From: Greg Kroah-Hartman Date: Tue, 20 Feb 2024 15:15:17 +0000 (+0100) Subject: 6.6-stable patches X-Git-Tag: v4.19.307~57 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b4a221bf1f42c84656208fe75e5b24a566540543;p=thirdparty%2Fkernel%2Fstable-queue.git 6.6-stable patches added patches: x86-boot-construct-pe-coff-.text-section-from-assembler.patch x86-boot-define-setup-size-in-linker-script.patch x86-boot-derive-file-size-from-_edata-symbol.patch x86-boot-drop-pe-coff-.reloc-section.patch x86-boot-drop-redundant-code-setting-the-root-device.patch x86-boot-drop-references-to-startup_64.patch x86-boot-grab-kernel_info-offset-from-zoffset-header-directly.patch x86-boot-increase-section-and-file-alignment-to-4k-512.patch x86-boot-omit-compression-buffer-from-pe-coff-image-memory-footprint.patch x86-boot-remove-the-bugger-off-message.patch x86-boot-set-efi-handover-offset-directly-in-header-asm.patch x86-boot-split-off-pe-coff-.data-section.patch x86-efi-disregard-setup-header-of-loaded-image.patch x86-efi-drop-alignment-flags-from-pe-section-headers.patch x86-efi-drop-efi-stub-.bss-from-.data-section.patch x86-efistub-use-1-1-file-memory-mapping-for-pe-coff-.compat-section.patch --- diff --git a/queue-6.6/series b/queue-6.6/series index 0c10abcf032..ac890054ae8 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -313,3 +313,19 @@ eventfs-restructure-eventfs_inode-structure-to-be-more-condensed.patch eventfs-remove-fsnotify-functions-from-lookup.patch eventfs-keep-all-directory-links-at-1.patch nfsd-don-t-take-fi_lock-in-nfsd_break_deleg_cb.patch +x86-efi-drop-efi-stub-.bss-from-.data-section.patch +x86-efi-disregard-setup-header-of-loaded-image.patch +x86-efi-drop-alignment-flags-from-pe-section-headers.patch +x86-boot-remove-the-bugger-off-message.patch +x86-boot-omit-compression-buffer-from-pe-coff-image-memory-footprint.patch +x86-boot-drop-redundant-code-setting-the-root-device.patch +x86-boot-drop-references-to-startup_64.patch +x86-boot-grab-kernel_info-offset-from-zoffset-header-directly.patch +x86-boot-set-efi-handover-offset-directly-in-header-asm.patch +x86-boot-define-setup-size-in-linker-script.patch +x86-boot-derive-file-size-from-_edata-symbol.patch +x86-boot-construct-pe-coff-.text-section-from-assembler.patch +x86-boot-drop-pe-coff-.reloc-section.patch +x86-boot-split-off-pe-coff-.data-section.patch +x86-boot-increase-section-and-file-alignment-to-4k-512.patch +x86-efistub-use-1-1-file-memory-mapping-for-pe-coff-.compat-section.patch diff --git a/queue-6.6/x86-boot-construct-pe-coff-.text-section-from-assembler.patch b/queue-6.6/x86-boot-construct-pe-coff-.text-section-from-assembler.patch new file mode 100644 index 00000000000..b1974fb18fe --- /dev/null +++ b/queue-6.6/x86-boot-construct-pe-coff-.text-section-from-assembler.patch @@ -0,0 +1,178 @@ +From efa089e63b56bdc5eca754b995cb039dd7a5457e Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Fri, 15 Sep 2023 17:16:29 +0000 +Subject: x86/boot: Construct PE/COFF .text section from assembler + +From: Ard Biesheuvel + +commit efa089e63b56bdc5eca754b995cb039dd7a5457e upstream. + +Now that the size of the setup block is visible to the assembler, it is +possible to populate the PE/COFF header fields from the asm code +directly, instead of poking the values into the binary using the build +tool. This will make it easier to reorganize the section layout without +having to tweak the build tool in lockstep. + +This change has no impact on the resulting bzImage binary. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230915171623.655440-15-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 22 ++++++-------------- + arch/x86/boot/tools/build.c | 47 -------------------------------------------- + 2 files changed, 7 insertions(+), 62 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -75,14 +75,12 @@ optional_header: + .byte 0x02 # MajorLinkerVersion + .byte 0x14 # MinorLinkerVersion + +- # Filled in by build.c +- .long 0 # SizeOfCode ++ .long setup_size + ZO__end - 0x200 # SizeOfCode + + .long 0 # SizeOfInitializedData + .long 0 # SizeOfUninitializedData + +- # Filled in by build.c +- .long 0x0000 # AddressOfEntryPoint ++ .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint + + .long 0x0200 # BaseOfCode + #ifdef CONFIG_X86_32 +@@ -105,10 +103,7 @@ extra_header_fields: + .word 0 # MinorSubsystemVersion + .long 0 # Win32VersionValue + +- # +- # The size of the bzImage is written in tools/build.c +- # +- .long 0 # SizeOfImage ++ .long setup_size + ZO__end # SizeOfImage + + .long 0x200 # SizeOfHeaders + .long 0 # CheckSum +@@ -199,18 +194,15 @@ section_table: + IMAGE_SCN_MEM_DISCARDABLE # Characteristics + #endif + +- # +- # The offset & size fields are filled in by build.c. +- # + .ascii ".text" + .byte 0 + .byte 0 + .byte 0 +- .long 0 +- .long 0x0 # startup_{32,64} +- .long 0 # Size of initialized data ++ .long ZO__end ++ .long setup_size ++ .long ZO__edata # Size of initialized data + # on disk +- .long 0x0 # startup_{32,64} ++ .long setup_size + .long 0 # PointerToRelocations + .long 0 # PointerToLineNumbers + .word 0 # NumberOfRelocations +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -50,10 +50,8 @@ u8 buf[SETUP_SECT_MAX*512]; + #define PECOFF_RELOC_RESERVE 0x20 + #define PECOFF_COMPAT_RESERVE 0x20 + +-static unsigned long efi_pe_entry; + static unsigned long efi32_pe_entry; + static unsigned long _edata; +-static unsigned long _end; + + /*----------------------------------------------------------------------*/ + +@@ -216,32 +214,6 @@ static void update_pecoff_setup_and_relo + #endif + } + +-static void update_pecoff_text(unsigned int text_start, unsigned int file_sz) +-{ +- unsigned int pe_header; +- unsigned int text_sz = file_sz - text_start; +- unsigned int bss_sz = _end - text_sz; +- +- pe_header = get_unaligned_le32(&buf[0x3c]); +- +- /* +- * Size of code: Subtract the size of the first sector (512 bytes) +- * which includes the header. +- */ +- put_unaligned_le32(file_sz - 512 + bss_sz, &buf[pe_header + 0x1c]); +- +- /* Size of image */ +- put_unaligned_le32(file_sz + bss_sz, &buf[pe_header + 0x50]); +- +- /* +- * Address of entry point for PE/COFF executable +- */ +- put_unaligned_le32(text_start + efi_pe_entry, &buf[pe_header + 0x28]); +- +- update_pecoff_section_header_fields(".text", text_start, text_sz + bss_sz, +- text_sz, text_start); +-} +- + static int reserve_pecoff_reloc_section(int c) + { + /* Reserve 0x20 bytes for .reloc section */ +@@ -249,22 +221,9 @@ static int reserve_pecoff_reloc_section( + return PECOFF_RELOC_RESERVE; + } + +-static void efi_stub_defaults(void) +-{ +- /* Defaults for old kernel */ +-#ifdef CONFIG_X86_32 +- efi_pe_entry = 0x10; +-#else +- efi_pe_entry = 0x210; +-#endif +-} +- + #else + + static inline void update_pecoff_setup_and_reloc(unsigned int size) {} +-static inline void update_pecoff_text(unsigned int text_start, +- unsigned int file_sz) {} +-static inline void efi_stub_defaults(void) {} + + static inline int reserve_pecoff_reloc_section(int c) + { +@@ -307,10 +266,8 @@ static void parse_zoffset(char *fname) + p = (char *)buf; + + while (p && *p) { +- PARSE_ZOFS(p, efi_pe_entry); + PARSE_ZOFS(p, efi32_pe_entry); + PARSE_ZOFS(p, _edata); +- PARSE_ZOFS(p, _end); + + p = strchr(p, '\n'); + while (p && (*p == '\r' || *p == '\n')) +@@ -328,8 +285,6 @@ int main(int argc, char ** argv) + void *kernel; + u32 crc = 0xffffffffUL; + +- efi_stub_defaults(); +- + if (argc != 5) + usage(); + parse_zoffset(argv[3]); +@@ -376,8 +331,6 @@ int main(int argc, char ** argv) + kernel = mmap(NULL, sz, PROT_READ, MAP_SHARED, fd, 0); + if (kernel == MAP_FAILED) + die("Unable to mmap '%s': %m", argv[2]); +- update_pecoff_text(setup_sectors * 512, i + _edata); +- + + crc = partial_crc32(buf, i, crc); + if (fwrite(buf, 1, i, dest) != i) diff --git a/queue-6.6/x86-boot-define-setup-size-in-linker-script.patch b/queue-6.6/x86-boot-define-setup-size-in-linker-script.patch new file mode 100644 index 00000000000..693d431642e --- /dev/null +++ b/queue-6.6/x86-boot-define-setup-size-in-linker-script.patch @@ -0,0 +1,89 @@ +From 093ab258e3fb1d1d3afdfd4a69403d44ce90e360 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Fri, 15 Sep 2023 17:16:27 +0000 +Subject: x86/boot: Define setup size in linker script + +From: Ard Biesheuvel + +commit 093ab258e3fb1d1d3afdfd4a69403d44ce90e360 upstream. + +The setup block contains the real mode startup code that is used when +booting from a legacy BIOS, along with the boot_params/setup_data that +is used by legacy x86 bootloaders to pass the command line and initial +ramdisk parameters, among other things. + +The setup block also contains the PE/COFF header of the entire combined +image, which includes the compressed kernel image, the decompressor and +the EFI stub. + +This PE header describes the layout of the executable image in memory, +and currently, the fact that the setup block precedes it makes it rather +fiddly to get the right values into the right place in the final image. + +Let's make things a bit easier by defining the setup_size in the linker +script so it can be referenced from the asm code directly, rather than +having to rely on the build tool to calculate it. For the time being, +add 64 bytes of fixed padding for the .reloc and .compat sections - this +will be removed in a subsequent patch after the PE/COFF header has been +reorganized. + +This change has no impact on the resulting bzImage binary when +configured with CONFIG_EFI_MIXED=y. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230915171623.655440-13-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 2 +- + arch/x86/boot/setup.ld | 4 ++++ + arch/x86/boot/tools/build.c | 6 ------ + 3 files changed, 5 insertions(+), 7 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -231,7 +231,7 @@ sentinel: .byte 0xff, 0xff /* Use + + .globl hdr + hdr: +-setup_sects: .byte 0 /* Filled in by build.c */ ++ .byte setup_sects - 1 + root_flags: .word ROOT_RDONLY + syssize: .long 0 /* Filled in by build.c */ + ram_size: .word 0 /* Obsolete */ +--- a/arch/x86/boot/setup.ld ++++ b/arch/x86/boot/setup.ld +@@ -39,6 +39,10 @@ SECTIONS + .signature : { + setup_sig = .; + LONG(0x5a5aaa55) ++ ++ /* Reserve some extra space for the reloc and compat sections */ ++ setup_size = ALIGN(ABSOLUTE(.) + 64, 512); ++ setup_sects = ABSOLUTE(setup_size / 512); + } + + +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -48,12 +48,7 @@ typedef unsigned int u32; + u8 buf[SETUP_SECT_MAX*512]; + + #define PECOFF_RELOC_RESERVE 0x20 +- +-#ifdef CONFIG_EFI_MIXED + #define PECOFF_COMPAT_RESERVE 0x20 +-#else +-#define PECOFF_COMPAT_RESERVE 0x0 +-#endif + + static unsigned long efi_pe_entry; + static unsigned long efi32_pe_entry; +@@ -388,7 +383,6 @@ int main(int argc, char ** argv) + #endif + + /* Patch the setup code with the appropriate size parameters */ +- buf[0x1f1] = setup_sectors-1; + put_unaligned_le32(sys_size, &buf[0x1f4]); + + update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); diff --git a/queue-6.6/x86-boot-derive-file-size-from-_edata-symbol.patch b/queue-6.6/x86-boot-derive-file-size-from-_edata-symbol.patch new file mode 100644 index 00000000000..d5e3729b291 --- /dev/null +++ b/queue-6.6/x86-boot-derive-file-size-from-_edata-symbol.patch @@ -0,0 +1,136 @@ +From aeb92067f6ae994b541d7f9752fe54ed3d108bcc Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Fri, 15 Sep 2023 17:16:28 +0000 +Subject: x86/boot: Derive file size from _edata symbol + +From: Ard Biesheuvel + +commit aeb92067f6ae994b541d7f9752fe54ed3d108bcc upstream. + +Tweak the linker script so that the value of _edata represents the +decompressor binary's file size rounded up to the appropriate alignment. +This removes the need to calculate it in the build tool, and will make +it easier to refer to the file size from the header directly in +subsequent changes to the PE header layout. + +While adding _edata to the sed regex that parses the compressed +vmlinux's symbol list, tweak the regex a bit for conciseness. + +This change has no impact on the resulting bzImage binary when +configured with CONFIG_EFI_STUB=y. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230915171623.655440-14-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/Makefile | 2 +- + arch/x86/boot/compressed/vmlinux.lds.S | 3 +++ + arch/x86/boot/header.S | 2 +- + arch/x86/boot/tools/build.c | 30 +++++++----------------------- + 4 files changed, 12 insertions(+), 25 deletions(-) + +--- a/arch/x86/boot/Makefile ++++ b/arch/x86/boot/Makefile +@@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vm + + SETUP_OBJS = $(addprefix $(obj)/,$(setup-y)) + +-sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|efi32_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|z_.*\)$$/\#define ZO_\2 0x\1/p' ++sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_edata\|z_.*\)$$/\#define ZO_\2 0x\1/p' + + quiet_cmd_zoffset = ZOFFSET $@ + cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@ +--- a/arch/x86/boot/compressed/vmlinux.lds.S ++++ b/arch/x86/boot/compressed/vmlinux.lds.S +@@ -47,6 +47,9 @@ SECTIONS + _data = . ; + *(.data) + *(.data.*) ++ ++ /* Add 4 bytes of extra space for a CRC-32 checksum */ ++ . = ALIGN(. + 4, 0x20); + _edata = . ; + } + . = ALIGN(L1_CACHE_BYTES); +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -233,7 +233,7 @@ sentinel: .byte 0xff, 0xff /* Use + hdr: + .byte setup_sects - 1 + root_flags: .word ROOT_RDONLY +-syssize: .long 0 /* Filled in by build.c */ ++syssize: .long ZO__edata / 16 + ram_size: .word 0 /* Obsolete */ + vid_mode: .word SVGA_MODE + root_dev: .word 0 /* Default to major/minor 0/0 */ +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -52,6 +52,7 @@ u8 buf[SETUP_SECT_MAX*512]; + + static unsigned long efi_pe_entry; + static unsigned long efi32_pe_entry; ++static unsigned long _edata; + static unsigned long _end; + + /*----------------------------------------------------------------------*/ +@@ -308,6 +309,7 @@ static void parse_zoffset(char *fname) + while (p && *p) { + PARSE_ZOFS(p, efi_pe_entry); + PARSE_ZOFS(p, efi32_pe_entry); ++ PARSE_ZOFS(p, _edata); + PARSE_ZOFS(p, _end); + + p = strchr(p, '\n'); +@@ -320,7 +322,6 @@ int main(int argc, char ** argv) + { + unsigned int i, sz, setup_sectors; + int c; +- u32 sys_size; + struct stat sb; + FILE *file, *dest; + int fd; +@@ -368,24 +369,14 @@ int main(int argc, char ** argv) + die("Unable to open `%s': %m", argv[2]); + if (fstat(fd, &sb)) + die("Unable to stat `%s': %m", argv[2]); +- sz = sb.st_size; ++ if (_edata != sb.st_size) ++ die("Unexpected file size `%s': %u != %u", argv[2], _edata, ++ sb.st_size); ++ sz = _edata - 4; + kernel = mmap(NULL, sz, PROT_READ, MAP_SHARED, fd, 0); + if (kernel == MAP_FAILED) + die("Unable to mmap '%s': %m", argv[2]); +- /* Number of 16-byte paragraphs, including space for a 4-byte CRC */ +- sys_size = (sz + 15 + 4) / 16; +-#ifdef CONFIG_EFI_STUB +- /* +- * COFF requires minimum 32-byte alignment of sections, and +- * adding a signature is problematic without that alignment. +- */ +- sys_size = (sys_size + 1) & ~1; +-#endif +- +- /* Patch the setup code with the appropriate size parameters */ +- put_unaligned_le32(sys_size, &buf[0x1f4]); +- +- update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); ++ update_pecoff_text(setup_sectors * 512, i + _edata); + + + crc = partial_crc32(buf, i, crc); +@@ -397,13 +388,6 @@ int main(int argc, char ** argv) + if (fwrite(kernel, 1, sz, dest) != sz) + die("Writing kernel failed"); + +- /* Add padding leaving 4 bytes for the checksum */ +- while (sz++ < (sys_size*16) - 4) { +- crc = partial_crc32_one('\0', crc); +- if (fwrite("\0", 1, 1, dest) != 1) +- die("Writing padding failed"); +- } +- + /* Write the CRC */ + put_unaligned_le32(crc, buf); + if (fwrite(buf, 1, 4, dest) != 4) diff --git a/queue-6.6/x86-boot-drop-pe-coff-.reloc-section.patch b/queue-6.6/x86-boot-drop-pe-coff-.reloc-section.patch new file mode 100644 index 00000000000..8667d43cf14 --- /dev/null +++ b/queue-6.6/x86-boot-drop-pe-coff-.reloc-section.patch @@ -0,0 +1,143 @@ +From fa5750521e0a4efbc1af05223da9c4bbd6c21c83 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Fri, 15 Sep 2023 17:16:30 +0000 +Subject: x86/boot: Drop PE/COFF .reloc section + +From: Ard Biesheuvel + +commit fa5750521e0a4efbc1af05223da9c4bbd6c21c83 upstream. + +Ancient buggy EFI loaders may have required a .reloc section to be +present at some point in time, but this has not been true for a long +time so the .reloc section can just be dropped. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230915171623.655440-16-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 20 -------------------- + arch/x86/boot/setup.ld | 4 ++-- + arch/x86/boot/tools/build.c | 34 +++++----------------------------- + 3 files changed, 7 insertions(+), 51 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -155,26 +155,6 @@ section_table: + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_EXECUTE # Characteristics + +- # +- # The EFI application loader requires a relocation section +- # because EFI applications must be relocatable. The .reloc +- # offset & size fields are filled in by build.c. +- # +- .ascii ".reloc" +- .byte 0 +- .byte 0 +- .long 0 +- .long 0 +- .long 0 # SizeOfRawData +- .long 0 # PointerToRawData +- .long 0 # PointerToRelocations +- .long 0 # PointerToLineNumbers +- .word 0 # NumberOfRelocations +- .word 0 # NumberOfLineNumbers +- .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ +- IMAGE_SCN_MEM_READ | \ +- IMAGE_SCN_MEM_DISCARDABLE # Characteristics +- + #ifdef CONFIG_EFI_MIXED + # + # The offset & size fields are filled in by build.c. +--- a/arch/x86/boot/setup.ld ++++ b/arch/x86/boot/setup.ld +@@ -40,8 +40,8 @@ SECTIONS + setup_sig = .; + LONG(0x5a5aaa55) + +- /* Reserve some extra space for the reloc and compat sections */ +- setup_size = ALIGN(ABSOLUTE(.) + 64, 512); ++ /* Reserve some extra space for the compat section */ ++ setup_size = ALIGN(ABSOLUTE(.) + 32, 512); + setup_sects = ABSOLUTE(setup_size / 512); + } + +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -47,7 +47,6 @@ typedef unsigned int u32; + /* This must be large enough to hold the entire setup */ + u8 buf[SETUP_SECT_MAX*512]; + +-#define PECOFF_RELOC_RESERVE 0x20 + #define PECOFF_COMPAT_RESERVE 0x20 + + static unsigned long efi32_pe_entry; +@@ -180,24 +179,13 @@ static void update_pecoff_section_header + update_pecoff_section_header_fields(section_name, offset, size, size, offset); + } + +-static void update_pecoff_setup_and_reloc(unsigned int size) ++static void update_pecoff_setup(unsigned int size) + { + u32 setup_offset = 0x200; +- u32 reloc_offset = size - PECOFF_RELOC_RESERVE - PECOFF_COMPAT_RESERVE; +-#ifdef CONFIG_EFI_MIXED +- u32 compat_offset = reloc_offset + PECOFF_RELOC_RESERVE; +-#endif +- u32 setup_size = reloc_offset - setup_offset; ++ u32 compat_offset = size - PECOFF_COMPAT_RESERVE; ++ u32 setup_size = compat_offset - setup_offset; + + update_pecoff_section_header(".setup", setup_offset, setup_size); +- update_pecoff_section_header(".reloc", reloc_offset, PECOFF_RELOC_RESERVE); +- +- /* +- * Modify .reloc section contents with a single entry. The +- * relocation is applied to offset 10 of the relocation section. +- */ +- put_unaligned_le32(reloc_offset + 10, &buf[reloc_offset]); +- put_unaligned_le32(10, &buf[reloc_offset + 4]); + + #ifdef CONFIG_EFI_MIXED + update_pecoff_section_header(".compat", compat_offset, PECOFF_COMPAT_RESERVE); +@@ -214,21 +202,10 @@ static void update_pecoff_setup_and_relo + #endif + } + +-static int reserve_pecoff_reloc_section(int c) +-{ +- /* Reserve 0x20 bytes for .reloc section */ +- memset(buf+c, 0, PECOFF_RELOC_RESERVE); +- return PECOFF_RELOC_RESERVE; +-} +- + #else + +-static inline void update_pecoff_setup_and_reloc(unsigned int size) {} ++static inline void update_pecoff_setup(unsigned int size) {} + +-static inline int reserve_pecoff_reloc_section(int c) +-{ +- return 0; +-} + #endif /* CONFIG_EFI_STUB */ + + static int reserve_pecoff_compat_section(int c) +@@ -307,7 +284,6 @@ int main(int argc, char ** argv) + fclose(file); + + c += reserve_pecoff_compat_section(c); +- c += reserve_pecoff_reloc_section(c); + + /* Pad unused space with zeros */ + setup_sectors = (c + 511) / 512; +@@ -316,7 +292,7 @@ int main(int argc, char ** argv) + i = setup_sectors*512; + memset(buf+c, 0, i-c); + +- update_pecoff_setup_and_reloc(i); ++ update_pecoff_setup(i); + + /* Open and stat the kernel file */ + fd = open(argv[2], O_RDONLY); diff --git a/queue-6.6/x86-boot-drop-redundant-code-setting-the-root-device.patch b/queue-6.6/x86-boot-drop-redundant-code-setting-the-root-device.patch new file mode 100644 index 00000000000..a6b8b6c3202 --- /dev/null +++ b/queue-6.6/x86-boot-drop-redundant-code-setting-the-root-device.patch @@ -0,0 +1,60 @@ +From 7448e8e5d15a3c4df649bf6d6d460f78396f7e1e Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Tue, 12 Sep 2023 09:00:57 +0000 +Subject: x86/boot: Drop redundant code setting the root device + +From: Ard Biesheuvel + +commit 7448e8e5d15a3c4df649bf6d6d460f78396f7e1e upstream. + +The root device defaults to 0,0 and is no longer configurable at build +time [0], so there is no need for the build tool to ever write to this +field. + +[0] 079f85e624189292 ("x86, build: Do not set the root_dev field in bzImage") + +This change has no impact on the resulting bzImage binary. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230912090051.4014114-23-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 2 +- + arch/x86/boot/tools/build.c | 7 ------- + 2 files changed, 1 insertion(+), 8 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -236,7 +236,7 @@ root_flags: .word ROOT_RDONLY + syssize: .long 0 /* Filled in by build.c */ + ram_size: .word 0 /* Obsolete */ + vid_mode: .word SVGA_MODE +-root_dev: .word 0 /* Filled in by build.c */ ++root_dev: .word 0 /* Default to major/minor 0/0 */ + boot_flag: .word 0xAA55 + + # offset 512, entry point +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -40,10 +40,6 @@ typedef unsigned char u8; + typedef unsigned short u16; + typedef unsigned int u32; + +-#define DEFAULT_MAJOR_ROOT 0 +-#define DEFAULT_MINOR_ROOT 0 +-#define DEFAULT_ROOT_DEV (DEFAULT_MAJOR_ROOT << 8 | DEFAULT_MINOR_ROOT) +- + /* Minimal number of setup sectors */ + #define SETUP_SECT_MIN 5 + #define SETUP_SECT_MAX 64 +@@ -399,9 +395,6 @@ int main(int argc, char ** argv) + + update_pecoff_setup_and_reloc(i); + +- /* Set the default root device */ +- put_unaligned_le16(DEFAULT_ROOT_DEV, &buf[508]); +- + /* Open and stat the kernel file */ + fd = open(argv[2], O_RDONLY); + if (fd < 0) diff --git a/queue-6.6/x86-boot-drop-references-to-startup_64.patch b/queue-6.6/x86-boot-drop-references-to-startup_64.patch new file mode 100644 index 00000000000..51b2ab03578 --- /dev/null +++ b/queue-6.6/x86-boot-drop-references-to-startup_64.patch @@ -0,0 +1,61 @@ +From b618d31f112bea3d2daea19190d63e567f32a4db Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Tue, 12 Sep 2023 09:00:59 +0000 +Subject: x86/boot: Drop references to startup_64 + +From: Ard Biesheuvel + +commit b618d31f112bea3d2daea19190d63e567f32a4db upstream. + +The x86 boot image generation tool assign a default value to startup_64 +and subsequently parses the actual value from zoffset.h but it never +actually uses the value anywhere. So remove this code. + +This change has no impact on the resulting bzImage binary. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230912090051.4014114-25-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/Makefile | 2 +- + arch/x86/boot/tools/build.c | 3 --- + 2 files changed, 1 insertion(+), 4 deletions(-) + +--- a/arch/x86/boot/Makefile ++++ b/arch/x86/boot/Makefile +@@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vm + + SETUP_OBJS = $(addprefix $(obj)/,$(setup-y)) + +-sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|startup_64\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|efi32_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|z_.*\)$$/\#define ZO_\2 0x\1/p' ++sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|efi32_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|z_.*\)$$/\#define ZO_\2 0x\1/p' + + quiet_cmd_zoffset = ZOFFSET $@ + cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@ +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -60,7 +60,6 @@ static unsigned long efi64_stub_entry; + static unsigned long efi_pe_entry; + static unsigned long efi32_pe_entry; + static unsigned long kernel_info; +-static unsigned long startup_64; + static unsigned long _end; + + /*----------------------------------------------------------------------*/ +@@ -264,7 +263,6 @@ static void efi_stub_defaults(void) + efi_pe_entry = 0x10; + #else + efi_pe_entry = 0x210; +- startup_64 = 0x200; + #endif + } + +@@ -340,7 +338,6 @@ static void parse_zoffset(char *fname) + PARSE_ZOFS(p, efi_pe_entry); + PARSE_ZOFS(p, efi32_pe_entry); + PARSE_ZOFS(p, kernel_info); +- PARSE_ZOFS(p, startup_64); + PARSE_ZOFS(p, _end); + + p = strchr(p, '\n'); diff --git a/queue-6.6/x86-boot-grab-kernel_info-offset-from-zoffset-header-directly.patch b/queue-6.6/x86-boot-grab-kernel_info-offset-from-zoffset-header-directly.patch new file mode 100644 index 00000000000..249fe2537fc --- /dev/null +++ b/queue-6.6/x86-boot-grab-kernel_info-offset-from-zoffset-header-directly.patch @@ -0,0 +1,62 @@ +From 2e765c02dcbfc2a8a4527c621a84b9502f6b9bd2 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Fri, 15 Sep 2023 17:16:25 +0000 +Subject: x86/boot: Grab kernel_info offset from zoffset header directly + +From: Ard Biesheuvel + +commit 2e765c02dcbfc2a8a4527c621a84b9502f6b9bd2 upstream. + +Instead of parsing zoffset.h and poking the kernel_info offset value +into the header from the build tool, just grab the value directly in the +asm file that describes this header. + +This change has no impact on the resulting bzImage binary. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230915171623.655440-11-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 2 +- + arch/x86/boot/tools/build.c | 4 ---- + 2 files changed, 1 insertion(+), 5 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -526,7 +526,7 @@ pref_address: .quad LOAD_PHYSICAL_ADDR + + init_size: .long INIT_SIZE # kernel initialization size + handover_offset: .long 0 # Filled in by build.c +-kernel_info_offset: .long 0 # Filled in by build.c ++kernel_info_offset: .long ZO_kernel_info + + # End of setup header ##################################################### + +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -59,7 +59,6 @@ static unsigned long efi32_stub_entry; + static unsigned long efi64_stub_entry; + static unsigned long efi_pe_entry; + static unsigned long efi32_pe_entry; +-static unsigned long kernel_info; + static unsigned long _end; + + /*----------------------------------------------------------------------*/ +@@ -337,7 +336,6 @@ static void parse_zoffset(char *fname) + PARSE_ZOFS(p, efi64_stub_entry); + PARSE_ZOFS(p, efi_pe_entry); + PARSE_ZOFS(p, efi32_pe_entry); +- PARSE_ZOFS(p, kernel_info); + PARSE_ZOFS(p, _end); + + p = strchr(p, '\n'); +@@ -419,8 +417,6 @@ int main(int argc, char ** argv) + update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); + + efi_stub_entry_update(); +- /* Update kernel_info offset. */ +- put_unaligned_le32(kernel_info, &buf[0x268]); + + crc = partial_crc32(buf, i, crc); + if (fwrite(buf, 1, i, dest) != i) diff --git a/queue-6.6/x86-boot-increase-section-and-file-alignment-to-4k-512.patch b/queue-6.6/x86-boot-increase-section-and-file-alignment-to-4k-512.patch new file mode 100644 index 00000000000..8f3cff3febf --- /dev/null +++ b/queue-6.6/x86-boot-increase-section-and-file-alignment-to-4k-512.patch @@ -0,0 +1,335 @@ +From 3e3eabe26dc88692d34cf76ca0e0dd331481cc15 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Fri, 15 Sep 2023 17:16:32 +0000 +Subject: x86/boot: Increase section and file alignment to 4k/512 + +From: Ard Biesheuvel + +commit 3e3eabe26dc88692d34cf76ca0e0dd331481cc15 upstream. + +Align x86 with other EFI architectures, and increase the section +alignment to the EFI page size (4k), so that firmware is able to honour +the section permission attributes and map code read-only and data +non-executable. + +There are a number of requirements that have to be taken into account: +- the sign tools get cranky when there are gaps between sections in the + file view of the image +- the virtual offset of each section must be aligned to the image's + section alignment +- the file offset *and size* of each section must be aligned to the + image's file alignment +- the image size must be aligned to the section alignment +- each section's virtual offset must be greater than or equal to the + size of the headers. + +In order to meet all these requirements, while avoiding the need for +lots of padding to accommodate the .compat section, the latter is placed +at an arbitrary offset towards the end of the image, but aligned to the +minimum file alignment (512 bytes). The space before the .text section +is therefore distributed between the PE header, the .setup section and +the .compat section, leaving no gaps in the file coverage, making the +signing tools happy. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230915171623.655440-18-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/compressed/vmlinux.lds.S | 4 - + arch/x86/boot/header.S | 75 +++++++++++++++------------ + arch/x86/boot/setup.ld | 7 +- + arch/x86/boot/tools/build.c | 90 --------------------------------- + 4 files changed, 51 insertions(+), 125 deletions(-) + +--- a/arch/x86/boot/compressed/vmlinux.lds.S ++++ b/arch/x86/boot/compressed/vmlinux.lds.S +@@ -43,13 +43,13 @@ SECTIONS + *(.rodata.*) + _erodata = . ; + } +- .data : { ++ .data : ALIGN(0x1000) { + _data = . ; + *(.data) + *(.data.*) + + /* Add 4 bytes of extra space for a CRC-32 checksum */ +- . = ALIGN(. + 4, 0x20); ++ . = ALIGN(. + 4, 0x200); + _edata = . ; + } + . = ALIGN(L1_CACHE_BYTES); +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -36,6 +36,9 @@ SYSSEG = 0x1000 /* historical load add + #define ROOT_RDONLY 1 + #endif + ++ .set salign, 0x1000 ++ .set falign, 0x200 ++ + .code16 + .section ".bstext", "ax" + #ifdef CONFIG_EFI_STUB +@@ -82,7 +85,7 @@ optional_header: + + .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint + +- .long 0x0200 # BaseOfCode ++ .long setup_size # BaseOfCode + #ifdef CONFIG_X86_32 + .long 0 # data + #endif +@@ -93,8 +96,8 @@ extra_header_fields: + #else + .quad 0 # ImageBase + #endif +- .long 0x20 # SectionAlignment +- .long 0x20 # FileAlignment ++ .long salign # SectionAlignment ++ .long falign # FileAlignment + .word 0 # MajorOperatingSystemVersion + .word 0 # MinorOperatingSystemVersion + .word LINUX_EFISTUB_MAJOR_VERSION # MajorImageVersion +@@ -103,9 +106,10 @@ extra_header_fields: + .word 0 # MinorSubsystemVersion + .long 0 # Win32VersionValue + +- .long setup_size + ZO__end # SizeOfImage ++ .long setup_size + ZO__end + pecompat_vsize ++ # SizeOfImage + +- .long 0x200 # SizeOfHeaders ++ .long salign # SizeOfHeaders + .long 0 # CheckSum + .word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application) + #ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES +@@ -136,44 +140,51 @@ extra_header_fields: + + # Section table + section_table: +- # +- # The offset & size fields are filled in by build.c. +- # + .ascii ".setup" + .byte 0 + .byte 0 +- .long 0 +- .long 0x0 # startup_{32,64} +- .long 0 # Size of initialized data +- # on disk +- .long 0x0 # startup_{32,64} +- .long 0 # PointerToRelocations +- .long 0 # PointerToLineNumbers +- .word 0 # NumberOfRelocations +- .word 0 # NumberOfLineNumbers +- .long IMAGE_SCN_CNT_CODE | \ ++ .long setup_size - salign # VirtualSize ++ .long salign # VirtualAddress ++ .long pecompat_fstart - salign # SizeOfRawData ++ .long salign # PointerToRawData ++ ++ .long 0, 0, 0 ++ .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ + IMAGE_SCN_MEM_READ | \ +- IMAGE_SCN_MEM_EXECUTE # Characteristics ++ IMAGE_SCN_MEM_DISCARDABLE # Characteristics + + #ifdef CONFIG_EFI_MIXED +- # +- # The offset & size fields are filled in by build.c. +- # + .asciz ".compat" +- .long 0 +- .long 0x0 +- .long 0 # Size of initialized data +- # on disk +- .long 0x0 +- .long 0 # PointerToRelocations +- .long 0 # PointerToLineNumbers +- .word 0 # NumberOfRelocations +- .word 0 # NumberOfLineNumbers ++ ++ .long 8 # VirtualSize ++ .long setup_size + ZO__end # VirtualAddress ++ .long pecompat_fsize # SizeOfRawData ++ .long pecompat_fstart # PointerToRawData ++ ++ .long 0, 0, 0 + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_DISCARDABLE # Characteristics +-#endif + ++ /* ++ * Put the IA-32 machine type and the associated entry point address in ++ * the .compat section, so loaders can figure out which other execution ++ * modes this image supports. ++ */ ++ .pushsection ".pecompat", "a", @progbits ++ .balign falign ++ .set pecompat_vsize, salign ++ .globl pecompat_fstart ++pecompat_fstart: ++ .byte 0x1 # Version ++ .byte 8 # Size ++ .word IMAGE_FILE_MACHINE_I386 # PE machine type ++ .long setup_size + ZO_efi32_pe_entry # Entrypoint ++ .popsection ++#else ++ .set pecompat_vsize, 0 ++ .set pecompat_fstart, setup_size ++#endif + .ascii ".text" + .byte 0 + .byte 0 +--- a/arch/x86/boot/setup.ld ++++ b/arch/x86/boot/setup.ld +@@ -36,16 +36,17 @@ SECTIONS + . = ALIGN(16); + .data : { *(.data*) } + ++ .pecompat : { *(.pecompat) } ++ PROVIDE(pecompat_fsize = setup_size - pecompat_fstart); ++ + .signature : { + setup_sig = .; + LONG(0x5a5aaa55) + +- /* Reserve some extra space for the compat section */ +- setup_size = ALIGN(ABSOLUTE(.) + 32, 512); ++ setup_size = ALIGN(ABSOLUTE(.), 4096); + setup_sects = ABSOLUTE(setup_size / 512); + } + +- + . = ALIGN(16); + .bss : + { +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -47,9 +47,6 @@ typedef unsigned int u32; + /* This must be large enough to hold the entire setup */ + u8 buf[SETUP_SECT_MAX*512]; + +-#define PECOFF_COMPAT_RESERVE 0x20 +- +-static unsigned long efi32_pe_entry; + static unsigned long _edata; + + /*----------------------------------------------------------------------*/ +@@ -136,85 +133,6 @@ static void usage(void) + die("Usage: build setup system zoffset.h image"); + } + +-#ifdef CONFIG_EFI_STUB +- +-static void update_pecoff_section_header_fields(char *section_name, u32 vma, u32 size, u32 datasz, u32 offset) +-{ +- unsigned int pe_header; +- unsigned short num_sections; +- u8 *section; +- +- pe_header = get_unaligned_le32(&buf[0x3c]); +- num_sections = get_unaligned_le16(&buf[pe_header + 6]); +- +-#ifdef CONFIG_X86_32 +- section = &buf[pe_header + 0xa8]; +-#else +- section = &buf[pe_header + 0xb8]; +-#endif +- +- while (num_sections > 0) { +- if (strncmp((char*)section, section_name, 8) == 0) { +- /* section header size field */ +- put_unaligned_le32(size, section + 0x8); +- +- /* section header vma field */ +- put_unaligned_le32(vma, section + 0xc); +- +- /* section header 'size of initialised data' field */ +- put_unaligned_le32(datasz, section + 0x10); +- +- /* section header 'file offset' field */ +- put_unaligned_le32(offset, section + 0x14); +- +- break; +- } +- section += 0x28; +- num_sections--; +- } +-} +- +-static void update_pecoff_section_header(char *section_name, u32 offset, u32 size) +-{ +- update_pecoff_section_header_fields(section_name, offset, size, size, offset); +-} +- +-static void update_pecoff_setup(unsigned int size) +-{ +- u32 setup_offset = 0x200; +- u32 compat_offset = size - PECOFF_COMPAT_RESERVE; +- u32 setup_size = compat_offset - setup_offset; +- +- update_pecoff_section_header(".setup", setup_offset, setup_size); +- +-#ifdef CONFIG_EFI_MIXED +- update_pecoff_section_header(".compat", compat_offset, PECOFF_COMPAT_RESERVE); +- +- /* +- * Put the IA-32 machine type (0x14c) and the associated entry point +- * address in the .compat section, so loaders can figure out which other +- * execution modes this image supports. +- */ +- buf[compat_offset] = 0x1; +- buf[compat_offset + 1] = 0x8; +- put_unaligned_le16(0x14c, &buf[compat_offset + 2]); +- put_unaligned_le32(efi32_pe_entry + size, &buf[compat_offset + 4]); +-#endif +-} +- +-#else +- +-static inline void update_pecoff_setup(unsigned int size) {} +- +-#endif /* CONFIG_EFI_STUB */ +- +-static int reserve_pecoff_compat_section(int c) +-{ +- /* Reserve 0x20 bytes for .compat section */ +- memset(buf+c, 0, PECOFF_COMPAT_RESERVE); +- return PECOFF_COMPAT_RESERVE; +-} +- + /* + * Parse zoffset.h and find the entry points. We could just #include zoffset.h + * but that would mean tools/build would have to be rebuilt every time. It's +@@ -243,7 +161,6 @@ static void parse_zoffset(char *fname) + p = (char *)buf; + + while (p && *p) { +- PARSE_ZOFS(p, efi32_pe_entry); + PARSE_ZOFS(p, _edata); + + p = strchr(p, '\n'); +@@ -283,17 +200,14 @@ int main(int argc, char ** argv) + die("Boot block hasn't got boot flag (0xAA55)"); + fclose(file); + +- c += reserve_pecoff_compat_section(c); +- + /* Pad unused space with zeros */ +- setup_sectors = (c + 511) / 512; ++ setup_sectors = (c + 4095) / 4096; ++ setup_sectors *= 8; + if (setup_sectors < SETUP_SECT_MIN) + setup_sectors = SETUP_SECT_MIN; + i = setup_sectors*512; + memset(buf+c, 0, i-c); + +- update_pecoff_setup(i); +- + /* Open and stat the kernel file */ + fd = open(argv[2], O_RDONLY); + if (fd < 0) diff --git a/queue-6.6/x86-boot-omit-compression-buffer-from-pe-coff-image-memory-footprint.patch b/queue-6.6/x86-boot-omit-compression-buffer-from-pe-coff-image-memory-footprint.patch new file mode 100644 index 00000000000..4033bc8187b --- /dev/null +++ b/queue-6.6/x86-boot-omit-compression-buffer-from-pe-coff-image-memory-footprint.patch @@ -0,0 +1,151 @@ +From 8eace5b3555606e684739bef5bcdfcfe68235257 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Tue, 12 Sep 2023 09:00:56 +0000 +Subject: x86/boot: Omit compression buffer from PE/COFF image memory footprint + +From: Ard Biesheuvel + +commit 8eace5b3555606e684739bef5bcdfcfe68235257 upstream. + +Now that the EFI stub decompresses the kernel and hands over to the +decompressed image directly, there is no longer a need to provide a +decompression buffer as part of the .BSS allocation of the PE/COFF +image. It also means the PE/COFF image can be loaded anywhere in memory, +and setting the preferred image base is unnecessary. So drop the +handling of this from the header and from the build tool. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230912090051.4014114-22-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 6 +---- + arch/x86/boot/tools/build.c | 50 +++++--------------------------------------- + 2 files changed, 8 insertions(+), 48 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -90,12 +90,10 @@ optional_header: + #endif + + extra_header_fields: +- # PE specification requires ImageBase to be 64k aligned +- .set image_base, (LOAD_PHYSICAL_ADDR + 0xffff) & ~0xffff + #ifdef CONFIG_X86_32 +- .long image_base # ImageBase ++ .long 0 # ImageBase + #else +- .quad image_base # ImageBase ++ .quad 0 # ImageBase + #endif + .long 0x20 # SectionAlignment + .long 0x20 # FileAlignment +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -65,7 +65,6 @@ static unsigned long efi_pe_entry; + static unsigned long efi32_pe_entry; + static unsigned long kernel_info; + static unsigned long startup_64; +-static unsigned long _ehead; + static unsigned long _end; + + /*----------------------------------------------------------------------*/ +@@ -229,35 +228,22 @@ static void update_pecoff_setup_and_relo + #endif + } + +-static void update_pecoff_text(unsigned int text_start, unsigned int file_sz, +- unsigned int init_sz) ++static void update_pecoff_text(unsigned int text_start, unsigned int file_sz) + { + unsigned int pe_header; + unsigned int text_sz = file_sz - text_start; +- unsigned int bss_sz = init_sz - file_sz; ++ unsigned int bss_sz = _end - text_sz; + + pe_header = get_unaligned_le32(&buf[0x3c]); + + /* +- * The PE/COFF loader may load the image at an address which is +- * misaligned with respect to the kernel_alignment field in the setup +- * header. +- * +- * In order to avoid relocating the kernel to correct the misalignment, +- * add slack to allow the buffer to be aligned within the declared size +- * of the image. +- */ +- bss_sz += CONFIG_PHYSICAL_ALIGN; +- init_sz += CONFIG_PHYSICAL_ALIGN; +- +- /* + * Size of code: Subtract the size of the first sector (512 bytes) + * which includes the header. + */ + put_unaligned_le32(file_sz - 512 + bss_sz, &buf[pe_header + 0x1c]); + + /* Size of image */ +- put_unaligned_le32(init_sz, &buf[pe_header + 0x50]); ++ put_unaligned_le32(file_sz + bss_sz, &buf[pe_header + 0x50]); + + /* + * Address of entry point for PE/COFF executable +@@ -308,8 +294,7 @@ static void efi_stub_entry_update(void) + + static inline void update_pecoff_setup_and_reloc(unsigned int size) {} + static inline void update_pecoff_text(unsigned int text_start, +- unsigned int file_sz, +- unsigned int init_sz) {} ++ unsigned int file_sz) {} + static inline void efi_stub_defaults(void) {} + static inline void efi_stub_entry_update(void) {} + +@@ -360,7 +345,6 @@ static void parse_zoffset(char *fname) + PARSE_ZOFS(p, efi32_pe_entry); + PARSE_ZOFS(p, kernel_info); + PARSE_ZOFS(p, startup_64); +- PARSE_ZOFS(p, _ehead); + PARSE_ZOFS(p, _end); + + p = strchr(p, '\n'); +@@ -371,7 +355,7 @@ static void parse_zoffset(char *fname) + + int main(int argc, char ** argv) + { +- unsigned int i, sz, setup_sectors, init_sz; ++ unsigned int i, sz, setup_sectors; + int c; + u32 sys_size; + struct stat sb; +@@ -442,31 +426,9 @@ int main(int argc, char ** argv) + buf[0x1f1] = setup_sectors-1; + put_unaligned_le32(sys_size, &buf[0x1f4]); + +- init_sz = get_unaligned_le32(&buf[0x260]); +-#ifdef CONFIG_EFI_STUB +- /* +- * The decompression buffer will start at ImageBase. When relocating +- * the compressed kernel to its end, we must ensure that the head +- * section does not get overwritten. The head section occupies +- * [i, i + _ehead), and the destination is [init_sz - _end, init_sz). +- * +- * At present these should never overlap, because 'i' is at most 32k +- * because of SETUP_SECT_MAX, '_ehead' is less than 1k, and the +- * calculation of INIT_SIZE in boot/header.S ensures that +- * 'init_sz - _end' is at least 64k. +- * +- * For future-proofing, increase init_sz if necessary. +- */ +- +- if (init_sz - _end < i + _ehead) { +- init_sz = (i + _ehead + _end + 4095) & ~4095; +- put_unaligned_le32(init_sz, &buf[0x260]); +- } +-#endif +- update_pecoff_text(setup_sectors * 512, i + (sys_size * 16), init_sz); ++ update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); + + efi_stub_entry_update(); +- + /* Update kernel_info offset. */ + put_unaligned_le32(kernel_info, &buf[0x268]); + diff --git a/queue-6.6/x86-boot-remove-the-bugger-off-message.patch b/queue-6.6/x86-boot-remove-the-bugger-off-message.patch new file mode 100644 index 00000000000..54f2a305198 --- /dev/null +++ b/queue-6.6/x86-boot-remove-the-bugger-off-message.patch @@ -0,0 +1,123 @@ +From 768171d7ebbce005210e1cf8456f043304805c15 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Tue, 12 Sep 2023 09:00:55 +0000 +Subject: x86/boot: Remove the 'bugger off' message + +From: Ard Biesheuvel + +commit 768171d7ebbce005210e1cf8456f043304805c15 upstream. + +Ancient (pre-2003) x86 kernels could boot from a floppy disk straight from +the BIOS, using a small real mode boot stub at the start of the image +where the BIOS would expect the boot record (or boot block) to appear. + +Due to its limitations (kernel size < 1 MiB, no support for IDE, USB or +El Torito floppy emulation), this support was dropped, and a Linux aware +bootloader is now always required to boot the kernel from a legacy BIOS. + +To smoothen this transition, the boot stub was not removed entirely, but +replaced with one that just prints an error message telling the user to +install a bootloader. + +As it is unlikely that anyone doing direct floppy boot with such an +ancient kernel is going to upgrade to v6.5+ and expect that this boot +method still works, printing this message is kind of pointless, and so +it should be possible to remove the logic that emits it. + +Let's free up this space so it can be used to expand the PE header in a +subsequent patch. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Acked-by: H. Peter Anvin (Intel) +Link: https://lore.kernel.org/r/20230912090051.4014114-21-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 49 ------------------------------------------------- + arch/x86/boot/setup.ld | 7 ++++--- + 2 files changed, 4 insertions(+), 52 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -38,64 +38,15 @@ SYSSEG = 0x1000 /* historical load add + + .code16 + .section ".bstext", "ax" +- +- .global bootsect_start +-bootsect_start: + #ifdef CONFIG_EFI_STUB + # "MZ", MS-DOS header + .word MZ_MAGIC +-#endif +- +- # Normalize the start address +- ljmp $BOOTSEG, $start2 +- +-start2: +- movw %cs, %ax +- movw %ax, %ds +- movw %ax, %es +- movw %ax, %ss +- xorw %sp, %sp +- sti +- cld +- +- movw $bugger_off_msg, %si +- +-msg_loop: +- lodsb +- andb %al, %al +- jz bs_die +- movb $0xe, %ah +- movw $7, %bx +- int $0x10 +- jmp msg_loop +- +-bs_die: +- # Allow the user to press a key, then reboot +- xorw %ax, %ax +- int $0x16 +- int $0x19 +- +- # int 0x19 should never return. In case it does anyway, +- # invoke the BIOS reset code... +- ljmp $0xf000,$0xfff0 +- +-#ifdef CONFIG_EFI_STUB + .org 0x38 + # + # Offset to the PE header. + # + .long LINUX_PE_MAGIC + .long pe_header +-#endif /* CONFIG_EFI_STUB */ +- +- .section ".bsdata", "a" +-bugger_off_msg: +- .ascii "Use a boot loader.\r\n" +- .ascii "\n" +- .ascii "Remove disk and press any key to reboot...\r\n" +- .byte 0 +- +-#ifdef CONFIG_EFI_STUB + pe_header: + .long PE_MAGIC + +--- a/arch/x86/boot/setup.ld ++++ b/arch/x86/boot/setup.ld +@@ -10,10 +10,11 @@ ENTRY(_start) + SECTIONS + { + . = 0; +- .bstext : { *(.bstext) } +- .bsdata : { *(.bsdata) } ++ .bstext : { ++ *(.bstext) ++ . = 495; ++ } =0xffffffff + +- . = 495; + .header : { *(.header) } + .entrytext : { *(.entrytext) } + .inittext : { *(.inittext) } diff --git a/queue-6.6/x86-boot-set-efi-handover-offset-directly-in-header-asm.patch b/queue-6.6/x86-boot-set-efi-handover-offset-directly-in-header-asm.patch new file mode 100644 index 00000000000..3a541ffad43 --- /dev/null +++ b/queue-6.6/x86-boot-set-efi-handover-offset-directly-in-header-asm.patch @@ -0,0 +1,112 @@ +From eac956345f99dda3d68f4ae6cf7b494105e54780 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Fri, 15 Sep 2023 17:16:26 +0000 +Subject: x86/boot: Set EFI handover offset directly in header asm + +From: Ard Biesheuvel + +commit eac956345f99dda3d68f4ae6cf7b494105e54780 upstream. + +The offsets of the EFI handover entrypoints are available to the +assembler when constructing the header, so there is no need to set them +from the build tool afterwards. + +This change has no impact on the resulting bzImage binary. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230915171623.655440-12-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 18 +++++++++++++++++- + arch/x86/boot/tools/build.c | 24 ------------------------ + 2 files changed, 17 insertions(+), 25 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -524,8 +524,24 @@ pref_address: .quad LOAD_PHYSICAL_ADDR + # define INIT_SIZE VO_INIT_SIZE + #endif + ++ .macro __handover_offset ++#ifndef CONFIG_EFI_HANDOVER_PROTOCOL ++ .long 0 ++#elif !defined(CONFIG_X86_64) ++ .long ZO_efi32_stub_entry ++#else ++ /* Yes, this is really how we defined it :( */ ++ .long ZO_efi64_stub_entry - 0x200 ++#ifdef CONFIG_EFI_MIXED ++ .if ZO_efi32_stub_entry != ZO_efi64_stub_entry - 0x200 ++ .error "32-bit and 64-bit EFI entry points do not match" ++ .endif ++#endif ++#endif ++ .endm ++ + init_size: .long INIT_SIZE # kernel initialization size +-handover_offset: .long 0 # Filled in by build.c ++handover_offset: __handover_offset + kernel_info_offset: .long ZO_kernel_info + + # End of setup header ##################################################### +--- a/arch/x86/boot/tools/build.c ++++ b/arch/x86/boot/tools/build.c +@@ -55,8 +55,6 @@ u8 buf[SETUP_SECT_MAX*512]; + #define PECOFF_COMPAT_RESERVE 0x0 + #endif + +-static unsigned long efi32_stub_entry; +-static unsigned long efi64_stub_entry; + static unsigned long efi_pe_entry; + static unsigned long efi32_pe_entry; + static unsigned long _end; +@@ -265,31 +263,12 @@ static void efi_stub_defaults(void) + #endif + } + +-static void efi_stub_entry_update(void) +-{ +- unsigned long addr = efi32_stub_entry; +- +-#ifdef CONFIG_EFI_HANDOVER_PROTOCOL +-#ifdef CONFIG_X86_64 +- /* Yes, this is really how we defined it :( */ +- addr = efi64_stub_entry - 0x200; +-#endif +- +-#ifdef CONFIG_EFI_MIXED +- if (efi32_stub_entry != addr) +- die("32-bit and 64-bit EFI entry points do not match\n"); +-#endif +-#endif +- put_unaligned_le32(addr, &buf[0x264]); +-} +- + #else + + static inline void update_pecoff_setup_and_reloc(unsigned int size) {} + static inline void update_pecoff_text(unsigned int text_start, + unsigned int file_sz) {} + static inline void efi_stub_defaults(void) {} +-static inline void efi_stub_entry_update(void) {} + + static inline int reserve_pecoff_reloc_section(int c) + { +@@ -332,8 +311,6 @@ static void parse_zoffset(char *fname) + p = (char *)buf; + + while (p && *p) { +- PARSE_ZOFS(p, efi32_stub_entry); +- PARSE_ZOFS(p, efi64_stub_entry); + PARSE_ZOFS(p, efi_pe_entry); + PARSE_ZOFS(p, efi32_pe_entry); + PARSE_ZOFS(p, _end); +@@ -416,7 +393,6 @@ int main(int argc, char ** argv) + + update_pecoff_text(setup_sectors * 512, i + (sys_size * 16)); + +- efi_stub_entry_update(); + + crc = partial_crc32(buf, i, crc); + if (fwrite(buf, 1, i, dest) != i) diff --git a/queue-6.6/x86-boot-split-off-pe-coff-.data-section.patch b/queue-6.6/x86-boot-split-off-pe-coff-.data-section.patch new file mode 100644 index 00000000000..6f37b04f984 --- /dev/null +++ b/queue-6.6/x86-boot-split-off-pe-coff-.data-section.patch @@ -0,0 +1,80 @@ +From 34951f3c28bdf6481d949a20413b2ce7693687b2 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Fri, 15 Sep 2023 17:16:31 +0000 +Subject: x86/boot: Split off PE/COFF .data section + +From: Ard Biesheuvel + +commit 34951f3c28bdf6481d949a20413b2ce7693687b2 upstream. + +Describe the code and data of the decompressor binary using separate +.text and .data PE/COFF sections, so that we will be able to map them +using restricted permissions once we increase the section and file +alignment sufficiently. This avoids the need for memory mappings that +are writable and executable at the same time, which is something that +is best avoided for security reasons. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230915171623.655440-17-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/Makefile | 2 +- + arch/x86/boot/header.S | 19 +++++++++++++++---- + 2 files changed, 16 insertions(+), 5 deletions(-) + +--- a/arch/x86/boot/Makefile ++++ b/arch/x86/boot/Makefile +@@ -89,7 +89,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vm + + SETUP_OBJS = $(addprefix $(obj)/,$(setup-y)) + +-sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_edata\|z_.*\)$$/\#define ZO_\2 0x\1/p' ++sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_e\?data\|z_.*\)$$/\#define ZO_\2 0x\1/p' + + quiet_cmd_zoffset = ZOFFSET $@ + cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@ +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -75,9 +75,9 @@ optional_header: + .byte 0x02 # MajorLinkerVersion + .byte 0x14 # MinorLinkerVersion + +- .long setup_size + ZO__end - 0x200 # SizeOfCode ++ .long ZO__data # SizeOfCode + +- .long 0 # SizeOfInitializedData ++ .long ZO__end - ZO__data # SizeOfInitializedData + .long 0 # SizeOfUninitializedData + + .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint +@@ -178,9 +178,9 @@ section_table: + .byte 0 + .byte 0 + .byte 0 +- .long ZO__end ++ .long ZO__data + .long setup_size +- .long ZO__edata # Size of initialized data ++ .long ZO__data # Size of initialized data + # on disk + .long setup_size + .long 0 # PointerToRelocations +@@ -191,6 +191,17 @@ section_table: + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_EXECUTE # Characteristics + ++ .ascii ".data\0\0\0" ++ .long ZO__end - ZO__data # VirtualSize ++ .long setup_size + ZO__data # VirtualAddress ++ .long ZO__edata - ZO__data # SizeOfRawData ++ .long setup_size + ZO__data # PointerToRawData ++ ++ .long 0, 0, 0 ++ .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ ++ IMAGE_SCN_MEM_READ | \ ++ IMAGE_SCN_MEM_WRITE # Characteristics ++ + .set section_count, (. - section_table) / 40 + #endif /* CONFIG_EFI_STUB */ + diff --git a/queue-6.6/x86-efi-disregard-setup-header-of-loaded-image.patch b/queue-6.6/x86-efi-disregard-setup-header-of-loaded-image.patch new file mode 100644 index 00000000000..d6cffb502b2 --- /dev/null +++ b/queue-6.6/x86-efi-disregard-setup-header-of-loaded-image.patch @@ -0,0 +1,110 @@ +From 7e50262229faad0c7b8c54477cd1c883f31cc4a7 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Tue, 12 Sep 2023 09:00:53 +0000 +Subject: x86/efi: Disregard setup header of loaded image + +From: Ard Biesheuvel + +commit 7e50262229faad0c7b8c54477cd1c883f31cc4a7 upstream. + +The native EFI entrypoint does not take a struct boot_params from the +loader, but instead, it constructs one from scratch, using the setup +header data placed at the start of the image. + +This setup header is placed in a way that permits legacy loaders to +manipulate the contents (i.e., to pass the kernel command line or the +address and size of an initial ramdisk), but EFI boot does not use it in +that way - it only copies the contents that were placed there at build +time, but EFI loaders will not (and should not) manipulate the setup +header to configure the boot. (Commit 63bf28ceb3ebbe76 "efi: x86: Wipe +setup_data on pure EFI boot" deals with some of the fallout of using +setup_data in a way that breaks EFI boot.) + +Given that none of the non-zero values that are copied from the setup +header into the EFI stub's struct boot_params are relevant to the boot +now that the EFI stub no longer enters via the legacy decompressor, the +copy can be omitted altogether. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230912090051.4014114-19-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/firmware/efi/libstub/x86-stub.c | 46 ++++---------------------------- + 1 file changed, 6 insertions(+), 40 deletions(-) + +--- a/drivers/firmware/efi/libstub/x86-stub.c ++++ b/drivers/firmware/efi/libstub/x86-stub.c +@@ -458,9 +458,8 @@ void __noreturn efi_stub_entry(efi_handl + efi_status_t __efiapi efi_pe_entry(efi_handle_t handle, + efi_system_table_t *sys_table_arg) + { +- struct boot_params *boot_params; +- struct setup_header *hdr; +- void *image_base; ++ static struct boot_params boot_params __page_aligned_bss; ++ struct setup_header *hdr = &boot_params.hdr; + efi_guid_t proto = LOADED_IMAGE_PROTOCOL_GUID; + int options_size = 0; + efi_status_t status; +@@ -478,30 +477,9 @@ efi_status_t __efiapi efi_pe_entry(efi_h + efi_exit(handle, status); + } + +- image_base = efi_table_attr(image, image_base); +- +- status = efi_allocate_pages(sizeof(struct boot_params), +- (unsigned long *)&boot_params, ULONG_MAX); +- if (status != EFI_SUCCESS) { +- efi_err("Failed to allocate lowmem for boot params\n"); +- efi_exit(handle, status); +- } +- +- memset(boot_params, 0x0, sizeof(struct boot_params)); +- +- hdr = &boot_params->hdr; +- +- /* Copy the setup header from the second sector to boot_params */ +- memcpy(&hdr->jump, image_base + 512, +- sizeof(struct setup_header) - offsetof(struct setup_header, jump)); +- +- /* +- * Fill out some of the header fields ourselves because the +- * EFI firmware loader doesn't load the first sector. +- */ ++ /* Assign the setup_header fields that the kernel actually cares about */ + hdr->root_flags = 1; + hdr->vid_mode = 0xffff; +- hdr->boot_flag = 0xAA55; + + hdr->type_of_loader = 0x21; + +@@ -510,25 +488,13 @@ efi_status_t __efiapi efi_pe_entry(efi_h + if (!cmdline_ptr) + goto fail; + +- efi_set_u64_split((unsigned long)cmdline_ptr, +- &hdr->cmd_line_ptr, &boot_params->ext_cmd_line_ptr); +- +- hdr->ramdisk_image = 0; +- hdr->ramdisk_size = 0; ++ efi_set_u64_split((unsigned long)cmdline_ptr, &hdr->cmd_line_ptr, ++ &boot_params.ext_cmd_line_ptr); + +- /* +- * Disregard any setup data that was provided by the bootloader: +- * setup_data could be pointing anywhere, and we have no way of +- * authenticating or validating the payload. +- */ +- hdr->setup_data = 0; +- +- efi_stub_entry(handle, sys_table_arg, boot_params); ++ efi_stub_entry(handle, sys_table_arg, &boot_params); + /* not reached */ + + fail: +- efi_free(sizeof(struct boot_params), (unsigned long)boot_params); +- + efi_exit(handle, status); + } + diff --git a/queue-6.6/x86-efi-drop-alignment-flags-from-pe-section-headers.patch b/queue-6.6/x86-efi-drop-alignment-flags-from-pe-section-headers.patch new file mode 100644 index 00000000000..af1205c2754 --- /dev/null +++ b/queue-6.6/x86-efi-drop-alignment-flags-from-pe-section-headers.patch @@ -0,0 +1,63 @@ +From bfab35f552ab3dd6d017165bf9de1d1d20f198cc Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Tue, 12 Sep 2023 09:00:54 +0000 +Subject: x86/efi: Drop alignment flags from PE section headers + +From: Ard Biesheuvel + +commit bfab35f552ab3dd6d017165bf9de1d1d20f198cc upstream. + +The section header flags for alignment are documented in the PE/COFF +spec as being applicable to PE object files only, not to PE executables +such as the Linux bzImage, so let's drop them from the PE header. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230912090051.4014114-20-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 12 ++++-------- + 1 file changed, 4 insertions(+), 8 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -209,8 +209,7 @@ section_table: + .word 0 # NumberOfLineNumbers + .long IMAGE_SCN_CNT_CODE | \ + IMAGE_SCN_MEM_READ | \ +- IMAGE_SCN_MEM_EXECUTE | \ +- IMAGE_SCN_ALIGN_16BYTES # Characteristics ++ IMAGE_SCN_MEM_EXECUTE # Characteristics + + # + # The EFI application loader requires a relocation section +@@ -230,8 +229,7 @@ section_table: + .word 0 # NumberOfLineNumbers + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ + IMAGE_SCN_MEM_READ | \ +- IMAGE_SCN_MEM_DISCARDABLE | \ +- IMAGE_SCN_ALIGN_1BYTES # Characteristics ++ IMAGE_SCN_MEM_DISCARDABLE # Characteristics + + #ifdef CONFIG_EFI_MIXED + # +@@ -249,8 +247,7 @@ section_table: + .word 0 # NumberOfLineNumbers + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ + IMAGE_SCN_MEM_READ | \ +- IMAGE_SCN_MEM_DISCARDABLE | \ +- IMAGE_SCN_ALIGN_1BYTES # Characteristics ++ IMAGE_SCN_MEM_DISCARDABLE # Characteristics + #endif + + # +@@ -271,8 +268,7 @@ section_table: + .word 0 # NumberOfLineNumbers + .long IMAGE_SCN_CNT_CODE | \ + IMAGE_SCN_MEM_READ | \ +- IMAGE_SCN_MEM_EXECUTE | \ +- IMAGE_SCN_ALIGN_16BYTES # Characteristics ++ IMAGE_SCN_MEM_EXECUTE # Characteristics + + .set section_count, (. - section_table) / 40 + #endif /* CONFIG_EFI_STUB */ diff --git a/queue-6.6/x86-efi-drop-efi-stub-.bss-from-.data-section.patch b/queue-6.6/x86-efi-drop-efi-stub-.bss-from-.data-section.patch new file mode 100644 index 00000000000..371ee5920a2 --- /dev/null +++ b/queue-6.6/x86-efi-drop-efi-stub-.bss-from-.data-section.patch @@ -0,0 +1,48 @@ +From 5f51c5d0e905608ba7be126737f7c84a793ae1aa Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Tue, 12 Sep 2023 09:00:52 +0000 +Subject: x86/efi: Drop EFI stub .bss from .data section + +From: Ard Biesheuvel + +commit 5f51c5d0e905608ba7be126737f7c84a793ae1aa upstream. + +Now that the EFI stub always zero inits its BSS section upon entry, +there is no longer a need to place the BSS symbols carried by the stub +into the .data section. + +Signed-off-by: Ard Biesheuvel +Signed-off-by: Ingo Molnar +Link: https://lore.kernel.org/r/20230912090051.4014114-18-ardb@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/compressed/vmlinux.lds.S | 1 - + drivers/firmware/efi/libstub/Makefile | 7 ------- + 2 files changed, 8 deletions(-) + +--- a/arch/x86/boot/compressed/vmlinux.lds.S ++++ b/arch/x86/boot/compressed/vmlinux.lds.S +@@ -47,7 +47,6 @@ SECTIONS + _data = . ; + *(.data) + *(.data.*) +- *(.bss.efistub) + _edata = . ; + } + . = ALIGN(L1_CACHE_BYTES); +--- a/drivers/firmware/efi/libstub/Makefile ++++ b/drivers/firmware/efi/libstub/Makefile +@@ -108,13 +108,6 @@ lib-y := $(patsubst %.o,%.stub.o,$(li + # https://bugs.llvm.org/show_bug.cgi?id=46480 + STUBCOPY_FLAGS-y += --remove-section=.note.gnu.property + +-# +-# For x86, bootloaders like systemd-boot or grub-efi do not zero-initialize the +-# .bss section, so the .bss section of the EFI stub needs to be included in the +-# .data section of the compressed kernel to ensure initialization. Rename the +-# .bss section here so it's easy to pick out in the linker script. +-# +-STUBCOPY_FLAGS-$(CONFIG_X86) += --rename-section .bss=.bss.efistub,load,alloc + STUBCOPY_RELOC-$(CONFIG_X86_32) := R_386_32 + STUBCOPY_RELOC-$(CONFIG_X86_64) := R_X86_64_64 + diff --git a/queue-6.6/x86-efistub-use-1-1-file-memory-mapping-for-pe-coff-.compat-section.patch b/queue-6.6/x86-efistub-use-1-1-file-memory-mapping-for-pe-coff-.compat-section.patch new file mode 100644 index 00000000000..c9d2f902aae --- /dev/null +++ b/queue-6.6/x86-efistub-use-1-1-file-memory-mapping-for-pe-coff-.compat-section.patch @@ -0,0 +1,113 @@ +From 1ad55cecf22f05f1c884adf63cc09d3c3e609ebf Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Mon, 5 Feb 2024 09:11:07 +0100 +Subject: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section + +From: Ard Biesheuvel + +commit 1ad55cecf22f05f1c884adf63cc09d3c3e609ebf upstream. + +The .compat section is a dummy PE section that contains the address of +the 32-bit entrypoint of the 64-bit kernel image if it is bootable from +32-bit firmware (i.e., CONFIG_EFI_MIXED=y) + +This section is only 8 bytes in size and is only referenced from the +loader, and so it is placed at the end of the memory view of the image, +to avoid the need for padding it to 4k, which is required for sections +appearing in the middle of the image. + +Unfortunately, this violates the PE/COFF spec, and even if most EFI +loaders will work correctly (including the Tianocore reference +implementation), PE loaders do exist that reject such images, on the +basis that both the file and memory views of the file contents should be +described by the section headers in a monotonically increasing manner +without leaving any gaps. + +So reorganize the sections to avoid this issue. This results in a slight +padding overhead (< 4k) which can be avoided if desired by disabling +CONFIG_EFI_MIXED (which is only needed in rare cases these days) + +Fixes: 3e3eabe26dc8 ("x86/boot: Increase section and file alignment to 4k/512") +Reported-by: Mike Beaton +Link: https://lkml.kernel.org/r/CAHzAAWQ6srV6LVNdmfbJhOwhBw5ZzxxZZ07aHt9oKkfYAdvuQQ%40mail.gmail.com +Signed-off-by: Ard Biesheuvel +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/header.S | 14 ++++++-------- + arch/x86/boot/setup.ld | 6 +++--- + 2 files changed, 9 insertions(+), 11 deletions(-) + +--- a/arch/x86/boot/header.S ++++ b/arch/x86/boot/header.S +@@ -106,8 +106,7 @@ extra_header_fields: + .word 0 # MinorSubsystemVersion + .long 0 # Win32VersionValue + +- .long setup_size + ZO__end + pecompat_vsize +- # SizeOfImage ++ .long setup_size + ZO__end # SizeOfImage + + .long salign # SizeOfHeaders + .long 0 # CheckSum +@@ -143,7 +142,7 @@ section_table: + .ascii ".setup" + .byte 0 + .byte 0 +- .long setup_size - salign # VirtualSize ++ .long pecompat_fstart - salign # VirtualSize + .long salign # VirtualAddress + .long pecompat_fstart - salign # SizeOfRawData + .long salign # PointerToRawData +@@ -156,8 +155,8 @@ section_table: + #ifdef CONFIG_EFI_MIXED + .asciz ".compat" + +- .long 8 # VirtualSize +- .long setup_size + ZO__end # VirtualAddress ++ .long pecompat_fsize # VirtualSize ++ .long pecompat_fstart # VirtualAddress + .long pecompat_fsize # SizeOfRawData + .long pecompat_fstart # PointerToRawData + +@@ -172,17 +171,16 @@ section_table: + * modes this image supports. + */ + .pushsection ".pecompat", "a", @progbits +- .balign falign +- .set pecompat_vsize, salign ++ .balign salign + .globl pecompat_fstart + pecompat_fstart: + .byte 0x1 # Version + .byte 8 # Size + .word IMAGE_FILE_MACHINE_I386 # PE machine type + .long setup_size + ZO_efi32_pe_entry # Entrypoint ++ .byte 0x0 # Sentinel + .popsection + #else +- .set pecompat_vsize, 0 + .set pecompat_fstart, setup_size + #endif + .ascii ".text" +--- a/arch/x86/boot/setup.ld ++++ b/arch/x86/boot/setup.ld +@@ -24,6 +24,9 @@ SECTIONS + .text : { *(.text .text.*) } + .text32 : { *(.text32) } + ++ .pecompat : { *(.pecompat) } ++ PROVIDE(pecompat_fsize = setup_size - pecompat_fstart); ++ + . = ALIGN(16); + .rodata : { *(.rodata*) } + +@@ -36,9 +39,6 @@ SECTIONS + . = ALIGN(16); + .data : { *(.data*) } + +- .pecompat : { *(.pecompat) } +- PROVIDE(pecompat_fsize = setup_size - pecompat_fstart); +- + .signature : { + setup_sig = .; + LONG(0x5a5aaa55)