From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.8 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 39371C433DF for ; Fri, 14 Aug 2020 15:23:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 03F95207DA for ; Fri, 14 Aug 2020 15:23:50 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="HyJNybv7"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="Lb5H9vZ8" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727994AbgHNPXt (ORCPT ); Fri, 14 Aug 2020 11:23:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46062 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727943AbgHNPXo (ORCPT ); Fri, 14 Aug 2020 11:23:44 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B3BBBC061385; Fri, 14 Aug 2020 08:23:43 -0700 (PDT) Date: Fri, 14 Aug 2020 15:23:41 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1597418622; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Wgn7s5/Xla+ouOlyRTnUUyEkuobaCheoAtHNq5pBaBI=; b=HyJNybv7uGDph0tg9X/JgzEcsk/tbnFnc41b+LmcYK1uMUJhrWOqsD2lao1aIJd14Ar1K2 khFxYyvBl6aaMakeV7bKfzCivwELL00UG88cmi2YLBVLL1QI+/gb34Nb82yG67yh0GzSCI msEiNUvWHqhMaP1r7mw0s6P/PqcxJVfakDDWZU1xqE4B//0mktDfge44LfxGYsxsi6QUHS IuQJHkyzXbgh24yIW0joY1NJGkq1Th6E99qrtOv+bOgqvBLlxGIKqE1pEe393TKO+RtHjX lTaCbP0pR30h4Wh1jBI77JVQ2b3XkBWXS0GlbLl6w8764DynA92LA12YyGXbvA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1597418622; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Wgn7s5/Xla+ouOlyRTnUUyEkuobaCheoAtHNq5pBaBI=; b=Lb5H9vZ8jOCL397yMMpCF3dbWj2x6OUkbWt0MHdai4mcb1RCsG+wn7f10o7o/lD4VlUMI+ HLmxwvgGhiri41BA== From: "tip-bot2 for Ard Biesheuvel" Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/boot] x86/boot/compressed: Move .got.plt entries out of the .got section Cc: Ard Biesheuvel , Arvind Sankar , Kees Cook , Ingo Molnar , Sedat Dilek , Nick Desaulniers , x86 , LKML In-Reply-To: <20200731230820.1742553-2-keescook@chromium.org> References: <20200731230820.1742553-2-keescook@chromium.org> MIME-Version: 1.0 Message-ID: <159741862154.3192.5981804807609627380.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/boot branch of tip: Commit-ID: 262b5cae67a672404da0dcbd009efc1227ad51e4 Gitweb: https://git.kernel.org/tip/262b5cae67a672404da0dcbd009efc1227ad51e4 Author: Ard Biesheuvel AuthorDate: Fri, 31 Jul 2020 16:07:45 -07:00 Committer: Ingo Molnar CommitterDate: Fri, 14 Aug 2020 12:52:34 +02:00 x86/boot/compressed: Move .got.plt entries out of the .got section The .got.plt section contains the part of the GOT which is used by PLT entries, and which gets updated lazily by the dynamic loader when function calls are dispatched through those PLT entries. On fully linked binaries such as the kernel proper or the decompressor, this never happens, and so in practice, the .got.plt section consists only of the first 3 magic entries that are meant to point at the _DYNAMIC section and at the fixup routine in the loader. However, since we don't use a dynamic loader, those entries are never populated or used. This means that treating those entries like ordinary GOT entries, and updating their values based on the actual placement of the executable in memory is completely pointless, and we can just ignore the .got.plt section entirely, provided that it has no additional entries beyond the first 3 ones. So add an assertion in the linker script to ensure that this assumption holds, and move the contents out of the [_got, _egot) memory range that is modified by the GOT fixup routines. While at it, drop the KEEP(), since it has no effect on the contents of output sections that are created by the linker itself. Signed-off-by: Ard Biesheuvel Signed-off-by: Arvind Sankar Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Tested-by: Sedat Dilek Tested-by: Nick Desaulniers Reviewed-by: Kees Cook Acked-by: Arvind Sankar Link: https://lore.kernel.org/r/20200731230820.1742553-2-keescook@chromium.org --- arch/x86/boot/compressed/vmlinux.lds.S | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compressed/vmlinux.lds.S index 8f1025d..b17d218 100644 --- a/arch/x86/boot/compressed/vmlinux.lds.S +++ b/arch/x86/boot/compressed/vmlinux.lds.S @@ -44,10 +44,13 @@ SECTIONS } .got : { _got = .; - KEEP(*(.got.plt)) KEEP(*(.got)) _egot = .; } + .got.plt : { + *(.got.plt) + } + .data : { _data = . ; *(.data) @@ -77,3 +80,9 @@ SECTIONS DISCARDS } + +#ifdef CONFIG_X86_64 +ASSERT(SIZEOF(.got.plt) == 0 || SIZEOF(.got.plt) == 0x18, "Unexpected GOT/PLT entries detected!") +#else +ASSERT(SIZEOF(.got.plt) == 0 || SIZEOF(.got.plt) == 0xc, "Unexpected GOT/PLT entries detected!") +#endif