* [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS
@ 2020-03-26 19:30 H.J. Lu
2020-03-26 19:30 ` [PATCH 2/2] Discard .note.gnu.property sections in generic NOTES H.J. Lu
2020-03-26 20:11 ` [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS Borislav Petkov
0 siblings, 2 replies; 5+ messages in thread
From: H.J. Lu @ 2020-03-26 19:30 UTC (permalink / raw)
To: linux-kernel
Cc: Andy Lutomirski, Thomas Gleixner, Kees Cook, Thomas Lendacky,
Sami Tolvanen, Heiko Carstens, Ingo Molnar, Borislav Petkov,
H . Peter Anvin, x86, Arnd Bergmann, linux-arch, Yu-cheng Yu
In x86 kernel, .exit.text and .exit.data sections are discarded at
runtime, not by linker. Add RUNTIME_DISCARD_EXIT to generic DISCARDS
and define it in x86 kernel linker script to keep them.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
---
arch/x86/kernel/vmlinux.lds.S | 1 +
include/asm-generic/vmlinux.lds.h | 10 ++++++++--
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index e3296aa028fe..7206e1ac23dd 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -21,6 +21,7 @@
#define LOAD_OFFSET __START_KERNEL_map
#endif
+#define RUNTIME_DISCARD_EXIT
#define EMITS_PT_NOTE
#define RO_EXCEPTION_TABLE_ALIGN 16
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index e00f41aa8ec4..6b943fb8c5fd 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -894,10 +894,16 @@
* section definitions so that such archs put those in earlier section
* definitions.
*/
+#ifdef RUNTIME_DISCARD_EXIT
+#define EXIT_DISCARDS
+#else
+#define EXIT_DISCARDS \
+ EXIT_TEXT \
+ EXIT_DATA
+#endif
#define DISCARDS \
/DISCARD/ : { \
- EXIT_TEXT \
- EXIT_DATA \
+ EXIT_DISCARDS \
EXIT_CALL \
*(.discard) \
*(.discard.*) \
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/2] Discard .note.gnu.property sections in generic NOTES
2020-03-26 19:30 [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS H.J. Lu
@ 2020-03-26 19:30 ` H.J. Lu
2020-03-26 20:11 ` [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS Borislav Petkov
1 sibling, 0 replies; 5+ messages in thread
From: H.J. Lu @ 2020-03-26 19:30 UTC (permalink / raw)
To: linux-kernel
Cc: Andy Lutomirski, Thomas Gleixner, Kees Cook, Thomas Lendacky,
Sami Tolvanen, Heiko Carstens, Ingo Molnar, Borislav Petkov,
H . Peter Anvin, x86, Arnd Bergmann, linux-arch, Yu-cheng Yu
With the command-line option, -mx86-used-note=yes, the x86 assembler
in binutils 2.32 and above generates a program property note in a note
section, .note.gnu.property, to encode used x86 ISAs and features. But
kernel linker script only contains a single NOTE segment:
PHDRS {
text PT_LOAD FLAGS(5);
data PT_LOAD FLAGS(6);
percpu PT_LOAD FLAGS(6);
init PT_LOAD FLAGS(7);
note PT_NOTE FLAGS(0);
}
SECTIONS
{
...
.notes : AT(ADDR(.notes) - 0xffffffff80000000) { __start_notes = .; KEEP(*(.not
e.*)) __stop_notes = .; } :text :note
...
}
The NOTE segment generated by kernel linker script is aligned to 4 bytes.
But .note.gnu.property section must be aligned to 8 bytes on x86-64 and
we get
[hjl@gnu-skx-1 linux]$ readelf -n vmlinux
Displaying notes found in: .notes
Owner Data size Description
Xen 0x00000006 Unknown note type: (0x00000006)
description data: 6c 69 6e 75 78 00
Xen 0x00000004 Unknown note type: (0x00000007)
description data: 32 2e 36 00
xen-3.0 0x00000005 Unknown note type: (0x006e6558)
description data: 08 00 00 00 03
readelf: Warning: note with invalid namesz and/or descsz found at offset 0x50
readelf: Warning: type: 0xffffffff, namesize: 0x006e6558, descsize:
0x80000000, alignment: 8
[hjl@gnu-skx-1 linux]$
Since note.gnu.property section in kernel image is never used, this patch
discards .note.gnu.property sections in kernel linker script by adding
/DISCARD/ : {
*(.note.gnu.property)
}
before kernel NOTE segment in generic NOTES.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
---
include/asm-generic/vmlinux.lds.h | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index 6b943fb8c5fd..6659a7c07c84 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -818,7 +818,14 @@
#define TRACEDATA
#endif
+/*
+ * Discard .note.gnu.property sections which are unused and have
+ * different alignment requirement from kernel note sections.
+ */
#define NOTES \
+ /DISCARD/ : { \
+ *(.note.gnu.property) \
+ } \
.notes : AT(ADDR(.notes) - LOAD_OFFSET) { \
__start_notes = .; \
KEEP(*(.note.*)) \
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS
2020-03-26 19:30 [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS H.J. Lu
2020-03-26 19:30 ` [PATCH 2/2] Discard .note.gnu.property sections in generic NOTES H.J. Lu
@ 2020-03-26 20:11 ` Borislav Petkov
2020-03-26 20:11 ` Borislav Petkov
2020-03-26 20:39 ` Kees Cook
1 sibling, 2 replies; 5+ messages in thread
From: Borislav Petkov @ 2020-03-26 20:11 UTC (permalink / raw)
To: Kees Cook
Cc: H.J. Lu, linux-kernel, Andy Lutomirski, Thomas Gleixner,
Thomas Lendacky, Sami Tolvanen, Heiko Carstens, Ingo Molnar,
H . Peter Anvin, x86, Arnd Bergmann, linux-arch, Yu-cheng Yu
On Thu, Mar 26, 2020 at 12:30:20PM -0700, H.J. Lu wrote:
> In x86 kernel, .exit.text and .exit.data sections are discarded at
> runtime, not by linker. Add RUNTIME_DISCARD_EXIT to generic DISCARDS
> and define it in x86 kernel linker script to keep them.
>
> Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> ---
> arch/x86/kernel/vmlinux.lds.S | 1 +
> include/asm-generic/vmlinux.lds.h | 10 ++++++++--
> 2 files changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
> index e3296aa028fe..7206e1ac23dd 100644
> --- a/arch/x86/kernel/vmlinux.lds.S
> +++ b/arch/x86/kernel/vmlinux.lds.S
> @@ -21,6 +21,7 @@
> #define LOAD_OFFSET __START_KERNEL_map
> #endif
>
> +#define RUNTIME_DISCARD_EXIT
> #define EMITS_PT_NOTE
> #define RO_EXCEPTION_TABLE_ALIGN 16
>
> diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
> index e00f41aa8ec4..6b943fb8c5fd 100644
> --- a/include/asm-generic/vmlinux.lds.h
> +++ b/include/asm-generic/vmlinux.lds.h
> @@ -894,10 +894,16 @@
> * section definitions so that such archs put those in earlier section
> * definitions.
> */
> +#ifdef RUNTIME_DISCARD_EXIT
> +#define EXIT_DISCARDS
> +#else
> +#define EXIT_DISCARDS \
> + EXIT_TEXT \
> + EXIT_DATA
> +#endif
/me goes back and reads the old thread on this...
Kees, do you expect other arches to actually need this
RUNTIME_DISCARD_EXIT thing or was that a hypothetical thing?
/me searches more...
oh, there's a patchset from you
https://lkml.kernel.org/r/20200228002244.15240-1-keescook@chromium.org
which already contains this patch *and* an ARM64 patch which defines
RUNTIME_DISCARD_EXIT so I'm guessing ARM64 wants to discard at runtime
too.
Which leaves the question why is H.J. sending that patch separate and
you carry it in a patchset about orphan section warning? Seems like it
wants to be in your patchset?
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS
2020-03-26 20:11 ` [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS Borislav Petkov
@ 2020-03-26 20:11 ` Borislav Petkov
2020-03-26 20:39 ` Kees Cook
1 sibling, 0 replies; 5+ messages in thread
From: Borislav Petkov @ 2020-03-26 20:11 UTC (permalink / raw)
To: Kees Cook
Cc: H.J. Lu, linux-kernel, Andy Lutomirski, Thomas Gleixner,
Thomas Lendacky, Sami Tolvanen, Heiko Carstens, Ingo Molnar,
H . Peter Anvin, x86, Arnd Bergmann, linux-arch, Yu-cheng Yu
On Thu, Mar 26, 2020 at 12:30:20PM -0700, H.J. Lu wrote:
> In x86 kernel, .exit.text and .exit.data sections are discarded at
> runtime, not by linker. Add RUNTIME_DISCARD_EXIT to generic DISCARDS
> and define it in x86 kernel linker script to keep them.
>
> Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> ---
> arch/x86/kernel/vmlinux.lds.S | 1 +
> include/asm-generic/vmlinux.lds.h | 10 ++++++++--
> 2 files changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
> index e3296aa028fe..7206e1ac23dd 100644
> --- a/arch/x86/kernel/vmlinux.lds.S
> +++ b/arch/x86/kernel/vmlinux.lds.S
> @@ -21,6 +21,7 @@
> #define LOAD_OFFSET __START_KERNEL_map
> #endif
>
> +#define RUNTIME_DISCARD_EXIT
> #define EMITS_PT_NOTE
> #define RO_EXCEPTION_TABLE_ALIGN 16
>
> diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
> index e00f41aa8ec4..6b943fb8c5fd 100644
> --- a/include/asm-generic/vmlinux.lds.h
> +++ b/include/asm-generic/vmlinux.lds.h
> @@ -894,10 +894,16 @@
> * section definitions so that such archs put those in earlier section
> * definitions.
> */
> +#ifdef RUNTIME_DISCARD_EXIT
> +#define EXIT_DISCARDS
> +#else
> +#define EXIT_DISCARDS \
> + EXIT_TEXT \
> + EXIT_DATA
> +#endif
/me goes back and reads the old thread on this...
Kees, do you expect other arches to actually need this
RUNTIME_DISCARD_EXIT thing or was that a hypothetical thing?
/me searches more...
oh, there's a patchset from you
https://lkml.kernel.org/r/20200228002244.15240-1-keescook@chromium.org
which already contains this patch *and* an ARM64 patch which defines
RUNTIME_DISCARD_EXIT so I'm guessing ARM64 wants to discard at runtime
too.
Which leaves the question why is H.J. sending that patch separate and
you carry it in a patchset about orphan section warning? Seems like it
wants to be in your patchset?
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS
2020-03-26 20:11 ` [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS Borislav Petkov
2020-03-26 20:11 ` Borislav Petkov
@ 2020-03-26 20:39 ` Kees Cook
1 sibling, 0 replies; 5+ messages in thread
From: Kees Cook @ 2020-03-26 20:39 UTC (permalink / raw)
To: Borislav Petkov
Cc: H.J. Lu, linux-kernel, Andy Lutomirski, Thomas Gleixner,
Thomas Lendacky, Sami Tolvanen, Heiko Carstens, Ingo Molnar,
H . Peter Anvin, x86, Arnd Bergmann, linux-arch, Yu-cheng Yu
On Thu, Mar 26, 2020 at 09:11:42PM +0100, Borislav Petkov wrote:
> On Thu, Mar 26, 2020 at 12:30:20PM -0700, H.J. Lu wrote:
> > In x86 kernel, .exit.text and .exit.data sections are discarded at
> > runtime, not by linker. Add RUNTIME_DISCARD_EXIT to generic DISCARDS
> > and define it in x86 kernel linker script to keep them.
> >
> > Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> > ---
> > arch/x86/kernel/vmlinux.lds.S | 1 +
> > include/asm-generic/vmlinux.lds.h | 10 ++++++++--
> > 2 files changed, 9 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
> > index e3296aa028fe..7206e1ac23dd 100644
> > --- a/arch/x86/kernel/vmlinux.lds.S
> > +++ b/arch/x86/kernel/vmlinux.lds.S
> > @@ -21,6 +21,7 @@
> > #define LOAD_OFFSET __START_KERNEL_map
> > #endif
> >
> > +#define RUNTIME_DISCARD_EXIT
> > #define EMITS_PT_NOTE
> > #define RO_EXCEPTION_TABLE_ALIGN 16
> >
> > diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
> > index e00f41aa8ec4..6b943fb8c5fd 100644
> > --- a/include/asm-generic/vmlinux.lds.h
> > +++ b/include/asm-generic/vmlinux.lds.h
> > @@ -894,10 +894,16 @@
> > * section definitions so that such archs put those in earlier section
> > * definitions.
> > */
> > +#ifdef RUNTIME_DISCARD_EXIT
> > +#define EXIT_DISCARDS
> > +#else
> > +#define EXIT_DISCARDS \
> > + EXIT_TEXT \
> > + EXIT_DATA
> > +#endif
>
> /me goes back and reads the old thread on this...
>
> Kees, do you expect other arches to actually need this
> RUNTIME_DISCARD_EXIT thing or was that a hypothetical thing?
>
> /me searches more...
>
> oh, there's a patchset from you
>
> https://lkml.kernel.org/r/20200228002244.15240-1-keescook@chromium.org
>
> which already contains this patch *and* an ARM64 patch which defines
> RUNTIME_DISCARD_EXIT so I'm guessing ARM64 wants to discard at runtime
> too.
Correct.
> Which leaves the question why is H.J. sending that patch separate and
> you carry it in a patchset about orphan section warning? Seems like it
> wants to be in your patchset?
I had needed the same clean up for the orphan section handling, and
since it hadn't been picked up yet, I included it in my series. I'm
still stuck addressing several review comments, so there's no reason to
wait for me: I can easily rebase once these patches land somewhere. I'd
be happy to see them in -tip.
Thanks!
-Kees
--
Kees Cook
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-03-26 20:39 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-03-26 19:30 [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS H.J. Lu
2020-03-26 19:30 ` [PATCH 2/2] Discard .note.gnu.property sections in generic NOTES H.J. Lu
2020-03-26 20:11 ` [PATCH 1/2] Add RUNTIME_DISCARD_EXIT to generic DISCARDS Borislav Petkov
2020-03-26 20:11 ` Borislav Petkov
2020-03-26 20:39 ` Kees Cook
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).