From c3826e499c0430798570145bf0204e2e5252150b Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Mon, 29 Jun 2020 10:09:23 -0400 Subject: [PATCH] FROMLIST: x86/boot/compressed: Force hidden visibility for all symbol references Eliminate all GOT entries in the decompressor binary, by forcing hidden visibility for all symbol references, which informs the compiler that such references will be resolved at link time without the need for allocating GOT entries. To ensure that no GOT entries will creep back in, add an assertion to the decompressor linker script that will fire if the .got section has a non-zero size. [Arvind: fixup -include hidden.h to -include $(srctree)/$(src)/hidden.h] Signed-off-by: Ard Biesheuvel Acked-by: Arvind Sankar Signed-off-by: Arvind Sankar From: Ard Biesheuvel Link: https://lore.kernel.org/r/20200523120021.34996-3-ardb@kernel.org Bug: 167402429 Signed-off-by: Alistair Delva Change-Id: I1e59843c301f3a8fe3f7e4cd7fb6906aa59383b1 --- arch/x86/boot/compressed/Makefile | 1 + arch/x86/boot/compressed/hidden.h | 19 +++++++++++++++++++ arch/x86/boot/compressed/vmlinux.lds.S | 1 + 3 files changed, 21 insertions(+) create mode 100644 arch/x86/boot/compressed/hidden.h diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index 3962f592633d..72fec004b300 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -43,6 +43,7 @@ KBUILD_CFLAGS += -Wno-pointer-sign KBUILD_CFLAGS += $(call cc-option,-fmacro-prefix-map=$(srctree)/=) KBUILD_CFLAGS += -fno-asynchronous-unwind-tables KBUILD_CFLAGS += -D__DISABLE_EXPORTS +KBUILD_CFLAGS += -include $(srctree)/$(src)/hidden.h KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__ASSEMBLY__ GCOV_PROFILE := n diff --git a/arch/x86/boot/compressed/hidden.h b/arch/x86/boot/compressed/hidden.h new file mode 100644 index 000000000000..49a17b6b5962 --- /dev/null +++ b/arch/x86/boot/compressed/hidden.h @@ -0,0 +1,19 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * When building position independent code with GCC using the -fPIC option, + * (or even the -fPIE one on older versions), it will assume that we are + * building a dynamic object (either a shared library or an executable) that + * may have symbol references that can only be resolved at load time. For a + * variety of reasons (ELF symbol preemption, the CoW footprint of the section + * that is modified by the loader), this results in all references to symbols + * with external linkage to go via entries in the Global Offset Table (GOT), + * which carries absolute addresses which need to be fixed up when the + * executable image is loaded at an offset which is different from its link + * time offset. + * + * Fortunately, there is a way to inform the compiler that such symbol + * references will be satisfied at link time rather than at load time, by + * giving them 'hidden' visibility. + */ + +#pragma GCC visibility push(hidden) diff --git a/arch/x86/boot/compressed/vmlinux.lds.S b/arch/x86/boot/compressed/vmlinux.lds.S index b17d218ccdf9..4bcc943842ab 100644 --- a/arch/x86/boot/compressed/vmlinux.lds.S +++ b/arch/x86/boot/compressed/vmlinux.lds.S @@ -81,6 +81,7 @@ SECTIONS DISCARDS } +ASSERT(SIZEOF(.got) == 0, "Unexpected GOT entries detected!") #ifdef CONFIG_X86_64 ASSERT(SIZEOF(.got.plt) == 0 || SIZEOF(.got.plt) == 0x18, "Unexpected GOT/PLT entries detected!") #else