From patchwork Wed Jun 24 01:49:40 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 11622213 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id F15E41392 for ; Wed, 24 Jun 2020 01:52:37 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C607820702 for ; Wed, 24 Jun 2020 01:52:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Zxv2Q5O6"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="ckmxDB65" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C607820702 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=chromium.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=oF9V6TGkunr1pzysMbsRF4xzZjVv6pgrDv+bWGnvHNQ=; b=Zxv2Q5O6NTCRKA8Fk53IXduca DBQ6oVhOkTA0hO/ny5Z1zaNMX6gXzRekwnWNR7a9SE5zaWIp1G3NS5SI+awqB2ZkrTFmajl3YAO6D 00GuHKXO+M4SKFXnNSGq7x1ADSb7oWdfGpRo/ru+9U5xlvrGQfx82rnjdc0UNqFKTE+exZX3mv2xO 0qcQ+ENs3R2FNRDk5dKB8DRIOoJITMixcz0XdIH6G/6c1wIac0qGAwVc0n3kkAJwqsNS7eSPht9vy 8d6U/ED9gBdyoMk8ApgKpm10hlefLush1AKSWvh+nn6IGopMl85MXHo7MzafB0DXM6TfLDdCRNfma ZK9pRRegg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jnuYs-0006ut-Ph; Wed, 24 Jun 2020 01:50:51 +0000 Received: from mail-pj1-x1041.google.com ([2607:f8b0:4864:20::1041]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jnuY1-0006O6-3a for linux-arm-kernel@lists.infradead.org; Wed, 24 Jun 2020 01:50:02 +0000 Received: by mail-pj1-x1041.google.com with SMTP id h22so381625pjf.1 for ; Tue, 23 Jun 2020 18:49:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=IXUgLosNUEP93cpEKoNn7oauK0Oksg2zT1r8iNc2N3M=; b=ckmxDB65sTOYu6rx9OIJTqHdVaF3Rq0JK7kAA6vc5D+eoog4QFJCUkaQ7pr9Dbdqt8 TtXjq1UpX+tQQMj1dqLxz4cB6MRk2G2LEF5f5B4Oh7F/T4fCQlQiO3iYpi7PtQCLvvql oPHshW80+ZhzYGTcFezjfbhx/X9l9btanp8ng= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=IXUgLosNUEP93cpEKoNn7oauK0Oksg2zT1r8iNc2N3M=; b=ANiuE/CG+DGCw14WMn6aQjBFKow6DvWlSMNxhTcvN9AEBHKQTIijAjzx+jPoyhb9si ZmMR1RlQaxZoQdgSYs3Y2BQNJgL2/RLQ27GKQ3U/QvdhxFL0+E7a9G2pF7pmZFEAqI8h 2ben6JAabc2DTdnzbNCjUSBDNrq43jsM5CgXZCN03fMzqUxMJa64sQwgyxs8RK97C9it DafMnqds279EV+t1O4xwQ0t7iRB1y3FAr5W26oUYKjCaO4MuEWK5lTxlv33E45k2cayQ vOMBbq81KACFMeD2c8yA1idH4xGcS7HHJ/jiaK2OQoUIAG7v2KD+NePO0JZ9L2STuu9c a0Ig== X-Gm-Message-State: AOAM531Up8+AexIamsJtcnlUGnn3rjcwMimIFtn5mEjpd6QCkl+XqTgs r9TmP/pOz/aGd1DlwNtNQiRWuQ== X-Google-Smtp-Source: ABdhPJwdum6Og6TIMupJ78tyY9GEfwXuR/37zHl5lfG7CPnDCX7KdCztzVd+hqJLR+uQSWvHTMGz/w== X-Received: by 2002:a17:90a:1117:: with SMTP id d23mr26427976pja.136.1592963395150; Tue, 23 Jun 2020 18:49:55 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id mp15sm3525013pjb.45.2020.06.23.18.49.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 23 Jun 2020 18:49:51 -0700 (PDT) From: Kees Cook To: Will Deacon Subject: [PATCH v3 9/9] arm64/build: Warn on orphan section placement Date: Tue, 23 Jun 2020 18:49:40 -0700 Message-Id: <20200624014940.1204448-10-keescook@chromium.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200624014940.1204448-1-keescook@chromium.org> References: <20200624014940.1204448-1-keescook@chromium.org> MIME-Version: 1.0 X-Spam-Note: CRM114 invocation failed X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1041 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.0 DKIMWL_WL_HIGH DKIMwl.org - Whitelisted High sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, Kees Cook , Arnd Bergmann , Catalin Marinas , Masahiro Yamada , x86@kernel.org, Nick Desaulniers , Russell King , linux-kernel@vger.kernel.org, Nathan Chancellor , clang-built-linux@googlegroups.com, Arvind Sankar , Ingo Molnar , James Morse , Thomas Gleixner , Borislav Petkov , Peter Collingbourne , Ard Biesheuvel , linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org We don't want to depend on the linker's orphan section placement heuristics as these can vary between linkers, and may change between versions. All sections need to be explicitly named in the linker script. Avoid .eh_frame* by making sure both -fno-asychronous-unwind-tables and -fno-unwind-tables are present in both CFLAGS and AFLAGS. Remove one last instance of .eh_frame by removing the needless Call Frame Information annotations from arch/arm64/kernel/smccc-call.S. Add .plt, .data.rel.ro, .igot.*, and .iplt to discards as they are not actually used. While .got.plt is also not used, it must be included otherwise ld.bfd will fail to link with the error: aarch64-linux-gnu-ld: discarded output section: `.got.plt' However, as it'd be better to validate that it stays effectively empty, add an assert. Explicitly include debug sections when they're present. Fix a case of needless quotes in __section(), which Clang doesn't like. Finally, enable orphan section warnings. Thanks to Ard Biesheuvel for many hints on correct ways to handle mysterious sections. :) Signed-off-by: Kees Cook Acked-by: Will Deacon --- arch/arm64/Makefile | 9 ++++++++- arch/arm64/kernel/smccc-call.S | 2 -- arch/arm64/kernel/vmlinux.lds.S | 11 ++++++++++- arch/arm64/mm/mmu.c | 2 +- 4 files changed, 19 insertions(+), 5 deletions(-) diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index a0d94d063fa8..fb3aa2d7de4d 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -29,6 +29,10 @@ LDFLAGS_vmlinux += --fix-cortex-a53-843419 endif endif +# We never want expected sections to be placed heuristically by the +# linker. All sections should be explicitly named in the linker script. +LDFLAGS_vmlinux += --orphan-handling=warn + ifeq ($(CONFIG_ARM64_USE_LSE_ATOMICS), y) ifneq ($(CONFIG_ARM64_LSE_ATOMICS), y) $(warning LSE atomics not supported by binutils) @@ -47,13 +51,16 @@ endif KBUILD_CFLAGS += -mgeneral-regs-only \ $(compat_vdso) $(cc_has_k_constraint) -KBUILD_CFLAGS += -fno-asynchronous-unwind-tables KBUILD_CFLAGS += $(call cc-disable-warning, psabi) KBUILD_AFLAGS += $(compat_vdso) KBUILD_CFLAGS += $(call cc-option,-mabi=lp64) KBUILD_AFLAGS += $(call cc-option,-mabi=lp64) +# Avoid generating .eh_frame* sections. +KBUILD_CFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables +KBUILD_AFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables + ifeq ($(CONFIG_STACKPROTECTOR_PER_TASK),y) prepare: stack_protector_prepare stack_protector_prepare: prepare0 diff --git a/arch/arm64/kernel/smccc-call.S b/arch/arm64/kernel/smccc-call.S index 1f93809528a4..d62447964ed9 100644 --- a/arch/arm64/kernel/smccc-call.S +++ b/arch/arm64/kernel/smccc-call.S @@ -9,7 +9,6 @@ #include .macro SMCCC instr - .cfi_startproc \instr #0 ldr x4, [sp] stp x0, x1, [x4, #ARM_SMCCC_RES_X0_OFFS] @@ -21,7 +20,6 @@ b.ne 1f str x6, [x4, ARM_SMCCC_QUIRK_STATE_OFFS] 1: ret - .cfi_endproc .endm /* diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index 5427f502c3a6..f6c781768f83 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -94,7 +94,8 @@ SECTIONS /DISCARD/ : { *(.interp .dynamic) *(.dynsym .dynstr .hash .gnu.hash) - *(.eh_frame) + *(.plt) *(.data.rel.ro) + *(.igot.*) *(.iplt) } . = KIMAGE_VADDR + TEXT_OFFSET; @@ -244,8 +245,16 @@ SECTIONS _end = .; STABS_DEBUG + DWARF_DEBUG HEAD_SYMBOLS + + /* + * Make sure that the .got.plt is either completely empty or it + * contains only the lazy dispatch entries. + */ + .got.plt (INFO) : { *(.got.plt) } + ASSERT(SIZEOF(.got.plt) == 0 || SIZEOF(.got.plt) == 0x18, ".got.plt not empty") } #include "image-vars.h" diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index 1df25f26571d..dce024ea6084 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -42,7 +42,7 @@ u64 idmap_t0sz = TCR_T0SZ(VA_BITS); u64 idmap_ptrs_per_pgd = PTRS_PER_PGD; -u64 __section(".mmuoff.data.write") vabits_actual; +u64 __section(.mmuoff.data.write) vabits_actual; EXPORT_SYMBOL(vabits_actual); u64 kimage_voffset __ro_after_init;