eventfs-remove-fsnotify-functions-from-lookup.patch
eventfs-keep-all-directory-links-at-1.patch
nfsd-don-t-take-fi_lock-in-nfsd_break_deleg_cb.patch
+x86-efi-drop-efi-stub-.bss-from-.data-section.patch
+x86-efi-disregard-setup-header-of-loaded-image.patch
+x86-efi-drop-alignment-flags-from-pe-section-headers.patch
+x86-boot-remove-the-bugger-off-message.patch
+x86-boot-omit-compression-buffer-from-pe-coff-image-memory-footprint.patch
+x86-boot-drop-redundant-code-setting-the-root-device.patch
+x86-boot-drop-references-to-startup_64.patch
+x86-boot-grab-kernel_info-offset-from-zoffset-header-directly.patch
+x86-boot-set-efi-handover-offset-directly-in-header-asm.patch
+x86-boot-define-setup-size-in-linker-script.patch
+x86-boot-derive-file-size-from-_edata-symbol.patch
+x86-boot-construct-pe-coff-.text-section-from-assembler.patch
+x86-boot-drop-pe-coff-.reloc-section.patch
+x86-boot-split-off-pe-coff-.data-section.patch
+x86-boot-increase-section-and-file-alignment-to-4k-512.patch
+x86-efistub-use-1-1-file-memory-mapping-for-pe-coff-.compat-section.patch
--- /dev/null
+From efa089e63b56bdc5eca754b995cb039dd7a5457e Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Fri, 15 Sep 2023 17:16:29 +0000
+Subject: x86/boot: Construct PE/COFF .text section from assembler
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit efa089e63b56bdc5eca754b995cb039dd7a5457e upstream.
+
+Now that the size of the setup block is visible to the assembler, it is
+possible to populate the PE/COFF header fields from the asm code
+directly, instead of poking the values into the binary using the build
+tool. This will make it easier to reorganize the section layout without
+having to tweak the build tool in lockstep.
+
+This change has no impact on the resulting bzImage binary.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230915171623.655440-15-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 22 ++++++--------------
+ arch/x86/boot/tools/build.c | 47 --------------------------------------------
+ 2 files changed, 7 insertions(+), 62 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -75,14 +75,12 @@ optional_header:
+ .byte 0x02 # MajorLinkerVersion
+ .byte 0x14 # MinorLinkerVersion
+
+- # Filled in by build.c
+- .long 0 # SizeOfCode
++ .long setup_size + ZO__end - 0x200 # SizeOfCode
+
+ .long 0 # SizeOfInitializedData
+ .long 0 # SizeOfUninitializedData
+
+- # Filled in by build.c
+- .long 0x0000 # AddressOfEntryPoint
++ .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint
+
+ .long 0x0200 # BaseOfCode
+ #ifdef CONFIG_X86_32
+@@ -105,10 +103,7 @@ extra_header_fields:
+ .word 0 # MinorSubsystemVersion
+ .long 0 # Win32VersionValue
+
+- #
+- # The size of the bzImage is written in tools/build.c
+- #
+- .long 0 # SizeOfImage
++ .long setup_size + ZO__end # SizeOfImage
+
+ .long 0x200 # SizeOfHeaders
+ .long 0 # CheckSum
+@@ -199,18 +194,15 @@ section_table:
+ IMAGE_SCN_MEM_DISCARDABLE # Characteristics
+ #endif
+
+- #
+- # The offset & size fields are filled in by build.c.
+- #
+ .ascii ".text"
+ .byte 0
+ .byte 0
+ .byte 0
+- .long 0
+- .long 0x0 # startup_{32,64}
+- .long 0 # Size of initialized data
++ .long ZO__end
++ .long setup_size
++ .long ZO__edata # Size of initialized data
+ # on disk
+- .long 0x0 # startup_{32,64}
++ .long setup_size
+ .long 0 # PointerToRelocations
+ .long 0 # PointerToLineNumbers
+ .word 0 # NumberOfRelocations
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -50,10 +50,8 @@ u8 buf[SETUP_SECT_MAX*512];
+ #define PECOFF_RELOC_RESERVE 0x20
+ #define PECOFF_COMPAT_RESERVE 0x20
+
+-static unsigned long efi_pe_entry;
+ static unsigned long efi32_pe_entry;
+ static unsigned long _edata;
+-static unsigned long _end;
+
+ /*----------------------------------------------------------------------*/
+
+@@ -216,32 +214,6 @@ static void update_pecoff_setup_and_relo
+ #endif
+ }
+
+-static void update_pecoff_text(unsigned int text_start, unsigned int file_sz)
+-{
+- unsigned int pe_header;
+- unsigned int text_sz = file_sz - text_start;
+- unsigned int bss_sz = _end - text_sz;
+-
+- pe_header = get_unaligned_le32(&buf[0x3c]);
+-
+- /*
+- * Size of code: Subtract the size of the first sector (512 bytes)
+- * which includes the header.
+- */
+- put_unaligned_le32(file_sz - 512 + bss_sz, &buf[pe_header + 0x1c]);
+-
+- /* Size of image */
+- put_unaligned_le32(file_sz + bss_sz, &buf[pe_header + 0x50]);
+-
+- /*
+- * Address of entry point for PE/COFF executable
+- */
+- put_unaligned_le32(text_start + efi_pe_entry, &buf[pe_header + 0x28]);
+-
+- update_pecoff_section_header_fields(".text", text_start, text_sz + bss_sz,
+- text_sz, text_start);
+-}
+-
+ static int reserve_pecoff_reloc_section(int c)
+ {
+ /* Reserve 0x20 bytes for .reloc section */
+@@ -249,22 +221,9 @@ static int reserve_pecoff_reloc_section(
+ return PECOFF_RELOC_RESERVE;
+ }
+
+-static void efi_stub_defaults(void)
+-{
+- /* Defaults for old kernel */
+-#ifdef CONFIG_X86_32
+- efi_pe_entry = 0x10;
+-#else
+- efi_pe_entry = 0x210;
+-#endif
+-}
+-
+ #else
+
+ static inline void update_pecoff_setup_and_reloc(unsigned int size) {}
+-static inline void update_pecoff_text(unsigned int text_start,
+- unsigned int file_sz) {}
+-static inline void efi_stub_defaults(void) {}
+
+ static inline int reserve_pecoff_reloc_section(int c)
+ {
+@@ -307,10 +266,8 @@ static void parse_zoffset(char *fname)
+ p = (char *)buf;
+
+ while (p && *p) {
+- PARSE_ZOFS(p, efi_pe_entry);
+ PARSE_ZOFS(p, efi32_pe_entry);
+ PARSE_ZOFS(p, _edata);
+- PARSE_ZOFS(p, _end);
+
+ p = strchr(p, '\n');
+ while (p && (*p == '\r' || *p == '\n'))
+@@ -328,8 +285,6 @@ int main(int argc, char ** argv)
+ void *kernel;
+ u32 crc = 0xffffffffUL;
+
+- efi_stub_defaults();
+-
+ if (argc != 5)
+ usage();
+ parse_zoffset(argv[3]);
+@@ -376,8 +331,6 @@ int main(int argc, char ** argv)
+ kernel = mmap(NULL, sz, PROT_READ, MAP_SHARED, fd, 0);
+ if (kernel == MAP_FAILED)
+ die("Unable to mmap '%s': %m", argv[2]);
+- update_pecoff_text(setup_sectors * 512, i + _edata);
+-
+
+ crc = partial_crc32(buf, i, crc);
+ if (fwrite(buf, 1, i, dest) != i)
--- /dev/null
+From 093ab258e3fb1d1d3afdfd4a69403d44ce90e360 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Fri, 15 Sep 2023 17:16:27 +0000
+Subject: x86/boot: Define setup size in linker script
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 093ab258e3fb1d1d3afdfd4a69403d44ce90e360 upstream.
+
+The setup block contains the real mode startup code that is used when
+booting from a legacy BIOS, along with the boot_params/setup_data that
+is used by legacy x86 bootloaders to pass the command line and initial
+ramdisk parameters, among other things.
+
+The setup block also contains the PE/COFF header of the entire combined
+image, which includes the compressed kernel image, the decompressor and
+the EFI stub.
+
+This PE header describes the layout of the executable image in memory,
+and currently, the fact that the setup block precedes it makes it rather
+fiddly to get the right values into the right place in the final image.
+
+Let's make things a bit easier by defining the setup_size in the linker
+script so it can be referenced from the asm code directly, rather than
+having to rely on the build tool to calculate it. For the time being,
+add 64 bytes of fixed padding for the .reloc and .compat sections - this
+will be removed in a subsequent patch after the PE/COFF header has been
+reorganized.
+
+This change has no impact on the resulting bzImage binary when
+configured with CONFIG_EFI_MIXED=y.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230915171623.655440-13-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 2 +-
+ arch/x86/boot/setup.ld | 4 ++++
+ arch/x86/boot/tools/build.c | 6 ------
+ 3 files changed, 5 insertions(+), 7 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -231,7 +231,7 @@ sentinel: .byte 0xff, 0xff /* Use
+
+ .globl hdr
+ hdr:
+-setup_sects: .byte 0 /* Filled in by build.c */
++ .byte setup_sects - 1
+ root_flags: .word ROOT_RDONLY
+ syssize: .long 0 /* Filled in by build.c */
+ ram_size: .word 0 /* Obsolete */
+--- a/arch/x86/boot/setup.ld
++++ b/arch/x86/boot/setup.ld
+@@ -39,6 +39,10 @@ SECTIONS
+ .signature : {
+ setup_sig = .;
+ LONG(0x5a5aaa55)
++
++ /* Reserve some extra space for the reloc and compat sections */
++ setup_size = ALIGN(ABSOLUTE(.) + 64, 512);
++ setup_sects = ABSOLUTE(setup_size / 512);
+ }
+
+
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -48,12 +48,7 @@ typedef unsigned int u32;
+ u8 buf[SETUP_SECT_MAX*512];
+
+ #define PECOFF_RELOC_RESERVE 0x20
+-
+-#ifdef CONFIG_EFI_MIXED
+ #define PECOFF_COMPAT_RESERVE 0x20
+-#else
+-#define PECOFF_COMPAT_RESERVE 0x0
+-#endif
+
+ static unsigned long efi_pe_entry;
+ static unsigned long efi32_pe_entry;
+@@ -388,7 +383,6 @@ int main(int argc, char ** argv)
+ #endif
+
+ /* Patch the setup code with the appropriate size parameters */
+- buf[0x1f1] = setup_sectors-1;
+ put_unaligned_le32(sys_size, &buf[0x1f4]);
+
+ update_pecoff_text(setup_sectors * 512, i + (sys_size * 16));
--- /dev/null
+From aeb92067f6ae994b541d7f9752fe54ed3d108bcc Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Fri, 15 Sep 2023 17:16:28 +0000
+Subject: x86/boot: Derive file size from _edata symbol
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit aeb92067f6ae994b541d7f9752fe54ed3d108bcc upstream.
+
+Tweak the linker script so that the value of _edata represents the
+decompressor binary's file size rounded up to the appropriate alignment.
+This removes the need to calculate it in the build tool, and will make
+it easier to refer to the file size from the header directly in
+subsequent changes to the PE header layout.
+
+While adding _edata to the sed regex that parses the compressed
+vmlinux's symbol list, tweak the regex a bit for conciseness.
+
+This change has no impact on the resulting bzImage binary when
+configured with CONFIG_EFI_STUB=y.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230915171623.655440-14-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/Makefile | 2 +-
+ arch/x86/boot/compressed/vmlinux.lds.S | 3 +++
+ arch/x86/boot/header.S | 2 +-
+ arch/x86/boot/tools/build.c | 30 +++++++-----------------------
+ 4 files changed, 12 insertions(+), 25 deletions(-)
+
+--- a/arch/x86/boot/Makefile
++++ b/arch/x86/boot/Makefile
+@@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vm
+
+ SETUP_OBJS = $(addprefix $(obj)/,$(setup-y))
+
+-sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|efi32_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|z_.*\)$$/\#define ZO_\2 0x\1/p'
++sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_edata\|z_.*\)$$/\#define ZO_\2 0x\1/p'
+
+ quiet_cmd_zoffset = ZOFFSET $@
+ cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@
+--- a/arch/x86/boot/compressed/vmlinux.lds.S
++++ b/arch/x86/boot/compressed/vmlinux.lds.S
+@@ -47,6 +47,9 @@ SECTIONS
+ _data = . ;
+ *(.data)
+ *(.data.*)
++
++ /* Add 4 bytes of extra space for a CRC-32 checksum */
++ . = ALIGN(. + 4, 0x20);
+ _edata = . ;
+ }
+ . = ALIGN(L1_CACHE_BYTES);
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -233,7 +233,7 @@ sentinel: .byte 0xff, 0xff /* Use
+ hdr:
+ .byte setup_sects - 1
+ root_flags: .word ROOT_RDONLY
+-syssize: .long 0 /* Filled in by build.c */
++syssize: .long ZO__edata / 16
+ ram_size: .word 0 /* Obsolete */
+ vid_mode: .word SVGA_MODE
+ root_dev: .word 0 /* Default to major/minor 0/0 */
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -52,6 +52,7 @@ u8 buf[SETUP_SECT_MAX*512];
+
+ static unsigned long efi_pe_entry;
+ static unsigned long efi32_pe_entry;
++static unsigned long _edata;
+ static unsigned long _end;
+
+ /*----------------------------------------------------------------------*/
+@@ -308,6 +309,7 @@ static void parse_zoffset(char *fname)
+ while (p && *p) {
+ PARSE_ZOFS(p, efi_pe_entry);
+ PARSE_ZOFS(p, efi32_pe_entry);
++ PARSE_ZOFS(p, _edata);
+ PARSE_ZOFS(p, _end);
+
+ p = strchr(p, '\n');
+@@ -320,7 +322,6 @@ int main(int argc, char ** argv)
+ {
+ unsigned int i, sz, setup_sectors;
+ int c;
+- u32 sys_size;
+ struct stat sb;
+ FILE *file, *dest;
+ int fd;
+@@ -368,24 +369,14 @@ int main(int argc, char ** argv)
+ die("Unable to open `%s': %m", argv[2]);
+ if (fstat(fd, &sb))
+ die("Unable to stat `%s': %m", argv[2]);
+- sz = sb.st_size;
++ if (_edata != sb.st_size)
++ die("Unexpected file size `%s': %u != %u", argv[2], _edata,
++ sb.st_size);
++ sz = _edata - 4;
+ kernel = mmap(NULL, sz, PROT_READ, MAP_SHARED, fd, 0);
+ if (kernel == MAP_FAILED)
+ die("Unable to mmap '%s': %m", argv[2]);
+- /* Number of 16-byte paragraphs, including space for a 4-byte CRC */
+- sys_size = (sz + 15 + 4) / 16;
+-#ifdef CONFIG_EFI_STUB
+- /*
+- * COFF requires minimum 32-byte alignment of sections, and
+- * adding a signature is problematic without that alignment.
+- */
+- sys_size = (sys_size + 1) & ~1;
+-#endif
+-
+- /* Patch the setup code with the appropriate size parameters */
+- put_unaligned_le32(sys_size, &buf[0x1f4]);
+-
+- update_pecoff_text(setup_sectors * 512, i + (sys_size * 16));
++ update_pecoff_text(setup_sectors * 512, i + _edata);
+
+
+ crc = partial_crc32(buf, i, crc);
+@@ -397,13 +388,6 @@ int main(int argc, char ** argv)
+ if (fwrite(kernel, 1, sz, dest) != sz)
+ die("Writing kernel failed");
+
+- /* Add padding leaving 4 bytes for the checksum */
+- while (sz++ < (sys_size*16) - 4) {
+- crc = partial_crc32_one('\0', crc);
+- if (fwrite("\0", 1, 1, dest) != 1)
+- die("Writing padding failed");
+- }
+-
+ /* Write the CRC */
+ put_unaligned_le32(crc, buf);
+ if (fwrite(buf, 1, 4, dest) != 4)
--- /dev/null
+From fa5750521e0a4efbc1af05223da9c4bbd6c21c83 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Fri, 15 Sep 2023 17:16:30 +0000
+Subject: x86/boot: Drop PE/COFF .reloc section
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit fa5750521e0a4efbc1af05223da9c4bbd6c21c83 upstream.
+
+Ancient buggy EFI loaders may have required a .reloc section to be
+present at some point in time, but this has not been true for a long
+time so the .reloc section can just be dropped.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230915171623.655440-16-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 20 --------------------
+ arch/x86/boot/setup.ld | 4 ++--
+ arch/x86/boot/tools/build.c | 34 +++++-----------------------------
+ 3 files changed, 7 insertions(+), 51 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -155,26 +155,6 @@ section_table:
+ IMAGE_SCN_MEM_READ | \
+ IMAGE_SCN_MEM_EXECUTE # Characteristics
+
+- #
+- # The EFI application loader requires a relocation section
+- # because EFI applications must be relocatable. The .reloc
+- # offset & size fields are filled in by build.c.
+- #
+- .ascii ".reloc"
+- .byte 0
+- .byte 0
+- .long 0
+- .long 0
+- .long 0 # SizeOfRawData
+- .long 0 # PointerToRawData
+- .long 0 # PointerToRelocations
+- .long 0 # PointerToLineNumbers
+- .word 0 # NumberOfRelocations
+- .word 0 # NumberOfLineNumbers
+- .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
+- IMAGE_SCN_MEM_READ | \
+- IMAGE_SCN_MEM_DISCARDABLE # Characteristics
+-
+ #ifdef CONFIG_EFI_MIXED
+ #
+ # The offset & size fields are filled in by build.c.
+--- a/arch/x86/boot/setup.ld
++++ b/arch/x86/boot/setup.ld
+@@ -40,8 +40,8 @@ SECTIONS
+ setup_sig = .;
+ LONG(0x5a5aaa55)
+
+- /* Reserve some extra space for the reloc and compat sections */
+- setup_size = ALIGN(ABSOLUTE(.) + 64, 512);
++ /* Reserve some extra space for the compat section */
++ setup_size = ALIGN(ABSOLUTE(.) + 32, 512);
+ setup_sects = ABSOLUTE(setup_size / 512);
+ }
+
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -47,7 +47,6 @@ typedef unsigned int u32;
+ /* This must be large enough to hold the entire setup */
+ u8 buf[SETUP_SECT_MAX*512];
+
+-#define PECOFF_RELOC_RESERVE 0x20
+ #define PECOFF_COMPAT_RESERVE 0x20
+
+ static unsigned long efi32_pe_entry;
+@@ -180,24 +179,13 @@ static void update_pecoff_section_header
+ update_pecoff_section_header_fields(section_name, offset, size, size, offset);
+ }
+
+-static void update_pecoff_setup_and_reloc(unsigned int size)
++static void update_pecoff_setup(unsigned int size)
+ {
+ u32 setup_offset = 0x200;
+- u32 reloc_offset = size - PECOFF_RELOC_RESERVE - PECOFF_COMPAT_RESERVE;
+-#ifdef CONFIG_EFI_MIXED
+- u32 compat_offset = reloc_offset + PECOFF_RELOC_RESERVE;
+-#endif
+- u32 setup_size = reloc_offset - setup_offset;
++ u32 compat_offset = size - PECOFF_COMPAT_RESERVE;
++ u32 setup_size = compat_offset - setup_offset;
+
+ update_pecoff_section_header(".setup", setup_offset, setup_size);
+- update_pecoff_section_header(".reloc", reloc_offset, PECOFF_RELOC_RESERVE);
+-
+- /*
+- * Modify .reloc section contents with a single entry. The
+- * relocation is applied to offset 10 of the relocation section.
+- */
+- put_unaligned_le32(reloc_offset + 10, &buf[reloc_offset]);
+- put_unaligned_le32(10, &buf[reloc_offset + 4]);
+
+ #ifdef CONFIG_EFI_MIXED
+ update_pecoff_section_header(".compat", compat_offset, PECOFF_COMPAT_RESERVE);
+@@ -214,21 +202,10 @@ static void update_pecoff_setup_and_relo
+ #endif
+ }
+
+-static int reserve_pecoff_reloc_section(int c)
+-{
+- /* Reserve 0x20 bytes for .reloc section */
+- memset(buf+c, 0, PECOFF_RELOC_RESERVE);
+- return PECOFF_RELOC_RESERVE;
+-}
+-
+ #else
+
+-static inline void update_pecoff_setup_and_reloc(unsigned int size) {}
++static inline void update_pecoff_setup(unsigned int size) {}
+
+-static inline int reserve_pecoff_reloc_section(int c)
+-{
+- return 0;
+-}
+ #endif /* CONFIG_EFI_STUB */
+
+ static int reserve_pecoff_compat_section(int c)
+@@ -307,7 +284,6 @@ int main(int argc, char ** argv)
+ fclose(file);
+
+ c += reserve_pecoff_compat_section(c);
+- c += reserve_pecoff_reloc_section(c);
+
+ /* Pad unused space with zeros */
+ setup_sectors = (c + 511) / 512;
+@@ -316,7 +292,7 @@ int main(int argc, char ** argv)
+ i = setup_sectors*512;
+ memset(buf+c, 0, i-c);
+
+- update_pecoff_setup_and_reloc(i);
++ update_pecoff_setup(i);
+
+ /* Open and stat the kernel file */
+ fd = open(argv[2], O_RDONLY);
--- /dev/null
+From 7448e8e5d15a3c4df649bf6d6d460f78396f7e1e Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Tue, 12 Sep 2023 09:00:57 +0000
+Subject: x86/boot: Drop redundant code setting the root device
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 7448e8e5d15a3c4df649bf6d6d460f78396f7e1e upstream.
+
+The root device defaults to 0,0 and is no longer configurable at build
+time [0], so there is no need for the build tool to ever write to this
+field.
+
+[0] 079f85e624189292 ("x86, build: Do not set the root_dev field in bzImage")
+
+This change has no impact on the resulting bzImage binary.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230912090051.4014114-23-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 2 +-
+ arch/x86/boot/tools/build.c | 7 -------
+ 2 files changed, 1 insertion(+), 8 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -236,7 +236,7 @@ root_flags: .word ROOT_RDONLY
+ syssize: .long 0 /* Filled in by build.c */
+ ram_size: .word 0 /* Obsolete */
+ vid_mode: .word SVGA_MODE
+-root_dev: .word 0 /* Filled in by build.c */
++root_dev: .word 0 /* Default to major/minor 0/0 */
+ boot_flag: .word 0xAA55
+
+ # offset 512, entry point
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -40,10 +40,6 @@ typedef unsigned char u8;
+ typedef unsigned short u16;
+ typedef unsigned int u32;
+
+-#define DEFAULT_MAJOR_ROOT 0
+-#define DEFAULT_MINOR_ROOT 0
+-#define DEFAULT_ROOT_DEV (DEFAULT_MAJOR_ROOT << 8 | DEFAULT_MINOR_ROOT)
+-
+ /* Minimal number of setup sectors */
+ #define SETUP_SECT_MIN 5
+ #define SETUP_SECT_MAX 64
+@@ -399,9 +395,6 @@ int main(int argc, char ** argv)
+
+ update_pecoff_setup_and_reloc(i);
+
+- /* Set the default root device */
+- put_unaligned_le16(DEFAULT_ROOT_DEV, &buf[508]);
+-
+ /* Open and stat the kernel file */
+ fd = open(argv[2], O_RDONLY);
+ if (fd < 0)
--- /dev/null
+From b618d31f112bea3d2daea19190d63e567f32a4db Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Tue, 12 Sep 2023 09:00:59 +0000
+Subject: x86/boot: Drop references to startup_64
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit b618d31f112bea3d2daea19190d63e567f32a4db upstream.
+
+The x86 boot image generation tool assign a default value to startup_64
+and subsequently parses the actual value from zoffset.h but it never
+actually uses the value anywhere. So remove this code.
+
+This change has no impact on the resulting bzImage binary.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230912090051.4014114-25-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/Makefile | 2 +-
+ arch/x86/boot/tools/build.c | 3 ---
+ 2 files changed, 1 insertion(+), 4 deletions(-)
+
+--- a/arch/x86/boot/Makefile
++++ b/arch/x86/boot/Makefile
+@@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vm
+
+ SETUP_OBJS = $(addprefix $(obj)/,$(setup-y))
+
+-sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|startup_64\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|efi32_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|z_.*\)$$/\#define ZO_\2 0x\1/p'
++sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|efi32_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|z_.*\)$$/\#define ZO_\2 0x\1/p'
+
+ quiet_cmd_zoffset = ZOFFSET $@
+ cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -60,7 +60,6 @@ static unsigned long efi64_stub_entry;
+ static unsigned long efi_pe_entry;
+ static unsigned long efi32_pe_entry;
+ static unsigned long kernel_info;
+-static unsigned long startup_64;
+ static unsigned long _end;
+
+ /*----------------------------------------------------------------------*/
+@@ -264,7 +263,6 @@ static void efi_stub_defaults(void)
+ efi_pe_entry = 0x10;
+ #else
+ efi_pe_entry = 0x210;
+- startup_64 = 0x200;
+ #endif
+ }
+
+@@ -340,7 +338,6 @@ static void parse_zoffset(char *fname)
+ PARSE_ZOFS(p, efi_pe_entry);
+ PARSE_ZOFS(p, efi32_pe_entry);
+ PARSE_ZOFS(p, kernel_info);
+- PARSE_ZOFS(p, startup_64);
+ PARSE_ZOFS(p, _end);
+
+ p = strchr(p, '\n');
--- /dev/null
+From 2e765c02dcbfc2a8a4527c621a84b9502f6b9bd2 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Fri, 15 Sep 2023 17:16:25 +0000
+Subject: x86/boot: Grab kernel_info offset from zoffset header directly
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 2e765c02dcbfc2a8a4527c621a84b9502f6b9bd2 upstream.
+
+Instead of parsing zoffset.h and poking the kernel_info offset value
+into the header from the build tool, just grab the value directly in the
+asm file that describes this header.
+
+This change has no impact on the resulting bzImage binary.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230915171623.655440-11-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 2 +-
+ arch/x86/boot/tools/build.c | 4 ----
+ 2 files changed, 1 insertion(+), 5 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -526,7 +526,7 @@ pref_address: .quad LOAD_PHYSICAL_ADDR
+
+ init_size: .long INIT_SIZE # kernel initialization size
+ handover_offset: .long 0 # Filled in by build.c
+-kernel_info_offset: .long 0 # Filled in by build.c
++kernel_info_offset: .long ZO_kernel_info
+
+ # End of setup header #####################################################
+
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -59,7 +59,6 @@ static unsigned long efi32_stub_entry;
+ static unsigned long efi64_stub_entry;
+ static unsigned long efi_pe_entry;
+ static unsigned long efi32_pe_entry;
+-static unsigned long kernel_info;
+ static unsigned long _end;
+
+ /*----------------------------------------------------------------------*/
+@@ -337,7 +336,6 @@ static void parse_zoffset(char *fname)
+ PARSE_ZOFS(p, efi64_stub_entry);
+ PARSE_ZOFS(p, efi_pe_entry);
+ PARSE_ZOFS(p, efi32_pe_entry);
+- PARSE_ZOFS(p, kernel_info);
+ PARSE_ZOFS(p, _end);
+
+ p = strchr(p, '\n');
+@@ -419,8 +417,6 @@ int main(int argc, char ** argv)
+ update_pecoff_text(setup_sectors * 512, i + (sys_size * 16));
+
+ efi_stub_entry_update();
+- /* Update kernel_info offset. */
+- put_unaligned_le32(kernel_info, &buf[0x268]);
+
+ crc = partial_crc32(buf, i, crc);
+ if (fwrite(buf, 1, i, dest) != i)
--- /dev/null
+From 3e3eabe26dc88692d34cf76ca0e0dd331481cc15 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Fri, 15 Sep 2023 17:16:32 +0000
+Subject: x86/boot: Increase section and file alignment to 4k/512
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 3e3eabe26dc88692d34cf76ca0e0dd331481cc15 upstream.
+
+Align x86 with other EFI architectures, and increase the section
+alignment to the EFI page size (4k), so that firmware is able to honour
+the section permission attributes and map code read-only and data
+non-executable.
+
+There are a number of requirements that have to be taken into account:
+- the sign tools get cranky when there are gaps between sections in the
+ file view of the image
+- the virtual offset of each section must be aligned to the image's
+ section alignment
+- the file offset *and size* of each section must be aligned to the
+ image's file alignment
+- the image size must be aligned to the section alignment
+- each section's virtual offset must be greater than or equal to the
+ size of the headers.
+
+In order to meet all these requirements, while avoiding the need for
+lots of padding to accommodate the .compat section, the latter is placed
+at an arbitrary offset towards the end of the image, but aligned to the
+minimum file alignment (512 bytes). The space before the .text section
+is therefore distributed between the PE header, the .setup section and
+the .compat section, leaving no gaps in the file coverage, making the
+signing tools happy.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230915171623.655440-18-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/compressed/vmlinux.lds.S | 4 -
+ arch/x86/boot/header.S | 75 +++++++++++++++------------
+ arch/x86/boot/setup.ld | 7 +-
+ arch/x86/boot/tools/build.c | 90 ---------------------------------
+ 4 files changed, 51 insertions(+), 125 deletions(-)
+
+--- a/arch/x86/boot/compressed/vmlinux.lds.S
++++ b/arch/x86/boot/compressed/vmlinux.lds.S
+@@ -43,13 +43,13 @@ SECTIONS
+ *(.rodata.*)
+ _erodata = . ;
+ }
+- .data : {
++ .data : ALIGN(0x1000) {
+ _data = . ;
+ *(.data)
+ *(.data.*)
+
+ /* Add 4 bytes of extra space for a CRC-32 checksum */
+- . = ALIGN(. + 4, 0x20);
++ . = ALIGN(. + 4, 0x200);
+ _edata = . ;
+ }
+ . = ALIGN(L1_CACHE_BYTES);
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -36,6 +36,9 @@ SYSSEG = 0x1000 /* historical load add
+ #define ROOT_RDONLY 1
+ #endif
+
++ .set salign, 0x1000
++ .set falign, 0x200
++
+ .code16
+ .section ".bstext", "ax"
+ #ifdef CONFIG_EFI_STUB
+@@ -82,7 +85,7 @@ optional_header:
+
+ .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint
+
+- .long 0x0200 # BaseOfCode
++ .long setup_size # BaseOfCode
+ #ifdef CONFIG_X86_32
+ .long 0 # data
+ #endif
+@@ -93,8 +96,8 @@ extra_header_fields:
+ #else
+ .quad 0 # ImageBase
+ #endif
+- .long 0x20 # SectionAlignment
+- .long 0x20 # FileAlignment
++ .long salign # SectionAlignment
++ .long falign # FileAlignment
+ .word 0 # MajorOperatingSystemVersion
+ .word 0 # MinorOperatingSystemVersion
+ .word LINUX_EFISTUB_MAJOR_VERSION # MajorImageVersion
+@@ -103,9 +106,10 @@ extra_header_fields:
+ .word 0 # MinorSubsystemVersion
+ .long 0 # Win32VersionValue
+
+- .long setup_size + ZO__end # SizeOfImage
++ .long setup_size + ZO__end + pecompat_vsize
++ # SizeOfImage
+
+- .long 0x200 # SizeOfHeaders
++ .long salign # SizeOfHeaders
+ .long 0 # CheckSum
+ .word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application)
+ #ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES
+@@ -136,44 +140,51 @@ extra_header_fields:
+
+ # Section table
+ section_table:
+- #
+- # The offset & size fields are filled in by build.c.
+- #
+ .ascii ".setup"
+ .byte 0
+ .byte 0
+- .long 0
+- .long 0x0 # startup_{32,64}
+- .long 0 # Size of initialized data
+- # on disk
+- .long 0x0 # startup_{32,64}
+- .long 0 # PointerToRelocations
+- .long 0 # PointerToLineNumbers
+- .word 0 # NumberOfRelocations
+- .word 0 # NumberOfLineNumbers
+- .long IMAGE_SCN_CNT_CODE | \
++ .long setup_size - salign # VirtualSize
++ .long salign # VirtualAddress
++ .long pecompat_fstart - salign # SizeOfRawData
++ .long salign # PointerToRawData
++
++ .long 0, 0, 0
++ .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
+ IMAGE_SCN_MEM_READ | \
+- IMAGE_SCN_MEM_EXECUTE # Characteristics
++ IMAGE_SCN_MEM_DISCARDABLE # Characteristics
+
+ #ifdef CONFIG_EFI_MIXED
+- #
+- # The offset & size fields are filled in by build.c.
+- #
+ .asciz ".compat"
+- .long 0
+- .long 0x0
+- .long 0 # Size of initialized data
+- # on disk
+- .long 0x0
+- .long 0 # PointerToRelocations
+- .long 0 # PointerToLineNumbers
+- .word 0 # NumberOfRelocations
+- .word 0 # NumberOfLineNumbers
++
++ .long 8 # VirtualSize
++ .long setup_size + ZO__end # VirtualAddress
++ .long pecompat_fsize # SizeOfRawData
++ .long pecompat_fstart # PointerToRawData
++
++ .long 0, 0, 0
+ .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
+ IMAGE_SCN_MEM_READ | \
+ IMAGE_SCN_MEM_DISCARDABLE # Characteristics
+-#endif
+
++ /*
++ * Put the IA-32 machine type and the associated entry point address in
++ * the .compat section, so loaders can figure out which other execution
++ * modes this image supports.
++ */
++ .pushsection ".pecompat", "a", @progbits
++ .balign falign
++ .set pecompat_vsize, salign
++ .globl pecompat_fstart
++pecompat_fstart:
++ .byte 0x1 # Version
++ .byte 8 # Size
++ .word IMAGE_FILE_MACHINE_I386 # PE machine type
++ .long setup_size + ZO_efi32_pe_entry # Entrypoint
++ .popsection
++#else
++ .set pecompat_vsize, 0
++ .set pecompat_fstart, setup_size
++#endif
+ .ascii ".text"
+ .byte 0
+ .byte 0
+--- a/arch/x86/boot/setup.ld
++++ b/arch/x86/boot/setup.ld
+@@ -36,16 +36,17 @@ SECTIONS
+ . = ALIGN(16);
+ .data : { *(.data*) }
+
++ .pecompat : { *(.pecompat) }
++ PROVIDE(pecompat_fsize = setup_size - pecompat_fstart);
++
+ .signature : {
+ setup_sig = .;
+ LONG(0x5a5aaa55)
+
+- /* Reserve some extra space for the compat section */
+- setup_size = ALIGN(ABSOLUTE(.) + 32, 512);
++ setup_size = ALIGN(ABSOLUTE(.), 4096);
+ setup_sects = ABSOLUTE(setup_size / 512);
+ }
+
+-
+ . = ALIGN(16);
+ .bss :
+ {
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -47,9 +47,6 @@ typedef unsigned int u32;
+ /* This must be large enough to hold the entire setup */
+ u8 buf[SETUP_SECT_MAX*512];
+
+-#define PECOFF_COMPAT_RESERVE 0x20
+-
+-static unsigned long efi32_pe_entry;
+ static unsigned long _edata;
+
+ /*----------------------------------------------------------------------*/
+@@ -136,85 +133,6 @@ static void usage(void)
+ die("Usage: build setup system zoffset.h image");
+ }
+
+-#ifdef CONFIG_EFI_STUB
+-
+-static void update_pecoff_section_header_fields(char *section_name, u32 vma, u32 size, u32 datasz, u32 offset)
+-{
+- unsigned int pe_header;
+- unsigned short num_sections;
+- u8 *section;
+-
+- pe_header = get_unaligned_le32(&buf[0x3c]);
+- num_sections = get_unaligned_le16(&buf[pe_header + 6]);
+-
+-#ifdef CONFIG_X86_32
+- section = &buf[pe_header + 0xa8];
+-#else
+- section = &buf[pe_header + 0xb8];
+-#endif
+-
+- while (num_sections > 0) {
+- if (strncmp((char*)section, section_name, 8) == 0) {
+- /* section header size field */
+- put_unaligned_le32(size, section + 0x8);
+-
+- /* section header vma field */
+- put_unaligned_le32(vma, section + 0xc);
+-
+- /* section header 'size of initialised data' field */
+- put_unaligned_le32(datasz, section + 0x10);
+-
+- /* section header 'file offset' field */
+- put_unaligned_le32(offset, section + 0x14);
+-
+- break;
+- }
+- section += 0x28;
+- num_sections--;
+- }
+-}
+-
+-static void update_pecoff_section_header(char *section_name, u32 offset, u32 size)
+-{
+- update_pecoff_section_header_fields(section_name, offset, size, size, offset);
+-}
+-
+-static void update_pecoff_setup(unsigned int size)
+-{
+- u32 setup_offset = 0x200;
+- u32 compat_offset = size - PECOFF_COMPAT_RESERVE;
+- u32 setup_size = compat_offset - setup_offset;
+-
+- update_pecoff_section_header(".setup", setup_offset, setup_size);
+-
+-#ifdef CONFIG_EFI_MIXED
+- update_pecoff_section_header(".compat", compat_offset, PECOFF_COMPAT_RESERVE);
+-
+- /*
+- * Put the IA-32 machine type (0x14c) and the associated entry point
+- * address in the .compat section, so loaders can figure out which other
+- * execution modes this image supports.
+- */
+- buf[compat_offset] = 0x1;
+- buf[compat_offset + 1] = 0x8;
+- put_unaligned_le16(0x14c, &buf[compat_offset + 2]);
+- put_unaligned_le32(efi32_pe_entry + size, &buf[compat_offset + 4]);
+-#endif
+-}
+-
+-#else
+-
+-static inline void update_pecoff_setup(unsigned int size) {}
+-
+-#endif /* CONFIG_EFI_STUB */
+-
+-static int reserve_pecoff_compat_section(int c)
+-{
+- /* Reserve 0x20 bytes for .compat section */
+- memset(buf+c, 0, PECOFF_COMPAT_RESERVE);
+- return PECOFF_COMPAT_RESERVE;
+-}
+-
+ /*
+ * Parse zoffset.h and find the entry points. We could just #include zoffset.h
+ * but that would mean tools/build would have to be rebuilt every time. It's
+@@ -243,7 +161,6 @@ static void parse_zoffset(char *fname)
+ p = (char *)buf;
+
+ while (p && *p) {
+- PARSE_ZOFS(p, efi32_pe_entry);
+ PARSE_ZOFS(p, _edata);
+
+ p = strchr(p, '\n');
+@@ -283,17 +200,14 @@ int main(int argc, char ** argv)
+ die("Boot block hasn't got boot flag (0xAA55)");
+ fclose(file);
+
+- c += reserve_pecoff_compat_section(c);
+-
+ /* Pad unused space with zeros */
+- setup_sectors = (c + 511) / 512;
++ setup_sectors = (c + 4095) / 4096;
++ setup_sectors *= 8;
+ if (setup_sectors < SETUP_SECT_MIN)
+ setup_sectors = SETUP_SECT_MIN;
+ i = setup_sectors*512;
+ memset(buf+c, 0, i-c);
+
+- update_pecoff_setup(i);
+-
+ /* Open and stat the kernel file */
+ fd = open(argv[2], O_RDONLY);
+ if (fd < 0)
--- /dev/null
+From 8eace5b3555606e684739bef5bcdfcfe68235257 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Tue, 12 Sep 2023 09:00:56 +0000
+Subject: x86/boot: Omit compression buffer from PE/COFF image memory footprint
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 8eace5b3555606e684739bef5bcdfcfe68235257 upstream.
+
+Now that the EFI stub decompresses the kernel and hands over to the
+decompressed image directly, there is no longer a need to provide a
+decompression buffer as part of the .BSS allocation of the PE/COFF
+image. It also means the PE/COFF image can be loaded anywhere in memory,
+and setting the preferred image base is unnecessary. So drop the
+handling of this from the header and from the build tool.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230912090051.4014114-22-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 6 +----
+ arch/x86/boot/tools/build.c | 50 +++++---------------------------------------
+ 2 files changed, 8 insertions(+), 48 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -90,12 +90,10 @@ optional_header:
+ #endif
+
+ extra_header_fields:
+- # PE specification requires ImageBase to be 64k aligned
+- .set image_base, (LOAD_PHYSICAL_ADDR + 0xffff) & ~0xffff
+ #ifdef CONFIG_X86_32
+- .long image_base # ImageBase
++ .long 0 # ImageBase
+ #else
+- .quad image_base # ImageBase
++ .quad 0 # ImageBase
+ #endif
+ .long 0x20 # SectionAlignment
+ .long 0x20 # FileAlignment
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -65,7 +65,6 @@ static unsigned long efi_pe_entry;
+ static unsigned long efi32_pe_entry;
+ static unsigned long kernel_info;
+ static unsigned long startup_64;
+-static unsigned long _ehead;
+ static unsigned long _end;
+
+ /*----------------------------------------------------------------------*/
+@@ -229,35 +228,22 @@ static void update_pecoff_setup_and_relo
+ #endif
+ }
+
+-static void update_pecoff_text(unsigned int text_start, unsigned int file_sz,
+- unsigned int init_sz)
++static void update_pecoff_text(unsigned int text_start, unsigned int file_sz)
+ {
+ unsigned int pe_header;
+ unsigned int text_sz = file_sz - text_start;
+- unsigned int bss_sz = init_sz - file_sz;
++ unsigned int bss_sz = _end - text_sz;
+
+ pe_header = get_unaligned_le32(&buf[0x3c]);
+
+ /*
+- * The PE/COFF loader may load the image at an address which is
+- * misaligned with respect to the kernel_alignment field in the setup
+- * header.
+- *
+- * In order to avoid relocating the kernel to correct the misalignment,
+- * add slack to allow the buffer to be aligned within the declared size
+- * of the image.
+- */
+- bss_sz += CONFIG_PHYSICAL_ALIGN;
+- init_sz += CONFIG_PHYSICAL_ALIGN;
+-
+- /*
+ * Size of code: Subtract the size of the first sector (512 bytes)
+ * which includes the header.
+ */
+ put_unaligned_le32(file_sz - 512 + bss_sz, &buf[pe_header + 0x1c]);
+
+ /* Size of image */
+- put_unaligned_le32(init_sz, &buf[pe_header + 0x50]);
++ put_unaligned_le32(file_sz + bss_sz, &buf[pe_header + 0x50]);
+
+ /*
+ * Address of entry point for PE/COFF executable
+@@ -308,8 +294,7 @@ static void efi_stub_entry_update(void)
+
+ static inline void update_pecoff_setup_and_reloc(unsigned int size) {}
+ static inline void update_pecoff_text(unsigned int text_start,
+- unsigned int file_sz,
+- unsigned int init_sz) {}
++ unsigned int file_sz) {}
+ static inline void efi_stub_defaults(void) {}
+ static inline void efi_stub_entry_update(void) {}
+
+@@ -360,7 +345,6 @@ static void parse_zoffset(char *fname)
+ PARSE_ZOFS(p, efi32_pe_entry);
+ PARSE_ZOFS(p, kernel_info);
+ PARSE_ZOFS(p, startup_64);
+- PARSE_ZOFS(p, _ehead);
+ PARSE_ZOFS(p, _end);
+
+ p = strchr(p, '\n');
+@@ -371,7 +355,7 @@ static void parse_zoffset(char *fname)
+
+ int main(int argc, char ** argv)
+ {
+- unsigned int i, sz, setup_sectors, init_sz;
++ unsigned int i, sz, setup_sectors;
+ int c;
+ u32 sys_size;
+ struct stat sb;
+@@ -442,31 +426,9 @@ int main(int argc, char ** argv)
+ buf[0x1f1] = setup_sectors-1;
+ put_unaligned_le32(sys_size, &buf[0x1f4]);
+
+- init_sz = get_unaligned_le32(&buf[0x260]);
+-#ifdef CONFIG_EFI_STUB
+- /*
+- * The decompression buffer will start at ImageBase. When relocating
+- * the compressed kernel to its end, we must ensure that the head
+- * section does not get overwritten. The head section occupies
+- * [i, i + _ehead), and the destination is [init_sz - _end, init_sz).
+- *
+- * At present these should never overlap, because 'i' is at most 32k
+- * because of SETUP_SECT_MAX, '_ehead' is less than 1k, and the
+- * calculation of INIT_SIZE in boot/header.S ensures that
+- * 'init_sz - _end' is at least 64k.
+- *
+- * For future-proofing, increase init_sz if necessary.
+- */
+-
+- if (init_sz - _end < i + _ehead) {
+- init_sz = (i + _ehead + _end + 4095) & ~4095;
+- put_unaligned_le32(init_sz, &buf[0x260]);
+- }
+-#endif
+- update_pecoff_text(setup_sectors * 512, i + (sys_size * 16), init_sz);
++ update_pecoff_text(setup_sectors * 512, i + (sys_size * 16));
+
+ efi_stub_entry_update();
+-
+ /* Update kernel_info offset. */
+ put_unaligned_le32(kernel_info, &buf[0x268]);
+
--- /dev/null
+From 768171d7ebbce005210e1cf8456f043304805c15 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Tue, 12 Sep 2023 09:00:55 +0000
+Subject: x86/boot: Remove the 'bugger off' message
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 768171d7ebbce005210e1cf8456f043304805c15 upstream.
+
+Ancient (pre-2003) x86 kernels could boot from a floppy disk straight from
+the BIOS, using a small real mode boot stub at the start of the image
+where the BIOS would expect the boot record (or boot block) to appear.
+
+Due to its limitations (kernel size < 1 MiB, no support for IDE, USB or
+El Torito floppy emulation), this support was dropped, and a Linux aware
+bootloader is now always required to boot the kernel from a legacy BIOS.
+
+To smoothen this transition, the boot stub was not removed entirely, but
+replaced with one that just prints an error message telling the user to
+install a bootloader.
+
+As it is unlikely that anyone doing direct floppy boot with such an
+ancient kernel is going to upgrade to v6.5+ and expect that this boot
+method still works, printing this message is kind of pointless, and so
+it should be possible to remove the logic that emits it.
+
+Let's free up this space so it can be used to expand the PE header in a
+subsequent patch.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Acked-by: H. Peter Anvin (Intel) <hpa@zytor.com>
+Link: https://lore.kernel.org/r/20230912090051.4014114-21-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 49 -------------------------------------------------
+ arch/x86/boot/setup.ld | 7 ++++---
+ 2 files changed, 4 insertions(+), 52 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -38,64 +38,15 @@ SYSSEG = 0x1000 /* historical load add
+
+ .code16
+ .section ".bstext", "ax"
+-
+- .global bootsect_start
+-bootsect_start:
+ #ifdef CONFIG_EFI_STUB
+ # "MZ", MS-DOS header
+ .word MZ_MAGIC
+-#endif
+-
+- # Normalize the start address
+- ljmp $BOOTSEG, $start2
+-
+-start2:
+- movw %cs, %ax
+- movw %ax, %ds
+- movw %ax, %es
+- movw %ax, %ss
+- xorw %sp, %sp
+- sti
+- cld
+-
+- movw $bugger_off_msg, %si
+-
+-msg_loop:
+- lodsb
+- andb %al, %al
+- jz bs_die
+- movb $0xe, %ah
+- movw $7, %bx
+- int $0x10
+- jmp msg_loop
+-
+-bs_die:
+- # Allow the user to press a key, then reboot
+- xorw %ax, %ax
+- int $0x16
+- int $0x19
+-
+- # int 0x19 should never return. In case it does anyway,
+- # invoke the BIOS reset code...
+- ljmp $0xf000,$0xfff0
+-
+-#ifdef CONFIG_EFI_STUB
+ .org 0x38
+ #
+ # Offset to the PE header.
+ #
+ .long LINUX_PE_MAGIC
+ .long pe_header
+-#endif /* CONFIG_EFI_STUB */
+-
+- .section ".bsdata", "a"
+-bugger_off_msg:
+- .ascii "Use a boot loader.\r\n"
+- .ascii "\n"
+- .ascii "Remove disk and press any key to reboot...\r\n"
+- .byte 0
+-
+-#ifdef CONFIG_EFI_STUB
+ pe_header:
+ .long PE_MAGIC
+
+--- a/arch/x86/boot/setup.ld
++++ b/arch/x86/boot/setup.ld
+@@ -10,10 +10,11 @@ ENTRY(_start)
+ SECTIONS
+ {
+ . = 0;
+- .bstext : { *(.bstext) }
+- .bsdata : { *(.bsdata) }
++ .bstext : {
++ *(.bstext)
++ . = 495;
++ } =0xffffffff
+
+- . = 495;
+ .header : { *(.header) }
+ .entrytext : { *(.entrytext) }
+ .inittext : { *(.inittext) }
--- /dev/null
+From eac956345f99dda3d68f4ae6cf7b494105e54780 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Fri, 15 Sep 2023 17:16:26 +0000
+Subject: x86/boot: Set EFI handover offset directly in header asm
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit eac956345f99dda3d68f4ae6cf7b494105e54780 upstream.
+
+The offsets of the EFI handover entrypoints are available to the
+assembler when constructing the header, so there is no need to set them
+from the build tool afterwards.
+
+This change has no impact on the resulting bzImage binary.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230915171623.655440-12-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 18 +++++++++++++++++-
+ arch/x86/boot/tools/build.c | 24 ------------------------
+ 2 files changed, 17 insertions(+), 25 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -524,8 +524,24 @@ pref_address: .quad LOAD_PHYSICAL_ADDR
+ # define INIT_SIZE VO_INIT_SIZE
+ #endif
+
++ .macro __handover_offset
++#ifndef CONFIG_EFI_HANDOVER_PROTOCOL
++ .long 0
++#elif !defined(CONFIG_X86_64)
++ .long ZO_efi32_stub_entry
++#else
++ /* Yes, this is really how we defined it :( */
++ .long ZO_efi64_stub_entry - 0x200
++#ifdef CONFIG_EFI_MIXED
++ .if ZO_efi32_stub_entry != ZO_efi64_stub_entry - 0x200
++ .error "32-bit and 64-bit EFI entry points do not match"
++ .endif
++#endif
++#endif
++ .endm
++
+ init_size: .long INIT_SIZE # kernel initialization size
+-handover_offset: .long 0 # Filled in by build.c
++handover_offset: __handover_offset
+ kernel_info_offset: .long ZO_kernel_info
+
+ # End of setup header #####################################################
+--- a/arch/x86/boot/tools/build.c
++++ b/arch/x86/boot/tools/build.c
+@@ -55,8 +55,6 @@ u8 buf[SETUP_SECT_MAX*512];
+ #define PECOFF_COMPAT_RESERVE 0x0
+ #endif
+
+-static unsigned long efi32_stub_entry;
+-static unsigned long efi64_stub_entry;
+ static unsigned long efi_pe_entry;
+ static unsigned long efi32_pe_entry;
+ static unsigned long _end;
+@@ -265,31 +263,12 @@ static void efi_stub_defaults(void)
+ #endif
+ }
+
+-static void efi_stub_entry_update(void)
+-{
+- unsigned long addr = efi32_stub_entry;
+-
+-#ifdef CONFIG_EFI_HANDOVER_PROTOCOL
+-#ifdef CONFIG_X86_64
+- /* Yes, this is really how we defined it :( */
+- addr = efi64_stub_entry - 0x200;
+-#endif
+-
+-#ifdef CONFIG_EFI_MIXED
+- if (efi32_stub_entry != addr)
+- die("32-bit and 64-bit EFI entry points do not match\n");
+-#endif
+-#endif
+- put_unaligned_le32(addr, &buf[0x264]);
+-}
+-
+ #else
+
+ static inline void update_pecoff_setup_and_reloc(unsigned int size) {}
+ static inline void update_pecoff_text(unsigned int text_start,
+ unsigned int file_sz) {}
+ static inline void efi_stub_defaults(void) {}
+-static inline void efi_stub_entry_update(void) {}
+
+ static inline int reserve_pecoff_reloc_section(int c)
+ {
+@@ -332,8 +311,6 @@ static void parse_zoffset(char *fname)
+ p = (char *)buf;
+
+ while (p && *p) {
+- PARSE_ZOFS(p, efi32_stub_entry);
+- PARSE_ZOFS(p, efi64_stub_entry);
+ PARSE_ZOFS(p, efi_pe_entry);
+ PARSE_ZOFS(p, efi32_pe_entry);
+ PARSE_ZOFS(p, _end);
+@@ -416,7 +393,6 @@ int main(int argc, char ** argv)
+
+ update_pecoff_text(setup_sectors * 512, i + (sys_size * 16));
+
+- efi_stub_entry_update();
+
+ crc = partial_crc32(buf, i, crc);
+ if (fwrite(buf, 1, i, dest) != i)
--- /dev/null
+From 34951f3c28bdf6481d949a20413b2ce7693687b2 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Fri, 15 Sep 2023 17:16:31 +0000
+Subject: x86/boot: Split off PE/COFF .data section
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 34951f3c28bdf6481d949a20413b2ce7693687b2 upstream.
+
+Describe the code and data of the decompressor binary using separate
+.text and .data PE/COFF sections, so that we will be able to map them
+using restricted permissions once we increase the section and file
+alignment sufficiently. This avoids the need for memory mappings that
+are writable and executable at the same time, which is something that
+is best avoided for security reasons.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230915171623.655440-17-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/Makefile | 2 +-
+ arch/x86/boot/header.S | 19 +++++++++++++++----
+ 2 files changed, 16 insertions(+), 5 deletions(-)
+
+--- a/arch/x86/boot/Makefile
++++ b/arch/x86/boot/Makefile
+@@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vm
+
+ SETUP_OBJS = $(addprefix $(obj)/,$(setup-y))
+
+-sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_edata\|z_.*\)$$/\#define ZO_\2 0x\1/p'
++sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_e\?data\|z_.*\)$$/\#define ZO_\2 0x\1/p'
+
+ quiet_cmd_zoffset = ZOFFSET $@
+ cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -75,9 +75,9 @@ optional_header:
+ .byte 0x02 # MajorLinkerVersion
+ .byte 0x14 # MinorLinkerVersion
+
+- .long setup_size + ZO__end - 0x200 # SizeOfCode
++ .long ZO__data # SizeOfCode
+
+- .long 0 # SizeOfInitializedData
++ .long ZO__end - ZO__data # SizeOfInitializedData
+ .long 0 # SizeOfUninitializedData
+
+ .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint
+@@ -178,9 +178,9 @@ section_table:
+ .byte 0
+ .byte 0
+ .byte 0
+- .long ZO__end
++ .long ZO__data
+ .long setup_size
+- .long ZO__edata # Size of initialized data
++ .long ZO__data # Size of initialized data
+ # on disk
+ .long setup_size
+ .long 0 # PointerToRelocations
+@@ -191,6 +191,17 @@ section_table:
+ IMAGE_SCN_MEM_READ | \
+ IMAGE_SCN_MEM_EXECUTE # Characteristics
+
++ .ascii ".data\0\0\0"
++ .long ZO__end - ZO__data # VirtualSize
++ .long setup_size + ZO__data # VirtualAddress
++ .long ZO__edata - ZO__data # SizeOfRawData
++ .long setup_size + ZO__data # PointerToRawData
++
++ .long 0, 0, 0
++ .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
++ IMAGE_SCN_MEM_READ | \
++ IMAGE_SCN_MEM_WRITE # Characteristics
++
+ .set section_count, (. - section_table) / 40
+ #endif /* CONFIG_EFI_STUB */
+
--- /dev/null
+From 7e50262229faad0c7b8c54477cd1c883f31cc4a7 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Tue, 12 Sep 2023 09:00:53 +0000
+Subject: x86/efi: Disregard setup header of loaded image
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 7e50262229faad0c7b8c54477cd1c883f31cc4a7 upstream.
+
+The native EFI entrypoint does not take a struct boot_params from the
+loader, but instead, it constructs one from scratch, using the setup
+header data placed at the start of the image.
+
+This setup header is placed in a way that permits legacy loaders to
+manipulate the contents (i.e., to pass the kernel command line or the
+address and size of an initial ramdisk), but EFI boot does not use it in
+that way - it only copies the contents that were placed there at build
+time, but EFI loaders will not (and should not) manipulate the setup
+header to configure the boot. (Commit 63bf28ceb3ebbe76 "efi: x86: Wipe
+setup_data on pure EFI boot" deals with some of the fallout of using
+setup_data in a way that breaks EFI boot.)
+
+Given that none of the non-zero values that are copied from the setup
+header into the EFI stub's struct boot_params are relevant to the boot
+now that the EFI stub no longer enters via the legacy decompressor, the
+copy can be omitted altogether.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230912090051.4014114-19-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/firmware/efi/libstub/x86-stub.c | 46 ++++----------------------------
+ 1 file changed, 6 insertions(+), 40 deletions(-)
+
+--- a/drivers/firmware/efi/libstub/x86-stub.c
++++ b/drivers/firmware/efi/libstub/x86-stub.c
+@@ -458,9 +458,8 @@ void __noreturn efi_stub_entry(efi_handl
+ efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
+ efi_system_table_t *sys_table_arg)
+ {
+- struct boot_params *boot_params;
+- struct setup_header *hdr;
+- void *image_base;
++ static struct boot_params boot_params __page_aligned_bss;
++ struct setup_header *hdr = &boot_params.hdr;
+ efi_guid_t proto = LOADED_IMAGE_PROTOCOL_GUID;
+ int options_size = 0;
+ efi_status_t status;
+@@ -478,30 +477,9 @@ efi_status_t __efiapi efi_pe_entry(efi_h
+ efi_exit(handle, status);
+ }
+
+- image_base = efi_table_attr(image, image_base);
+-
+- status = efi_allocate_pages(sizeof(struct boot_params),
+- (unsigned long *)&boot_params, ULONG_MAX);
+- if (status != EFI_SUCCESS) {
+- efi_err("Failed to allocate lowmem for boot params\n");
+- efi_exit(handle, status);
+- }
+-
+- memset(boot_params, 0x0, sizeof(struct boot_params));
+-
+- hdr = &boot_params->hdr;
+-
+- /* Copy the setup header from the second sector to boot_params */
+- memcpy(&hdr->jump, image_base + 512,
+- sizeof(struct setup_header) - offsetof(struct setup_header, jump));
+-
+- /*
+- * Fill out some of the header fields ourselves because the
+- * EFI firmware loader doesn't load the first sector.
+- */
++ /* Assign the setup_header fields that the kernel actually cares about */
+ hdr->root_flags = 1;
+ hdr->vid_mode = 0xffff;
+- hdr->boot_flag = 0xAA55;
+
+ hdr->type_of_loader = 0x21;
+
+@@ -510,25 +488,13 @@ efi_status_t __efiapi efi_pe_entry(efi_h
+ if (!cmdline_ptr)
+ goto fail;
+
+- efi_set_u64_split((unsigned long)cmdline_ptr,
+- &hdr->cmd_line_ptr, &boot_params->ext_cmd_line_ptr);
+-
+- hdr->ramdisk_image = 0;
+- hdr->ramdisk_size = 0;
++ efi_set_u64_split((unsigned long)cmdline_ptr, &hdr->cmd_line_ptr,
++ &boot_params.ext_cmd_line_ptr);
+
+- /*
+- * Disregard any setup data that was provided by the bootloader:
+- * setup_data could be pointing anywhere, and we have no way of
+- * authenticating or validating the payload.
+- */
+- hdr->setup_data = 0;
+-
+- efi_stub_entry(handle, sys_table_arg, boot_params);
++ efi_stub_entry(handle, sys_table_arg, &boot_params);
+ /* not reached */
+
+ fail:
+- efi_free(sizeof(struct boot_params), (unsigned long)boot_params);
+-
+ efi_exit(handle, status);
+ }
+
--- /dev/null
+From bfab35f552ab3dd6d017165bf9de1d1d20f198cc Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Tue, 12 Sep 2023 09:00:54 +0000
+Subject: x86/efi: Drop alignment flags from PE section headers
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit bfab35f552ab3dd6d017165bf9de1d1d20f198cc upstream.
+
+The section header flags for alignment are documented in the PE/COFF
+spec as being applicable to PE object files only, not to PE executables
+such as the Linux bzImage, so let's drop them from the PE header.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230912090051.4014114-20-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 12 ++++--------
+ 1 file changed, 4 insertions(+), 8 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -209,8 +209,7 @@ section_table:
+ .word 0 # NumberOfLineNumbers
+ .long IMAGE_SCN_CNT_CODE | \
+ IMAGE_SCN_MEM_READ | \
+- IMAGE_SCN_MEM_EXECUTE | \
+- IMAGE_SCN_ALIGN_16BYTES # Characteristics
++ IMAGE_SCN_MEM_EXECUTE # Characteristics
+
+ #
+ # The EFI application loader requires a relocation section
+@@ -230,8 +229,7 @@ section_table:
+ .word 0 # NumberOfLineNumbers
+ .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
+ IMAGE_SCN_MEM_READ | \
+- IMAGE_SCN_MEM_DISCARDABLE | \
+- IMAGE_SCN_ALIGN_1BYTES # Characteristics
++ IMAGE_SCN_MEM_DISCARDABLE # Characteristics
+
+ #ifdef CONFIG_EFI_MIXED
+ #
+@@ -249,8 +247,7 @@ section_table:
+ .word 0 # NumberOfLineNumbers
+ .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
+ IMAGE_SCN_MEM_READ | \
+- IMAGE_SCN_MEM_DISCARDABLE | \
+- IMAGE_SCN_ALIGN_1BYTES # Characteristics
++ IMAGE_SCN_MEM_DISCARDABLE # Characteristics
+ #endif
+
+ #
+@@ -271,8 +268,7 @@ section_table:
+ .word 0 # NumberOfLineNumbers
+ .long IMAGE_SCN_CNT_CODE | \
+ IMAGE_SCN_MEM_READ | \
+- IMAGE_SCN_MEM_EXECUTE | \
+- IMAGE_SCN_ALIGN_16BYTES # Characteristics
++ IMAGE_SCN_MEM_EXECUTE # Characteristics
+
+ .set section_count, (. - section_table) / 40
+ #endif /* CONFIG_EFI_STUB */
--- /dev/null
+From 5f51c5d0e905608ba7be126737f7c84a793ae1aa Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Tue, 12 Sep 2023 09:00:52 +0000
+Subject: x86/efi: Drop EFI stub .bss from .data section
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 5f51c5d0e905608ba7be126737f7c84a793ae1aa upstream.
+
+Now that the EFI stub always zero inits its BSS section upon entry,
+there is no longer a need to place the BSS symbols carried by the stub
+into the .data section.
+
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20230912090051.4014114-18-ardb@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/compressed/vmlinux.lds.S | 1 -
+ drivers/firmware/efi/libstub/Makefile | 7 -------
+ 2 files changed, 8 deletions(-)
+
+--- a/arch/x86/boot/compressed/vmlinux.lds.S
++++ b/arch/x86/boot/compressed/vmlinux.lds.S
+@@ -47,7 +47,6 @@ SECTIONS
+ _data = . ;
+ *(.data)
+ *(.data.*)
+- *(.bss.efistub)
+ _edata = . ;
+ }
+ . = ALIGN(L1_CACHE_BYTES);
+--- a/drivers/firmware/efi/libstub/Makefile
++++ b/drivers/firmware/efi/libstub/Makefile
+@@ -108,13 +108,6 @@ lib-y := $(patsubst %.o,%.stub.o,$(li
+ # https://bugs.llvm.org/show_bug.cgi?id=46480
+ STUBCOPY_FLAGS-y += --remove-section=.note.gnu.property
+
+-#
+-# For x86, bootloaders like systemd-boot or grub-efi do not zero-initialize the
+-# .bss section, so the .bss section of the EFI stub needs to be included in the
+-# .data section of the compressed kernel to ensure initialization. Rename the
+-# .bss section here so it's easy to pick out in the linker script.
+-#
+-STUBCOPY_FLAGS-$(CONFIG_X86) += --rename-section .bss=.bss.efistub,load,alloc
+ STUBCOPY_RELOC-$(CONFIG_X86_32) := R_386_32
+ STUBCOPY_RELOC-$(CONFIG_X86_64) := R_X86_64_64
+
--- /dev/null
+From 1ad55cecf22f05f1c884adf63cc09d3c3e609ebf Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ardb@kernel.org>
+Date: Mon, 5 Feb 2024 09:11:07 +0100
+Subject: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section
+
+From: Ard Biesheuvel <ardb@kernel.org>
+
+commit 1ad55cecf22f05f1c884adf63cc09d3c3e609ebf upstream.
+
+The .compat section is a dummy PE section that contains the address of
+the 32-bit entrypoint of the 64-bit kernel image if it is bootable from
+32-bit firmware (i.e., CONFIG_EFI_MIXED=y)
+
+This section is only 8 bytes in size and is only referenced from the
+loader, and so it is placed at the end of the memory view of the image,
+to avoid the need for padding it to 4k, which is required for sections
+appearing in the middle of the image.
+
+Unfortunately, this violates the PE/COFF spec, and even if most EFI
+loaders will work correctly (including the Tianocore reference
+implementation), PE loaders do exist that reject such images, on the
+basis that both the file and memory views of the file contents should be
+described by the section headers in a monotonically increasing manner
+without leaving any gaps.
+
+So reorganize the sections to avoid this issue. This results in a slight
+padding overhead (< 4k) which can be avoided if desired by disabling
+CONFIG_EFI_MIXED (which is only needed in rare cases these days)
+
+Fixes: 3e3eabe26dc8 ("x86/boot: Increase section and file alignment to 4k/512")
+Reported-by: Mike Beaton <mjsbeaton@gmail.com>
+Link: https://lkml.kernel.org/r/CAHzAAWQ6srV6LVNdmfbJhOwhBw5ZzxxZZ07aHt9oKkfYAdvuQQ%40mail.gmail.com
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/boot/header.S | 14 ++++++--------
+ arch/x86/boot/setup.ld | 6 +++---
+ 2 files changed, 9 insertions(+), 11 deletions(-)
+
+--- a/arch/x86/boot/header.S
++++ b/arch/x86/boot/header.S
+@@ -106,8 +106,7 @@ extra_header_fields:
+ .word 0 # MinorSubsystemVersion
+ .long 0 # Win32VersionValue
+
+- .long setup_size + ZO__end + pecompat_vsize
+- # SizeOfImage
++ .long setup_size + ZO__end # SizeOfImage
+
+ .long salign # SizeOfHeaders
+ .long 0 # CheckSum
+@@ -143,7 +142,7 @@ section_table:
+ .ascii ".setup"
+ .byte 0
+ .byte 0
+- .long setup_size - salign # VirtualSize
++ .long pecompat_fstart - salign # VirtualSize
+ .long salign # VirtualAddress
+ .long pecompat_fstart - salign # SizeOfRawData
+ .long salign # PointerToRawData
+@@ -156,8 +155,8 @@ section_table:
+ #ifdef CONFIG_EFI_MIXED
+ .asciz ".compat"
+
+- .long 8 # VirtualSize
+- .long setup_size + ZO__end # VirtualAddress
++ .long pecompat_fsize # VirtualSize
++ .long pecompat_fstart # VirtualAddress
+ .long pecompat_fsize # SizeOfRawData
+ .long pecompat_fstart # PointerToRawData
+
+@@ -172,17 +171,16 @@ section_table:
+ * modes this image supports.
+ */
+ .pushsection ".pecompat", "a", @progbits
+- .balign falign
+- .set pecompat_vsize, salign
++ .balign salign
+ .globl pecompat_fstart
+ pecompat_fstart:
+ .byte 0x1 # Version
+ .byte 8 # Size
+ .word IMAGE_FILE_MACHINE_I386 # PE machine type
+ .long setup_size + ZO_efi32_pe_entry # Entrypoint
++ .byte 0x0 # Sentinel
+ .popsection
+ #else
+- .set pecompat_vsize, 0
+ .set pecompat_fstart, setup_size
+ #endif
+ .ascii ".text"
+--- a/arch/x86/boot/setup.ld
++++ b/arch/x86/boot/setup.ld
+@@ -24,6 +24,9 @@ SECTIONS
+ .text : { *(.text .text.*) }
+ .text32 : { *(.text32) }
+
++ .pecompat : { *(.pecompat) }
++ PROVIDE(pecompat_fsize = setup_size - pecompat_fstart);
++
+ . = ALIGN(16);
+ .rodata : { *(.rodata*) }
+
+@@ -36,9 +39,6 @@ SECTIONS
+ . = ALIGN(16);
+ .data : { *(.data*) }
+
+- .pecompat : { *(.pecompat) }
+- PROVIDE(pecompat_fsize = setup_size - pecompat_fstart);
+-
+ .signature : {
+ setup_sig = .;
+ LONG(0x5a5aaa55)
projects / thirdparty / kernel / stable-queue.git / commitdiff
