[PATCH v6 27/29] x86/boot/compressed: Remove, discard, or assert for unwanted sections

From: Kees Cook
Date: Fri Aug 21 2020 - 15:54:58 EST

Next message: Kees Cook: "[PATCH v6 13/29] arm64/build: Assert for unwanted sections"
Previous message: Olof Johansson: "Re: [GIT PULL] tee subsystem pin_user_pages for v5.8"
In reply to: Kees Cook: "[PATCH v6 14/29] arm64/build: Warn on orphan section placement"
Next in thread: Arvind Sankar: "Re: [PATCH v6 27/29] x86/boot/compressed: Remove, discard, or assert for unwanted sections"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In preparation for warning on orphan sections, stop the linker from
generating the .eh_frame* sections, discard unwanted non-zero-sized
generated sections, and enforce other expected-to-be-zero-sized sections
(since discarding them might hide problems with them suddenly gaining
unexpected entries).

Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
arch/x86/boot/compressed/Makefile | 1 +
arch/x86/boot/compressed/vmlinux.lds.S | 14 ++++++++++++--
2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
index 753d57266757..5b7f6e175b03 100644
--- a/arch/x86/boot/compressed/Makefile
+++ b/arch/x86/boot/compressed/Makefile
@@ -50,6 +50,7 @@ GCOV_PROFILE := n
UBSAN_SANITIZE :=n

KBUILD_LDFLAGS := -m elf_$(UTS_MACHINE)
+KBUILD_LDFLAGS += $(call ld-option,--no-ld-generated-unwind-info)
# Compressed kernel should be built as PIE since it may be loaded at any
# address by the bootloader.
LDFLAGS_vmlinux := -pie $(call ld-option, --no-dynamic-linker)
diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compressed/vmlinux.lds.S
index ca544a16724b..02f6feb0e55b 100644
--- a/arch/x86/boot/compressed/vmlinux.lds.S
+++ b/arch/x86/boot/compressed/vmlinux.lds.S
@@ -72,6 +72,11 @@ SECTIONS
ELF_DETAILS

DISCARDS
+ /DISCARD/ : {
+ *(.dynamic) *(.dynsym) *(.dynstr) *(.dynbss)
+ *(.hash) *(.gnu.hash)
+ *(.note.*)
+ }

.got.plt (INFO) : {
*(.got.plt)
@@ -93,13 +98,18 @@ SECTIONS
}
ASSERT(SIZEOF(.got) == 0, "Unexpected GOT entries detected!")

+ .plt : {
+ *(.plt) *(.plt.*)
+ }
+ ASSERT(SIZEOF(.plt) == 0, "Unexpected run-time procedure linkages detected!")
+
.rel.dyn : {
- *(.rel.*)
+ *(.rel.*) *(.rel_*)
}
ASSERT(SIZEOF(.rel.dyn) == 0, "Unexpected run-time relocations (.rel) detected!")

.rela.dyn : {
- *(.rela.*)
+ *(.rela.*) *(.rela_*)
}
ASSERT(SIZEOF(.rela.dyn) == 0, "Unexpected run-time relocations (.rela) detected!")
}
--
2.25.1

Next message: Kees Cook: "[PATCH v6 13/29] arm64/build: Assert for unwanted sections"
Previous message: Olof Johansson: "Re: [GIT PULL] tee subsystem pin_user_pages for v5.8"
In reply to: Kees Cook: "[PATCH v6 14/29] arm64/build: Warn on orphan section placement"
Next in thread: Arvind Sankar: "Re: [PATCH v6 27/29] x86/boot/compressed: Remove, discard, or assert for unwanted sections"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]