From patchwork Wed Jun 15 21:13:59 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Russell King (Oracle)" X-Patchwork-Id: 9179533 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 709A76075D for ; Wed, 15 Jun 2016 21:16:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5DB4326CFB for ; Wed, 15 Jun 2016 21:16:08 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5160B27248; Wed, 15 Jun 2016 21:16:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.9]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id A386226CFB for ; Wed, 15 Jun 2016 21:16:07 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1bDI92-0006rg-HL; Wed, 15 Jun 2016 21:14:40 +0000 Received: from pandora.armlinux.org.uk ([2001:4d48:ad52:3201:214:fdff:fe10:1be6]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1bDI8y-0006Tk-8t for linux-arm-kernel@lists.infradead.org; Wed, 15 Jun 2016 21:14:38 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2014; h=Sender:In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=THup/idtfp7A2AzN7X9hSU0uDQsDh9CdMaHUovdJeh4=; b=mggKaSscl6q8sMaKRYXGSN2dQtNArYSsjC100N6otm3YKBwJQXkOesGUHPCY+r3a18J7vzmv0kpyltH8EysKnymHh+XIXk1c3TlfTaaBqCci3luksWFYgw6yEyCofa69Pc8TqruU9yUdSL112LjQJkKkAFIbOFfFtKlprSfWLak=; Received: from n2100.armlinux.org.uk ([fd8f:7570:feb6:1:214:fdff:fe10:4f86]:33289) by pandora.armlinux.org.uk with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1bDI8T-0003lH-40; Wed, 15 Jun 2016 22:14:05 +0100 Received: from linux by n2100.armlinux.org.uk with local (Exim 4.76) (envelope-from ) id 1bDI8N-0004C4-MU; Wed, 15 Jun 2016 22:13:59 +0100 Date: Wed, 15 Jun 2016 22:13:59 +0100 From: Russell King - ARM Linux To: Kees Cook Subject: Re: kexec failures with DEBUG_RODATA Message-ID: <20160615211359.GJ1041@n2100.armlinux.org.uk> References: <20160614175920.GD1041@n2100.armlinux.org.uk> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160615_141436_962869_46627513 X-CRM114-Status: GOOD ( 20.33 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Pratyush Anand , Simon Horman , Kexec Mailing List , "linux-arm-kernel@lists.infradead.org" , Baoquan He Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP On Tue, Jun 14, 2016 at 11:05:23AM -0700, Kees Cook wrote: > I'm much less familiar with the ARM decompression stub, but is there a > boot image header (like x86 has)? If not, perhaps we can invent one, > and it can carry all the details needed for a bootloader to do the > right things. With a bit of tinkering around, I now have this: 00000000 <.data>: 0: e1a00000 nop ; (mov r0, r0) 4: e1a00000 nop ; (mov r0, r0) 8: e1a00000 nop ; (mov r0, r0) c: e1a00000 nop ; (mov r0, r0) 10: e1a00000 nop ; (mov r0, r0) 14: e1a00000 nop ; (mov r0, r0) 18: e1a00000 nop ; (mov r0, r0) 1c: e1a00000 nop ; (mov r0, r0) 20: ea00000f b 0x64 Then follows the existing "header" which we've had there for years: 24: 016f2818 ; LE magic number 28: 00000000 ; LE zImage start address (always zero now) 2c: 00431fe0 ; LE zImage _edata 30: 04030201 ; endian flag And now comes the new header: 34: 016f2818 ; LE magic number 38: 00000001 ; LE version number (v1) 3c: 01287000 ; LE total space required for decompressor 40: 00e54000 ; LE uncompressed image size Up to 64 bytes available here for future expansion, currently filled with zeros. ... Remainder of the zImage code: 64: e10f9000 mrs r9, CPSR I'm rather on the fence whether we need to give the uncompressed image size - the important thing is the size of memory that's required for the decompressor to run, which is sizeof(uncompressed kernel) rounded up to 256 bytes, and the relocated decompressor image size. The "total space required for decompressor" is slightly cheating at the figure - I'm including the uncompressed image rounded up and the entire compressed image in that size, so it's a safe over-estimate. I'm not sure there's a need to provide the uncompressed image size, the boot environment shouldn't have a reason to know that, so I'm tempted to omit it. We could dispense with the endian conversions, and push the responsibility for interpreting that onto the reader of this data: we have the endian flag in the existing header block, so the boot environment can work out the endianness of the image and apply fixups as appropriate. Why generate this in the linker script? We need the size of the zImage here, which is only known to the linker. diff --git a/arch/arm/boot/compressed/Makefile b/arch/arm/boot/compressed/Makefile index d50430c40045..1d5467e05250 100644 --- a/arch/arm/boot/compressed/Makefile +++ b/arch/arm/boot/compressed/Makefile @@ -119,6 +119,10 @@ asflags-y := -DZIMAGE KBSS_SZ = $(shell $(CROSS_COMPILE)size $(obj)/../../../../vmlinux | \ awk 'END{print $$3}') LDFLAGS_vmlinux = --defsym _kernel_bss_size=$(KBSS_SZ) + +KERNEL_IMAGE_SIZE = $(shell stat -c '%s' $(obj)/../Image) +LDFLAGS_vmlinux += --defsym _kernel_image_size=$(KERNEL_IMAGE_SIZE) + # Supply ZRELADDR to the decompressor via a linker symbol. ifneq ($(CONFIG_AUTO_ZRELADDR),y) LDFLAGS_vmlinux += --defsym zreladdr=$(ZRELADDR) diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S index e2e0dcb42ca2..395c60dcc4f7 100644 --- a/arch/arm/boot/compressed/head.S +++ b/arch/arm/boot/compressed/head.S @@ -131,11 +131,7 @@ start: THUMB( badr r12, 1f ) THUMB( bx r12 ) - .word _magic_sig @ Magic numbers to help the loader - .word _magic_start @ absolute load/run zImage address - .word _magic_end @ zImage end address - .word 0x04030201 @ endianness flag - + .section ".start2", #alloc, #execinstr THUMB( .thumb ) 1: __EFI_HEADER diff --git a/arch/arm/boot/compressed/vmlinux.lds.S b/arch/arm/boot/compressed/vmlinux.lds.S index 81c493156ce8..77267724ec8a 100644 --- a/arch/arm/boot/compressed/vmlinux.lds.S +++ b/arch/arm/boot/compressed/vmlinux.lds.S @@ -37,6 +37,19 @@ SECTIONS .text : { _start = .; *(.start) + _header = .; + LONG(ZIMAGE_MAGIC(0x016f2818)); /* Magic numbers to help the loader */ + LONG(ZIMAGE_MAGIC(_start)); /* absolute load/run zImage address */ + LONG(ZIMAGE_MAGIC(_edata)); /* zImage end address */ + LONG(0x04030201); /* Endianness flag */ + LONG(ZIMAGE_MAGIC(0x016f2818)); /* Further header indicator */ + LONG(ZIMAGE_MAGIC(1)); /* Version 1 */ + LONG(ZIMAGE_MAGIC(((_kernel_image_size + 255) & ~ 255) + \ + _edata - _text + _end_stack - __bss_start)); + LONG(ZIMAGE_MAGIC(_kernel_image_size)); + /* Reserve 64 bytes for the header block */ + . = _header + 64; + *(.start2) *(.text) *(.text.*) *(.fixup) @@ -72,10 +85,6 @@ SECTIONS .pad : { BYTE(0); . = ALIGN(8); } _edata = .; - _magic_sig = ZIMAGE_MAGIC(0x016f2818); - _magic_start = ZIMAGE_MAGIC(_start); - _magic_end = ZIMAGE_MAGIC(_edata); - . = BSS_START; __bss_start = .; .bss : { *(.bss) } @@ -83,6 +92,7 @@ SECTIONS . = ALIGN(8); /* the stack must be 64-bit aligned */ .stack : { *(.stack) } + _end_stack = .; .stab 0 : { *(.stab) } .stabstr 0 : { *(.stabstr) }