Re: [PATCH v5 06/36] x86/boot: Remove run-time relocations from head_{32,64}.S
From: Arvind Sankar <hidden>
Date: 2020-08-07 20:21:03
Also in:
linux-arch, linux-efi, lkml
On Fri, Aug 07, 2020 at 11:12:29AM -0700, Nick Desaulniers wrote:
On Fri, Jul 31, 2020 at 4:08 PM Kees Cook [off-list ref] wrote:quoted
From: Arvind Sankar <redacted> The BFD linker generates run-time relocations for z_input_len and z_output_len, even though they are absolute symbols. This is fixed for binutils-2.35 [1]. Work around this for earlier versions by defining two variables input_len and output_len in addition to the symbols, and use them via position-independent references. This eliminates the last two run-time relocations in the head code and allows us to drop the -z noreloc-overflow flag to the linker. Move the -pie and --no-dynamic-linker LDFLAGS to LDFLAGS_vmlinux instead of KBUILD_LDFLAGS. There shouldn't be anything else getting linked, but this is the more logical location for these flags, and modversions might call the linker if an EXPORT_SYMBOL is left over accidentally in one of the decompressors. [1] https://sourceware.org/bugzilla/show_bug.cgi?id=25754 Tested-by: Nick Desaulniers <redacted> Reviewed-by: Kees Cook <redacted> Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Fangrui Song <redacted> Tested-by: Sedat Dilek <redacted> Signed-off-by: Arvind Sankar <redacted> Signed-off-by: Kees Cook <redacted> --- arch/x86/boot/compressed/Makefile | 12 ++---------- arch/x86/boot/compressed/head_32.S | 17 ++++++++--------- arch/x86/boot/compressed/head_64.S | 4 ++-- arch/x86/boot/compressed/mkpiggy.c | 6 ++++++ 4 files changed, 18 insertions(+), 21 deletions(-)diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index 489fea16bcfb..7db0102a573d 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile@@ -51,16 +51,8 @@ UBSAN_SANITIZE :=n KBUILD_LDFLAGS := -m elf_$(UTS_MACHINE) # Compressed kernel should be built as PIE since it may be loaded at any # address by the bootloader. -ifeq ($(CONFIG_X86_32),y) -KBUILD_LDFLAGS += $(call ld-option, -pie) $(call ld-option, --no-dynamic-linker) -else -# To build 64-bit compressed kernel as PIE, we disable relocation -# overflow check to avoid relocation overflow error with a new linker -# command-line option, -z noreloc-overflow. -KBUILD_LDFLAGS += $(shell $(LD) --help 2>&1 | grep -q "\-z noreloc-overflow" \ - && echo "-z noreloc-overflow -pie --no-dynamic-linker") -endif -LDFLAGS_vmlinux := -T +LDFLAGS_vmlinux := $(call ld-option, -pie) $(call ld-option, --no-dynamic-linker)Oh, do these still need ld-option? bfd and lld both support these flags. (Though in their --help, they mention single hyphen and double hyphen respectively. Also, if we don't build this as PIE because the linker doesn't support the option, we probably want to fail the build?
The check for pie doesn't, it's dropped in the next patch and pie is used unconditionally. no-dynamic-linker still needs the check as it was only supported from binutils-2.26. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel