From patchwork Tue Mar 14 10:13:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Evgeniy Baskov X-Patchwork-Id: 13173979 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4397C74A44 for ; Tue, 14 Mar 2023 10:15:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229854AbjCNKPy (ORCPT ); Tue, 14 Mar 2023 06:15:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39076 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229797AbjCNKPx (ORCPT ); Tue, 14 Mar 2023 06:15:53 -0400 Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74C639AFE6; Tue, 14 Mar 2023 03:15:14 -0700 (PDT) Received: from localhost.localdomain (unknown [83.149.199.65]) by mail.ispras.ru (Postfix) with ESMTPSA id 9A36740755C6; Tue, 14 Mar 2023 10:14:00 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ispras.ru 9A36740755C6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ispras.ru; s=default; t=1678788840; bh=J5zJSuuCzj+1C39z27zh+o9bfA57PDh8/CXoZdGgyyU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bZQowxWT7U+/gNyV66AeYgrHbuevv0qUoJikCUi0iBw2hO3m3mzHYKRw4xrYZhOn3 yYznLBK481C3v9vNbtgGhKz46WcBd2mJdRi+4kQMkebhtK/Kb7ogwR061COdNJqPWY HCkDJkjGMp0phuVuhYI146H/uvO+ZQ0fpejPM9eU= From: Evgeniy Baskov To: Ard Biesheuvel Cc: Evgeniy Baskov , Borislav Petkov , Andy Lutomirski , Dave Hansen , Ingo Molnar , Peter Zijlstra , Thomas Gleixner , Alexey Khoroshilov , Peter Jones , Gerd Hoffmann , "Limonciello, Mario" , joeyli , lvc-project@linuxtesting.org, x86@kernel.org, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [PATCH v5 01/27] x86/boot: Align vmlinuz sections on page size Date: Tue, 14 Mar 2023 13:13:28 +0300 Message-Id: <159597c484778da5e59c3a5728669f131f800b5a.1678785672.git.baskov@ispras.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org To protect sections on page table level each section needs to be aligned on page size (4KB). Set sections alignment in linker script for the kernel decompressor (boot/compressed/vmlinux.lds.S). Also introduce symbols that can be used to reference compressed kernel blob section later in the later patches. Tested-by: Mario Limonciello Signed-off-by: Evgeniy Baskov --- arch/x86/boot/compressed/vmlinux.lds.S | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compressed/vmlinux.lds.S index b22f34b8684a..a5015b958085 100644 --- a/arch/x86/boot/compressed/vmlinux.lds.S +++ b/arch/x86/boot/compressed/vmlinux.lds.S @@ -27,31 +27,32 @@ SECTIONS HEAD_TEXT _ehead = . ; } - .rodata..compressed : { + .rodata..compressed : ALIGN(PAGE_SIZE) { + _compressed = .; *(.rodata..compressed) + _ecompressed = .; } - .text : { + .text : ALIGN(PAGE_SIZE) { _text = .; /* Text */ *(.text) *(.text.*) *(.noinstr.text) _etext = . ; } - .rodata : { + .rodata : ALIGN(PAGE_SIZE) { _rodata = . ; *(.rodata) /* read-only data */ *(.rodata.*) _erodata = . ; } - .data : { + .data : ALIGN(PAGE_SIZE) { _data = . ; *(.data) *(.data.*) *(.bss.efistub) _edata = . ; } - . = ALIGN(L1_CACHE_BYTES); - .bss : { + .bss : ALIGN(L1_CACHE_BYTES) { _bss = . ; *(.bss) *(.bss.*) @@ -60,8 +61,7 @@ SECTIONS _ebss = .; } #ifdef CONFIG_X86_64 - . = ALIGN(PAGE_SIZE); - .pgtable : { + .pgtable : ALIGN(PAGE_SIZE) { _pgtable = . ; *(.pgtable) _epgtable = . ;