From c604abc3f6e3030f3a3022b184ed7d3780c34d30 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 21 Aug 2020 12:42:45 -0700 Subject: vmlinux.lds.h: Split ELF_DETAILS from STABS_DEBUG The .comment section doesn't belong in STABS_DEBUG. Split it out into a new macro named ELF_DETAILS. This will gain other non-debug sections that need to be accounted for when linking with --orphan-handling=warn. Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Cc: linux-arch@vger.kernel.org Link: https://lore.kernel.org/r/20200821194310.3089815-5-keescook@chromium.org --- arch/arm64/kernel/vmlinux.lds.S | 1 + 1 file changed, 1 insertion(+) (limited to 'arch/arm64') diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index ec8e894684a7..13fc2ec46aae 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -241,6 +241,7 @@ SECTIONS _end = .; STABS_DEBUG + ELF_DETAILS HEAD_SYMBOLS } -- cgit v1.2.3 From b4ca91027d8226ae423ce498f03f5b348cf84e36 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 21 Aug 2020 12:42:49 -0700 Subject: arm64/mm: Remove needless section quotes Fix a case of needless quotes in __section(), which Clang doesn't like. Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Reviewed-by: Nick Desaulniers Acked-by: Will Deacon Link: https://lore.kernel.org/r/20200821194310.3089815-9-keescook@chromium.org --- arch/arm64/mm/mmu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'arch/arm64') diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index 75df62fea1b6..e43c805b7b8c 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -43,7 +43,7 @@ u64 idmap_t0sz = TCR_T0SZ(VA_BITS); u64 idmap_ptrs_per_pgd = PTRS_PER_PGD; -u64 __section(".mmuoff.data.write") vabits_actual; +u64 __section(.mmuoff.data.write) vabits_actual; EXPORT_SYMBOL(vabits_actual); u64 kimage_voffset __ro_after_init; -- cgit v1.2.3 From 34b4a5c54c429d12bcc783a27650752237c49a36 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 21 Aug 2020 12:42:50 -0700 Subject: arm64/kernel: Remove needless Call Frame Information annotations Remove last instance of an .eh_frame section by removing the needless Call Frame Information annotations which were likely leftovers from 32-bit ARM. Suggested-by: Ard Biesheuvel Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Acked-by: Will Deacon Link: https://lore.kernel.org/r/20200821194310.3089815-10-keescook@chromium.org --- arch/arm64/kernel/smccc-call.S | 2 -- 1 file changed, 2 deletions(-) (limited to 'arch/arm64') diff --git a/arch/arm64/kernel/smccc-call.S b/arch/arm64/kernel/smccc-call.S index 1f93809528a4..d62447964ed9 100644 --- a/arch/arm64/kernel/smccc-call.S +++ b/arch/arm64/kernel/smccc-call.S @@ -9,7 +9,6 @@ #include .macro SMCCC instr - .cfi_startproc \instr #0 ldr x4, [sp] stp x0, x1, [x4, #ARM_SMCCC_RES_X0_OFFS] @@ -21,7 +20,6 @@ b.ne 1f str x6, [x4, ARM_SMCCC_QUIRK_STATE_OFFS] 1: ret - .cfi_endproc .endm /* -- cgit v1.2.3 From 6e0a66d10c5b629369afa47b753d0ec46fa812dd Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 21 Aug 2020 12:42:51 -0700 Subject: arm64/build: Remove .eh_frame* sections due to unwind tables Avoid .eh_frame* section generation by making sure both CFLAGS and AFLAGS contain -fno-asychronous-unwind-tables and -fno-unwind-tables. With all sources of .eh_frame now removed from the build, drop this DISCARD so we can be alerted in the future if it returns unexpectedly once orphan section warnings have been enabled. Suggested-by: Ard Biesheuvel Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Acked-by: Will Deacon Link: https://lore.kernel.org/r/20200821194310.3089815-11-keescook@chromium.org --- arch/arm64/Makefile | 5 ++++- arch/arm64/kernel/vmlinux.lds.S | 1 - 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'arch/arm64') diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index 55bc8546d9c7..6de7f551b821 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -47,13 +47,16 @@ endif KBUILD_CFLAGS += -mgeneral-regs-only \ $(compat_vdso) $(cc_has_k_constraint) -KBUILD_CFLAGS += -fno-asynchronous-unwind-tables KBUILD_CFLAGS += $(call cc-disable-warning, psabi) KBUILD_AFLAGS += $(compat_vdso) KBUILD_CFLAGS += $(call cc-option,-mabi=lp64) KBUILD_AFLAGS += $(call cc-option,-mabi=lp64) +# Avoid generating .eh_frame* sections. +KBUILD_CFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables +KBUILD_AFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables + ifeq ($(CONFIG_STACKPROTECTOR_PER_TASK),y) prepare: stack_protector_prepare stack_protector_prepare: prepare0 diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index 13fc2ec46aae..c2b8426bf4bd 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -94,7 +94,6 @@ SECTIONS *(.discard.*) *(.interp .dynamic) *(.dynsym .dynstr .hash .gnu.hash) - *(.eh_frame) } . = KIMAGE_VADDR + TEXT_OFFSET; -- cgit v1.2.3 From 2883352bf801d093a04f269800b48bb8aa2515fb Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 21 Aug 2020 12:42:52 -0700 Subject: arm64/build: Use common DISCARDS in linker script Use the common DISCARDS rule for the linker script in an effort to regularize the linker script to prepare for warning on orphaned sections. Additionally clean up left-over no-op macros. Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Acked-by: Will Deacon Link: https://lore.kernel.org/r/20200821194310.3089815-12-keescook@chromium.org --- arch/arm64/kernel/vmlinux.lds.S | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'arch/arm64') diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index c2b8426bf4bd..082e9efa2b43 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -6,6 +6,7 @@ */ #define RO_EXCEPTION_TABLE_ALIGN 8 +#define RUNTIME_DISCARD_EXIT #include #include @@ -88,10 +89,8 @@ SECTIONS * matching the same input section name. There is no documented * order of matching. */ + DISCARDS /DISCARD/ : { - EXIT_CALL - *(.discard) - *(.discard.*) *(.interp .dynamic) *(.dynsym .dynstr .hash .gnu.hash) } -- cgit v1.2.3 From 578d7f0fd6a5ec8a369a4537c664eb2c8374c134 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 21 Aug 2020 12:42:53 -0700 Subject: arm64/build: Add missing DWARF sections Explicitly include DWARF sections when they're present in the build. Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Cc: Catalin Marinas Cc: Will Deacon Link: https://lore.kernel.org/r/20200821194310.3089815-13-keescook@chromium.org --- arch/arm64/kernel/vmlinux.lds.S | 1 + 1 file changed, 1 insertion(+) (limited to 'arch/arm64') diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index 082e9efa2b43..16eb2ef806cd 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -239,6 +239,7 @@ SECTIONS _end = .; STABS_DEBUG + DWARF_DEBUG ELF_DETAILS HEAD_SYMBOLS -- cgit v1.2.3 From be2881824ae9eb92a35b094f734f9ca7339ddf6d Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 21 Aug 2020 12:42:54 -0700 Subject: arm64/build: Assert for unwanted sections In preparation for warning on orphan sections, discard unwanted non-zero-sized generated sections, and enforce other expected-to-be-zero-sized sections (since discarding them might hide problems with them suddenly gaining unexpected entries). Suggested-by: Ard Biesheuvel Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Cc: Catalin Marinas Cc: Will Deacon Link: https://lore.kernel.org/r/20200821194310.3089815-14-keescook@chromium.org --- arch/arm64/kernel/vmlinux.lds.S | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'arch/arm64') diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index 16eb2ef806cd..e8847ca6a945 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -121,6 +121,14 @@ SECTIONS *(.got) /* Global offset table */ } + /* + * Make sure that the .got.plt is either completely empty or it + * contains only the lazy dispatch entries. + */ + .got.plt : { *(.got.plt) } + ASSERT(SIZEOF(.got.plt) == 0 || SIZEOF(.got.plt) == 0x18, + "Unexpected GOT/PLT entries detected!") + . = ALIGN(SEGMENT_ALIGN); _etext = .; /* End of text section */ @@ -243,6 +251,18 @@ SECTIONS ELF_DETAILS HEAD_SYMBOLS + + /* + * Sections that should stay zero sized, which is safer to + * explicitly check instead of blindly discarding. + */ + .plt : { + *(.plt) *(.plt.*) *(.iplt) *(.igot) + } + ASSERT(SIZEOF(.plt) == 0, "Unexpected run-time procedure linkages detected!") + + .data.rel.ro : { *(.data.rel.ro) } + ASSERT(SIZEOF(.data.rel.ro) == 0, "Unexpected RELRO detected!") } #include "image-vars.h" -- cgit v1.2.3 From b3e5d80d0c48c0cc7bce56473672f4e6e1210910 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Tue, 1 Sep 2020 19:53:43 -0700 Subject: arm64/build: Warn on orphan section placement We don't want to depend on the linker's orphan section placement heuristics as these can vary between linkers, and may change between versions. All sections need to be explicitly handled in the linker script. With all sections now handled, enable orphan section warnings. Signed-off-by: Kees Cook Signed-off-by: Ingo Molnar Acked-by: Will Deacon Reviewed-by: Nick Desaulniers Link: https://lore.kernel.org/r/20200902025347.2504702-2-keescook@chromium.org --- arch/arm64/Makefile | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'arch/arm64') diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index 6de7f551b821..081144fcc3da 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -29,6 +29,10 @@ LDFLAGS_vmlinux += --fix-cortex-a53-843419 endif endif +# We never want expected sections to be placed heuristically by the +# linker. All sections should be explicitly named in the linker script. +LDFLAGS_vmlinux += $(call ld-option, --orphan-handling=warn) + ifeq ($(CONFIG_ARM64_USE_LSE_ATOMICS), y) ifneq ($(CONFIG_ARM64_LSE_ATOMICS), y) $(warning LSE atomics not supported by binutils) -- cgit v1.2.3