lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKv+Gu_eSe+FeNkGm+w3sSsRn2_hr70xLVBieZgyhawAv6PQvw@mail.gmail.com>
Date:	Wed, 3 Sep 2014 08:06:53 +0200
From:	Ard Biesheuvel <ard.biesheuvel@...aro.org>
To:	Matt Fleming <matt@...sole-pimps.org>
Cc:	Maarten Lankhorst <maarten.lankhorst@...onical.com>,
	Ulf Winkelvos <ulf@...kelvos.de>,
	Matt Fleming <matt.fleming@...el.com>,
	LKML <linux-kernel@...r.kernel.org>,
	"x86@...nel.org" <x86@...nel.org>,
	"H. Peter Anvin" <hpa@...or.com>,
	"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
	Seth Forshee <seth.forshee@...onical.com>,
	Matthew Garrett <mjg59@...f.ucam.org>
Subject: Re: [REGRESSION] "efi: efistub: Convert into static library" and
 preparation patches

On 2 September 2014 21:29, Matt Fleming <matt@...sole-pimps.org> wrote:
> On Tue, 02 Sep, at 05:25:58PM, Maarten Lankhorst wrote:
>> Hey,
>>
>> My macbook pro 8.2 fails to do a efi stub boot with these patches.
>>
>> Commit f23cf8bd5c1f49 "efi/x86: efistub: Move shared dependencies to <asm/efi.h>"
>> causes the first break, but this can be averted by changing
>>
>> struct efi_config *efi_early;
>>
>> to
>>
>> struct efi_config *efi_early __attribute__((visibility("hidden")));
>
> Weird. That sounds like a bug in the Apple EFI PE loader. Does any other
> visibility result in a working kernel?
>
>> I also need to revert commit f4f75ad5741fe "efi: efistub: Convert into static library"
>> to get boot working.
>
> I'll take a look at the symbol changes between these commits and try and
> guess what's going on.
>
>> I'm not an early boot expert, so I have no idea what's going on here.
>> Only console output I see when the boot fails is "setup_efi_pci() failed!" after
>> the commit that adds this message.
>
> Yeah, that should be unrelated.
>
> Thanks for the report.
>

If x86 is anything like ARM in this respect, this is likely caused by
the way PIC references to globals are emitted.
When using default visibility, a reference to a global is emitted by a
reference to the GOT, and an offset into the GOT, and the two are
added and dereferenced at runtime. For this to work, the GOT needs to
contain the correct absolute address for the global in question. This,
in turn, relies on absolute relocations to be resolved at load time,
which we don't do with the EFI stub. Could it be that the link address
and load address are usually the same on x86 EFI but not on the Mac?

With hidden visibility, the PIC reference is emitted using a relative
relocation, to which the value of the program counter is added at
runtime, and no GOT is involved, and all relocations can be resolved
at build time.

I think it makes sense to add a #pragma GCC visibility push(hidden) to
efistub.h (if pragmas are in fashion these days), making sure that no
global references (not even externs) will generate GOT entries.

-- 
Ard.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ