[lvc-project] [PATCH v5 02/27] x86/build: Remove RWX sections and align on 4KB

Evgeniy Baskov baskov at ispras.ru
Sat Apr 8 18:05:13 MSK 2023 

On 2023-04-05 20:40, Borislav Petkov wrote:
> On Tue, Mar 14, 2023 at 01:13:29PM +0300, Evgeniy Baskov wrote:
>> Avoid creating sections simultaneously writable and readable to 
>> prepare
>> for W^X implementation for the kernel itself (not the decompressor).
>> Align kernel sections on page size (4KB) to allow protecting them in 
>> the
>> page tables.
>> 
>> Split init code form ".init" segment into separate R_X ".inittext"
> 
> s/form/from/

Thanks!

> 
>> segment and make ".init" segment non-executable.
> 
> "... and make the .init segment RW_."

Will fix.

> 
>> Also add these segments to x86_32 architecture for consistency.
> 
> Same comment as before: please refrain from talking about the *what* in
> a commit message but about the *why*.
> 
> And considering the matter, you have a *lot* of *why* to talk about. 
> :-)
> 
> Pls check your whole set.

I'll try do make descriptions of patches more elaborate and to better
reflect the reasoning behind the changes before resubmitting, thanks.

> 
>> Currently paging is disabled in x86_32 in compressed kernel, so
>> protection is not applied anyways, but .init code was incorrectly
>> placed in non-executable ".data" segment. This should not change
>> anything meaningful in memory layout now, but might be required in 
>> case
>> memory protection will also be implemented in compressed kernel for
>> x86_32.
> 
> I highly doubt that - no one cares about 32-bit x86 anymore.
> 

True, but in theory it's still possible and also the change
makes things more correct.

>> @@ -226,9 +225,10 @@ SECTIONS
>>  #endif
>> 
>>  	INIT_TEXT_SECTION(PAGE_SIZE)
>> -#ifdef CONFIG_X86_64
>> -	:init
>> -#endif
>> +	:inittext
>> +
>> +	. = ALIGN(PAGE_SIZE);
>> +
>> 
>>  	/*
>>  	 * Section for code used exclusively before alternatives are run. 
>> All
>> @@ -240,6 +240,7 @@ SECTIONS
>>  	.altinstr_aux : AT(ADDR(.altinstr_aux) - LOAD_OFFSET) {
>>  		*(.altinstr_aux)
>>  	}
>> +	:init
> 
> Why isn't this placed after inittext but here?

Because, AFAIK, :init is a part of a section syntax so it must
come after the brace, at least according to the documentation:

https://sourceware.org/binutils/docs/ld/PHDRS.html

> 
> I'm thinking you wanna have:
> 
> 	:inittext
> 	. = ALIGN..
> 	:init
> 	<rest>
> 
> Thx.

More information about the lvc-project mailing list