From: Borislav Petkov <bp@suse.de>
To: Yinghai Lu <yinghai@kernel.org>
Cc: Matt Fleming <matt.fleming@intel.com>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
Kees Cook <keescook@chromium.org>, Baoquan He <bhe@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Jiri Kosina <jkosina@suse.cz>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org
Subject: Re: [PATCH v3 3/7] x86, boot: Don't overlap VO with ZO data
Date: Tue, 10 Mar 2015 10:34:30 +0100 [thread overview]
Message-ID: <20150310093430.GC3535@pd.tnic> (raw)
In-Reply-To: <1425766041-6551-4-git-send-email-yinghai@kernel.org>
Final patch:
---
From: Yinghai Lu <yinghai@kernel.org>
Date: Sat, 7 Mar 2015 14:07:17 -0800
Subject: [PATCH] x86/setup: Don't overlap vmlinux's brk with compressed kernel's data
We already do move the compressed kernel close to the end of the buffer.
However, there's still overlapping beween kernel proper's .brk/.bss and
compressed kernel's data section.
Extend init_size so that kernel proper's .bss and .brk sections
do not overlap with compressed kernel's data section (see
arch/x86/boot/compressed/misc.c).
The increase is from _rodata to _end in the compressed kernel
(arch/x86/boot/compressed/vmlinux) which is something around ~90K on a
kernel with everything enabled in arch/x86/boot/ which gets linked into
vmlinux.
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Matt Fleming <matt.fleming@intel.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: linux-efi@vger.kernel.org
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Baoquan He <bhe@redhat.com>
Link: http://lkml.kernel.org/r/1425766041-6551-4-git-send-email-yinghai@kernel.org
Fixes: f47233c2d34f ("x86/mm/ASLR: Propagate base load address calculation")
[ Rewrite commit message;
rename ADDON_ZO_SIZE to INIT_SIZE_PAD;
improve comments; measure size increase ]
Signed-off-by:
---
arch/x86/boot/Makefile | 2 +-
arch/x86/boot/compressed/vmlinux.lds.S | 1 +
| 13 +++++++++++--
3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile
index 57bbf2fb21f6..863ef25dcf60 100644
--- a/arch/x86/boot/Makefile
+++ b/arch/x86/boot/Makefile
@@ -86,7 +86,7 @@ targets += voffset.h
$(obj)/voffset.h: vmlinux FORCE
$(call if_changed,voffset)
-sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(startup_32\|startup_64\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|input_data\|_end\|z_.*\)$$/\#define ZO_\2 0x\1/p'
+sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(startup_32\|startup_64\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|input_data\|_end\|_rodata\|z_.*\)$$/\#define ZO_\2 0x\1/p'
quiet_cmd_zoffset = ZOFFSET $@
cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@
diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compressed/vmlinux.lds.S
index a80acabb80ec..45081235ce64 100644
--- a/arch/x86/boot/compressed/vmlinux.lds.S
+++ b/arch/x86/boot/compressed/vmlinux.lds.S
@@ -35,6 +35,7 @@ SECTIONS
*(.text.*)
_etext = . ;
}
+ . = ALIGN(PAGE_SIZE); /* keep INIT_SIZE_PAD in header.S page-aligned */
.rodata : {
_rodata = . ;
*(.rodata) /* read-only data */
--git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
index 9bfab22efdf7..db46aa45906d 100644
--- a/arch/x86/boot/header.S
+++ b/arch/x86/boot/header.S
@@ -440,13 +440,22 @@ setup_data: .quad 0 # 64-bit physical pointer to
pref_address: .quad LOAD_PHYSICAL_ADDR # preferred load addr
+
#define ZO_INIT_SIZE (ZO__end - ZO_startup_32 + ZO_z_min_extract_offset)
+
+/*
+ * Additional padding so that compressed kernel's .data section doesn't overlap
+ * with kernel proper's .bss/.brk sections.
+ */
+#define INIT_SIZE_PAD (ZO__end - ZO__rodata)
#define VO_INIT_SIZE (VO__end - VO__text)
+
#if ZO_INIT_SIZE > VO_INIT_SIZE
-#define INIT_SIZE ZO_INIT_SIZE
+#define INIT_SIZE (ZO_INIT_SIZE + INIT_SIZE_PAD)
#else
-#define INIT_SIZE VO_INIT_SIZE
+#define INIT_SIZE (VO_INIT_SIZE + INIT_SIZE_PAD)
#endif
+
init_size: .long INIT_SIZE # kernel initialization size
handover_offset: .long 0 # Filled in by build.c
--
2.2.0.33.gc18b867
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
--
next prev parent reply other threads:[~2015-03-10 9:34 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-07 22:07 [PATCH v3 0/7] x86, boot: clean up kasl Yinghai Lu
2015-03-07 22:07 ` Yinghai Lu
2015-03-07 22:07 ` [PATCH v3 1/7] x86, kaslr: Use init_size instead of run_size Yinghai Lu
[not found] ` <1425766041-6551-2-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-09 12:49 ` Borislav Petkov
2015-03-09 12:49 ` Borislav Petkov
2015-03-09 15:58 ` Ingo Molnar
[not found] ` <20150309155813.GA21755-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-03-09 15:58 ` Borislav Petkov
2015-03-09 15:58 ` Borislav Petkov
2015-03-09 19:35 ` Yinghai Lu
2015-03-09 20:00 ` Borislav Petkov
[not found] ` <20150309200035.GK12732-fF5Pk5pvG8Y@public.gmane.org>
2015-03-09 20:06 ` Yinghai Lu
2015-03-09 20:06 ` Yinghai Lu
[not found] ` <CAE9FiQVEaeWZ2oggks8_jbS+dObZJLq7aEo9cFEqJNtOhWTNRw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-09 20:18 ` Borislav Petkov
2015-03-09 20:18 ` Borislav Petkov
[not found] ` <20150309201846.GM12732-fF5Pk5pvG8Y@public.gmane.org>
2015-03-09 21:28 ` Yinghai Lu
2015-03-09 21:28 ` Yinghai Lu
2015-03-10 0:42 ` Kees Cook
2015-03-10 0:42 ` Kees Cook
2015-03-13 12:27 ` Ingo Molnar
[not found] ` <20150313122756.GA28855-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-03-14 2:47 ` Yinghai Lu
2015-03-14 2:47 ` Yinghai Lu
[not found] ` <CAE9FiQXaRmJFdEUhyn2q0v=9ymdbqZWEo1pzo6iyaNupWEp5Xg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-14 7:53 ` Ingo Molnar
2015-03-14 7:53 ` Ingo Molnar
[not found] ` <20150314075357.GA8319-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-03-14 9:59 ` Borislav Petkov
2015-03-14 9:59 ` Borislav Petkov
[not found] ` <20150314095923.GA3114-fF5Pk5pvG8Y@public.gmane.org>
2015-03-16 10:06 ` [PATCH] Revert "x86/mm/ASLR: Propagate base load address calculation" Borislav Petkov
2015-03-16 10:06 ` Borislav Petkov
2015-03-16 12:11 ` [tip:x86/urgent] " tip-bot for Borislav Petkov
2015-03-16 19:32 ` Yinghai Lu
[not found] ` <20150316100628.GD22995-fF5Pk5pvG8Y@public.gmane.org>
2015-03-16 13:56 ` [PATCH] " Jiri Kosina
2015-03-16 13:56 ` Jiri Kosina
2015-03-16 19:15 ` Yinghai Lu
2015-03-17 8:14 ` Ingo Molnar
2015-03-07 22:07 ` [PATCH v3 2/7] x86, boot: Move ZO to end of buffer Yinghai Lu
[not found] ` <1425766041-6551-3-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 0:54 ` Kees Cook
2015-03-10 0:54 ` Kees Cook
2015-03-10 1:04 ` Yinghai Lu
[not found] ` <CAGXu5jJFms+vYOtEpVAQ6iZXM45uYF70a=vgyb72T0uRkf8c0g-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 5:59 ` Borislav Petkov
2015-03-10 5:59 ` Borislav Petkov
2015-03-10 8:00 ` Borislav Petkov
2015-03-10 8:00 ` Borislav Petkov
[not found] ` <20150310080024.GB3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 9:34 ` Jiri Kosina
2015-03-10 9:34 ` Jiri Kosina
[not found] ` <alpine.LNX.2.00.1503101032560.26925-ztGlSCb7Y1iN3ZZ/Hiejyg@public.gmane.org>
2015-03-10 9:35 ` Borislav Petkov
2015-03-10 9:35 ` Borislav Petkov
2015-03-10 15:11 ` Yinghai Lu
[not found] ` <CAE9FiQVPLUPWPhZ4yROTECVKeLTNUMXOURoYx0sG_SGPfCNGQw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 15:13 ` Borislav Petkov
2015-03-10 15:13 ` Borislav Petkov
2015-03-10 16:59 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 3/7] x86, boot: Don't overlap VO with ZO data Yinghai Lu
2015-03-10 9:34 ` Borislav Petkov [this message]
[not found] ` <20150310093430.GC3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 15:05 ` Yinghai Lu
2015-03-10 15:05 ` Yinghai Lu
[not found] ` <CAE9FiQWauOdsZ=CBcVHfqTik1ePvW51uH7yy29MSvafOABTWZA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 15:10 ` Borislav Petkov
2015-03-10 15:10 ` Borislav Petkov
[not found] ` <20150310151035.GG3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 15:17 ` Yinghai Lu
2015-03-10 15:17 ` Yinghai Lu
2015-03-10 15:21 ` Borislav Petkov
[not found] ` <20150310152137.GI3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 15:42 ` Yinghai Lu
2015-03-10 15:42 ` Yinghai Lu
[not found] ` <CAE9FiQUQn0vdU_MNf79=oE=DSkUG4U54-taVfgPro1JqUA7BTQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 15:48 ` Borislav Petkov
2015-03-10 15:48 ` Borislav Petkov
[not found] ` <20150310154828.GJ3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 19:29 ` Yinghai Lu
2015-03-10 19:29 ` Yinghai Lu
2015-03-07 22:07 ` [PATCH v3 4/7] x86, kaslr: Access the correct kaslr_enabled variable Yinghai Lu
[not found] ` <1425766041-6551-5-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 0:55 ` Kees Cook
2015-03-10 0:55 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 6/7] x86, boot: Split kernel_ident_mapping_init to another file Yinghai Lu
[not found] ` <1425766041-6551-7-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 1:03 ` Kees Cook
2015-03-10 1:03 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 7/7] x86, kaslr, 64bit: Set new or extra ident_mapping Yinghai Lu
[not found] ` <1425766041-6551-8-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 1:09 ` Kees Cook
2015-03-10 1:09 ` Kees Cook
[not found] ` <CAGXu5j+REYpi=hnf3s+F1Dd9nkXkvQ5w7wO_j_emmAM226VrGw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 1:14 ` Yinghai Lu
2015-03-10 1:14 ` Yinghai Lu
[not found] ` <CAE9FiQX=b38-mseWWeGg=eTFfbe1sH61PvXJYJYrsAF6Uxn8ow-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 6:54 ` Yinghai Lu
2015-03-10 6:54 ` Yinghai Lu
[not found] ` <1425766041-6551-1-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-07 22:07 ` [PATCH v3 5/7] x86, kaslr: Consolidate mem_avoid array filling Yinghai Lu
2015-03-07 22:07 ` Yinghai Lu
[not found] ` <1425766041-6551-6-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 1:00 ` Kees Cook
2015-03-10 1:00 ` Kees Cook
[not found] ` <CAGXu5j+exWabf=LdpkBtipcRYDVW=sH4LZf01P3RoSaKK7iYYA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 1:10 ` Yinghai Lu
2015-03-10 1:10 ` Yinghai Lu
[not found] ` <CAE9FiQX2Ee0gWhtDrQxi=NfwC3Vu9ZS_YLPC9qvR92htZfBcJg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 1:26 ` Kees Cook
2015-03-10 1:26 ` Kees Cook
2015-03-10 0:39 ` [PATCH v3 0/7] x86, boot: clean up kasl Kees Cook
2015-03-10 0:39 ` Kees Cook
[not found] ` <CAGXu5jJ-KVZTgd-bGdZvUwq0P2tfqo5S3L8S0JbWv0-aw3+Byw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 0:54 ` Yinghai Lu
2015-03-10 0:54 ` Yinghai Lu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150310093430.GC3535@pd.tnic \
--to=bp@suse.de \
--cc=bhe@redhat.com \
--cc=hpa@zytor.com \
--cc=jkosina@suse.cz \
--cc=keescook@chromium.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matt.fleming@intel.com \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=yinghai@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.