1. 15 6月, 2020 1 次提交
  2. 19 5月, 2020 2 次提交
  3. 15 5月, 2020 1 次提交
  4. 05 5月, 2020 1 次提交
    • A
      efi/libstub/x86: Work around LLVM ELF quirk build regression · f77767ed
      Ard Biesheuvel 提交于
      When building the x86 EFI stub with Clang, the libstub Makefile rules
      that manipulate the ELF object files may throw an error like:
      
          STUBCPY drivers/firmware/efi/libstub/efi-stub-helper.stub.o
        strip: drivers/firmware/efi/libstub/efi-stub-helper.stub.o: Failed to find link section for section 10
        objcopy: drivers/firmware/efi/libstub/efi-stub-helper.stub.o: Failed to find link section for section 10
      
      This is the result of a LLVM feature [0] where symbol references are
      stored in a LLVM specific .llvm_addrsig section in a non-transparent way,
      causing generic ELF tools such as strip or objcopy to choke on them.
      
      So force the compiler not to emit these sections, by passing the
      appropriate command line option.
      
      [0] https://sourceware.org/bugzilla/show_bug.cgi?id=23817
      
      Cc: Nick Desaulniers <ndesaulniers@google.com>
      Cc: Peter Collingbourne <pcc@google.com>
      Cc: Sami Tolvanen <samitolvanen@google.com>
      Reported-by: NArnd Bergmann <arnd@arndb.de>
      Suggested-by: NFangrui Song <maskray@google.com>
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      f77767ed
  5. 24 4月, 2020 4 次提交
  6. 23 4月, 2020 1 次提交
  7. 25 2月, 2020 1 次提交
  8. 24 2月, 2020 6 次提交
    • A
      efi/libstub: Clean up command line parsing routine · 91d150c0
      Ard Biesheuvel 提交于
      We currently parse the command non-destructively, to avoid having to
      allocate memory for a copy before passing it to the standard parsing
      routines that are used by the core kernel, and which modify the input
      to delineate the parsed tokens with NUL characters.
      
      Instead, we call strstr() and strncmp() to go over the input multiple
      times, and match prefixes rather than tokens, which implies that we
      would match, e.g., 'nokaslrfoo' in the stub and disable KASLR, while
      the kernel would disregard the option and run with KASLR enabled.
      
      In order to avoid having to reason about whether and how this behavior
      may be abused, let's clean up the parsing routines, and rebuild them
      on top of the existing helpers.
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      91d150c0
    • A
      efi/libstub: Move file I/O support code into separate file · 5193a33d
      Ard Biesheuvel 提交于
      Split off the file I/O support code into a separate source file so
      it ends up in a separate object file in the static library, allowing
      the linker to omit it if the routines are not used.
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      5193a33d
    • A
      efi/libstub: Move efi_random_alloc() into separate source file · 0ed02bda
      Ard Biesheuvel 提交于
      efi_random_alloc() is only used on arm64, but as it shares a source
      file with efi_random_get_seed(), the latter will pull in the former
      on other architectures as well.
      
      Let's take advantage of the fact that libstub is a static library,
      and so the linker will only incorporate objects that are needed to
      satisfy dependencies in other objects. This means we can move the
      random alloc code to a separate source file that gets built
      unconditionally, but only used when needed.
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      0ed02bda
    • A
      efi/libstub/x86: Incorporate eboot.c into libstub · c2d0b470
      Ard Biesheuvel 提交于
      Most of the EFI stub source files of all architectures reside under
      drivers/firmware/efi/libstub, where they share a Makefile with special
      CFLAGS and an include file with declarations that are only relevant
      for stub code.
      
      Currently, we carry a lot of stub specific stuff in linux/efi.h only
      because eboot.c in arch/x86 needs them as well. So let's move eboot.c
      into libstub/, and move the contents of eboot.h that we still care
      about into efistub.h
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      c2d0b470
    • A
      efi/libstub: Move memory map handling and allocation routines to mem.c · f57db62c
      Ard Biesheuvel 提交于
      Create a new source file mem.c to keep the routines involved in memory
      allocation and deallocation and manipulation of the EFI memory map.
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      f57db62c
    • A
      efi/libstub: Use hidden visibility for all source files · 6f05106e
      Ard Biesheuvel 提交于
      Instead of setting the visibility pragma for a small set of symbol
      declarations that could result in absolute references that we cannot
      support in the stub, declare hidden visibility for all code in the
      EFI stub, which is more robust and future proof.
      
      To ensure that the #pragma is taken into account before any other
      includes are processed, put it in a header file of its own and
      include it via the compiler command line using the -include option.
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      6f05106e
  9. 23 2月, 2020 1 次提交
    • A
      efi/libstub/arm64: Use 1:1 mapping of RT services if property table exists · b92165d2
      Ard Biesheuvel 提交于
      The UEFI spec defines (and deprecates) a misguided and shortlived
      memory protection feature that is based on splitting memory regions
      covering PE/COFF executables into separate code and data regions,
      without annotating them as belonging to the same executable image.
      When the OS assigns the virtual addresses of these regions, it may
      move them around arbitrarily, without taking into account that the
      PE/COFF code sections may contain relative references into the data
      sections, which means the relative placement of these segments has
      to be preserved or the executable image will be corrupted.
      
      The original workaround on arm64 was to ensure that adjacent regions
      of the same type were mapped adjacently in the virtual mapping, but
      this requires sorting of the memory map, which we would prefer to
      avoid.
      
      Considering that the native physical mapping of the PE/COFF images
      does not suffer from this issue, let's preserve it at runtime, and
      install it as the virtual mapping as well.
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      b92165d2
  10. 11 1月, 2020 1 次提交
    • M
      efi: Allow disabling PCI busmastering on bridges during boot · 4444f854
      Matthew Garrett 提交于
      Add an option to disable the busmaster bit in the control register on
      all PCI bridges before calling ExitBootServices() and passing control
      to the runtime kernel. System firmware may configure the IOMMU to prevent
      malicious PCI devices from being able to attack the OS via DMA. However,
      since firmware can't guarantee that the OS is IOMMU-aware, it will tear
      down IOMMU configuration when ExitBootServices() is called. This leaves
      a window between where a hostile device could still cause damage before
      Linux configures the IOMMU again.
      
      If CONFIG_EFI_DISABLE_PCI_DMA is enabled or "efi=disable_early_pci_dma"
      is passed on the command line, the EFI stub will clear the busmaster bit
      on all PCI bridges before ExitBootServices() is called. This will
      prevent any malicious PCI devices from being able to perform DMA until
      the kernel reenables busmastering after configuring the IOMMU.
      
      This option may cause failures with some poorly behaved hardware and
      should not be enabled without testing. The kernel commandline options
      "efi=disable_early_pci_dma" or "efi=no_disable_early_pci_dma" may be
      used to override the default. Note that PCI devices downstream from PCI
      bridges are disconnected from their drivers first, using the UEFI
      driver model API, so that DMA can be disabled safely at the bridge
      level.
      
      [ardb: disconnect PCI I/O handles first, as suggested by Arvind]
      Co-developed-by: NMatthew Garrett <mjg59@google.com>
      Signed-off-by: NMatthew Garrett <mjg59@google.com>
      Signed-off-by: NArd Biesheuvel <ardb@kernel.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Arvind Sankar <nivedita@alum.mit.edu>
      Cc: Matthew Garrett <matthewgarrett@google.com>
      Cc: linux-efi@vger.kernel.org
      Link: https://lkml.kernel.org/r/20200103113953.9571-18-ardb@kernel.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>
      4444f854
  11. 16 11月, 2019 1 次提交
  12. 07 11月, 2019 1 次提交
  13. 31 10月, 2019 1 次提交
    • A
      efi: libstub/arm: Account for firmware reserved memory at the base of RAM · 41cd96fa
      Ard Biesheuvel 提交于
      The EFI stubloader for ARM starts out by allocating a 32 MB window
      at the base of RAM, in order to ensure that the decompressor (which
      blindly copies the uncompressed kernel into that window) does not
      overwrite other allocations that are made while running in the context
      of the EFI firmware.
      
      In some cases, (e.g., U-Boot running on the Raspberry Pi 2), this is
      causing boot failures because this initial allocation conflicts with
      a page of reserved memory at the base of RAM that contains the SMP spin
      tables and other pieces of firmware data and which was put there by
      the bootloader under the assumption that the TEXT_OFFSET window right
      below the kernel is only used partially during early boot, and will be
      left alone once the memory reservations are processed and taken into
      account.
      
      So let's permit reserved memory regions to exist in the region starting
      at the base of RAM, and ending at TEXT_OFFSET - 5 * PAGE_SIZE, which is
      the window below the kernel that is not touched by the early boot code.
      Tested-by: NGuillaume Gardet <Guillaume.Gardet@arm.com>
      Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
      Acked-by: NChester Lin <clin@suse.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: https://lkml.kernel.org/r/20191029173755.27149-5-ardb@kernel.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>
      41cd96fa
  14. 09 4月, 2019 1 次提交
  15. 29 3月, 2019 2 次提交
  16. 04 2月, 2019 1 次提交
    • I
      efi/fdt: Apply more cleanups · ac9aff8e
      Ingo Molnar 提交于
      Apply a number of cleanups:
      
       - Introduce fdt_setprop_*var() helper macros to simplify and shorten repetitive
         sequences - this also makes it less likely that the wrong variable size is
         passed in. This change makes a lot of the property-setting calls single-line
         and easier to read.
      
       - Harmonize comment style: capitalization, punctuation, whitespaces, etc.
      
       - Fix some whitespace noise in the libstub Makefile which I happened to notice.
      
       - Use the standard tabular initialization style:
      
          -       map.map =       &runtime_map;
          -       map.map_size =  &map_size;
          -       map.desc_size = &desc_size;
          -       map.desc_ver =  &desc_ver;
          -       map.key_ptr =   &mmap_key;
          -       map.buff_size = &buff_size;
      
          +       map.map         = &runtime_map;
          +       map.map_size    = &map_size;
          +       map.desc_size   = &desc_size;
          +       map.desc_ver    = &desc_ver;
          +       map.key_ptr     = &mmap_key;
          +       map.buff_size   = &buff_size;
      
       - Use tabular structure definition for better readability.
      
       - Make all pr*() lines single-line, even if they marginally exceed 80 cols - this
         makes them visually less intrusive.
      
       - Unbreak line breaks into single lines when the length exceeds 80 cols only
         marginally, for better readability.
      
       - Move assignment closer to the actual usage site.
      
       - Plus some other smaller cleanups, spelling fixes, etc.
      
      No change in functionality intended.
      
      [ ardb: move changes to upstream libfdt into local header. ]
      Signed-off-by: NIngo Molnar <mingo@kernel.org>
      Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
      Cc: Alexander Graf <agraf@suse.de>
      Cc: Bjorn Andersson <bjorn.andersson@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
      Cc: Jeffrey Hugo <jhugo@codeaurora.org>
      Cc: Lee Jones <lee.jones@linaro.org>
      Cc: Leif Lindholm <leif.lindholm@linaro.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Matt Fleming <matt@codeblueprint.co.uk>
      Cc: Peter Jones <pjones@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/20190202094119.13230-6-ard.biesheuvel@linaro.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>
      ac9aff8e
  17. 30 11月, 2018 1 次提交
    • N
      efi/libstub: Disable some warnings for x86{,_64} · 3db5e0ba
      Nathan Chancellor 提交于
      When building the kernel with Clang, some disabled warnings appear
      because this Makefile overrides KBUILD_CFLAGS for x86{,_64}. Add them to
      this list so that the build is clean again.
      
      -Wpointer-sign was disabled for the whole kernel before the beginning of Git history.
      
      -Waddress-of-packed-member was disabled for the whole kernel and for
      the early boot code in these commits:
      
        bfb38988 ("kbuild: clang: Disable 'address-of-packed-member' warning")
        20c6c189 ("x86/boot: Disable the address-of-packed-member compiler warning").
      
      -Wgnu was disabled for the whole kernel and for the early boot code in
      these commits:
      
        61163efa ("kbuild: LLVMLinux: Add Kbuild support for building kernel with Clang")
        6c3b56b1 ("x86/boot: Disable Clang warnings about GNU extensions").
      
       [ mingo: Made the changelog more readable. ]
      Tested-by: NSedat Dilek <sedat.dilek@gmail.com>
      Signed-off-by: NNathan Chancellor <natechancellor@gmail.com>
      Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
      Reviewed-by: NSedat Dilek <sedat.dilek@gmail.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Arend van Spriel <arend.vanspriel@broadcom.com>
      Cc: Bhupesh Sharma <bhsharma@redhat.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Eric Snowberg <eric.snowberg@oracle.com>
      Cc: Hans de Goede <hdegoede@redhat.com>
      Cc: Joe Perches <joe@perches.com>
      Cc: Jon Hunter <jonathanh@nvidia.com>
      Cc: Julien Thierry <julien.thierry@arm.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Marc Zyngier <marc.zyngier@arm.com>
      Cc: Matt Fleming <matt@codeblueprint.co.uk>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: YiFei Zhu <zhuyifei1999@gmail.com>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/20181129171230.18699-8-ard.biesheuvel@linaro.org
      Link: https://github.com/ClangBuiltLinux/linux/issues/112Signed-off-by: NIngo Molnar <mingo@kernel.org>
      3db5e0ba
  18. 26 9月, 2018 1 次提交
  19. 23 8月, 2018 1 次提交
  20. 31 7月, 2018 1 次提交
  21. 26 7月, 2018 1 次提交
  22. 12 3月, 2018 1 次提交
  23. 08 1月, 2018 1 次提交
  24. 02 11月, 2017 1 次提交
    • G
      License cleanup: add SPDX GPL-2.0 license identifier to files with no license · b2441318
      Greg Kroah-Hartman 提交于
      Many source files in the tree are missing licensing information, which
      makes it harder for compliance tools to determine the correct license.
      
      By default all files without license information are under the default
      license of the kernel, which is GPL version 2.
      
      Update the files which contain no license information with the 'GPL-2.0'
      SPDX license identifier.  The SPDX identifier is a legally binding
      shorthand, which can be used instead of the full boiler plate text.
      
      This patch is based on work done by Thomas Gleixner and Kate Stewart and
      Philippe Ombredanne.
      
      How this work was done:
      
      Patches were generated and checked against linux-4.14-rc6 for a subset of
      the use cases:
       - file had no licensing information it it.
       - file was a */uapi/* one with no licensing information in it,
       - file was a */uapi/* one with existing licensing information,
      
      Further patches will be generated in subsequent months to fix up cases
      where non-standard license headers were used, and references to license
      had to be inferred by heuristics based on keywords.
      
      The analysis to determine which SPDX License Identifier to be applied to
      a file was done in a spreadsheet of side by side results from of the
      output of two independent scanners (ScanCode & Windriver) producing SPDX
      tag:value files created by Philippe Ombredanne.  Philippe prepared the
      base worksheet, and did an initial spot review of a few 1000 files.
      
      The 4.13 kernel was the starting point of the analysis with 60,537 files
      assessed.  Kate Stewart did a file by file comparison of the scanner
      results in the spreadsheet to determine which SPDX license identifier(s)
      to be applied to the file. She confirmed any determination that was not
      immediately clear with lawyers working with the Linux Foundation.
      
      Criteria used to select files for SPDX license identifier tagging was:
       - Files considered eligible had to be source code files.
       - Make and config files were included as candidates if they contained >5
         lines of source
       - File already had some variant of a license header in it (even if <5
         lines).
      
      All documentation files were explicitly excluded.
      
      The following heuristics were used to determine which SPDX license
      identifiers to apply.
      
       - when both scanners couldn't find any license traces, file was
         considered to have no license information in it, and the top level
         COPYING file license applied.
      
         For non */uapi/* files that summary was:
      
         SPDX license identifier                            # files
         ---------------------------------------------------|-------
         GPL-2.0                                              11139
      
         and resulted in the first patch in this series.
      
         If that file was a */uapi/* path one, it was "GPL-2.0 WITH
         Linux-syscall-note" otherwise it was "GPL-2.0".  Results of that was:
      
         SPDX license identifier                            # files
         ---------------------------------------------------|-------
         GPL-2.0 WITH Linux-syscall-note                        930
      
         and resulted in the second patch in this series.
      
       - if a file had some form of licensing information in it, and was one
         of the */uapi/* ones, it was denoted with the Linux-syscall-note if
         any GPL family license was found in the file or had no licensing in
         it (per prior point).  Results summary:
      
         SPDX license identifier                            # files
         ---------------------------------------------------|------
         GPL-2.0 WITH Linux-syscall-note                       270
         GPL-2.0+ WITH Linux-syscall-note                      169
         ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause)    21
         ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)    17
         LGPL-2.1+ WITH Linux-syscall-note                      15
         GPL-1.0+ WITH Linux-syscall-note                       14
         ((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause)    5
         LGPL-2.0+ WITH Linux-syscall-note                       4
         LGPL-2.1 WITH Linux-syscall-note                        3
         ((GPL-2.0 WITH Linux-syscall-note) OR MIT)              3
         ((GPL-2.0 WITH Linux-syscall-note) AND MIT)             1
      
         and that resulted in the third patch in this series.
      
       - when the two scanners agreed on the detected license(s), that became
         the concluded license(s).
      
       - when there was disagreement between the two scanners (one detected a
         license but the other didn't, or they both detected different
         licenses) a manual inspection of the file occurred.
      
       - In most cases a manual inspection of the information in the file
         resulted in a clear resolution of the license that should apply (and
         which scanner probably needed to revisit its heuristics).
      
       - When it was not immediately clear, the license identifier was
         confirmed with lawyers working with the Linux Foundation.
      
       - If there was any question as to the appropriate license identifier,
         the file was flagged for further research and to be revisited later
         in time.
      
      In total, over 70 hours of logged manual review was done on the
      spreadsheet to determine the SPDX license identifiers to apply to the
      source files by Kate, Philippe, Thomas and, in some cases, confirmation
      by lawyers working with the Linux Foundation.
      
      Kate also obtained a third independent scan of the 4.13 code base from
      FOSSology, and compared selected files where the other two scanners
      disagreed against that SPDX file, to see if there was new insights.  The
      Windriver scanner is based on an older version of FOSSology in part, so
      they are related.
      
      Thomas did random spot checks in about 500 files from the spreadsheets
      for the uapi headers and agreed with SPDX license identifier in the
      files he inspected. For the non-uapi files Thomas did random spot checks
      in about 15000 files.
      
      In initial set of patches against 4.14-rc6, 3 files were found to have
      copy/paste license identifier errors, and have been fixed to reflect the
      correct identifier.
      
      Additionally Philippe spent 10 hours this week doing a detailed manual
      inspection and review of the 12,461 patched files from the initial patch
      version early this week with:
       - a full scancode scan run, collecting the matched texts, detected
         license ids and scores
       - reviewing anything where there was a license detected (about 500+
         files) to ensure that the applied SPDX license was correct
       - reviewing anything where there was no detection but the patch license
         was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
         SPDX license was correct
      
      This produced a worksheet with 20 files needing minor correction.  This
      worksheet was then exported into 3 different .csv files for the
      different types of files to be modified.
      
      These .csv files were then reviewed by Greg.  Thomas wrote a script to
      parse the csv files and add the proper SPDX tag to the file, in the
      format that the file expected.  This script was further refined by Greg
      based on the output to detect more types of files automatically and to
      distinguish between header and source .c files (which need different
      comment types.)  Finally Greg ran the script using the .csv files to
      generate the patches.
      Reviewed-by: NKate Stewart <kstewart@linuxfoundation.org>
      Reviewed-by: NPhilippe Ombredanne <pombredanne@nexb.com>
      Reviewed-by: NThomas Gleixner <tglx@linutronix.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      b2441318
  25. 28 10月, 2017 1 次提交
    • A
      efi/libstub: arm: omit sorting of the UEFI memory map · 29f9007b
      Ard Biesheuvel 提交于
      ARM shares its EFI stub implementation with arm64, which has some
      special handling in the virtual remapping code to
      a) make sure that we can map everything even if the OS executes
         with 64k page size, and
      b) make sure that adjacent regions with the same attributes are not
         reordered or moved apart in memory.
      
      The latter is a workaround for a 'feature' that was shortly recommended
      by UEFI spec v2.5, but deprecated shortly after, due to the fact that
      it broke many OS installers, including non-Linux ones, and it was never
      widely implemented for ARM systems. Before implementing b), the arm64
      code simply rounded up all regions to 64 KB granularity, but given that
      that results in moving adjacent regions apart, it had to be refined when
      b) was implemented.
      
      The adjacency check requires a sort() pass, due to the fact that the
      UEFI spec does not mandate any ordering, and the inclusion of the
      lib/sort.c code into the ARM EFI stub is causing some trouble with
      the decompressor build due to the fact that its EXPORT_SYMBOL() call
      triggers the creation of ksymtab/kcrctab sections.
      
      So let's simply do away with the adjacency check for ARM, and simply put
      all UEFI runtime regions together if they have the same memory attributes.
      This is guaranteed to work, given that ARM only supports 4 KB pages,
      and allows us to remove the sort() call entirely.
      Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
      Acked-by: NWill Deacon <will.deacon@arm.com>
      Tested-by: NJeffy Chen <jeffy.chen@rock-chips.com>
      Tested-by: NGregory CLEMENT <gregory.clement@free-electrons.com>
      Tested-by: NMatthias Brugger <matthias.bgg@gmail.com>
      Signed-off-by: NRussell King <rmk+kernel@armlinux.org.uk>
      29f9007b
  26. 26 8月, 2017 1 次提交
  27. 21 8月, 2017 1 次提交
    • A
      efi/libstub/arm64: Set -fpie when building the EFI stub · 91ee5b21
      Ard Biesheuvel 提交于
      Clang may emit absolute symbol references when building in non-PIC mode,
      even when using the default 'small' code model, which is already mostly
      position independent to begin with, due to its use of adrp/add pairs
      that have a relative range of +/- 4 GB. The remedy is to pass the -fpie
      flag, which can be done safely now that the code has been updated to avoid
      GOT indirections (which may be emitted due to the compiler assuming that
      the PIC/PIE code may end up in a shared library that is subject to ELF
      symbol preemption)
      
      Passing -fpie when building code that needs to execute at an a priori
      unknown offset is arguably an improvement in any case, and given that
      the recent visibility changes allow the PIC build to pass with GCC as
      well, let's add -fpie for all arm64 builds rather than only for Clang.
      Tested-by: NMatthias Kaehlcke <mka@chromium.org>
      Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Matt Fleming <matt@codeblueprint.co.uk>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/20170818194947.19347-5-ard.biesheuvel@linaro.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>
      91ee5b21
  28. 13 7月, 2017 1 次提交
  29. 07 2月, 2017 1 次提交
  30. 01 2月, 2017 1 次提交
    • A
      efi/libstub: Preserve .debug sections after absolute relocation check · 696204fa
      Ard Biesheuvel 提交于
      The build commands for the ARM and arm64 EFI stubs strip the .debug
      sections and other sections that may legally contain absolute relocations,
      in order to inspect the remaining sections for the presence of such
      relocations.
      
      This leaves us without debugging symbols in the stub for no good reason,
      considering that these sections are omitted from the kernel binary anyway,
      and that these relocations are thus only consumed by users of the ELF
      binary, such as debuggers.
      
      So move to 'strip' for performing the relocation check, and if it succeeds,
      invoke objcopy as before, but leaving the .debug sections in place. Note
      that these sections may refer to ksymtab/kcrctab contents, so leave those
      in place as well.
      Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Matt Fleming <matt@codeblueprint.co.uk>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1485868902-20401-11-git-send-email-ard.biesheuvel@linaro.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>
      696204fa