| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aByy1CFUieJQeofl@e129823.arm.com>
Date: Thu, 8 May 2025 14:34:12 +0100
From: Yeoreum Yun <yeoreum.yun@....com>
To: Ard Biesheuvel <ardb+git@...gle.com>
Cc: linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
will@...nel.org, catalin.marinas@....com, mark.rutland@....com,
Ard Biesheuvel <ardb@...nel.org>
Subject: Re: [PATCH v2 3/3] arm64/boot: Disallow BSS exports to startup code
Hi Ard,
> From: Ard Biesheuvel <ardb@...nel.org>
>
> BSS might be uninitialized when entering the startup code, so forbid the
> use by the startup code of any variables that live after __bss_start in
> the linker map.
>
> Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
> ---
> arch/arm64/kernel/image-vars.h | 62 +++++++++++---------
> arch/arm64/kernel/vmlinux.lds.S | 2 +
> 2 files changed, 35 insertions(+), 29 deletions(-)
>
> diff --git a/arch/arm64/kernel/image-vars.h b/arch/arm64/kernel/image-vars.h
> index c3b4c0479d5c..a928e0c0b45a 100644
> --- a/arch/arm64/kernel/image-vars.h
> +++ b/arch/arm64/kernel/image-vars.h
> @@ -10,6 +10,12 @@
> #error This file should only be included in vmlinux.lds.S
> #endif
>
> +#define PI_EXPORT_SYM(sym) \
> + __PI_EXPORT_SYM(sym, __pi_ ## sym, Cannot export BSS symbol sym to startup code)
> +#define __PI_EXPORT_SYM(sym, pisym, msg)\
> + PROVIDE(pisym = sym); \
> + ASSERT((sym - KIMAGE_VADDR) < (__bss_start - KIMAGE_VADDR), #msg)
> +
> PROVIDE(__efistub_primary_entry = primary_entry);
>
> /*
> @@ -36,37 +42,35 @@ PROVIDE(__pi___memcpy = __pi_memcpy);
> PROVIDE(__pi___memmove = __pi_memmove);
> PROVIDE(__pi___memset = __pi_memset);
>
> -PROVIDE(__pi_id_aa64isar1_override = id_aa64isar1_override);
> -PROVIDE(__pi_id_aa64isar2_override = id_aa64isar2_override);
> -PROVIDE(__pi_id_aa64mmfr0_override = id_aa64mmfr0_override);
> -PROVIDE(__pi_id_aa64mmfr1_override = id_aa64mmfr1_override);
> -PROVIDE(__pi_id_aa64mmfr2_override = id_aa64mmfr2_override);
> -PROVIDE(__pi_id_aa64pfr0_override = id_aa64pfr0_override);
> -PROVIDE(__pi_id_aa64pfr1_override = id_aa64pfr1_override);
> -PROVIDE(__pi_id_aa64smfr0_override = id_aa64smfr0_override);
> -PROVIDE(__pi_id_aa64zfr0_override = id_aa64zfr0_override);
> -PROVIDE(__pi_arm64_sw_feature_override = arm64_sw_feature_override);
> -PROVIDE(__pi_arm64_use_ng_mappings = arm64_use_ng_mappings);
> +PI_EXPORT_SYM(id_aa64isar1_override);
> +PI_EXPORT_SYM(id_aa64isar2_override);
> +PI_EXPORT_SYM(id_aa64mmfr0_override);
> +PI_EXPORT_SYM(id_aa64mmfr1_override);
> +PI_EXPORT_SYM(id_aa64mmfr2_override);
> +PI_EXPORT_SYM(id_aa64pfr0_override);
> +PI_EXPORT_SYM(id_aa64pfr1_override);
> +PI_EXPORT_SYM(id_aa64smfr0_override);
> +PI_EXPORT_SYM(id_aa64zfr0_override);
> +PI_EXPORT_SYM(arm64_sw_feature_override);
> +PI_EXPORT_SYM(arm64_use_ng_mappings);
> #ifdef CONFIG_CAVIUM_ERRATUM_27456
> -PROVIDE(__pi_cavium_erratum_27456_cpus = cavium_erratum_27456_cpus);
> -PROVIDE(__pi_is_midr_in_range_list = is_midr_in_range_list);
> +PI_EXPORT_SYM(cavium_erratum_27456_cpus);
> +PI_EXPORT_SYM(is_midr_in_range_list);
small nit:
Would you rebase this patchset after
commit 117c3b21d3c7 ("arm64: Rework checks for broken Cavium HW in the PI code")?
Otherwise, I experience boot failure because of SCS related code:
ffff80008009fbc0 <is_midr_in_range_list>:
ffff80008009fbc0: d503245f bti c
ffff80008009fbc4: d503201f nop
ffff80008009fbc8: d503201f nop
ffff80008009fbcc: f800865e str x30, [x18], #0x8 ---- (1)
ffff80008009fbd0: d503233f paciasp
...
At pi phase, platform register initialized properly...
So it makes panic on (1).
Thanks!
> #endif
> -PROVIDE(__pi__ctype = _ctype);
> -PROVIDE(__pi_memstart_offset_seed = memstart_offset_seed);
> -
> -PROVIDE(__pi_swapper_pg_dir = swapper_pg_dir);
> -
> -PROVIDE(__pi__text = _text);
> -PROVIDE(__pi__stext = _stext);
> -PROVIDE(__pi__etext = _etext);
> -PROVIDE(__pi___start_rodata = __start_rodata);
> -PROVIDE(__pi___inittext_begin = __inittext_begin);
> -PROVIDE(__pi___inittext_end = __inittext_end);
> -PROVIDE(__pi___initdata_begin = __initdata_begin);
> -PROVIDE(__pi___initdata_end = __initdata_end);
> -PROVIDE(__pi__data = _data);
> -PROVIDE(__pi___bss_start = __bss_start);
> -PROVIDE(__pi__end = _end);
> +PI_EXPORT_SYM(_ctype);
> +PI_EXPORT_SYM(memstart_offset_seed);
> +
> +PI_EXPORT_SYM(swapper_pg_dir);
> +
> +PI_EXPORT_SYM(_text);
> +PI_EXPORT_SYM(_stext);
> +PI_EXPORT_SYM(_etext);
> +PI_EXPORT_SYM(__start_rodata);
> +PI_EXPORT_SYM(__inittext_begin);
> +PI_EXPORT_SYM(__inittext_end);
> +PI_EXPORT_SYM(__initdata_begin);
> +PI_EXPORT_SYM(__initdata_end);
> +PI_EXPORT_SYM(_data);
>
> #ifdef CONFIG_KVM
>
> diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S
> index 466544c47dca..e4a525a865c1 100644
> --- a/arch/arm64/kernel/vmlinux.lds.S
> +++ b/arch/arm64/kernel/vmlinux.lds.S
> @@ -319,6 +319,7 @@ SECTIONS
>
> /* start of zero-init region */
> BSS_SECTION(SBSS_ALIGN, 0, 0)
> + __pi___bss_start = __bss_start;
>
> . = ALIGN(PAGE_SIZE);
> __pi_init_pg_dir = .;
> @@ -332,6 +333,7 @@ SECTIONS
> . = ALIGN(SEGMENT_ALIGN);
> __pecoff_data_size = ABSOLUTE(. - __initdata_begin);
> _end = .;
> + __pi__end = .;
>
> STABS_DEBUG
> DWARF_DEBUG
> --
> 2.49.0.987.g0cc8ee98dc-goog
>
--
Sincerely,
Yeoreum Yun
Powered by blists - more mailing lists