From patchwork Wed Apr 15 22:15:16 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arvind Sankar <nivedita@alum.mit.edu>
X-Patchwork-Id: 11492073
Return-Path: 
 <SRS0=QGSk=57=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E8B6E912
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:15:38 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id AD862206E9
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:15:38 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="bRZq+RCi"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AD862206E9
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=alum.mit.edu
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=yvip+Cta8dY0VIaKe3lY4jpdnjCYF8F0oLwdci/78tM=; b=bRZq+RCiZYcWAR
	SjbiLdMA2q/WueWKd0+TS1XKHgzfniYzUiZo4A2z/xWc2dbi0HbyaV58I3bph15kJKcKhSIrjQJZM
	AtrFLQbJzr9rOdW0PZ/YJRLuLvcp/abb0lPGryqgn0a+V/VrZR12U8C2Tu/fVyAIQOzOnoMQawfgF
	jdV/e8MOJe1XtClw1k+sgy5cwVFLgAyALVnI/A0F1WNCt2RdbgG8q1wmbFbXWUyp5SwtWRLXF9TOA
	p8zkX+BwYSxDRkJOrpGAossHZQSlwY54Y7QvD7tlG7u6C/PlIsSt4NXY8rnq9ZbOH5RBVDR5vMLW1
	crtSH68R5JB3hsHcmLkA==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1jOqJi-0006nW-0p; Wed, 15 Apr 2020 22:15:34 +0000
Received: from mail-qt1-f196.google.com ([209.85.160.196])
 by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1jOqJX-0006eN-Em
 for linux-arm-kernel@lists.infradead.org; Wed, 15 Apr 2020 22:15:24 +0000
Received: by mail-qt1-f196.google.com with SMTP id c16so9102304qtv.1
 for <linux-arm-kernel@lists.infradead.org>;
 Wed, 15 Apr 2020 15:15:23 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=Q+WCTPxC8MtmwIEzjkAHtcw6Iyj7SzDEM2KrEeYU91g=;
 b=kTLcj28XuaPYeeFt/CIL5u0oe82IbsOn5LqQt9KJB6SIC2z/J/AtpZcTubrvJGnB+S
 6Gi5W9VVBZCiiGdxioR2dho5VWD3V5zWEgtIHmjIQ52k1re8Swh8ijFVBv+iGBwvKgUg
 dH2cpE9Y3gxwi5GwiYECM8ieisV0UPWhqnRdnJoIXQQ9BlAkmrQmIDyyEgWUbItDLBZg
 e0Gp+9ac/A9xmkR8Ji+aR4V52sOYlv5U3QlqybqEMW5BjMX0CfKGKCn54jAvLTX5MeA3
 ZGy7HgnfIGzya4XRIGGqYHQiYlYvHzJ9/Xur6Bs7esAfH5VXoAAAqLzLV2YR/Dme0Ula
 ICiQ==
X-Gm-Message-State: AGi0PuYw9lfU4I6w2HIrX0Mfuise8aH2UixHN7x8DGz6Icu8JNCU00tk
 kYV0gitaSML9GaNhQvi4Tco=
X-Google-Smtp-Source: 
 APiQypI8NnA5drqCjYaPuU0fFArVOFnxNmup6jrUOtP8oL8Xl04Ged6VBA6oue2ewi1z/QUYLxzymQ==
X-Received: by 2002:ac8:2272:: with SMTP id
 p47mr18126911qtp.297.1586988922280;
 Wed, 15 Apr 2020 15:15:22 -0700 (PDT)
Received: from rani.riverdale.lan ([2001:470:1f07:5f3::b55f])
 by smtp.gmail.com with ESMTPSA id i20sm13264340qkl.135.2020.04.15.15.15.21
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 15 Apr 2020 15:15:21 -0700 (PDT)
From: Arvind Sankar <nivedita@alum.mit.edu>
To: Ard Biesheuvel <ardb@kernel.org>
Subject: [PATCH 1/5] efi/arm: Remove __efistub_global annotation
Date: Wed, 15 Apr 2020 18:15:16 -0400
Message-Id: <20200415221520.2692512-2-nivedita@alum.mit.edu>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200415221520.2692512-1-nivedita@alum.mit.edu>
References: <20200415221520.2692512-1-nivedita@alum.mit.edu>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200415_151523_495558_CC41B668 
X-CRM114-Status: GOOD (  12.88  )
X-Spam-Score: 0.8 (/)
X-Spam-Report: SpamAssassin version 3.4.4 on bombadil.infradead.org summary:
 Content analysis details:   (0.8 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.160.196 listed in list.dnswl.org]
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [209.85.160.196 listed in wl.mailspike.net]
 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
 in digit [niveditas98[at]gmail.com]
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
 mail domains are different
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [niveditas98[at]gmail.com]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
 EnvelopeFrom freemail headers are different
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: linux-efi@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,
 Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
 Thomas Gleixner <tglx@linutronix.de>, linux-arm-kernel@lists.infradead.org
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

Instead of using __efistub_global to force variables into the .data
section, leave them in the .bss but pull the EFI stub's .bss section
into .data in the linker script for the compressed kernel.

Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm/boot/compressed/vmlinux.lds.S | 2 +-
 drivers/firmware/efi/libstub/Makefile  | 7 ++++---
 drivers/firmware/efi/libstub/efistub.h | 2 +-
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/arch/arm/boot/compressed/vmlinux.lds.S b/arch/arm/boot/compressed/vmlinux.lds.S
index b247f399de71..b6793c7932a9 100644
--- a/arch/arm/boot/compressed/vmlinux.lds.S
+++ b/arch/arm/boot/compressed/vmlinux.lds.S
@@ -78,7 +78,7 @@ SECTIONS
      * The EFI stub always executes from RAM, and runs strictly before the
      * decompressor, so we can make an exception for its r/w data, and keep it
      */
-    *(.data.efistub)
+    *(.data.efistub .bss.efistub)
     __pecoff_data_end = .;
 
     /*
diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index 094eabdecfe6..45ffe0822df1 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -100,8 +100,9 @@ quiet_cmd_stubcopy = STUBCPY $@
 
 #
 # ARM discards the .data section because it disallows r/w data in the
-# decompressor. So move our .data to .data.efistub, which is preserved
-# explicitly by the decompressor linker script.
+# decompressor. So move our .data to .data.efistub and .bss to .bss.efistub,
+# which are preserved explicitly by the decompressor linker script.
 #
-STUBCOPY_FLAGS-$(CONFIG_ARM)	+= --rename-section .data=.data.efistub
+STUBCOPY_FLAGS-$(CONFIG_ARM)	+= --rename-section .data=.data.efistub	\
+				   --rename-section .bss=.bss.efistub,load,alloc
 STUBCOPY_RELOC-$(CONFIG_ARM)	:= R_ARM_ABS
diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index bd0b86b63936..a92d42ffd9f7 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -25,7 +25,7 @@
 #define EFI_ALLOC_ALIGN		EFI_PAGE_SIZE
 #endif
 
-#if defined(CONFIG_ARM) || defined(CONFIG_X86)
+#if defined(CONFIG_X86)
 #define __efistub_global	__section(.data)
 #else
 #define __efistub_global

From patchwork Wed Apr 15 22:15:17 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arvind Sankar <nivedita@alum.mit.edu>
X-Patchwork-Id: 11492075
Return-Path: 
 <SRS0=QGSk=57=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9086C912
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:16:05 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 6E9E6206E9
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:16:05 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="ui1084Bn"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6E9E6206E9
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=alum.mit.edu
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=XTs6D6Z2CbtemRRpqcJyHGoElMpDXmp028Inrr8BFJc=; b=ui1084Bns6sJUS
	FnbK1H98cvLp11E8qqAIyB7rrCn1U6Wr+qNdobZ2Cvo5V2eAn+Wko2ZY67ax6ebLfQDTh00LaqOgA
	l2AOWTYr4P+mPu1tB7m782vLnLrRdG3t4YAUDVR6TDKMRnmRiwsFbbP7tsoa+VZIPFhYdo0uhj7s0
	W600v3q/kBno69YjoKplm/sOc6HbsaKczhsw4QxgWbAmYDNxivW+yDXOJJLP8KGvKTRrQg3OVfJ0Y
	YyaDf1YuQG64iPCZGJqOxcUAsDe/hp49La4ZG3fR57kWHVFIZEuymrH1Dj1TkfzWdMtqrtj+qaVwN
	+ld2bM8RO1Waevgb1F8A==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1jOqK6-0007DM-8B; Wed, 15 Apr 2020 22:15:58 +0000
Received: from mail-qt1-f194.google.com ([209.85.160.194])
 by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1jOqJY-0006eo-Ar
 for linux-arm-kernel@lists.infradead.org; Wed, 15 Apr 2020 22:15:26 +0000
Received: by mail-qt1-f194.google.com with SMTP id q17so14565131qtp.4
 for <linux-arm-kernel@lists.infradead.org>;
 Wed, 15 Apr 2020 15:15:24 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=GU2OawWL1bidpPge0CUGIGiauoJ+t/PQ9Hui01IaJ3w=;
 b=rroUX/KTh7nPOEEePdOBpwO4n+tW8MArNJlrSc+HxaeZwug+TjGpTWN4jXcl5WObEU
 1PpjJi0DN0XRlWvSL3+/82TD6ZFriNF7Ldzgaxf0amZmeDlJqcj8RFhxtEHy9wk9wq1w
 SgZf2NJGGZhl6bSsJ3cEFiLOyD+14iGIEhXNxPRENClDm1ODgxvLDdbqYSr+zPjxesVw
 IuPb7+usTmJbH9PuLoIKFWLDeH3xZyWxQIw8B/zAk3TRKTgcXq7qVPuuj+3Z63ZNdQhe
 HhKix7zcuLwYLyX+2qMZenBUedPBbvFz4PqKKFU2GJIlp8V1ex1inWW4v9GT1C/KAe+a
 +eHQ==
X-Gm-Message-State: AGi0PuZgqXcw8iCvr6XLXSstHXRVux5oC/noWCM/IGCQxINTKLu5ULYz
 EgtLsQI1YAJ/edSE4c/d1Pg=
X-Google-Smtp-Source: 
 APiQypKKO+yiB7+uIjFNaUTWvJHYnvI37H4MMGwRwlMBGopSX4oyJgU87IbKYTyH9OfqIIaavzt8zA==
X-Received: by 2002:ac8:7498:: with SMTP id v24mr22500450qtq.32.1586988923198;
 Wed, 15 Apr 2020 15:15:23 -0700 (PDT)
Received: from rani.riverdale.lan ([2001:470:1f07:5f3::b55f])
 by smtp.gmail.com with ESMTPSA id i20sm13264340qkl.135.2020.04.15.15.15.22
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 15 Apr 2020 15:15:22 -0700 (PDT)
From: Arvind Sankar <nivedita@alum.mit.edu>
To: Ard Biesheuvel <ardb@kernel.org>
Subject: [PATCH 2/5] efi/libstub: Factor out relocation checking
Date: Wed, 15 Apr 2020 18:15:17 -0400
Message-Id: <20200415221520.2692512-3-nivedita@alum.mit.edu>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200415221520.2692512-1-nivedita@alum.mit.edu>
References: <20200415221520.2692512-1-nivedita@alum.mit.edu>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200415_151524_369217_3740A4FE 
X-CRM114-Status: GOOD (  11.24  )
X-Spam-Score: 0.8 (/)
X-Spam-Report: SpamAssassin version 3.4.4 on bombadil.infradead.org summary:
 Content analysis details:   (0.8 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.160.194 listed in list.dnswl.org]
 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
 in digit [niveditas98[at]gmail.com]
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
 mail domains are different
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [niveditas98[at]gmail.com]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [209.85.160.194 listed in wl.mailspike.net]
 0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
 EnvelopeFrom freemail headers are different
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: linux-efi@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,
 Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
 Thomas Gleixner <tglx@linutronix.de>, linux-arm-kernel@lists.infradead.org
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

In preparation for using STUBCOPY for x86 as well, which doesn't require
relocation checking, move the checking code into its own variable so it
can be left out for x86.

Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
---
 drivers/firmware/efi/libstub/Makefile | 30 ++++++++++++++++-----------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index 45ffe0822df1..e5e76677f2da 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -80,6 +80,15 @@ STUBCOPY_FLAGS-$(CONFIG_ARM64)	+= --prefix-alloc-sections=.init \
 				   --prefix-symbols=__efistub_
 STUBCOPY_RELOC-$(CONFIG_ARM64)	:= R_AARCH64_ABS
 
+#
+# ARM discards the .data section because it disallows r/w data in the
+# decompressor. So move our .data to .data.efistub and .bss to .bss.efistub,
+# which are preserved explicitly by the decompressor linker script.
+#
+STUBCOPY_FLAGS-$(CONFIG_ARM)	+= --rename-section .data=.data.efistub	\
+				   --rename-section .bss=.bss.efistub,load,alloc
+STUBCOPY_RELOC-$(CONFIG_ARM)	:= R_ARM_ABS
+
 $(obj)/%.stub.o: $(obj)/%.o FORCE
 	$(call if_changed,stubcopy)
 
@@ -89,20 +98,17 @@ $(obj)/%.stub.o: $(obj)/%.o FORCE
 # such relocations. If none are found, regenerate the output object, but
 # this time, use objcopy and leave all sections in place.
 #
-quiet_cmd_stubcopy = STUBCPY $@
-      cmd_stubcopy =							\
+
+cmd_stubrelocs_check-y = /bin/true
+
+cmd_stubrelocs_check-$(CONFIG_EFI_ARMSTUB) =				\
 	$(STRIP) --strip-debug -o $@ $<;				\
 	if $(OBJDUMP) -r $@ | grep $(STUBCOPY_RELOC-y); then		\
 		echo "$@: absolute symbol references not allowed in the EFI stub" >&2; \
 		/bin/false;						\
-	fi;								\
-	$(OBJCOPY) $(STUBCOPY_FLAGS-y) $< $@
+	fi
 
-#
-# ARM discards the .data section because it disallows r/w data in the
-# decompressor. So move our .data to .data.efistub and .bss to .bss.efistub,
-# which are preserved explicitly by the decompressor linker script.
-#
-STUBCOPY_FLAGS-$(CONFIG_ARM)	+= --rename-section .data=.data.efistub	\
-				   --rename-section .bss=.bss.efistub,load,alloc
-STUBCOPY_RELOC-$(CONFIG_ARM)	:= R_ARM_ABS
+quiet_cmd_stubcopy = STUBCPY $@
+      cmd_stubcopy =							\
+	$(cmd_stubrelocs_check-y);					\
+	$(OBJCOPY) $(STUBCOPY_FLAGS-y) $< $@

From patchwork Wed Apr 15 22:15:18 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arvind Sankar <nivedita@alum.mit.edu>
X-Patchwork-Id: 11492077
Return-Path: 
 <SRS0=QGSk=57=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 168E2912
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:16:17 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id E8AC3206E9
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:16:16 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="ZkKFGjl9"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E8AC3206E9
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=alum.mit.edu
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=efiOOyG4rc1Vvjjg1WXteOpeFYgRK2717oipeB6pM0c=; b=ZkKFGjl9+n0ive
	1l3Mrta+5fXj0y8xI1bZJkzWCIP9Y2aDoL6acm1CjV0DTRtih24hEqp1S4hDxaKUeMdARbyw2mkXa
	j/G3EKqq9LlkqJ56CDJQ4SoxdLWZCODk/DaR+r6kURkVnJl2u3qtyTjkVTuKaMSfh8mooxaTyCB4A
	g4hbDVEA7KrFaCv5GNtRO/JKGeAHqktyVAeY/oppe3yl7xP8MeLz4RvMqmI5QO1C50EUZGgChP6fQ
	YUN5HbD7PqZKFS7Wg1Y/CxkZDRlTTQUbc+kvBAeN06zpa+JexCSkKsU/o+RJ9O/q2PC5A93jWAlQ1
	kYIumazVFMngAsiBw7iQ==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1jOqKL-0007SX-9r; Wed, 15 Apr 2020 22:16:13 +0000
Received: from mail-qt1-f194.google.com ([209.85.160.194])
 by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1jOqJZ-0006f5-1d
 for linux-arm-kernel@lists.infradead.org; Wed, 15 Apr 2020 22:15:26 +0000
Received: by mail-qt1-f194.google.com with SMTP id c16so9102390qtv.1
 for <linux-arm-kernel@lists.infradead.org>;
 Wed, 15 Apr 2020 15:15:24 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=/884Y4S8L6kS/iSrGalw7uxiGyhKVKiR3Ww6KT2GqZU=;
 b=i0Z3KZev4uHSYvMjKBFMBKHqBwedl3AfHN7HS1FtGKgcrviTZ8xC+SrVUJVVgsV82o
 Cpi9jIXwuNNUTa2qEvC3C7WG2rYdv/u+stShBuHFz6+wAnCtT9YGO04cvIMNAR5iNVXc
 3VIdwgEnAY6/GvQcUQZntSF+JnejUUxBVpzXq01JMd7T/FWMZ9476MWcPLmyLzy2HGgJ
 OVe0Ea9GknSYW2g47DdLMEMrSuwC6i/20xllDTInLPBe7YpSlIVY3tkgg3c2bQCmkFCe
 PECoqSB9qm2kEAo45JhClyJhmfDjM1QH9wHVfSBbsWNdv1qPaFsmxVXQdz2IKlwgDJ2Z
 gtpA==
X-Gm-Message-State: AGi0PublvJXW9j5WHY74NsETzpzW6hBOELW0NyXmzL9K8y11xoeunum6
 KT4fkFV2jExH6KCfGoMXumQ=
X-Google-Smtp-Source: 
 APiQypJlrUQQ2en4qUdzPOfXDNxDRWtBRRylqygI8Tcxmp3E2gsu+n70rOWANLLUxOh7H3FryRVBlg==
X-Received: by 2002:ac8:7309:: with SMTP id x9mr21688226qto.68.1586988924230;
 Wed, 15 Apr 2020 15:15:24 -0700 (PDT)
Received: from rani.riverdale.lan ([2001:470:1f07:5f3::b55f])
 by smtp.gmail.com with ESMTPSA id i20sm13264340qkl.135.2020.04.15.15.15.23
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 15 Apr 2020 15:15:23 -0700 (PDT)
From: Arvind Sankar <nivedita@alum.mit.edu>
To: Ard Biesheuvel <ardb@kernel.org>
Subject: [PATCH 3/5] efi/x86: Remove __efistub_global annotation
Date: Wed, 15 Apr 2020 18:15:18 -0400
Message-Id: <20200415221520.2692512-4-nivedita@alum.mit.edu>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200415221520.2692512-1-nivedita@alum.mit.edu>
References: <20200415221520.2692512-1-nivedita@alum.mit.edu>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200415_151525_107599_65F73025 
X-CRM114-Status: GOOD (  12.65  )
X-Spam-Score: 0.8 (/)
X-Spam-Report: SpamAssassin version 3.4.4 on bombadil.infradead.org summary:
 Content analysis details:   (0.8 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [209.85.160.194 listed in wl.mailspike.net]
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.160.194 listed in list.dnswl.org]
 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
 in digit [niveditas98[at]gmail.com]
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
 mail domains are different
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [niveditas98[at]gmail.com]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
 EnvelopeFrom freemail headers are different
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: linux-efi@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,
 Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
 Thomas Gleixner <tglx@linutronix.de>, linux-arm-kernel@lists.infradead.org
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

Instead of using __efistub_global to force variables into the .data
section, leave them in the .bss but pull the EFI stub's .bss section
into .data in the linker script for the compressed kernel.

Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/x86/boot/compressed/vmlinux.lds.S |  1 +
 drivers/firmware/efi/libstub/Makefile  | 12 ++++++++++--
 drivers/firmware/efi/libstub/efistub.h |  4 ----
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compressed/vmlinux.lds.S
index 508cfa6828c5..0dc5c2b9614b 100644
--- a/arch/x86/boot/compressed/vmlinux.lds.S
+++ b/arch/x86/boot/compressed/vmlinux.lds.S
@@ -52,6 +52,7 @@ SECTIONS
 		_data = . ;
 		*(.data)
 		*(.data.*)
+		*(.bss.efistub)
 		_edata = . ;
 	}
 	. = ALIGN(L1_CACHE_BYTES);
diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index e5e76677f2da..0bb2916eb12b 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -73,8 +73,8 @@ CFLAGS_arm64-stub.o		:= -DTEXT_OFFSET=$(TEXT_OFFSET)
 # a verification pass to see if any absolute relocations exist in any of the
 # object files.
 #
-extra-$(CONFIG_EFI_ARMSTUB)	:= $(lib-y)
-lib-$(CONFIG_EFI_ARMSTUB)	:= $(patsubst %.o,%.stub.o,$(lib-y))
+extra-y	:= $(lib-y)
+lib-y	:= $(patsubst %.o,%.stub.o,$(lib-y))
 
 STUBCOPY_FLAGS-$(CONFIG_ARM64)	+= --prefix-alloc-sections=.init \
 				   --prefix-symbols=__efistub_
@@ -89,6 +89,14 @@ STUBCOPY_FLAGS-$(CONFIG_ARM)	+= --rename-section .data=.data.efistub	\
 				   --rename-section .bss=.bss.efistub,load,alloc
 STUBCOPY_RELOC-$(CONFIG_ARM)	:= R_ARM_ABS
 
+#
+# For x86, bootloaders like systemd-boot or grub-efi do not zero-initialize the
+# .bss section, so the .bss section of the EFI stub needs to be included in the
+# .data section of the compressed kernel to ensure initialization. Rename the
+# .bss section here so it's easy to pick out in the linker script.
+#
+STUBCOPY_FLAGS-$(CONFIG_X86)	+= --rename-section .bss=.bss.efistub,load,alloc
+
 $(obj)/%.stub.o: $(obj)/%.o FORCE
 	$(call if_changed,stubcopy)
 
diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index a92d42ffd9f7..49651e20bb9f 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -25,11 +25,7 @@
 #define EFI_ALLOC_ALIGN		EFI_PAGE_SIZE
 #endif
 
-#if defined(CONFIG_X86)
-#define __efistub_global	__section(.data)
-#else
 #define __efistub_global
-#endif
 
 extern bool __pure nochunk(void);
 extern bool __pure nokaslr(void);

From patchwork Wed Apr 15 22:15:19 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arvind Sankar <nivedita@alum.mit.edu>
X-Patchwork-Id: 11492079
Return-Path: 
 <SRS0=QGSk=57=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AC23C912
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:16:35 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 6A69B20784
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:16:35 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="RAo3vNsQ"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6A69B20784
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=alum.mit.edu
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=f7lP4suiN6pBx0EZW3ojm1XngEwGUmm1Ecc5X1f4YHk=; b=RAo3vNsQJe7Lc+
	M01lxnzDHD7pP+XcVMGxC4m1PwyJVEchhhviZbBT2NXIaWaeRP13k74v3QuwJq62ER1I6WbIwWuKQ
	0pOD7b7bbW3Y7lxQBnAximgTE0sCMvcPWqXJXmSS7li7IVzCJICJjDKVLjlSHlePYA59jC+n9tKs/
	N37z6bFWwDRgNimjojujzFMSQ4Kzoes/3po+1m8pkoIGqvHmohN5LqAT2x2TaQNE2Zo2KGvhIEoaO
	WL3QOrDzMfUxSM/1jo1Q3wBZUJPVUmd9qYEdF2AuqF5TAOBVOhR9V1FUcCpeK+bYCfXR9chsrnNW2
	SWqhkLwWVPZjODl9xi3A==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1jOqKb-0007nk-2N; Wed, 15 Apr 2020 22:16:29 +0000
Received: from mail-qt1-f194.google.com ([209.85.160.194])
 by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1jOqJZ-0006fY-SA
 for linux-arm-kernel@lists.infradead.org; Wed, 15 Apr 2020 22:15:27 +0000
Received: by mail-qt1-f194.google.com with SMTP id w29so14447412qtv.3
 for <linux-arm-kernel@lists.infradead.org>;
 Wed, 15 Apr 2020 15:15:25 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=adNtgtRMt64ieUnhMqRLF0a2CXsdZP572pPfrSALC+A=;
 b=lz4GagO0CwdCVha1gKN8Js0jzRtEYIa3TXNugkpIscDkJfxkmlO2Nzws1rcfkDDECy
 7TGcVofgFQeRng5IpSpzKTv7VHr/hIACw/y2RVQT/vQkexGZjTtVYXB7mQPWQN3KdG5A
 GEnakO1dZBVO+i6/lJ9VgxQjnJu4DtNSDwi+gifjKa63NIvpizRt3X2yym4Ta8HYoIXx
 8jU0e8S7Lywg6s7rAEpzmhLGUrk/HhuHULYab/WP4ZfQY4BSZIewzyXZCxRnKTV9N3yQ
 40MEbxPXHvXxBb0Ww6+KuW3h65kPbnF+xKR80HIBrElkxn6m42/mS4XdSW+o2RGy1UCd
 byOQ==
X-Gm-Message-State: AGi0PuZMr0YC1Wa/jGS892GUHh2/JlIp0VO15kbG7xugvSmXPGoK9jKS
 YqtDPaNan5b2UAZJ81gjucM=
X-Google-Smtp-Source: 
 APiQypIiGk8iIa1+JSVxpWv0uJMYikPkp/8IVwwrjnBEyah7xM9Wi9/EuobLCnrWoEvEYpUZhSvCnA==
X-Received: by 2002:ac8:71d8:: with SMTP id
 i24mr20622652qtp.223.1586988925102;
 Wed, 15 Apr 2020 15:15:25 -0700 (PDT)
Received: from rani.riverdale.lan ([2001:470:1f07:5f3::b55f])
 by smtp.gmail.com with ESMTPSA id i20sm13264340qkl.135.2020.04.15.15.15.24
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 15 Apr 2020 15:15:24 -0700 (PDT)
From: Arvind Sankar <nivedita@alum.mit.edu>
To: Ard Biesheuvel <ardb@kernel.org>
Subject: [PATCH 4/5] efi: Kill __efistub_global
Date: Wed, 15 Apr 2020 18:15:19 -0400
Message-Id: <20200415221520.2692512-5-nivedita@alum.mit.edu>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200415221520.2692512-1-nivedita@alum.mit.edu>
References: <20200415221520.2692512-1-nivedita@alum.mit.edu>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200415_151525_903965_1AA54FD0 
X-CRM114-Status: GOOD (  12.09  )
X-Spam-Score: 0.8 (/)
X-Spam-Report: SpamAssassin version 3.4.4 on bombadil.infradead.org summary:
 Content analysis details:   (0.8 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [209.85.160.194 listed in wl.mailspike.net]
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.160.194 listed in list.dnswl.org]
 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
 in digit [niveditas98[at]gmail.com]
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
 mail domains are different
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [niveditas98[at]gmail.com]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
 EnvelopeFrom freemail headers are different
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: linux-efi@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,
 Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
 Thomas Gleixner <tglx@linutronix.de>, linux-arm-kernel@lists.infradead.org
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

Now that both arm and x86 are using the linker script to place the EFI
stub's global variables in the correct section, remove __efistub_global.

Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
---
 drivers/firmware/efi/libstub/arm-stub.c        |  4 ++--
 drivers/firmware/efi/libstub/efi-stub-helper.c | 15 +++++++--------
 drivers/firmware/efi/libstub/efistub.h         |  2 --
 drivers/firmware/efi/libstub/gop.c             |  2 +-
 drivers/firmware/efi/libstub/x86-stub.c        |  2 +-
 5 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/drivers/firmware/efi/libstub/arm-stub.c b/drivers/firmware/efi/libstub/arm-stub.c
index 99a5cde7c2d8..bf42d6c742a8 100644
--- a/drivers/firmware/efi/libstub/arm-stub.c
+++ b/drivers/firmware/efi/libstub/arm-stub.c
@@ -36,9 +36,9 @@
 #endif
 
 static u64 virtmap_base = EFI_RT_VIRTUAL_BASE;
-static bool __efistub_global flat_va_mapping;
+static bool flat_va_mapping;
 
-static efi_system_table_t *__efistub_global sys_table;
+static efi_system_table_t *sys_table;
 
 __pure efi_system_table_t *efi_system_table(void)
 {
diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c
index c6092b6038cf..14e56a64f208 100644
--- a/drivers/firmware/efi/libstub/efi-stub-helper.c
+++ b/drivers/firmware/efi/libstub/efi-stub-helper.c
@@ -12,14 +12,13 @@
 
 #include "efistub.h"
 
-static bool __efistub_global efi_nochunk;
-static bool __efistub_global efi_nokaslr;
-static bool __efistub_global efi_noinitrd;
-static bool __efistub_global efi_quiet;
-static bool __efistub_global efi_novamap;
-static bool __efistub_global efi_nosoftreserve;
-static bool __efistub_global efi_disable_pci_dma =
-					IS_ENABLED(CONFIG_EFI_DISABLE_PCI_DMA);
+static bool efi_nochunk;
+static bool efi_nokaslr;
+static bool efi_noinitrd;
+static bool efi_quiet;
+static bool efi_novamap;
+static bool efi_nosoftreserve;
+static bool efi_disable_pci_dma = IS_ENABLED(CONFIG_EFI_DISABLE_PCI_DMA);
 
 bool __pure nochunk(void)
 {
diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index 49651e20bb9f..f96c56596034 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -25,8 +25,6 @@
 #define EFI_ALLOC_ALIGN		EFI_PAGE_SIZE
 #endif
 
-#define __efistub_global
-
 extern bool __pure nochunk(void);
 extern bool __pure nokaslr(void);
 extern bool __pure noinitrd(void);
diff --git a/drivers/firmware/efi/libstub/gop.c b/drivers/firmware/efi/libstub/gop.c
index fa05a0b0adfd..216327d0b034 100644
--- a/drivers/firmware/efi/libstub/gop.c
+++ b/drivers/firmware/efi/libstub/gop.c
@@ -32,7 +32,7 @@ static struct {
 			u8 depth;
 		} res;
 	};
-} cmdline __efistub_global = { .option = EFI_CMDLINE_NONE };
+} cmdline = { .option = EFI_CMDLINE_NONE };
 
 static bool parse_modenum(char *option, char **next)
 {
diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c
index 7583e908852f..aedac3af4b5c 100644
--- a/drivers/firmware/efi/libstub/x86-stub.c
+++ b/drivers/firmware/efi/libstub/x86-stub.c
@@ -20,7 +20,7 @@
 /* Maximum physical address for 64-bit kernel with 4-level paging */
 #define MAXMEM_X86_64_4LEVEL (1ull << 46)
 
-static efi_system_table_t *sys_table __efistub_global;
+static efi_system_table_t *sys_table;
 extern const bool efi_is64;
 extern u32 image_offset;
 

From patchwork Wed Apr 15 22:15:20 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arvind Sankar <nivedita@alum.mit.edu>
X-Patchwork-Id: 11492081
Return-Path: 
 <SRS0=QGSk=57=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4F34A912
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:16:47 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 08FB320784
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Wed, 15 Apr 2020 22:16:47 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="PC2ZzN31"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 08FB320784
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=alum.mit.edu
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=tWb2efcCCudPObYOPZFQnu1VNtyShRRIYp/0A4fVmkc=; b=PC2ZzN31hJ7akw
	UPzNq+UXIs6vUX7v226ANogTC2/llWZPD6yKszQaEONjhTH3rXq22ATcoLL/ghuRbtOqmKdPnE1c3
	WLfN9JzIB0tsJW8KraJwY2miHeeFJzJHDOQa8oj+X4r5ZFFS5aTBSbiDXZiT1r/2v0Q/Dxj3gOm5l
	fAkpo6ZZLDW2jd8IhMYf4qr4utqg2OCGP/cU9GeqqPUApBaVQWNx09cyXDn2hj42IYFsim+B+9zMn
	P5DSTtCHOlvy0HiFdS2aU2W0P3v/xbEr2T1XO3VLk9q9x9ApwgadOFpUGnDHSNpsjlgvanoX/lb26
	GQDFcoq02LK+/t0ngJBg==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1jOqKm-00080C-SX; Wed, 15 Apr 2020 22:16:40 +0000
Received: from mail-qt1-f194.google.com ([209.85.160.194])
 by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1jOqJa-0006gB-RH
 for linux-arm-kernel@lists.infradead.org; Wed, 15 Apr 2020 22:15:28 +0000
Received: by mail-qt1-f194.google.com with SMTP id x2so14876838qtr.0
 for <linux-arm-kernel@lists.infradead.org>;
 Wed, 15 Apr 2020 15:15:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=rOrczQkTIxOcY6UFnnC40rT9zyAvKX1Bi6yBMzeK9G0=;
 b=QwRNFt8l2LXW8KRkyHBV5lFRlCNAp3rr7YSufrIKyBlE7hVI46hV2HnfvNBWpO5uXr
 w9yM6it2Gf2eA49qkqIW6vEttD4Hj02JTmCFRQyqN2Lfhj5EFrkrDfHJiF3JtIgExEvv
 ci96h4cBeVrlKjyIPnKZgwluw6rIMgYNcMBgxXDjfymMp3cnzphbJt/2rHYvSvfMhxPR
 ucgDdTYVakTRwSqFLH+WwjIgQSqTZPtS4foDZ1RAmNF1qWBInd+oe1SeavbZxsknQWpX
 QkCTV0zecQf7tMKym4GtcKIxCKcnAxZDOC0X1njmTa0azWXq+DeSNwEQmRM1ijqPhq36
 RPiA==
X-Gm-Message-State: AGi0PuagesS31d9wmCDlJaBBNpVCc3NhweLSt4WB335Q2KyyvyhGsMcO
 eI9H82JHqixWP02kXBcV2oQ=
X-Google-Smtp-Source: 
 APiQypL+3Bxma6w8vttK2a2cMb2AyT1VBao4IUEBYSF9XsXFaqUg93j4LKjmJf0fyJxTOhIxxv+jTg==
X-Received: by 2002:ac8:2afc:: with SMTP id
 c57mr17402778qta.324.1586988926023;
 Wed, 15 Apr 2020 15:15:26 -0700 (PDT)
Received: from rani.riverdale.lan ([2001:470:1f07:5f3::b55f])
 by smtp.gmail.com with ESMTPSA id i20sm13264340qkl.135.2020.04.15.15.15.25
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 15 Apr 2020 15:15:25 -0700 (PDT)
From: Arvind Sankar <nivedita@alum.mit.edu>
To: Ard Biesheuvel <ardb@kernel.org>
Subject: [PATCH 5/5] efi/x86: Check for bad relocations
Date: Wed, 15 Apr 2020 18:15:20 -0400
Message-Id: <20200415221520.2692512-6-nivedita@alum.mit.edu>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200415221520.2692512-1-nivedita@alum.mit.edu>
References: <20200415221520.2692512-1-nivedita@alum.mit.edu>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200415_151526_884701_09DBE75E 
X-CRM114-Status: GOOD (  12.67  )
X-Spam-Score: 0.8 (/)
X-Spam-Report: SpamAssassin version 3.4.4 on bombadil.infradead.org summary:
 Content analysis details:   (0.8 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [209.85.160.194 listed in wl.mailspike.net]
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.160.194 listed in list.dnswl.org]
 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
 in digit [niveditas98[at]gmail.com]
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
 mail domains are different
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [niveditas98[at]gmail.com]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
 EnvelopeFrom freemail headers are different
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: linux-efi@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,
 Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
 Thomas Gleixner <tglx@linutronix.de>, linux-arm-kernel@lists.infradead.org
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

Add relocation checking for x86 as well to catch non-PC-relative
relocations that require runtime processing, since the EFI stub does not
do any runtime relocation processing.

This will catch, for example, data relocations created by static
initializers of pointers.

Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
---
 drivers/firmware/efi/libstub/Makefile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index 0bb2916eb12b..2aff59812a54 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -96,6 +96,8 @@ STUBCOPY_RELOC-$(CONFIG_ARM)	:= R_ARM_ABS
 # .bss section here so it's easy to pick out in the linker script.
 #
 STUBCOPY_FLAGS-$(CONFIG_X86)	+= --rename-section .bss=.bss.efistub,load,alloc
+STUBCOPY_RELOC-$(CONFIG_X86_32) := 'R_X86_32_(8|16|32)'
+STUBCOPY_RELOC-$(CONFIG_X86_64) := 'R_X86_64_(8|16|32|32S|64)'
 
 $(obj)/%.stub.o: $(obj)/%.o FORCE
 	$(call if_changed,stubcopy)
@@ -107,16 +109,14 @@ $(obj)/%.stub.o: $(obj)/%.o FORCE
 # this time, use objcopy and leave all sections in place.
 #
 
-cmd_stubrelocs_check-y = /bin/true
-
-cmd_stubrelocs_check-$(CONFIG_EFI_ARMSTUB) =				\
+cmd_stubrelocs_check =							\
 	$(STRIP) --strip-debug -o $@ $<;				\
-	if $(OBJDUMP) -r $@ | grep $(STUBCOPY_RELOC-y); then		\
+	if $(OBJDUMP) -r $@ | grep -E $(STUBCOPY_RELOC-y); then		\
 		echo "$@: absolute symbol references not allowed in the EFI stub" >&2; \
 		/bin/false;						\
 	fi
 
 quiet_cmd_stubcopy = STUBCPY $@
       cmd_stubcopy =							\
-	$(cmd_stubrelocs_check-y);					\
+	$(cmd_stubrelocs_check);					\
 	$(OBJCOPY) $(STUBCOPY_FLAGS-y) $< $@