| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200524232214.i7rfpdzoam6tpt6n@google.com>
Date: Sun, 24 May 2020 16:22:14 -0700
From: Fangrui Song <maskray@...gle.com>
To: Arvind Sankar <nivedita@...m.mit.edu>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
Nick Desaulniers <ndesaulniers@...gle.com>,
Dmitry Golovin <dima@...ovin.in>,
clang-built-linux@...glegroups.com,
Ard Biesheuvel <ardb@...nel.org>,
Masahiro Yamada <masahiroy@...nel.org>,
Daniel Kiper <daniel.kiper@...cle.com>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/4] x86/boot: Remove runtime relocations from
head_{32,64}.S
On 2020-05-24, Arvind Sankar wrote:
>The BFD linker generates runtime relocations for z_input_len and
>z_output_len, even though they are absolute symbols.
>
>Work around this by defining two variables input_len and output_len in
>addition to the symbols, and use them via position-independent
>references.
>
>This eliminates the last two runtime relocations in the head code and
>allows us to drop the -z noreloc-overflow flag to the linker.
>
>Signed-off-by: Arvind Sankar <nivedita@...m.mit.edu>
>---
> arch/x86/boot/compressed/Makefile | 8 --------
> arch/x86/boot/compressed/head_32.S | 17 ++++++++---------
> arch/x86/boot/compressed/head_64.S | 4 ++--
> arch/x86/boot/compressed/mkpiggy.c | 6 ++++++
> 4 files changed, 16 insertions(+), 19 deletions(-)
>
>diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
>index aa9ed814e5fa..d3e882e855ee 100644
>--- a/arch/x86/boot/compressed/Makefile
>+++ b/arch/x86/boot/compressed/Makefile
>@@ -49,15 +49,7 @@ UBSAN_SANITIZE :=n
> KBUILD_LDFLAGS := -m elf_$(UTS_MACHINE)
> # Compressed kernel should be built as PIE since it may be loaded at any
> # address by the bootloader.
>-ifeq ($(CONFIG_X86_32),y)
> KBUILD_LDFLAGS += $(call ld-option, -pie) $(call ld-option, --no-dynamic-linker)
>-else
>-# To build 64-bit compressed kernel as PIE, we disable relocation
>-# overflow check to avoid relocation overflow error with a new linker
>-# command-line option, -z noreloc-overflow.
>-KBUILD_LDFLAGS += $(shell $(LD) --help 2>&1 | grep -q "\-z noreloc-overflow" \
>- && echo "-z noreloc-overflow -pie --no-dynamic-linker")
>-endif
> LDFLAGS_vmlinux := -T
>
> hostprogs := mkpiggy
>diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S
>index 66657bb99aae..064e895bad92 100644
>--- a/arch/x86/boot/compressed/head_32.S
>+++ b/arch/x86/boot/compressed/head_32.S
>@@ -193,18 +193,17 @@ SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
> /*
> * Do the extraction, and jump to the new kernel..
> */
>- /* push arguments for extract_kernel: */
>- pushl $z_output_len /* decompressed length, end of relocs */
>+ /* push arguments for extract_kernel: */
>
>- pushl %ebp /* output address */
>-
>- pushl $z_input_len /* input_len */
>+ pushl output_len@...OFF(%ebx) /* decompressed length, end of relocs */
>+ pushl %ebp /* output address */
>+ pushl input_len@...OFF(%ebx) /* input_len */
> leal input_data@...OFF(%ebx), %eax
>- pushl %eax /* input_data */
>+ pushl %eax /* input_data */
> leal boot_heap@...OFF(%ebx), %eax
>- pushl %eax /* heap area */
>- pushl %esi /* real mode pointer */
>- call extract_kernel /* returns kernel location in %eax */
>+ pushl %eax /* heap area */
>+ pushl %esi /* real mode pointer */
>+ call extract_kernel /* returns kernel location in %eax */
> addl $24, %esp
>
> /*
>diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
>index f6ba32cd5702..6e4704b6a94e 100644
>--- a/arch/x86/boot/compressed/head_64.S
>+++ b/arch/x86/boot/compressed/head_64.S
>@@ -508,9 +508,9 @@ SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
> movq %rsi, %rdi /* real mode address */
> leaq boot_heap(%rip), %rsi /* malloc area for uncompression */
> leaq input_data(%rip), %rdx /* input_data */
>- movl $z_input_len, %ecx /* input_len */
>+ movl input_len(%rip), %ecx /* input_len */
> movq %rbp, %r8 /* output target address */
>- movl $z_output_len, %r9d /* decompressed length, end of relocs */
>+ movl output_len(%rip), %r9d /* decompressed length, end of relocs */
> call extract_kernel /* returns kernel location in %rax */
> popq %rsi
>
>diff --git a/arch/x86/boot/compressed/mkpiggy.c b/arch/x86/boot/compressed/mkpiggy.c
>index 7e01248765b2..52aa56cdbacc 100644
>--- a/arch/x86/boot/compressed/mkpiggy.c
>+++ b/arch/x86/boot/compressed/mkpiggy.c
>@@ -60,6 +60,12 @@ int main(int argc, char *argv[])
> printf(".incbin \"%s\"\n", argv[1]);
> printf("input_data_end:\n");
>
>+ printf(".section \".rodata\",\"a\",@progbits\n");
>+ printf(".globl input_len\n");
>+ printf("input_len:\n\t.long %lu\n", ilen);
>+ printf(".globl output_len\n");
>+ printf("output_len:\n\t.long %lu\n", (unsigned long)olen);
>+
> retval = 0;
> bail:
> if (f)
>--
>2.26.2
>
Probably worth mentioning that this works around GNU ld<2.35
This commit fixing https://sourceware.org/bugzilla/show_bug.cgi?id=25754
also fixed the bug. (Just verified that both 2.24 and 2.34 have the bug. binutils-gdb HEAD (future 2.35) is good.)
% cat a.s
pushl $z_input_len
% cat b.s
.globl z_input_len
z_input_len = 0xb612
% gcc -m32 -c a.s b.s
% ld.bfd -m elf_i386 -pie a.o b.o # has an incorrect R_386_RELATIVE before binutils 2.35
Reviewed-by: Fangrui Song <maskray@...gle.com>
Powered by blists - more mailing lists