[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240424155309.1719454-18-ardb+git@google.com>
Date: Wed, 24 Apr 2024 17:53:17 +0200
From: Ard Biesheuvel <ardb+git@...gle.com>
To: linux-kernel@...r.kernel.org
Cc: x86@...nel.org, Ard Biesheuvel <ardb@...nel.org>, Arnd Bergmann <arnd@...db.de>,
Eric Biederman <ebiederm@...ssion.com>, kexec@...ts.infradead.org,
Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>,
Kees Cook <keescook@...omium.org>, Bill Wendling <morbo@...gle.com>,
Justin Stitt <justinstitt@...gle.com>, Masahiro Yamada <masahiroy@...nel.org>
Subject: [RFC PATCH 7/9] x86/purgatory: Use fully linked PIE ELF executable
From: Ard Biesheuvel <ardb@...nel.org>
Now that the generic support is in place, switch to a fully linked PIE
ELF executable for the purgatory, so that it can be loaded as a single,
fully relocated image. This allows a lot of ugly post-processing logic
to simply be dropped.
Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
---
arch/x86/include/asm/kexec.h | 7 --
arch/x86/kernel/machine_kexec_64.c | 127 --------------------
arch/x86/purgatory/Makefile | 14 +--
3 files changed, 5 insertions(+), 143 deletions(-)
diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h
index ee7b32565e5f..c7cacc2e9dfb 100644
--- a/arch/x86/include/asm/kexec.h
+++ b/arch/x86/include/asm/kexec.h
@@ -191,13 +191,6 @@ void arch_kexec_unprotect_crashkres(void);
#define arch_kexec_unprotect_crashkres arch_kexec_unprotect_crashkres
#ifdef CONFIG_KEXEC_FILE
-struct purgatory_info;
-int arch_kexec_apply_relocations_add(struct purgatory_info *pi,
- Elf_Shdr *section,
- const Elf_Shdr *relsec,
- const Elf_Shdr *symtab);
-#define arch_kexec_apply_relocations_add arch_kexec_apply_relocations_add
-
int arch_kimage_file_post_load_cleanup(struct kimage *image);
#define arch_kimage_file_post_load_cleanup arch_kimage_file_post_load_cleanup
#endif
diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
index bc0a5348b4a6..ded924423e50 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -371,133 +371,6 @@ void machine_kexec(struct kimage *image)
/* arch-dependent functionality related to kexec file-based syscall */
#ifdef CONFIG_KEXEC_FILE
-/*
- * Apply purgatory relocations.
- *
- * @pi: Purgatory to be relocated.
- * @section: Section relocations applying to.
- * @relsec: Section containing RELAs.
- * @symtabsec: Corresponding symtab.
- *
- * TODO: Some of the code belongs to generic code. Move that in kexec.c.
- */
-int arch_kexec_apply_relocations_add(struct purgatory_info *pi,
- Elf_Shdr *section, const Elf_Shdr *relsec,
- const Elf_Shdr *symtabsec)
-{
- unsigned int i;
- Elf64_Rela *rel;
- Elf64_Sym *sym;
- void *location;
- unsigned long address, sec_base, value;
- const char *strtab, *name, *shstrtab;
- const Elf_Shdr *sechdrs;
-
- /* String & section header string table */
- sechdrs = (void *)pi->ehdr + pi->ehdr->e_shoff;
- strtab = (char *)pi->ehdr + sechdrs[symtabsec->sh_link].sh_offset;
- shstrtab = (char *)pi->ehdr + sechdrs[pi->ehdr->e_shstrndx].sh_offset;
-
- rel = (void *)pi->ehdr + relsec->sh_offset;
-
- pr_debug("Applying relocate section %s to %u\n",
- shstrtab + relsec->sh_name, relsec->sh_info);
-
- for (i = 0; i < relsec->sh_size / sizeof(*rel); i++) {
-
- /*
- * rel[i].r_offset contains byte offset from beginning
- * of section to the storage unit affected.
- *
- * This is location to update. This is temporary buffer
- * where section is currently loaded. This will finally be
- * loaded to a different address later, pointed to by
- * ->sh_addr. kexec takes care of moving it
- * (kexec_load_segment()).
- */
- location = pi->purgatory_buf;
- location += section->sh_offset;
- location += rel[i].r_offset;
-
- /* Final address of the location */
- address = section->sh_addr + rel[i].r_offset;
-
- /*
- * rel[i].r_info contains information about symbol table index
- * w.r.t which relocation must be made and type of relocation
- * to apply. ELF64_R_SYM() and ELF64_R_TYPE() macros get
- * these respectively.
- */
- sym = (void *)pi->ehdr + symtabsec->sh_offset;
- sym += ELF64_R_SYM(rel[i].r_info);
-
- if (sym->st_name)
- name = strtab + sym->st_name;
- else
- name = shstrtab + sechdrs[sym->st_shndx].sh_name;
-
- pr_debug("Symbol: %s info: %02x shndx: %02x value=%llx size: %llx\n",
- name, sym->st_info, sym->st_shndx, sym->st_value,
- sym->st_size);
-
- if (sym->st_shndx == SHN_UNDEF) {
- pr_err("Undefined symbol: %s\n", name);
- return -ENOEXEC;
- }
-
- if (sym->st_shndx == SHN_COMMON) {
- pr_err("symbol '%s' in common section\n", name);
- return -ENOEXEC;
- }
-
- if (sym->st_shndx == SHN_ABS)
- sec_base = 0;
- else if (sym->st_shndx >= pi->ehdr->e_shnum) {
- pr_err("Invalid section %d for symbol %s\n",
- sym->st_shndx, name);
- return -ENOEXEC;
- } else
- sec_base = pi->sechdrs[sym->st_shndx].sh_addr;
-
- value = sym->st_value;
- value += sec_base;
- value += rel[i].r_addend;
-
- switch (ELF64_R_TYPE(rel[i].r_info)) {
- case R_X86_64_NONE:
- break;
- case R_X86_64_64:
- *(u64 *)location = value;
- break;
- case R_X86_64_32:
- *(u32 *)location = value;
- if (value != *(u32 *)location)
- goto overflow;
- break;
- case R_X86_64_32S:
- *(s32 *)location = value;
- if ((s64)value != *(s32 *)location)
- goto overflow;
- break;
- case R_X86_64_PC32:
- case R_X86_64_PLT32:
- value -= (u64)address;
- *(u32 *)location = value;
- break;
- default:
- pr_err("Unknown rela relocation: %llu\n",
- ELF64_R_TYPE(rel[i].r_info));
- return -ENOEXEC;
- }
- }
- return 0;
-
-overflow:
- pr_err("Overflow in relocation type %d value 0x%lx\n",
- (int)ELF64_R_TYPE(rel[i].r_info), value);
- return -ENOEXEC;
-}
-
int arch_kimage_file_post_load_cleanup(struct kimage *image)
{
vfree(image->elf_headers);
diff --git a/arch/x86/purgatory/Makefile b/arch/x86/purgatory/Makefile
index 2df4a4b70ff5..acc09799af2a 100644
--- a/arch/x86/purgatory/Makefile
+++ b/arch/x86/purgatory/Makefile
@@ -26,12 +26,11 @@ KBUILD_CFLAGS := $(filter-out $(CC_FLAGS_LTO),$(KBUILD_CFLAGS))
# Drop the function entry padding, which is not needed here
KBUILD_CFLAGS := $(filter-out $(PADDING_CFLAGS),$(KBUILD_CFLAGS))
-# When linking purgatory.ro with -r unresolved symbols are not checked,
-# also link a purgatory.chk binary without -r to check for unresolved symbols.
PURGATORY_LDFLAGS := -e purgatory_start -z nodefaultlib
-LDFLAGS_purgatory.ro := -r $(PURGATORY_LDFLAGS)
-LDFLAGS_purgatory.chk := $(PURGATORY_LDFLAGS)
-targets += purgatory.ro purgatory.chk
+PURGATORY_LDFLAGS += -T $(srctree)/include/asm-generic/purgatory.lds -pie
+PURGATORY_LDFLAGS += --orphan-handling=$(CONFIG_LD_ORPHAN_WARN_LEVEL)
+LDFLAGS_purgatory.ro := $(PURGATORY_LDFLAGS)
+targets += purgatory.ro
# Sanitizer, etc. runtimes are unavailable and cannot be linked here.
GCOV_PROFILE := n
@@ -87,9 +86,6 @@ asflags-remove-y += $(foreach x, -g -gdwarf-4 -gdwarf-5, $(x) -Wa,$(x))
$(obj)/purgatory.ro: $(PURGATORY_OBJS) FORCE
$(call if_changed,ld)
-$(obj)/purgatory.chk: $(obj)/purgatory.ro FORCE
- $(call if_changed,ld)
-
-$(obj)/kexec-purgatory.o: $(obj)/purgatory.ro $(obj)/purgatory.chk
+$(obj)/kexec-purgatory.o: $(obj)/purgatory.ro
obj-y += kexec-purgatory.o
--
2.44.0.769.g3c40516874-goog
Powered by blists - more mailing lists