diff options
author | Ahmad Fatoum <a.fatoum@pengutronix.de> | 2024-03-04 19:59:43 +0100 |
---|---|---|
committer | Sascha Hauer <s.hauer@pengutronix.de> | 2024-03-05 16:28:05 +0100 |
commit | a7e6cd8e3efa75b5625c1df3b9ae44c76dd51c0d (patch) | |
tree | 82eed4a92a9da46807a4f73bc8444ed835283de8 | |
parent | 22ae71e69d20972f1f8bb80ba9fa971293d5d3f4 (diff) | |
download | barebox-a7e6cd8e3efa75b5625c1df3b9ae44c76dd51c0d.tar.gz barebox-a7e6cd8e3efa75b5625c1df3b9ae44c76dd51c0d.tar.xz |
pbl: introduce CONFIG_PBL_FULLY_PIC
In the quest for making barebox PBL code W^X mappable, we have now taken
care to make the ARM64 assembly routines not emit code relocations,
so let's do the same for the C code as well.
We do this by setting pragma GCC visibility push(hidden) globally. This
option is stronger than -fvisibility=hidden and ensures we are
completely position-independent. See kernel commit e544ea57ac07
("x86/boot/compressed: Force hidden visibility for all symbol references")
for more information.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Link: https://lore.barebox.org/20240304190038.3486881-59-a.fatoum@pengutronix.de
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
-rw-r--r-- | include/linux/export.h | 2 | ||||
-rw-r--r-- | include/linux/hidden.h | 19 | ||||
-rw-r--r-- | pbl/Kconfig | 7 | ||||
-rw-r--r-- | scripts/Makefile.lib | 5 | ||||
-rw-r--r-- | scripts/Makefile.pic | 22 |
5 files changed, 54 insertions, 1 deletions
diff --git a/include/linux/export.h b/include/linux/export.h index 8f47742bea..a136d727d1 100644 --- a/include/linux/export.h +++ b/include/linux/export.h @@ -6,7 +6,7 @@ #define THIS_MODULE 0 -#ifdef CONFIG_MODULES +#if defined(CONFIG_MODULES) && !defined(__DISABLE_EXPORTS) struct kernel_symbol { diff --git a/include/linux/hidden.h b/include/linux/hidden.h new file mode 100644 index 0000000000..49a17b6b59 --- /dev/null +++ b/include/linux/hidden.h @@ -0,0 +1,19 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * When building position independent code with GCC using the -fPIC option, + * (or even the -fPIE one on older versions), it will assume that we are + * building a dynamic object (either a shared library or an executable) that + * may have symbol references that can only be resolved at load time. For a + * variety of reasons (ELF symbol preemption, the CoW footprint of the section + * that is modified by the loader), this results in all references to symbols + * with external linkage to go via entries in the Global Offset Table (GOT), + * which carries absolute addresses which need to be fixed up when the + * executable image is loaded at an offset which is different from its link + * time offset. + * + * Fortunately, there is a way to inform the compiler that such symbol + * references will be satisfied at link time rather than at load time, by + * giving them 'hidden' visibility. + */ + +#pragma GCC visibility push(hidden) diff --git a/pbl/Kconfig b/pbl/Kconfig index 223bf0640e..669a49a530 100644 --- a/pbl/Kconfig +++ b/pbl/Kconfig @@ -46,6 +46,13 @@ config PBL_RELOCATABLE This option only influences the PBL image. See RELOCATABLE to also make the real image relocatable. +config PBL_FULLY_PIC + bool "fully position-independent pbl image" + depends on PBL_RELOCATABLE && ARM + help + Compared to CONFIG_PBL_RELOCATABLE, this image has no relocations in + the code sections. + config PBL_VERIFY_PIGGY depends on ARM bool "Verify barebox proper hash before decompression" if COMPILE_TEST diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index f205e08afc..6b1f0ccbc0 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -170,6 +170,11 @@ _stackp_flags_pbl-$(CONFIG_PBL_STACKPROTECTOR_ALL) := -fstack-protector-all _c_flags += $(if $(part-of-pbl),$(_stackp_flags_pbl-y),$(_stackp_flags-y)) +ifeq ($(CONFIG_PBL_FULLY_PIC),y) +include scripts/Makefile.pic +PBL_CPPFLAGS += $(picflags-y) +endif + # If building barebox in a separate objtree expand all occurrences # of -Idir to -I$(srctree)/dir except for absolute paths (starting with '/'). diff --git a/scripts/Makefile.pic b/scripts/Makefile.pic new file mode 100644 index 0000000000..c30894ba98 --- /dev/null +++ b/scripts/Makefile.pic @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# The stub may be linked into the kernel proper or into a separate boot binary, +# but in either case, it executes before the kernel does (with MMU disabled) so +# things like ftrace and stack-protector are likely to cause trouble if left +# enabled, even if doing so doesn't break the build. +# +picflags-$(CONFIG_X86_64) := -mcmodel=small +picflags-$(CONFIG_X86) += -fPIC -fno-asynchronous-unwind-tables + +ifeq ($(CONFIG_ARM),y) +picflags-$(CONFIG_CPU_32) := -fpic -mno-single-pic-base +picflags-$(CONFIG_CPU_64) := -fpie +endif + +picflags-y += -include $(srctree)/include/linux/hidden.h \ + -D__fully_pic__ \ + -D__NO_FORTIFY \ + -ffreestanding \ + -fno-stack-protector \ + $(call cc-option,-fno-addrsig) \ + -D__DISABLE_EXPORTS |