From patchwork Mon Sep 30 07:15:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 13815454 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D5CECCF6491 for ; Mon, 30 Sep 2024 07:15:38 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.807022.1218183 (Exim 4.92) (envelope-from ) id 1svAd2-0007se-0F; Mon, 30 Sep 2024 07:15:32 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 807022.1218183; Mon, 30 Sep 2024 07:15:31 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAd1-0007sT-TX; Mon, 30 Sep 2024 07:15:31 +0000 Received: by outflank-mailman (input) for mailman id 807022; Mon, 30 Sep 2024 07:15:30 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAd0-0007gP-9c for xen-devel@lists.xenproject.org; Mon, 30 Sep 2024 07:15:30 +0000 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [2607:f8b0:4864:20::114a]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id c563d1c4-7efb-11ef-a0ba-8be0dac302b0; Mon, 30 Sep 2024 09:15:29 +0200 (CEST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-6ddbcc96984so59785677b3.2 for ; Mon, 30 Sep 2024 00:15:29 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: c563d1c4-7efb-11ef-a0ba-8be0dac302b0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1727680528; x=1728285328; darn=lists.xenproject.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=HsZTXhwK3mXXOhRjtLwXUoeG4XCPMITRRWukmjYsd98=; b=r5BvIWjhzgBZLXiFsnaR7700yj/lo3uMYDxrusVnxnFM22T4O6+rf5zcui6B0oxxRx uZSrkSDZwv7zMoVRDvC7XBnJ94PDbUVFXAG64mxvlBfOTNfj0Z20oQZjNQk2B5tCTpuy QcMqM09q2kVl+TQKXOCsUawMhyIH5flhKmkoqLndxTj6HvTSQHbjhwtKu3GKjATxXmq4 QLCjbllOu6p5ChA3Jp6Sar751mHvhfqLQM6oGu5tYRFUdGf2bIAknHMNC9MGuFbJPlBj ka3MOrOQViBp7IGzzzWBlBPTk3DeWJZup7rvoTRXaHUg/llgxLjWGbzbyAz9pD2vxo7W dbCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727680528; x=1728285328; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=HsZTXhwK3mXXOhRjtLwXUoeG4XCPMITRRWukmjYsd98=; b=Ux3Qs+Xi5ioYMOhuGlHPSXQsa7ku0PLytDLhdsLzPb2/9XfHozBPGn/YwcT46uaok5 eVZDl7H9XFf3w1n8b3bJNQ5SHmdy8fgPJTyx7tDUdPwm7DK3UhZDOWHjQBM9AA3KyVVk nEYUPyqnJbaSfCftE7TssimV6phRDLiZhBZboJvDL3Ebqn3JookzUBiv9DOTvRTLBeXx YIj93y+NPWrtWQA/MT35CBYTymKJ1DA6Tzdb/frVq5a1kMNQ7AnlH9BdofwXNQP1jtEN PBDKeJb1GKoiZAGEwPdoBcJmAUSMEtp/KkWBSWs++rKxbbU3W9RIlFnNnkDwAvxPKPiu a8Kg== X-Forwarded-Encrypted: i=1; AJvYcCWkG5XWsrct5kHYDnYsB4okyaCh1NTYaoqdy1pCluKz3Ks3tSfb9MTBh8ibrYH/r9X2ei66WsSaGpc=@lists.xenproject.org X-Gm-Message-State: AOJu0Yz1gSbPzNY6K9YJ8pq9n4ycPVlUGvUHFTz9h6DLey/YClMKtlVb Dysyfn3wNHnW1zrcxNQB+C2fhaoHoulbyADFBmSec3jPSkChDpllEZOK6n1T9cGcHcma0Q== X-Google-Smtp-Source: AGHT+IEEITnmcH5UeTV2zllc3PmFUNjrBWClElCZQ6t5GapgJ1dmZhJuA8uiVOK2ULv5OhBDd14Xgcyd X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:7b:198d:ac11:8138]) (user=ardb job=sendgmr) by 2002:a05:690c:c83:b0:68d:52a1:bed with SMTP id 00721157ae682-6e2474d2257mr1919327b3.1.1727680527795; Mon, 30 Sep 2024 00:15:27 -0700 (PDT) Date: Mon, 30 Sep 2024 09:15:15 +0200 In-Reply-To: <20240930071513.909462-7-ardb+git@google.com> Mime-Version: 1.0 References: <20240930071513.909462-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1580; i=ardb@kernel.org; h=from:subject; bh=DOghVKCQRkP+2PZSSBUfsRwzGz2qTq1yeEJiIzZkHRA=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIe1XAPP+CW6ZqxccPKowL43/Tf6HExp8dsf8IuIdo91Dp 38VbpvbUcrCIMbBICumyCIw+++7nacnStU6z5KFmcPKBDKEgYtTACZyP5ThD39HQciqZ45X7a+I V/w7Vrn2CUPYFo2E0GfiEzqK3SeJaDH8FaicbvpzA/e5xw8uM6jYfnfbb220fSNTS1jDbtfUmGu XuAE= X-Mailer: git-send-email 2.46.1.824.gd892dcdcdd-goog Message-ID: <20240930071513.909462-8-ardb+git@google.com> Subject: [PATCH v2 1/5] x86/pvh: Call C code via the kernel virtual mapping From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: Ard Biesheuvel , Jason Andryuk , Juergen Gross , Boris Ostrovsky , x86@kernel.org, xen-devel@lists.xenproject.org From: Ard Biesheuvel Calling C code via a different mapping than it was linked at is problematic, because the compiler assumes that RIP-relative and absolute symbol references are interchangeable. GCC in particular may use RIP-relative per-CPU variable references even when not using -fpic. So call xen_prepare_pvh() via its kernel virtual mapping on x86_64, so that those RIP-relative references produce the correct values. This matches the pre-existing behavior for i386, which also invokes xen_prepare_pvh() via the kernel virtual mapping before invoking startup_32 with paging disabled again. Fixes: 7243b93345f7 ("xen/pvh: Bootstrap PVH guest") Tested-by: Jason Andryuk Reviewed-by: Jason Andryuk Signed-off-by: Ard Biesheuvel --- arch/x86/platform/pvh/head.S | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index 64fca49cd88f..ce4fd8d33da4 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -172,7 +172,14 @@ SYM_CODE_START_LOCAL(pvh_start_xen) movq %rbp, %rbx subq $_pa(pvh_start_xen), %rbx movq %rbx, phys_base(%rip) - call xen_prepare_pvh + + /* Call xen_prepare_pvh() via the kernel virtual mapping */ + leaq xen_prepare_pvh(%rip), %rax + subq phys_base(%rip), %rax + addq $__START_KERNEL_map, %rax + ANNOTATE_RETPOLINE_SAFE + call *%rax + /* * Clear phys_base. __startup_64 will *add* to its value, * so reset to 0. From patchwork Mon Sep 30 07:15:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 13815456 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 4C5B0CF6497 for ; Mon, 30 Sep 2024 07:15:43 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.807023.1218193 (Exim 4.92) (envelope-from ) id 1svAd4-00089b-7P; Mon, 30 Sep 2024 07:15:34 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 807023.1218193; Mon, 30 Sep 2024 07:15:34 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAd4-00089O-4P; Mon, 30 Sep 2024 07:15:34 +0000 Received: by outflank-mailman (input) for mailman id 807023; Mon, 30 Sep 2024 07:15:33 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAd2-0007Ms-Ud for xen-devel@lists.xenproject.org; Mon, 30 Sep 2024 07:15:32 +0000 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [2607:f8b0:4864:20::b4a]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id c6ac2bd1-7efb-11ef-99a2-01e77a169b0f; Mon, 30 Sep 2024 09:15:31 +0200 (CEST) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-e2605ce4276so5055480276.3 for ; Mon, 30 Sep 2024 00:15:31 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: c6ac2bd1-7efb-11ef-99a2-01e77a169b0f DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1727680530; x=1728285330; darn=lists.xenproject.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=cfFkwKi7wORkaITTIVySWZ1TVCuKZibVqWlFRxA8TaE=; b=l4egizkhDIUtdL31EDmHqQ79Q+TNQkbr9PPPLCO5uRQzthIDLvscvDsSrsgHhM6QJG A6dAPV2DPsP0SM8nRplFQiAwAl4pl01SYt57BD0Hm6maOTTCgNtdXkv5zzseudxnzmwM 3vbp0DSsIWv/2jrQmWhs2uJoP/5ieKyOcNWV+G7x/rGPBNmfIzFjZmJSLtHwLD2DKMOh rY/alWdDv4AaeiwDIHttRNZ+/+pWo25/ZaTxgHrTVJemuSZpWYlUD3eF+vnq5s09xIja 5CxmAibUcFxguIoZznJWklouZAkb2LXFeXLZh41mjv3CkI1D0lYWA6dP7rtRDX0mKTat 0Gmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727680530; x=1728285330; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=cfFkwKi7wORkaITTIVySWZ1TVCuKZibVqWlFRxA8TaE=; b=R+6qWmA0DNfxPAZYRFcEaSoaluy8aKcGX4u38ra1SUFjQ/ofksRz0t56gtsq33E+sk yV/hV7pN31OhkuE0Rej+kv87wFhpEG5YZovsgBM9zhu5ak/lgaJBSwNKSfAnC3rZ1Vgy sCbVX1+kfDObkBM0+qqLIEQ6G9fY1FEE0ZRst1t3gdOUenXg8teqf3B7HQaB6I5HiUSk OsTiQoD3Gkzxnj+2G9mJvl6rs8KYIo7DTsDOcEuOb6TDqqCDB5+2ICCMhEQcGMseyyGt 2QrMDtdb/PkiQfuUFZj2ccIypEUA/ug7gwjGgZsGoiR5n2Q3yoK5R5Uvz8ZyRvzPocPG sGGA== X-Forwarded-Encrypted: i=1; AJvYcCWABUx/EnpFnbSFErqW51BmWltc2TeIiCfOKKkR6p8HgfnB7cGT+qa+HeI8XkjyABUoPFpyeKLViIc=@lists.xenproject.org X-Gm-Message-State: AOJu0YxNQrXTyq9XaFn6Io9LPLfdGUNlSQxstPPp7qXh7Q4EHgo0ym+6 SfuxYr3ew0Kmz/XBBUwDImENtSWN1SyLhJUhKPY19VaUc/3ea5STZv+TbI9iRtms9iYk7Q== X-Google-Smtp-Source: AGHT+IHlT3DMxohKe03A8TS0L1Z75WqAqi49LWkf8IAgG/1tHRvVHLfRdZ6a9GNwWISbp2f0lryrnggP X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:7b:198d:ac11:8138]) (user=ardb job=sendgmr) by 2002:a25:5105:0:b0:e0e:c9bc:3206 with SMTP id 3f1490d57ef6-e2604b3e6b8mr7576276.5.1727680530050; Mon, 30 Sep 2024 00:15:30 -0700 (PDT) Date: Mon, 30 Sep 2024 09:15:16 +0200 In-Reply-To: <20240930071513.909462-7-ardb+git@google.com> Mime-Version: 1.0 References: <20240930071513.909462-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=866; i=ardb@kernel.org; h=from:subject; bh=XYVHEk+fyc+b419KXfVjv9/VU6bLywLl8KdcTe49YAY=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIe1XAMvKaXsePbde5td+dfnhwmiXT5KtMpOUj2dUMoenF PtWLmnoKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABMxjWX4n/+KZ1mOY5Nuo17G w1N8j1fMPBPO8OCstkrBmZ0/Sus5axkZZtSdcld0/rF9HlvL4njeqq+1F5aYmnDrf7A/OrWtvjW CHQA= X-Mailer: git-send-email 2.46.1.824.gd892dcdcdd-goog Message-ID: <20240930071513.909462-9-ardb+git@google.com> Subject: [PATCH v2 2/5] x86/pvh: Use correct size value in GDT descriptor From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: Ard Biesheuvel , Jason Andryuk , Juergen Gross , Boris Ostrovsky , x86@kernel.org, xen-devel@lists.xenproject.org From: Ard Biesheuvel The limit field in a GDT descriptor is an inclusive bound, and therefore one less than the size of the covered range. Reviewed-by: Jason Andryuk Tested-by: Jason Andryuk Signed-off-by: Ard Biesheuvel --- arch/x86/platform/pvh/head.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index ce4fd8d33da4..5a196fb3ebd8 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -224,7 +224,7 @@ SYM_CODE_END(pvh_start_xen) .section ".init.data","aw" .balign 8 SYM_DATA_START_LOCAL(gdt) - .word gdt_end - gdt_start + .word gdt_end - gdt_start - 1 .long _pa(gdt_start) /* x86-64 will overwrite if relocated. */ .word 0 SYM_DATA_END(gdt) From patchwork Mon Sep 30 07:15:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 13815457 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 27BB1CF6491 for ; Mon, 30 Sep 2024 07:15:45 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.807024.1218203 (Exim 4.92) (envelope-from ) id 1svAd5-0008PS-Gt; Mon, 30 Sep 2024 07:15:35 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 807024.1218203; Mon, 30 Sep 2024 07:15:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAd5-0008PF-Ce; Mon, 30 Sep 2024 07:15:35 +0000 Received: by outflank-mailman (input) for mailman id 807024; Mon, 30 Sep 2024 07:15:33 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAd3-0007gP-Pg for xen-devel@lists.xenproject.org; Mon, 30 Sep 2024 07:15:33 +0000 Received: from mail-wr1-x449.google.com (mail-wr1-x449.google.com [2a00:1450:4864:20::449]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id c84aff87-7efb-11ef-a0ba-8be0dac302b0; Mon, 30 Sep 2024 09:15:33 +0200 (CEST) Received: by mail-wr1-x449.google.com with SMTP id ffacd0b85a97d-37cccd94a69so1929893f8f.0 for ; Mon, 30 Sep 2024 00:15:33 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: c84aff87-7efb-11ef-a0ba-8be0dac302b0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1727680533; x=1728285333; darn=lists.xenproject.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Ih9d+rTLUr2iQKQ8WDSsNfedIcM8p6qAJVAZ/ooKdqM=; b=rg2SmShXzwPITJ3Le0dk0CpWA6wJhcsd07brO6yA2/An0ngjQLFG9DmpezhtgXMydp E9BmhD6/7p2XBfjbwBPXEACLyRVFQu33jonoCbltcCg8/Q05f4ZyyEfcFQ1SFFb3Hf0E kkgIIEraCmL4Bg6GnNyVjykT/ezZaTQOx3fdmcBxsWlU7l4a9YZRDeRCSCkVyY59nZKL eyARE2hOfHR8vyjU85q3pqy0rSTBTtzmDBe2LbXU6EYCaENADySdrBc/M5KYz8DdE0zX HW9HoFsYWqF2ufA++GThxKijrdEO2MJZiiehP6isXT7rGKVAuYOTAz8TBONpS4XYUy6R X/ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727680533; x=1728285333; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Ih9d+rTLUr2iQKQ8WDSsNfedIcM8p6qAJVAZ/ooKdqM=; b=UXw7LfCI8G0fDpkN8poBvbeR4r711x3j+Me3fXiOoeCvSI+nJlcQnQWYTqawIk0aiN JhbffbosI7ayJPpcV3rn0Gd0JGI/jcZ5W/K8ig6E4lx1h1SedNByvjvMrHggH4tYWL9X 0S/IOVw32oNxZOEPai89UsXm7q9QCIj6I5CqxiG/vMzrKrdcEfBWrE9vpm0pUC1YCJvF KbyN14VMEsNbHjqD/y6P0G9bUO7ALGL0n5DuUZU0j80vv0w6AoUvlvbMSR3x0bl5+faj 1peqMafaA/LI2YY4tsefUt/FZGg0XAWDJs37PjnOkHPQ/fJuDbrtC3jFeg5YcshIj0ZE V9ZA== X-Forwarded-Encrypted: i=1; AJvYcCUbI2wUcEu6SLdM28ujps6skDIojaHbQfWb13VOpBo5UsfOyIlQZZjxGaxCYLQwcoTCMub2vyQKHn0=@lists.xenproject.org X-Gm-Message-State: AOJu0YyVTpj+Lx9stVtSbddynq0F0YePS1NQ+LwTL9kawfTlMauZmGOt Phkxw5pg3q1sqxwC8k4+Y+7ykZmj/gt6ejxX+1+g2MI7blUKGT/RWE1vixysEyIJmWNneA== X-Google-Smtp-Source: AGHT+IGgyhRnUwbTAj2kGZmw/vLPY3l1QpRNk0KAuY9a6bXPJX2/eiNIm+l7VxrERelrDYte7R+7XXJS X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:7b:198d:ac11:8138]) (user=ardb job=sendgmr) by 2002:adf:cd90:0:b0:37c:d569:467c with SMTP id ffacd0b85a97d-37cd5b1de24mr6223f8f.9.1727680532382; Mon, 30 Sep 2024 00:15:32 -0700 (PDT) Date: Mon, 30 Sep 2024 09:15:17 +0200 In-Reply-To: <20240930071513.909462-7-ardb+git@google.com> Mime-Version: 1.0 References: <20240930071513.909462-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1006; i=ardb@kernel.org; h=from:subject; bh=EGjxvAOcfFb2eior18qrLfn0YVRiZmxOws+RVk4EJNQ=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIe1XAFs4e+aKv7/bb1hbz/Ja+/n4Jcvni89UOJWapK5ee 6Zrb8rxjlIWBjEOBlkxRRaB2X/f7Tw9UarWeZYszBxWJpAhDFycAjCRU1sZ/vC0mHzPPSZTfPbz upN7a2oM50gu7Fx0f6rGJ8bu9o/y15QZGXbybPrXdTs3WODNymtrszU/y8/kq363O9D9ZvHiwpW iOqwA X-Mailer: git-send-email 2.46.1.824.gd892dcdcdd-goog Message-ID: <20240930071513.909462-10-ardb+git@google.com> Subject: [PATCH v2 3/5] x86/pvh: Omit needless clearing of phys_base From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: Ard Biesheuvel , Jason Andryuk , Juergen Gross , Boris Ostrovsky , x86@kernel.org, xen-devel@lists.xenproject.org From: Ard Biesheuvel Since commit d9ec1158056b ("x86/boot/64: Use RIP_REL_REF() to assign 'phys_base'") phys_base is assigned directly rather than added to, so it is no longer necessary to clear it after use. Reviewed-by: Jason Andryuk Tested-by: Jason Andryuk Signed-off-by: Ard Biesheuvel --- arch/x86/platform/pvh/head.S | 7 ------- 1 file changed, 7 deletions(-) diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index 5a196fb3ebd8..7ca51a4da217 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -180,13 +180,6 @@ SYM_CODE_START_LOCAL(pvh_start_xen) ANNOTATE_RETPOLINE_SAFE call *%rax - /* - * Clear phys_base. __startup_64 will *add* to its value, - * so reset to 0. - */ - xor %rbx, %rbx - movq %rbx, phys_base(%rip) - /* startup_64 expects boot_params in %rsi. */ lea pvh_bootparams(%rip), %rsi jmp startup_64 From patchwork Mon Sep 30 07:15:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 13815458 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AAB52CF649D for ; Mon, 30 Sep 2024 07:15:48 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.807025.1218213 (Exim 4.92) (envelope-from ) id 1svAd8-0000Kx-VH; Mon, 30 Sep 2024 07:15:38 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 807025.1218213; Mon, 30 Sep 2024 07:15:38 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAd8-0000Ki-R0; Mon, 30 Sep 2024 07:15:38 +0000 Received: by outflank-mailman (input) for mailman id 807025; Mon, 30 Sep 2024 07:15:37 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAd7-0007Ms-Re for xen-devel@lists.xenproject.org; Mon, 30 Sep 2024 07:15:37 +0000 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [2607:f8b0:4864:20::1149]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id c9986869-7efb-11ef-99a2-01e77a169b0f; Mon, 30 Sep 2024 09:15:36 +0200 (CEST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-6e230808455so46533497b3.0 for ; Mon, 30 Sep 2024 00:15:36 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: c9986869-7efb-11ef-99a2-01e77a169b0f DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1727680535; x=1728285335; darn=lists.xenproject.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=DZtPdBpJzFal/ae5MZUqryOcfcvj4AQCvP+gm4JqXyM=; b=1AwIC3WnnFbVVYMPx3Kw4KMsnwaOe8HG2mN6w65iaenrUTQR/RJZ3j1OWhEx0caWAZ QWtub4dE9WNVesdzsn+TFkndyF0DtzroKtrkqkJPknhf6zjASl6G4psJgdSqJT0twCD+ x69b6b/zyliJ+n7cYch31QEgohLI3NMHFi3o9K/tAzW2vZMjSg4bFn3J0Klp+LBiASoO LkuerJ4/+ejDDrI9QNEQCq3But5K4iOyjoQs5ZeWVgAMV/hz1v/XpyAHO0NB7lxHjQM5 25CYRk8jMkttFNlchEb4enFdHfP8Vp9gWfnSdF7jciHCOyv0QS4/pUQbWI71skdD+OLp XFNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727680535; x=1728285335; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=DZtPdBpJzFal/ae5MZUqryOcfcvj4AQCvP+gm4JqXyM=; b=mAQD+w1gBQmDYVLm0685NJdJ7qnBuQ7vImk09TCi4AnE5opp6pygs8IpcOWI2PKEUF IkPwABk14jDXoqz5gMNazgm/UlWsCR0C3ikzp2VCauprgjG42zUXrNDiXhnyHTHMT0Dk EN92vN957gG585/Xel5EM+GfLrD08WTPJe55zpZL3fZqTjJnsieFY77/FJ7va7ov7/Xz VkC+iFspv5yTGMuDtqGClkKFtJL1DG61T8xcWzDoLHPAY+17WTrnttSXVXO0soHhEHmX xegs/H3UV2W4qSQRZnDEJ8UaGHdYsZC735AQQYe+7PbYCbN4UNFhs+kTnW415lnE59TO TYmA== X-Forwarded-Encrypted: i=1; AJvYcCUZPIGRlAHcQJ3DQA7iv6eT4/HY+VDszdxw12dKaCE6r/miCHR68oAJCDTh17awnj6+FsPCNRJfLbs=@lists.xenproject.org X-Gm-Message-State: AOJu0YygQGOZxVlCwEszKIiya9lzR4lsg/o0lagBfmxVCEg3EYCgicG2 QuOvMfyXthVx2gWKjSfXWsrqKlN+GaFlDSInh4ICp1DfAImhAj+nYcNDopjt3GQTEc3nlw== X-Google-Smtp-Source: AGHT+IFWZtuu+KunSwgcCbh6Ve5BV0dLmNWi2x2HkYFqhNpsABPu4rTN3FrGFoGmcbxLj6A3YyOTzKqH X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:7b:198d:ac11:8138]) (user=ardb job=sendgmr) by 2002:a25:d045:0:b0:dfb:22ca:1efd with SMTP id 3f1490d57ef6-e2604b828c6mr119309276.9.1727680535050; Mon, 30 Sep 2024 00:15:35 -0700 (PDT) Date: Mon, 30 Sep 2024 09:15:18 +0200 In-Reply-To: <20240930071513.909462-7-ardb+git@google.com> Mime-Version: 1.0 References: <20240930071513.909462-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=4140; i=ardb@kernel.org; h=from:subject; bh=eRJBFQWOqzRm644YDaD03sEDODYtOLqKPjomM9zMcVo=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIe1XAPuhF2t5+zhSPgu3tTyOidS9aCBp1+yrcNT4n/r00 JmnTes7SlkYxDgYZMUUWQRm/3238/REqVrnWbIwc1iZQIYwcHEKwEQubGVkmJV+Ys/d2PLAmsCY qVKPXi7e52T1MUgu5MSrXwo3Q45OSWFk+F3/bv+942nVjqavFqjqp8r0qphbWB66/EGiOXxZ6qO DLAA= X-Mailer: git-send-email 2.46.1.824.gd892dcdcdd-goog Message-ID: <20240930071513.909462-11-ardb+git@google.com> Subject: [PATCH v2 4/5] x86/xen: Avoid relocatable quantities in Xen ELF notes From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: Ard Biesheuvel , Jason Andryuk , Juergen Gross , Boris Ostrovsky , x86@kernel.org, xen-devel@lists.xenproject.org From: Ard Biesheuvel Xen puts virtual and physical addresses into ELF notes that are treated by the linker as relocatable by default. Doing so is not only pointless, given that the ELF notes are only intended for consumption by Xen before the kernel boots. It is also a KASLR leak, given that the kernel's ELF notes are exposed via the world readable /sys/kernel/notes. So emit these constants in a way that prevents the linker from marking them as relocatable. This involves place-relative relocations (which subtract their own virtual address from the symbol value) and linker provided absolute symbols that add the address of the place to the desired value. Signed-off-by: Ard Biesheuvel Tested-by: Jason Andryuk --- arch/x86/kernel/vmlinux.lds.S | 13 +++++++++++++ arch/x86/platform/pvh/head.S | 6 +++--- arch/x86/tools/relocs.c | 1 + arch/x86/xen/xen-head.S | 6 ++++-- 4 files changed, 21 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 6726be89b7a6..2b7c8c14c6fd 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -527,3 +527,16 @@ INIT_PER_CPU(irq_stack_backing_store); #endif #endif /* CONFIG_X86_64 */ + +#ifdef CONFIG_XEN +#ifdef CONFIG_XEN_PV +xen_elfnote_entry_offset = + ABSOLUTE(xen_elfnote_entry) + ABSOLUTE(startup_xen); +#endif +xen_elfnote_hypercall_page_offset = + ABSOLUTE(xen_elfnote_hypercall_page) + ABSOLUTE(hypercall_page); +#endif +#ifdef CONFIG_PVH +xen_elfnote_phys32_entry_offset = + ABSOLUTE(xen_elfnote_phys32_entry) + ABSOLUTE(pvh_start_xen - LOAD_OFFSET); +#endif diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index 7ca51a4da217..2b0d887e0872 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -52,7 +52,7 @@ #define PVH_CS_SEL (PVH_GDT_ENTRY_CS * 8) #define PVH_DS_SEL (PVH_GDT_ENTRY_DS * 8) -SYM_CODE_START_LOCAL(pvh_start_xen) +SYM_CODE_START(pvh_start_xen) UNWIND_HINT_END_OF_STACK cld @@ -300,5 +300,5 @@ SYM_DATA_END(pvh_level2_kernel_pgt) .long KERNEL_IMAGE_SIZE - 1) #endif - ELFNOTE(Xen, XEN_ELFNOTE_PHYS32_ENTRY, - _ASM_PTR (pvh_start_xen - __START_KERNEL_map)) + ELFNOTE(Xen, XEN_ELFNOTE_PHYS32_ENTRY, .global xen_elfnote_phys32_entry; + xen_elfnote_phys32_entry: _ASM_PTR xen_elfnote_phys32_entry_offset - .) diff --git a/arch/x86/tools/relocs.c b/arch/x86/tools/relocs.c index c101bed61940..3ede19ca8432 100644 --- a/arch/x86/tools/relocs.c +++ b/arch/x86/tools/relocs.c @@ -56,6 +56,7 @@ static const char * const sym_regex_kernel[S_NSYMTYPES] = { [S_ABS] = "^(xen_irq_disable_direct_reloc$|" "xen_save_fl_direct_reloc$|" + "xen_elfnote_.+_offset$|" "VDSO|" "__kcfi_typeid_|" "__crc_)", diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S index 758bcd47b72d..3deaae3601f7 100644 --- a/arch/x86/xen/xen-head.S +++ b/arch/x86/xen/xen-head.S @@ -94,7 +94,8 @@ SYM_CODE_END(xen_cpu_bringup_again) ELFNOTE(Xen, XEN_ELFNOTE_VIRT_BASE, _ASM_PTR __START_KERNEL_map) /* Map the p2m table to a 512GB-aligned user address. */ ELFNOTE(Xen, XEN_ELFNOTE_INIT_P2M, .quad (PUD_SIZE * PTRS_PER_PUD)) - ELFNOTE(Xen, XEN_ELFNOTE_ENTRY, _ASM_PTR startup_xen) + ELFNOTE(Xen, XEN_ELFNOTE_ENTRY, .globl xen_elfnote_entry; + xen_elfnote_entry: _ASM_PTR xen_elfnote_entry_offset - .) ELFNOTE(Xen, XEN_ELFNOTE_FEATURES, .ascii "!writable_page_tables") ELFNOTE(Xen, XEN_ELFNOTE_PAE_MODE, .asciz "yes") ELFNOTE(Xen, XEN_ELFNOTE_L1_MFN_VALID, @@ -115,7 +116,8 @@ SYM_CODE_END(xen_cpu_bringup_again) #else # define FEATURES_DOM0 0 #endif - ELFNOTE(Xen, XEN_ELFNOTE_HYPERCALL_PAGE, _ASM_PTR hypercall_page) + ELFNOTE(Xen, XEN_ELFNOTE_HYPERCALL_PAGE, .globl xen_elfnote_hypercall_page; + xen_elfnote_hypercall_page: _ASM_PTR xen_elfnote_hypercall_page_offset - .) ELFNOTE(Xen, XEN_ELFNOTE_SUPPORTED_FEATURES, .long FEATURES_PV | FEATURES_PVH | FEATURES_DOM0) ELFNOTE(Xen, XEN_ELFNOTE_LOADER, .asciz "generic") From patchwork Mon Sep 30 07:15:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 13815459 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9C95CCF6497 for ; Mon, 30 Sep 2024 07:15:48 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.807026.1218223 (Exim 4.92) (envelope-from ) id 1svAdB-0000e7-7L; Mon, 30 Sep 2024 07:15:41 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 807026.1218223; Mon, 30 Sep 2024 07:15:41 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAdB-0000dt-36; Mon, 30 Sep 2024 07:15:41 +0000 Received: by outflank-mailman (input) for mailman id 807026; Mon, 30 Sep 2024 07:15:40 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1svAdA-0007Ms-5i for xen-devel@lists.xenproject.org; Mon, 30 Sep 2024 07:15:40 +0000 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [2607:f8b0:4864:20::b49]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id caf6518b-7efb-11ef-99a2-01e77a169b0f; Mon, 30 Sep 2024 09:15:38 +0200 (CEST) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-e25d494faa4so4172309276.0 for ; Mon, 30 Sep 2024 00:15:38 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: caf6518b-7efb-11ef-99a2-01e77a169b0f DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1727680537; x=1728285337; darn=lists.xenproject.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=/CFvtg1tsmmc7nnsyP1PbKrXmu+3EkOxGHWY/dTtKRQ=; b=2IngiC6a3qv9Wa9UpBDvkt0EccAfduBBcicBePh1dPHdhyp9q3YTjBJEuZJzg8V1QG JKEOMYO2oTckGUR/qmvoBpyeCoeGy43q5LeNexGyyC7AdPQ0OS0oKmUqi71iClvnsyLH xOmZNoRjdZtI97jZCATNYfzLy4hdEPTFqSJK5PdYE/Kb+z0cFYhDZZoAxGdARGz7pvuq QTygFhbYEtD5j/e1vC5u2+7Hm3XBcZiHWgg0OPs75QKu5s553b6VPQ/NcUD19HsoT25y E5Gf8apGLnWj5LUMaoo6Auy23bAWBWWGDwDFyz0E2KMt8Xu2UF3VjKNyYKwRT3cx4xDt mRgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727680537; x=1728285337; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=/CFvtg1tsmmc7nnsyP1PbKrXmu+3EkOxGHWY/dTtKRQ=; b=wE5yeOTKbnJzrfEhOy6XBCrkuSY+1+Cl4waszKgxxcJ0yQ8c4pHeTjulB+9v1dLoru I+EC3IrnjVDtP10LqZX7fBzyJtHWMygdfY3BH3dusdRVAKhNHji5oUfGLYqodE3ZsYjN oFaJtyI76JKdeZzNpq1mZGQ/+nd0BnDScRBlJmoKo1eS1wBI11y7fIEy7N0lyd3H5JEa XriUB2xGHACc0ZTl7ufNsXE8vKgb7MVC4cRi8nZzdNj5tUlCe6P9G0o3x6kSooYGiMQv 8Y5vFGrwBtic1gRJ/vLAdzLd1LHlJHvuceKA47t/rEBU5PqrCMUFT+3dDjOdE5G5Q5L2 LHmg== X-Forwarded-Encrypted: i=1; AJvYcCVihqMktqjZooP5/d51FW5bBjQLZztAirGJG9IBNIA//VI0U7XDvixoc8r0UsVFHjP1xJaOodbFkD4=@lists.xenproject.org X-Gm-Message-State: AOJu0Yx2GnoS1VZSpKqjGNU2heT97kSacVL0buDUj8rfWiUG245ZL96d jVyxqVDiMEN3NyA2fRTG4f4qtbRtenpCz3Ir6f+SSEi0TNToMnbPkrLgtmk6s92KwyQuEw== X-Google-Smtp-Source: AGHT+IFA41+aY1vjA3qRLYDvZ5y36Ykxv072kp8hE6GaWoKZfJQ0OURO8Mgln/pCtspPyxRtv5RBaV37 X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:7b:198d:ac11:8138]) (user=ardb job=sendgmr) by 2002:a25:b2a5:0:b0:e20:1596:87b8 with SMTP id 3f1490d57ef6-e2604c96b81mr122133276.11.1727680537310; Mon, 30 Sep 2024 00:15:37 -0700 (PDT) Date: Mon, 30 Sep 2024 09:15:19 +0200 In-Reply-To: <20240930071513.909462-7-ardb+git@google.com> Mime-Version: 1.0 References: <20240930071513.909462-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=3514; i=ardb@kernel.org; h=from:subject; bh=egKJbcLb5hGkTqo8SwRF/Pu4TXJQbEy7JOjiJJa0ERg=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIe1XAEestNQGk6l50lmPs5eufzv/6Lmly76atGQ+v9Td+ ewGZyprRykLgxgHg6yYIovA7L/vdp6eKFXrPEsWZg4rE8gQBi5OAZiI/HmG/+4pHxsFSpvWz+3h OKl79PF2Vud3V+eaLVi24Y1424yTaUsYGXatXdDioZAscT/1TO/jQ6Gq9w1elZ7/7bfv2KxbgaU /y1gB X-Mailer: git-send-email 2.46.1.824.gd892dcdcdd-goog Message-ID: <20240930071513.909462-12-ardb+git@google.com> Subject: [PATCH v2 5/5] x86/pvh: Avoid absolute symbol references in .head.text From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: Ard Biesheuvel , Jason Andryuk , Juergen Gross , Boris Ostrovsky , x86@kernel.org, xen-devel@lists.xenproject.org From: Ard Biesheuvel The .head.text section contains code that may execute from a different address than it was linked at. This is fragile, given that the x86 ABI can refer to global symbols via absolute or relative references, and the toolchain assumes that these are interchangeable, which they are not in this particular case. For this reason, all absolute symbol references are being removed from code that is emitted into .head.text. Subsequently, build time validation may be added that ensures that no absolute ELF relocations exist at all in that ELF section. In the case of the PVH code, the absolute references are in 32-bit code, which gets emitted with R_X86_64_32 relocations, and these are even more problematic going forward, as it prevents running the linker in PIE mode. So update the 64-bit code to avoid _pa(), and to only rely on relative symbol references: these are always 32-bits wide, even in 64-bit code, and are resolved by the linker at build time. Reviewed-by: Jason Andryuk Tested-by: Jason Andryuk Signed-off-by: Ard Biesheuvel --- arch/x86/platform/pvh/head.S | 30 ++++++++++++-------- 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index 2b0d887e0872..cf89b2385c5a 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -6,7 +6,9 @@ .code32 .text +#ifdef CONFIG_X86_32 #define _pa(x) ((x) - __START_KERNEL_map) +#endif #define rva(x) ((x) - pvh_start_xen) #include @@ -72,8 +74,7 @@ SYM_CODE_START(pvh_start_xen) movl $0, %esp leal rva(gdt)(%ebp), %eax - leal rva(gdt_start)(%ebp), %ecx - movl %ecx, 2(%eax) + addl %eax, 2(%eax) lgdt (%eax) mov $PVH_DS_SEL,%eax @@ -103,10 +104,23 @@ SYM_CODE_START(pvh_start_xen) btsl $_EFER_LME, %eax wrmsr + /* + * Reuse the non-relocatable symbol emitted for the ELF note to + * subtract the build time physical address of pvh_start_xen() from + * its actual runtime address, without relying on absolute 32-bit ELF + * relocations, as these are not supported by the linker when running + * in -pie mode, and should be avoided in .head.text in general. + */ mov %ebp, %ebx - subl $_pa(pvh_start_xen), %ebx /* offset */ + subl rva(xen_elfnote_phys32_entry)(%ebp), %ebx jz .Lpagetable_done + /* + * Store the resulting load offset in phys_base. __pa() needs + * phys_base set to calculate the hypercall page in xen_pvh_init(). + */ + movl %ebx, rva(phys_base)(%ebp) + /* Fixup page-tables for relocation. */ leal rva(pvh_init_top_pgt)(%ebp), %edi movl $PTRS_PER_PGD, %ecx @@ -165,14 +179,6 @@ SYM_CODE_START(pvh_start_xen) xor %edx, %edx wrmsr - /* - * Calculate load offset and store in phys_base. __pa() needs - * phys_base set to calculate the hypercall page in xen_pvh_init(). - */ - movq %rbp, %rbx - subq $_pa(pvh_start_xen), %rbx - movq %rbx, phys_base(%rip) - /* Call xen_prepare_pvh() via the kernel virtual mapping */ leaq xen_prepare_pvh(%rip), %rax subq phys_base(%rip), %rax @@ -218,7 +224,7 @@ SYM_CODE_END(pvh_start_xen) .balign 8 SYM_DATA_START_LOCAL(gdt) .word gdt_end - gdt_start - 1 - .long _pa(gdt_start) /* x86-64 will overwrite if relocated. */ + .long gdt_start - gdt .word 0 SYM_DATA_END(gdt) SYM_DATA_START_LOCAL(gdt_start)