From: Ard Biesheuvel <ardb+git@google.com>
To: stable@vger.kernel.org
Cc: linux-efi@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
Borislav Petkov <bp@alien8.de>
Subject: [PATCH stable-v6.1 06/18] x86/decompressor: Move global symbol references to C code
Date: Mon, 4 Mar 2024 12:19:44 +0100 [thread overview]
Message-ID: <20240304111937.2556102-26-ardb+git@google.com> (raw)
In-Reply-To: <20240304111937.2556102-20-ardb+git@google.com>
From: Ard Biesheuvel <ardb@kernel.org>
[ Commit 24388292e2d7fae79a0d4183cc91716b851299cf upstream ]
It is no longer necessary to be cautious when referring to global
variables in the position independent decompressor code, now that it is
built using PIE codegen and makes an assertion in the linker script that
no GOT entries exist (which would require adjustment for the actual
runtime load address of the decompressor binary).
This means global variables can be referenced directly from C code,
instead of having to pass their runtime addresses into C routines from
asm code, which needs to happen at each call site. Do so for the code
that will be called directly from the EFI stub after a subsequent patch,
and avoid the need to duplicate this logic a third time.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230807162720.545787-20-ardb@kernel.org
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/x86/boot/compressed/head_32.S | 8 --------
arch/x86/boot/compressed/head_64.S | 10 ++--------
arch/x86/boot/compressed/misc.c | 16 +++++++++-------
3 files changed, 11 insertions(+), 23 deletions(-)
diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S
index 8876ffe30e9a..3af4a383615b 100644
--- a/arch/x86/boot/compressed/head_32.S
+++ b/arch/x86/boot/compressed/head_32.S
@@ -168,13 +168,7 @@ SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
*/
/* push arguments for extract_kernel: */
- pushl output_len@GOTOFF(%ebx) /* decompressed length, end of relocs */
pushl %ebp /* output address */
- pushl input_len@GOTOFF(%ebx) /* input_len */
- leal input_data@GOTOFF(%ebx), %eax
- pushl %eax /* input_data */
- leal boot_heap@GOTOFF(%ebx), %eax
- pushl %eax /* heap area */
pushl %esi /* real mode pointer */
call extract_kernel /* returns kernel entry point in %eax */
addl $24, %esp
@@ -202,8 +196,6 @@ SYM_DATA_END_LABEL(gdt, SYM_L_LOCAL, gdt_end)
*/
.bss
.balign 4
-boot_heap:
- .fill BOOT_HEAP_SIZE, 1, 0
boot_stack:
.fill BOOT_STACK_SIZE, 1, 0
boot_stack_end:
diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
index 8bfb01510be4..9a0d83b4d266 100644
--- a/arch/x86/boot/compressed/head_64.S
+++ b/arch/x86/boot/compressed/head_64.S
@@ -485,13 +485,9 @@ SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
/*
* Do the extraction, and jump to the new kernel..
*/
- /* pass struct boot_params pointer */
+ /* pass struct boot_params pointer and output target address */
movq %r15, %rdi
- leaq boot_heap(%rip), %rsi /* malloc area for uncompression */
- leaq input_data(%rip), %rdx /* input_data */
- movl input_len(%rip), %ecx /* input_len */
- movq %rbp, %r8 /* output target address */
- movl output_len(%rip), %r9d /* decompressed length, end of relocs */
+ movq %rbp, %rsi
call extract_kernel /* returns kernel entry point in %rax */
/*
@@ -649,8 +645,6 @@ SYM_DATA_END_LABEL(boot_idt, SYM_L_GLOBAL, boot_idt_end)
*/
.bss
.balign 4
-SYM_DATA_LOCAL(boot_heap, .fill BOOT_HEAP_SIZE, 1, 0)
-
SYM_DATA_START_LOCAL(boot_stack)
.fill BOOT_STACK_SIZE, 1, 0
.balign 16
diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c
index 014ff222bf4b..e4e3e49fcc37 100644
--- a/arch/x86/boot/compressed/misc.c
+++ b/arch/x86/boot/compressed/misc.c
@@ -330,6 +330,11 @@ static size_t parse_elf(void *output)
return ehdr.e_entry - LOAD_PHYSICAL_ADDR;
}
+static u8 boot_heap[BOOT_HEAP_SIZE] __aligned(4);
+
+extern unsigned char input_data[];
+extern unsigned int input_len, output_len;
+
/*
* The compressed kernel image (ZO), has been moved so that its position
* is against the end of the buffer used to hold the uncompressed kernel
@@ -347,14 +352,11 @@ static size_t parse_elf(void *output)
* |-------uncompressed kernel image---------|
*
*/
-asmlinkage __visible void *extract_kernel(void *rmode, memptr heap,
- unsigned char *input_data,
- unsigned long input_len,
- unsigned char *output,
- unsigned long output_len)
+asmlinkage __visible void *extract_kernel(void *rmode, unsigned char *output)
{
const unsigned long kernel_total_size = VO__end - VO__text;
unsigned long virt_addr = LOAD_PHYSICAL_ADDR;
+ memptr heap = (memptr)boot_heap;
unsigned long needed_size;
size_t entry_offset;
@@ -412,7 +414,7 @@ asmlinkage __visible void *extract_kernel(void *rmode, memptr heap,
* entries. This ensures the full mapped area is usable RAM
* and doesn't include any reserved areas.
*/
- needed_size = max(output_len, kernel_total_size);
+ needed_size = max_t(unsigned long, output_len, kernel_total_size);
#ifdef CONFIG_X86_64
needed_size = ALIGN(needed_size, MIN_KERNEL_ALIGN);
#endif
@@ -443,7 +445,7 @@ asmlinkage __visible void *extract_kernel(void *rmode, memptr heap,
#ifdef CONFIG_X86_64
if (heap > 0x3fffffffffffUL)
error("Destination address too large");
- if (virt_addr + max(output_len, kernel_total_size) > KERNEL_IMAGE_SIZE)
+ if (virt_addr + needed_size > KERNEL_IMAGE_SIZE)
error("Destination virtual address is beyond the kernel mapping area");
#else
if (heap > ((-__PAGE_OFFSET-(128<<20)-1) & 0x7fffffff))
--
2.44.0.278.ge034bb2e1d-goog
next prev parent reply other threads:[~2024-03-04 11:20 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-04 11:19 [PATCH stable-v6.1 00/18] efistub/x86 changes for secure boot Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 01/18] arm64: efi: Limit allocations to 48-bit addressable physical region Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 02/18] efi: efivars: prevent double registration Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 03/18] x86/efistub: Simplify and clean up handover entry code Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 04/18] x86/decompressor: Avoid magic offsets for EFI handover entrypoint Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 05/18] x86/efistub: Clear BSS in EFI handover protocol entrypoint Ard Biesheuvel
2024-03-04 11:19 ` Ard Biesheuvel [this message]
2024-03-04 11:19 ` [PATCH stable-v6.1 07/18] efi/libstub: Add memory attribute protocol definitions Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 08/18] efi/libstub: Add limit argument to efi_random_alloc() Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 09/18] x86/efistub: Perform 4/5 level paging switch from the stub Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 10/18] x86/decompressor: Factor out kernel decompression and relocation Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 11/18] x86/efistub: Prefer EFI memory attributes protocol over DXE services Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 12/18] x86/efistub: Perform SNP feature test while running in the firmware Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 13/18] x86/efistub: Avoid legacy decompressor when doing EFI boot Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 14/18] efi/x86: Avoid physical KASLR on older Dell systems Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 15/18] x86/efistub: Avoid placing the kernel below LOAD_PHYSICAL_ADDR Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 16/18] x86/boot: Rename conflicting 'boot_params' pointer to 'boot_params_ptr' Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 17/18] x86/boot: efistub: Assign global boot_params variable Ard Biesheuvel
2024-03-04 11:19 ` [PATCH stable-v6.1 18/18] efi/x86: Fix the missing KASLR_FLAG bit in boot_params->hdr.loadflags Ard Biesheuvel
2024-03-04 11:42 ` [PATCH stable-v6.1 00/18] efistub/x86 changes for secure boot Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240304111937.2556102-26-ardb+git@google.com \
--to=ardb+git@google.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=linux-efi@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox