From: Nick Desaulniers <ndesaulniers@google.com>
To: Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>
Cc: "Ard Biesheuvel" <ardb@kernel.org>,
"Peter Smith" <Peter.Smith@arm.com>,
"Fāng-ruì Sòng" <maskray@google.com>,
clang-built-linux <clang-built-linux@googlegroups.com>,
"Nick Desaulniers" <ndesaulniers@google.com>,
stable@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org
Subject: [PATCH] arm64: link with -z norelro regardless of CONFIG_RELOCATABLE
Date: Fri, 16 Oct 2020 10:53:39 -0700 [thread overview]
Message-ID: <20201016175339.2429280-1-ndesaulniers@google.com> (raw)
With CONFIG_EXPERT=y, CONFIG_KASAN=y, CONFIG_RANDOMIZE_BASE=n,
CONFIG_RELOCATABLE=n, we observe the following failure when trying to
link the kernel image with LD=ld.lld:
error: section: .exit.data is not contiguous with other relro sections
ld.lld defaults to -z relro while ld.bfd defaults to -z norelro. This
was previously fixed, but only for CONFIG_RELOCATABLE=y.
Cc: stable@vger.kernel.org
Fixes: commit 3bbd3db86470 ("arm64: relocatable: fix inconsistencies in linker script and options")
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
---
While upgrading our toolchains for Android, we started seeing the above
failure for a particular config that enabled KASAN but disabled KASLR.
This was on a 5.4 stable branch. It looks like
commit dd4bc6076587 ("arm64: warn on incorrect placement of the kernel by the bootloader")
made RELOCATABLE=y the default and depend on EXPERT=y. With those two
enabled, we can then reproduce the same failure on mainline.
arch/arm64/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile
index f4717facf31e..674241df91ab 100644
--- a/arch/arm64/Makefile
+++ b/arch/arm64/Makefile
@@ -10,13 +10,13 @@
#
# Copyright (C) 1995-2001 by Russell King
-LDFLAGS_vmlinux :=--no-undefined -X
+LDFLAGS_vmlinux :=--no-undefined -X -z norelro
ifeq ($(CONFIG_RELOCATABLE), y)
# Pass --no-apply-dynamic-relocs to restore pre-binutils-2.27 behaviour
# for relative relocs, since this leads to better Image compression
# with the relocation offsets always being zero.
-LDFLAGS_vmlinux += -shared -Bsymbolic -z notext -z norelro \
+LDFLAGS_vmlinux += -shared -Bsymbolic -z notext \
$(call ld-option, --no-apply-dynamic-relocs)
endif
--
2.29.0.rc1.297.gfa9743e501-goog
WARNING: multiple messages have this Message-ID (diff)
From: Nick Desaulniers <ndesaulniers@google.com>
To: Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>
Cc: "Fāng-ruì Sòng" <maskray@google.com>,
"Nick Desaulniers" <ndesaulniers@google.com>,
"Peter Smith" <Peter.Smith@arm.com>,
stable@vger.kernel.org, linux-kernel@vger.kernel.org,
clang-built-linux <clang-built-linux@googlegroups.com>,
"Ard Biesheuvel" <ardb@kernel.org>,
linux-arm-kernel@lists.infradead.org
Subject: [PATCH] arm64: link with -z norelro regardless of CONFIG_RELOCATABLE
Date: Fri, 16 Oct 2020 10:53:39 -0700 [thread overview]
Message-ID: <20201016175339.2429280-1-ndesaulniers@google.com> (raw)
With CONFIG_EXPERT=y, CONFIG_KASAN=y, CONFIG_RANDOMIZE_BASE=n,
CONFIG_RELOCATABLE=n, we observe the following failure when trying to
link the kernel image with LD=ld.lld:
error: section: .exit.data is not contiguous with other relro sections
ld.lld defaults to -z relro while ld.bfd defaults to -z norelro. This
was previously fixed, but only for CONFIG_RELOCATABLE=y.
Cc: stable@vger.kernel.org
Fixes: commit 3bbd3db86470 ("arm64: relocatable: fix inconsistencies in linker script and options")
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
---
While upgrading our toolchains for Android, we started seeing the above
failure for a particular config that enabled KASAN but disabled KASLR.
This was on a 5.4 stable branch. It looks like
commit dd4bc6076587 ("arm64: warn on incorrect placement of the kernel by the bootloader")
made RELOCATABLE=y the default and depend on EXPERT=y. With those two
enabled, we can then reproduce the same failure on mainline.
arch/arm64/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile
index f4717facf31e..674241df91ab 100644
--- a/arch/arm64/Makefile
+++ b/arch/arm64/Makefile
@@ -10,13 +10,13 @@
#
# Copyright (C) 1995-2001 by Russell King
-LDFLAGS_vmlinux :=--no-undefined -X
+LDFLAGS_vmlinux :=--no-undefined -X -z norelro
ifeq ($(CONFIG_RELOCATABLE), y)
# Pass --no-apply-dynamic-relocs to restore pre-binutils-2.27 behaviour
# for relative relocs, since this leads to better Image compression
# with the relocation offsets always being zero.
-LDFLAGS_vmlinux += -shared -Bsymbolic -z notext -z norelro \
+LDFLAGS_vmlinux += -shared -Bsymbolic -z notext \
$(call ld-option, --no-apply-dynamic-relocs)
endif
--
2.29.0.rc1.297.gfa9743e501-goog
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next reply other threads:[~2020-10-16 17:53 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-16 17:53 Nick Desaulniers [this message]
2020-10-16 17:53 ` [PATCH] arm64: link with -z norelro regardless of CONFIG_RELOCATABLE Nick Desaulniers
2020-10-20 17:57 ` Will Deacon
2020-10-20 17:57 ` Will Deacon
2020-10-20 20:16 ` Nick Desaulniers
2020-10-20 20:16 ` Nick Desaulniers
2020-10-21 6:58 ` Ard Biesheuvel
2020-10-21 6:58 ` Ard Biesheuvel
2020-12-14 21:44 ` Nick Desaulniers
2020-12-14 21:44 ` Nick Desaulniers
2020-12-14 23:18 ` Alan Modra
2020-12-14 23:18 ` Alan Modra
2020-12-14 23:33 ` Nick Desaulniers
2020-12-14 23:33 ` Nick Desaulniers
2020-12-17 0:40 ` [PATCH] arm64: link with -z norelro for LLD or aarch64-elf Nick Desaulniers
2020-12-17 0:40 ` Nick Desaulniers
2020-12-17 12:01 ` Will Deacon
2020-12-17 12:01 ` Will Deacon
2020-12-17 21:07 ` Nick Desaulniers
2020-12-17 21:07 ` Nick Desaulniers
2020-12-18 0:24 ` [PATCH v2] " Nick Desaulniers
2020-12-18 0:24 ` Nick Desaulniers
2020-12-18 2:36 ` Nathan Chancellor
2020-12-18 2:36 ` Nathan Chancellor
2021-01-05 12:26 ` Catalin Marinas
2021-01-05 12:26 ` Catalin Marinas
2020-12-17 19:29 ` [PATCH] " Ard Biesheuvel
2020-12-17 19:29 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201016175339.2429280-1-ndesaulniers@google.com \
--to=ndesaulniers@google.com \
--cc=Peter.Smith@arm.com \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=clang-built-linux@googlegroups.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maskray@google.com \
--cc=stable@vger.kernel.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.