lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 24 May 2020 16:22:14 -0700
From:   Fangrui Song <maskray@...gle.com>
To:     Arvind Sankar <nivedita@...m.mit.edu>
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Dmitry Golovin <dima@...ovin.in>,
        clang-built-linux@...glegroups.com,
        Ard Biesheuvel <ardb@...nel.org>,
        Masahiro Yamada <masahiroy@...nel.org>,
        Daniel Kiper <daniel.kiper@...cle.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/4] x86/boot: Remove runtime relocations from
 head_{32,64}.S


On 2020-05-24, Arvind Sankar wrote:
>The BFD linker generates runtime relocations for z_input_len and
>z_output_len, even though they are absolute symbols.
>
>Work around this by defining two variables input_len and output_len in
>addition to the symbols, and use them via position-independent
>references.
>
>This eliminates the last two runtime relocations in the head code and
>allows us to drop the -z noreloc-overflow flag to the linker.
>
>Signed-off-by: Arvind Sankar <nivedita@...m.mit.edu>
>---
> arch/x86/boot/compressed/Makefile  |  8 --------
> arch/x86/boot/compressed/head_32.S | 17 ++++++++---------
> arch/x86/boot/compressed/head_64.S |  4 ++--
> arch/x86/boot/compressed/mkpiggy.c |  6 ++++++
> 4 files changed, 16 insertions(+), 19 deletions(-)
>
>diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
>index aa9ed814e5fa..d3e882e855ee 100644
>--- a/arch/x86/boot/compressed/Makefile
>+++ b/arch/x86/boot/compressed/Makefile
>@@ -49,15 +49,7 @@ UBSAN_SANITIZE :=n
> KBUILD_LDFLAGS := -m elf_$(UTS_MACHINE)
> # Compressed kernel should be built as PIE since it may be loaded at any
> # address by the bootloader.
>-ifeq ($(CONFIG_X86_32),y)
> KBUILD_LDFLAGS += $(call ld-option, -pie) $(call ld-option, --no-dynamic-linker)
>-else
>-# To build 64-bit compressed kernel as PIE, we disable relocation
>-# overflow check to avoid relocation overflow error with a new linker
>-# command-line option, -z noreloc-overflow.
>-KBUILD_LDFLAGS += $(shell $(LD) --help 2>&1 | grep -q "\-z noreloc-overflow" \
>-	&& echo "-z noreloc-overflow -pie --no-dynamic-linker")
>-endif
> LDFLAGS_vmlinux := -T
>
> hostprogs	:= mkpiggy
>diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S
>index 66657bb99aae..064e895bad92 100644
>--- a/arch/x86/boot/compressed/head_32.S
>+++ b/arch/x86/boot/compressed/head_32.S
>@@ -193,18 +193,17 @@ SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
> /*
>  * Do the extraction, and jump to the new kernel..
>  */
>-				/* push arguments for extract_kernel: */
>-	pushl	$z_output_len	/* decompressed length, end of relocs */
>+	/* push arguments for extract_kernel: */
>
>-	pushl	%ebp		/* output address */
>-
>-	pushl	$z_input_len	/* input_len */
>+	pushl	output_len@...OFF(%ebx)	/* decompressed length, end of relocs */
>+	pushl	%ebp			/* output address */
>+	pushl	input_len@...OFF(%ebx)	/* input_len */
> 	leal	input_data@...OFF(%ebx), %eax
>-	pushl	%eax		/* input_data */
>+	pushl	%eax			/* input_data */
> 	leal	boot_heap@...OFF(%ebx), %eax
>-	pushl	%eax		/* heap area */
>-	pushl	%esi		/* real mode pointer */
>-	call	extract_kernel	/* returns kernel location in %eax */
>+	pushl	%eax			/* heap area */
>+	pushl	%esi			/* real mode pointer */
>+	call	extract_kernel		/* returns kernel location in %eax */
> 	addl	$24, %esp
>
> /*
>diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
>index f6ba32cd5702..6e4704b6a94e 100644
>--- a/arch/x86/boot/compressed/head_64.S
>+++ b/arch/x86/boot/compressed/head_64.S
>@@ -508,9 +508,9 @@ SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
> 	movq	%rsi, %rdi		/* real mode address */
> 	leaq	boot_heap(%rip), %rsi	/* malloc area for uncompression */
> 	leaq	input_data(%rip), %rdx  /* input_data */
>-	movl	$z_input_len, %ecx	/* input_len */
>+	movl	input_len(%rip), %ecx	/* input_len */
> 	movq	%rbp, %r8		/* output target address */
>-	movl	$z_output_len, %r9d	/* decompressed length, end of relocs */
>+	movl	output_len(%rip), %r9d	/* decompressed length, end of relocs */
> 	call	extract_kernel		/* returns kernel location in %rax */
> 	popq	%rsi
>
>diff --git a/arch/x86/boot/compressed/mkpiggy.c b/arch/x86/boot/compressed/mkpiggy.c
>index 7e01248765b2..52aa56cdbacc 100644
>--- a/arch/x86/boot/compressed/mkpiggy.c
>+++ b/arch/x86/boot/compressed/mkpiggy.c
>@@ -60,6 +60,12 @@ int main(int argc, char *argv[])
> 	printf(".incbin \"%s\"\n", argv[1]);
> 	printf("input_data_end:\n");
>
>+	printf(".section \".rodata\",\"a\",@progbits\n");
>+	printf(".globl input_len\n");
>+	printf("input_len:\n\t.long %lu\n", ilen);
>+	printf(".globl output_len\n");
>+	printf("output_len:\n\t.long %lu\n", (unsigned long)olen);
>+
> 	retval = 0;
> bail:
> 	if (f)
>-- 
>2.26.2
>

Probably worth mentioning that this works around GNU ld<2.35


This commit fixing https://sourceware.org/bugzilla/show_bug.cgi?id=25754
also fixed the bug. (Just verified that both 2.24 and 2.34 have the bug. binutils-gdb HEAD (future 2.35) is good.)

% cat a.s
pushl $z_input_len
% cat b.s
.globl z_input_len
z_input_len = 0xb612
% gcc -m32 -c a.s b.s
% ld.bfd -m elf_i386 -pie a.o b.o  # has an incorrect R_386_RELATIVE before binutils 2.35


Reviewed-by: Fangrui Song <maskray@...gle.com>

Powered by blists - more mailing lists