From patchwork Thu Jul 7 10:00:53 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Russell King (Oracle)" X-Patchwork-Id: 9218743 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5C83C60574 for ; Thu, 7 Jul 2016 10:03:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4EC7328816 for ; Thu, 7 Jul 2016 10:03:01 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 437622881A; Thu, 7 Jul 2016 10:03:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.9]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 1DE9028816 for ; Thu, 7 Jul 2016 10:03:00 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.85_2 #1 (Red Hat Linux)) id 1bL67k-0006Cq-OJ; Thu, 07 Jul 2016 10:01:36 +0000 Received: from pandora.armlinux.org.uk ([2001:4d48:ad52:3201:214:fdff:fe10:1be6]) by bombadil.infradead.org with esmtps (Exim 4.85_2 #1 (Red Hat Linux)) id 1bL67h-0005xj-2U for linux-arm-kernel@lists.infradead.org; Thu, 07 Jul 2016 10:01:34 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2014; h=Sender:In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=b4+P7NS+VORi2mF0bjvQ2PvR45D6jN9oemxFSfcZdnM=; b=iz1KK5R/IJFwRMZEBscX+8En1savRuwwSHUiBcPQpP7biv4EOthfJ8VRZ52s36906mca2fLel5J9fxEskHi3fldpciIg6t/gHm7TaE+m33iWB2QV/wTnr2aCIJesOltfjSMQtmG328zbi3cJ1Qqv1UJLFMnQ0W1BYqeeMa6sIFo=; Received: from n2100.armlinux.org.uk ([2001:4d48:ad52:3201:214:fdff:fe10:4f86]:38029) by pandora.armlinux.org.uk with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1bL676-0001NE-LY; Thu, 07 Jul 2016 11:00:56 +0100 Received: from linux by n2100.armlinux.org.uk with local (Exim 4.76) (envelope-from ) id 1bL673-0006i5-Ln; Thu, 07 Jul 2016 11:00:53 +0100 Date: Thu, 7 Jul 2016 11:00:53 +0100 From: Russell King - ARM Linux To: Kees Cook Subject: Re: kexec failures with DEBUG_RODATA Message-ID: <20160707100053.GN1041@n2100.armlinux.org.uk> References: <20160614175920.GD1041@n2100.armlinux.org.uk> <20160615211359.GJ1041@n2100.armlinux.org.uk> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20160615211359.GJ1041@n2100.armlinux.org.uk> User-Agent: Mutt/1.5.23 (2014-03-12) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160707_030133_645997_C6CF6997 X-CRM114-Status: GOOD ( 22.98 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Pratyush Anand , Simon Horman , Kexec Mailing List , Baoquan He , "linux-arm-kernel@lists.infradead.org" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP On Wed, Jun 15, 2016 at 10:13:59PM +0100, Russell King - ARM Linux wrote: > On Tue, Jun 14, 2016 at 11:05:23AM -0700, Kees Cook wrote: > > I'm much less familiar with the ARM decompression stub, but is there a > > boot image header (like x86 has)? If not, perhaps we can invent one, > > and it can carry all the details needed for a bootloader to do the > > right things. > > With a bit of tinkering around, I now have this: > > 00000000 <.data>: > 0: e1a00000 nop ; (mov r0, r0) > 4: e1a00000 nop ; (mov r0, r0) > 8: e1a00000 nop ; (mov r0, r0) > c: e1a00000 nop ; (mov r0, r0) > 10: e1a00000 nop ; (mov r0, r0) > 14: e1a00000 nop ; (mov r0, r0) > 18: e1a00000 nop ; (mov r0, r0) > 1c: e1a00000 nop ; (mov r0, r0) > 20: ea00000f b 0x64 > > Then follows the existing "header" which we've had there for years: > > 24: 016f2818 ; LE magic number > 28: 00000000 ; LE zImage start address (always zero now) > 2c: 00431fe0 ; LE zImage _edata > 30: 04030201 ; endian flag > > And now comes the new header: > > 34: 016f2818 ; LE magic number > 38: 00000001 ; LE version number (v1) > 3c: 01287000 ; LE total space required for decompressor > 40: 00e54000 ; LE uncompressed image size > > Up to 64 bytes available here for future expansion, currently filled > with zeros. > ... > > Remainder of the zImage code: > 64: e10f9000 mrs r9, CPSR Looking at this again, this can't work for another _two_ reasons: 1. Thumb2 kernels - we rely on a relative address to jump to for the remainder of the zImage code, using an "adr" instruction. The offset needs to be known at assembly time, but with my approach of moving the header into the linker script, this is no longer the case. 2. EFI images need the header offset at 0x3c, which gets in the way of us appending to our existing header. So... I don't think we can solve it this way, and I'm all out of ideas how to solve this in a sane manner - I'm currently of the opinion that it _isn't_ solvable given where we are without defining a new format for a zImage, which is really quite depressing. I think people are just going to have to get used to using --image-size to kexec on ARM to work around this problem. So, let's document it in kexec's --help - though this could do with something better, but I fear it'll turn into a multi-line description of the option: kexec/arch/arm/kexec-zImage-arm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kexec/arch/arm/kexec-zImage-arm.c b/kexec/arch/arm/kexec-zImage-arm.c index 9400d1f4..45c587c2 100644 --- a/kexec/arch/arm/kexec-zImage-arm.c +++ b/kexec/arch/arm/kexec-zImage-arm.c @@ -122,6 +122,8 @@ void zImage_arm_usage(void) " --initrd=FILE Use FILE as the kernel's initial ramdisk.\n" " --ramdisk=FILE Use FILE as the kernel's initial ramdisk.\n" " --dtb=FILE Use FILE as the fdt blob.\n" + " --image-size=IMAGE_SIZE\n" + " Reserve IMAGE_SIZE between kernel and initrd.\n" " --atags Use ATAGs instead of device-tree.\n" " --page-offset=PAGE_OFFSET\n" " Set PAGE_OFFSET of crash dump vmcore\n"