98f7852537
The compressed kernel is built with -fPIC/-fPIE so that it can run in any location a bootloader happens to put it. However, since ELF relocation processing is not happening (and all the relocation information has already been stripped at link time), none of the code can use data relocations (e.g. static assignments of pointers). This is already noted in a warning comment at the top of misc.c, but this adds an explicit check for the condition during the linking stage to block any such bugs from appearing. If this was in place with the earlier bug in pagetable.c, the build would fail like this: ... CC arch/x86/boot/compressed/pagetable.o DATAREL arch/x86/boot/compressed/vmlinux error: arch/x86/boot/compressed/pagetable.o has data relocations! make[2]: *** [arch/x86/boot/compressed/vmlinux] Error 1 ... A clean build shows: ... CC arch/x86/boot/compressed/pagetable.o DATAREL arch/x86/boot/compressed/vmlinux LD arch/x86/boot/compressed/vmlinux ... Suggested-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Baoquan He <bhe@redhat.com> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: H.J. Lu <hjl.tools@gmail.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Yinghai Lu <yinghai@kernel.org> Link: http://lkml.kernel.org/r/1464216334-17200-2-git-send-email-keescook@chromium.org Signed-off-by: Ingo Molnar <mingo@kernel.org>
150 lines
5.0 KiB
Makefile
150 lines
5.0 KiB
Makefile
#
|
|
# linux/arch/x86/boot/compressed/Makefile
|
|
#
|
|
# create a compressed vmlinux image from the original vmlinux
|
|
#
|
|
# vmlinuz is:
|
|
# decompression code (*.o)
|
|
# asm globals (piggy.S), including:
|
|
# vmlinux.bin.(gz|bz2|lzma|...)
|
|
#
|
|
# vmlinux.bin is:
|
|
# vmlinux stripped of debugging and comments
|
|
# vmlinux.bin.all is:
|
|
# vmlinux.bin + vmlinux.relocs
|
|
# vmlinux.bin.(gz|bz2|lzma|...) is:
|
|
# (see scripts/Makefile.lib size_append)
|
|
# compressed vmlinux.bin.all + u32 size of vmlinux.bin.all
|
|
|
|
KASAN_SANITIZE := n
|
|
OBJECT_FILES_NON_STANDARD := y
|
|
|
|
# Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
|
|
KCOV_INSTRUMENT := n
|
|
|
|
targets := vmlinux vmlinux.bin vmlinux.bin.gz vmlinux.bin.bz2 vmlinux.bin.lzma \
|
|
vmlinux.bin.xz vmlinux.bin.lzo vmlinux.bin.lz4
|
|
|
|
KBUILD_CFLAGS := -m$(BITS) -D__KERNEL__ $(LINUX_INCLUDE) -O2
|
|
KBUILD_CFLAGS += -fno-strict-aliasing $(call cc-option, -fPIE, -fPIC)
|
|
KBUILD_CFLAGS += -DDISABLE_BRANCH_PROFILING
|
|
cflags-$(CONFIG_X86_32) := -march=i386
|
|
cflags-$(CONFIG_X86_64) := -mcmodel=small
|
|
KBUILD_CFLAGS += $(cflags-y)
|
|
KBUILD_CFLAGS += -mno-mmx -mno-sse
|
|
KBUILD_CFLAGS += $(call cc-option,-ffreestanding)
|
|
KBUILD_CFLAGS += $(call cc-option,-fno-stack-protector)
|
|
|
|
KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__ASSEMBLY__
|
|
GCOV_PROFILE := n
|
|
UBSAN_SANITIZE :=n
|
|
|
|
LDFLAGS := -m elf_$(UTS_MACHINE)
|
|
ifeq ($(CONFIG_RELOCATABLE),y)
|
|
# If kernel is relocatable, build compressed kernel as PIE.
|
|
ifeq ($(CONFIG_X86_32),y)
|
|
LDFLAGS += $(call ld-option, -pie) $(call ld-option, --no-dynamic-linker)
|
|
else
|
|
# To build 64-bit compressed kernel as PIE, we disable relocation
|
|
# overflow check to avoid relocation overflow error with a new linker
|
|
# command-line option, -z noreloc-overflow.
|
|
LDFLAGS += $(shell $(LD) --help 2>&1 | grep -q "\-z noreloc-overflow" \
|
|
&& echo "-z noreloc-overflow -pie --no-dynamic-linker")
|
|
endif
|
|
endif
|
|
LDFLAGS_vmlinux := -T
|
|
|
|
hostprogs-y := mkpiggy
|
|
HOST_EXTRACFLAGS += -I$(srctree)/tools/include
|
|
|
|
sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|__bss_start\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p'
|
|
|
|
quiet_cmd_voffset = VOFFSET $@
|
|
cmd_voffset = $(NM) $< | sed -n $(sed-voffset) > $@
|
|
|
|
targets += ../voffset.h
|
|
|
|
$(obj)/../voffset.h: vmlinux FORCE
|
|
$(call if_changed,voffset)
|
|
|
|
$(obj)/misc.o: $(obj)/../voffset.h
|
|
|
|
vmlinux-objs-y := $(obj)/vmlinux.lds $(obj)/head_$(BITS).o $(obj)/misc.o \
|
|
$(obj)/string.o $(obj)/cmdline.o $(obj)/error.o \
|
|
$(obj)/piggy.o $(obj)/cpuflags.o
|
|
|
|
vmlinux-objs-$(CONFIG_EARLY_PRINTK) += $(obj)/early_serial_console.o
|
|
vmlinux-objs-$(CONFIG_RANDOMIZE_BASE) += $(obj)/kaslr.o
|
|
ifdef CONFIG_X86_64
|
|
vmlinux-objs-$(CONFIG_RANDOMIZE_BASE) += $(obj)/pagetable.o
|
|
endif
|
|
|
|
$(obj)/eboot.o: KBUILD_CFLAGS += -fshort-wchar -mno-red-zone
|
|
|
|
vmlinux-objs-$(CONFIG_EFI_STUB) += $(obj)/eboot.o $(obj)/efi_stub_$(BITS).o \
|
|
$(objtree)/drivers/firmware/efi/libstub/lib.a
|
|
vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o
|
|
|
|
# The compressed kernel is built with -fPIC/-fPIE so that a boot loader
|
|
# can place it anywhere in memory and it will still run. However, since
|
|
# it is executed as-is without any ELF relocation processing performed
|
|
# (and has already had all relocation sections stripped from the binary),
|
|
# none of the code can use data relocations (e.g. static assignments of
|
|
# pointer values), since they will be meaningless at runtime. This check
|
|
# will refuse to link the vmlinux if any of these relocations are found.
|
|
quiet_cmd_check_data_rel = DATAREL $@
|
|
define cmd_check_data_rel
|
|
for obj in $(filter %.o,$^); do \
|
|
readelf -S $$obj | grep -qF .rel.local && { \
|
|
echo "error: $$obj has data relocations!" >&2; \
|
|
exit 1; \
|
|
} || true; \
|
|
done
|
|
endef
|
|
|
|
$(obj)/vmlinux: $(vmlinux-objs-y) FORCE
|
|
$(call if_changed,check_data_rel)
|
|
$(call if_changed,ld)
|
|
|
|
OBJCOPYFLAGS_vmlinux.bin := -R .comment -S
|
|
$(obj)/vmlinux.bin: vmlinux FORCE
|
|
$(call if_changed,objcopy)
|
|
|
|
targets += $(patsubst $(obj)/%,%,$(vmlinux-objs-y)) vmlinux.bin.all vmlinux.relocs
|
|
|
|
CMD_RELOCS = arch/x86/tools/relocs
|
|
quiet_cmd_relocs = RELOCS $@
|
|
cmd_relocs = $(CMD_RELOCS) $< > $@;$(CMD_RELOCS) --abs-relocs $<
|
|
$(obj)/vmlinux.relocs: vmlinux FORCE
|
|
$(call if_changed,relocs)
|
|
|
|
vmlinux.bin.all-y := $(obj)/vmlinux.bin
|
|
vmlinux.bin.all-$(CONFIG_X86_NEED_RELOCS) += $(obj)/vmlinux.relocs
|
|
|
|
$(obj)/vmlinux.bin.gz: $(vmlinux.bin.all-y) FORCE
|
|
$(call if_changed,gzip)
|
|
$(obj)/vmlinux.bin.bz2: $(vmlinux.bin.all-y) FORCE
|
|
$(call if_changed,bzip2)
|
|
$(obj)/vmlinux.bin.lzma: $(vmlinux.bin.all-y) FORCE
|
|
$(call if_changed,lzma)
|
|
$(obj)/vmlinux.bin.xz: $(vmlinux.bin.all-y) FORCE
|
|
$(call if_changed,xzkern)
|
|
$(obj)/vmlinux.bin.lzo: $(vmlinux.bin.all-y) FORCE
|
|
$(call if_changed,lzo)
|
|
$(obj)/vmlinux.bin.lz4: $(vmlinux.bin.all-y) FORCE
|
|
$(call if_changed,lz4)
|
|
|
|
suffix-$(CONFIG_KERNEL_GZIP) := gz
|
|
suffix-$(CONFIG_KERNEL_BZIP2) := bz2
|
|
suffix-$(CONFIG_KERNEL_LZMA) := lzma
|
|
suffix-$(CONFIG_KERNEL_XZ) := xz
|
|
suffix-$(CONFIG_KERNEL_LZO) := lzo
|
|
suffix-$(CONFIG_KERNEL_LZ4) := lz4
|
|
|
|
quiet_cmd_mkpiggy = MKPIGGY $@
|
|
cmd_mkpiggy = $(obj)/mkpiggy $< > $@ || ( rm -f $@ ; false )
|
|
|
|
targets += piggy.S
|
|
$(obj)/piggy.S: $(obj)/vmlinux.bin.$(suffix-y) $(obj)/mkpiggy FORCE
|
|
$(call if_changed,mkpiggy)
|