From patchwork Wed Sep 11 09:50:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Frediano Ziglio X-Patchwork-Id: 13800140 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A3CE1EE4987 for ; Wed, 11 Sep 2024 09:51:15 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.796340.1205874 (Exim 4.92) (envelope-from ) id 1soK06-0007jY-SQ; Wed, 11 Sep 2024 09:51:02 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 796340.1205874; Wed, 11 Sep 2024 09:51:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1soK06-0007jR-Ny; Wed, 11 Sep 2024 09:51:02 +0000 Received: by outflank-mailman (input) for mailman id 796340; Wed, 11 Sep 2024 09:51:01 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1soK05-0007jL-Bh for xen-devel@lists.xenproject.org; Wed, 11 Sep 2024 09:51:01 +0000 Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [2a00:1450:4864:20::52e]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 58e1f48b-7023-11ef-99a1-01e77a169b0f; Wed, 11 Sep 2024 11:50:59 +0200 (CEST) Received: by mail-ed1-x52e.google.com with SMTP id 4fb4d7f45d1cf-5c27067b81aso6809513a12.0 for ; Wed, 11 Sep 2024 02:50:59 -0700 (PDT) Received: from fziglio-desktop.. ([185.25.67.249]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5c3ebd8ce50sm5230439a12.84.2024.09.11.02.50.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Sep 2024 02:50:57 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 58e1f48b-7023-11ef-99a1-01e77a169b0f DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloud.com; s=cloud; t=1726048258; x=1726653058; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=SGjcSEWnTf8j6d1PRjFei/7dBDzMVLwgykQbvZKMqHk=; b=hBzb1FOcV+Qd+ON1p3ioc6jEGpyEeHJaeLSVP4CWYaGQY2JdJwMy2D6vWGqBBmpOSw 2uFavXtzlRRi+AYDihgmcBxxs9XLZ7qZ1FKXOkzgZGZLYGlSFLnHVXmsg7x1DPHjP6Oa A6PDty42Uwpxn+h5ZQP6hyByFVJtF60S8InSU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726048258; x=1726653058; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=SGjcSEWnTf8j6d1PRjFei/7dBDzMVLwgykQbvZKMqHk=; b=T6ZZTOCHcAyRF2d37PgX3PgnD284JLW24TRLuLkfgPgF3APJXkfmB4jjmWuSyKT8Fl rpCbxiCCWgnWlTYYtanITo4+jDCa+muz17x0r+Z2pimPwi8BJV1bt36qIY0ELHdTCRMz 1iDexIWl0xbYkAbPai4wP2bqXr7M7f8zq4BNxypRzVHJw8XT4Upum4TU2xotEZQ1q4HP e520xKr2MPKKelJ0NKyg8+J0Om6XEeYasWGVvcd38GsUkZSUPL85uL1PhQLHlkoMbp7v jcf85II2X5gHEXnR+338pdSa2pL6tB108vF/KDxTNMc79ynXbsWk2b+7lSZR/T7SyLlj owvA== X-Gm-Message-State: AOJu0Yztj6ihJuZYx8Ib2ZIodQtmaQEu3/f5fOoeNJHAyJW1tbY+YWDC A2da30kbVA945qp9V23I9EISPcGgBIbCLJJjLVEdRIARZ6WD+F+TS+g8U0LfrHCDaNRJtA8Rf/u H X-Google-Smtp-Source: AGHT+IE7cvHYhmjVCtBQGcWR6mlj0yLPU5oa9Zd/n6GGIzEdUdiat6wKNvJ5x9qOX2MMoK2DVBYCqg== X-Received: by 2002:a05:6402:40c5:b0:5c2:6311:8445 with SMTP id 4fb4d7f45d1cf-5c3eabfede6mr9782407a12.2.1726048257961; Wed, 11 Sep 2024 02:50:57 -0700 (PDT) From: Frediano Ziglio To: xen-devel@lists.xenproject.org Cc: Frediano Ziglio , Jan Beulich , Andrew Cooper , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Subject: [PATCH] x86: Put trampoline in separate .init.trampoline section Date: Wed, 11 Sep 2024 10:50:48 +0100 Message-Id: <20240911095048.25555-1-frediano.ziglio@cloud.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 This change put the trampoline in a separate, not executable section. The trampoline contains a mix of code and data (data which is modified from C code during early start so must be writable). This is in preparation for W^X patch in order to satisfy UEFI CA memory mitigation requirements. At the moment .init.text and .init.data in EFI mode are put together so they will be in the same final section as before this patch. Putting in a separate section (even in final executables) allows to easily disassembly that section. Signed-off-by: Frediano Ziglio --- Changes since last version: - use completely separate section even on final executables (suggested by Jan Beulich). --- xen/arch/x86/boot/head.S | 6 ++++-- xen/arch/x86/xen.lds.S | 5 +++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/boot/head.S b/xen/arch/x86/boot/head.S index 12bbb97f33..61b7b8894c 100644 --- a/xen/arch/x86/boot/head.S +++ b/xen/arch/x86/boot/head.S @@ -882,8 +882,10 @@ cmdline_parse_early: reloc: .incbin "reloc.bin" +#include "x86_64.S" + + .section .init.trampoline, "aw", @progbits + .align 4 ENTRY(trampoline_start) #include "trampoline.S" ENTRY(trampoline_end) - -#include "x86_64.S" diff --git a/xen/arch/x86/xen.lds.S b/xen/arch/x86/xen.lds.S index d48de67cfd..390870e463 100644 --- a/xen/arch/x86/xen.lds.S +++ b/xen/arch/x86/xen.lds.S @@ -269,6 +269,11 @@ SECTIONS __ctors_end = .; } PHDR(text) + . = ALIGN(PAGE_SIZE); + DECL_SECTION(.init.trampoline) { + *(.init.trampoline) + } PHDR(text) + #ifndef EFI /* * With --orphan-sections=warn (or =error) we need to handle certain linker