D31FF1B9 for ; Mon, 27 Jan 2025 11:43:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737978237; cv=none; b=juG/x8XgyYw5F3XCH29i9EzVuZXh+gYbduUrEcbOJdoVY6+7cJD42gIKphfdorhrf8agfSA01e1H5E/ZUGUOc6Eoms4jR3ENUS/J+4r4sxjUMCC2bxifb7dZyyJgOPQ7tk5HptNIU2EUNkiWTNfRdcAYosNiToKGo9YBdNXIYSI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737978237; c=relaxed/simple; bh=h5aAdCiC/z7wmjxSLB+JDCEAThZF/hexIa1w++Mdmb4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=VqPhtcxeccaU6y/64W6I0cvV17BMRSGFpv2bzpZWTlLGKKqTuAejPIAa9RtpRz5RkRM2IYEpwZb5k9XFr+BVve+Bz+o6Z3KaUhpuSs628qZTc8nT4Ig8Wabs4MhYFjd2RAd1fOb9cIdYgtmZB2uGT/7gTfVkJyyF2ZKaHkY97zw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=x6EcE05p; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="x6EcE05p" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-4362153dcd6so21783855e9.2 for ; Mon, 27 Jan 2025 03:43:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737978234; x=1738583034; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=cMPQzKxm/w/ffiD9n6d2cK5uExb867JwWI9r2LptbiU=; b=x6EcE05pwb7Nd9xfykOufn2LbMRHATMiiRDjUg+N6PThhv/Dr6FXZrgDpnk0EMFSBk imX2PUMzIizqsZLqSBY8I/x3gX34k6GRNQdXXVjNYsELOUbIguEf8IqCeXe3ab43ETc9 ThHqDctaBuZVRk1j/yypObdzdZOIbBfne+2ciMpz1BBEiV5BR1md/8UT0KKdV+sjItAx ADr9RvxvrUa8KCPztN5bpsqpAj/lEoVFgSEOJpQz3KVkhIUMlray0BbB4MlFs5aXZSsv kYLKA7tBlnFsHCGZ7p4wN2TzLD3JSMRxGy6HoELTy6J8zEWAxk6gbHHlDE097Br3sULj Z1UA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737978234; x=1738583034; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=cMPQzKxm/w/ffiD9n6d2cK5uExb867JwWI9r2LptbiU=; b=iCYoac/RL++ipgt820HvYCU1mO7ZJPmDgitquVgokHEsjrxPufIit+E57ytSXomdXC mc9gC2XYKeuPYL9l+aXCd9pjx9GUA7Fqbr/L51eLEohhHNLiUN8Fm6cL8ZfJH18wT8Jb Wusxl3VBLpAN6G98wJrrtRjZ1rAIuvB4ChAZcXmh/OoATLQ2V+BOQ1B6ObVu66NuhL1W 9JZ3DngJIvu7ABgGk0ZNjkSVJf89od3vPhG1g54ty8n9FmXBCI796XuVERFhdnda7Ic9 GIKUlflQFPGBuCpTFLT0euUcPvWqQbFwpbSUA0ZIsnxq/odQ9xooC+X2+M46yUKW8Axq LHdw== X-Gm-Message-State: AOJu0YyKXPIRYsvbWjnoISjgiSDJJRX2quUtSMwrKumuUyO2Fm2Smf5B ZomiML2oK2Hr1Yv2GgEL9Vzc2mpY7gan89yvTk2Ix9W76z+rWzH2t+1f+aC8X/exoy55+szFSRO FUonbjwCKyveB3PaARk9M+SQDy/2uVD0TmfRXJCQ/CYMpwVFfbrZTEU00tnByTp4QOcNORlo55v fG2Ufo8gDVDQ6HKqH8HUrK4TJzupZs6g== X-Google-Smtp-Source: AGHT+IF8A3ogQiVHISuxguMCz73gpQHnvFW7r9xcG5ZgPgOAO56d8vWYF84bLQrohn0FuMHvr6lthJ3k X-Received: from wmfu16.prod.google.com ([2002:a05:600c:1390:b0:434:f513:bb24]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:3b02:b0:431:54d9:da57 with SMTP id 5b1f17b1804b1-4389144d5a1mr407101025e9.30.1737978233933; Mon, 27 Jan 2025 03:43:53 -0800 (PST) Date: Mon, 27 Jan 2025 12:43:37 +0100 In-Reply-To: <20250127114334.1045857-4-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250127114334.1045857-4-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1308; i=ardb@kernel.org; h=from:subject; bh=4QNs9nyeGIc0ZFWgyBvYdb7WIoimOJ+gH4hygxZobHw=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIX16YfZ266Z4nwNtJ73cviVnSVvmvlunJbKqakLsztTbe 73+vZDvKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABP5Vs/IcOvH5Jb7BrzqAun5 HGo8l3U0zXTK/Rasnufw8YnyJc2+FoZ/1gnvXj7kbcucdcLp2GwFa2vDmKvrVj5+t/LVXkHJOV7 LWAE= X-Mailer: git-send-email 2.48.1.262.g85cc9f2d1e-goog Message-ID: <20250127114334.1045857-6-ardb+git@google.com> Subject: [RFC PATCH 2/2] x86/sev: Disable jump tables in SEV startup code From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: x86@kernel.org, Ard Biesheuvel , Ingo Molnar , Linus Torvalds , Tom Lendacky , Nathan Chancellor Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel When retpolines and IBT are both disabled, the compiler is free to use jump tables to optimize switch instructions. However, these are emitted by Clang as absolute references into .rodata, e.g., jmp *-0x7dfffe90(,%r9,8) R_X86_64_32S .rodata+0x170 Given that this code will execute before that address in .rodata has even been mapped, it is guaranteed to crash a SEV-SNP guest in a way that is difficult to diagnose. So disable jump tables when building this code. It would be better if we could attach this annotation to the __head macro but this appears to be impossible. Reported-by: Linus Torvalds Signed-off-by: Ard Biesheuvel --- arch/x86/coco/sev/Makefile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/coco/sev/Makefile b/arch/x86/coco/sev/Makefile index 08de37559307..dcb06dc8b5ae 100644 --- a/arch/x86/coco/sev/Makefile +++ b/arch/x86/coco/sev/Makefile @@ -2,6 +2,10 @@ =20 obj-y +=3D core.o =20 +# jump tables are emitted using absolute references in non-PIC code +# so they cannot be used in the early SEV startup code +CFLAGS_core.o +=3D -fno-jump-tables + ifdef CONFIG_FUNCTION_TRACER CFLAGS_REMOVE_core.o =3D -pg endif --=20 2.48.1.262.g85cc9f2d1e-goog