From: "Rebecca Cran" <rebecca@bsdio.com>
To: Ard Biesheuvel <ardb@kernel.org>, devel@edk2.groups.io
Cc: "Ni, Ray" <ray.ni@intel.com>, "Andrew Fish" <afish@apple.com>,
"Kinney, Michael D" <michael.d.kinney@intel.com>,
"Liu, Zhiguang" <zhiguang.liu@intel.com>,
"Tom Lendacky" <thomas.lendacky@amd.com>,
"Marvin Häuser" <mhaeuser@posteo.de>
Subject: Re: [PATCH v4 1/6] BaseTools/tools_def CLANGDWARF: Permit text relocations
Date: Wed, 5 Apr 2023 11:11:27 -0600 [thread overview]
Message-ID: <09b29d31-2522-1674-d365-76561bd1b2e1@bsdio.com> (raw)
In-Reply-To: <20230403142920.1921619-2-ardb@kernel.org>
Reviewed-by: Rebecca Cran <rebecca@bsdio.com>
--
Rebecca Cran
On 4/3/23 8:29 AM, Ard Biesheuvel wrote:
> We rely on PIE executables to get the codegen that is suitable for
> PE/COFF conversion where the resulting executables can be loaded
> anywhere in the address space.
>
> However, ELF linkers may default to disallowing text relocations in PIE
> executables, as this would require text segments to be updated at
> runtime, which is bad for security and increases the copy-on-write
> footprint of ELF executables and shared libraries.
>
> However, none of those concerns apply to PE/COFF executables in the
> context of EFI, which are copied into memory rather than mmap()'ed, and
> fixed up by the loader before launch.
>
> So pass -z notext to the LLD linker to permit runtime relocations in
> read-only sections.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
> BaseTools/Conf/tools_def.template | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
> index ae43101853870c6d..5a3af55bfb09d753 100755
> --- a/BaseTools/Conf/tools_def.template
> +++ b/BaseTools/Conf/tools_def.template
> @@ -2870,7 +2870,7 @@ DEFINE CLANGDWARF_X64_PREFIX = ENV(CLANG_BIN)
> DEFINE CLANGDWARF_IA32_X64_DLINK_COMMON = -nostdlib -Wl,-q,--gc-sections -z max-page-size=0x40
> DEFINE CLANGDWARF_DLINK2_FLAGS_COMMON = -Wl,--script=$(EDK_TOOLS_PATH)/Scripts/ClangBase.lds
> DEFINE CLANGDWARF_IA32_X64_ASLDLINK_FLAGS = DEF(CLANGDWARF_IA32_X64_DLINK_COMMON) -Wl,--defsym=PECOFF_HEADER_SIZE=0 DEF(CLANGDWARF_DLINK2_FLAGS_COMMON) -Wl,--entry,ReferenceAcpiTable -u ReferenceAcpiTable
> -DEFINE CLANGDWARF_IA32_X64_DLINK_FLAGS = DEF(CLANGDWARF_IA32_X64_DLINK_COMMON) -Wl,--entry,$(IMAGE_ENTRY_POINT) -u $(IMAGE_ENTRY_POINT) -Wl,-Map,$(DEST_DIR_DEBUG)/$(BASE_NAME).map,--whole-archive
> +DEFINE CLANGDWARF_IA32_X64_DLINK_FLAGS = DEF(CLANGDWARF_IA32_X64_DLINK_COMMON) -Wl,--entry,$(IMAGE_ENTRY_POINT) -u $(IMAGE_ENTRY_POINT) -Wl,-Map,$(DEST_DIR_DEBUG)/$(BASE_NAME).map,--whole-archive -Wl,-z,notext
> DEFINE CLANGDWARF_IA32_DLINK2_FLAGS = -Wl,--defsym=PECOFF_HEADER_SIZE=0x220 DEF(CLANGDWARF_DLINK2_FLAGS_COMMON)
> DEFINE CLANGDWARF_X64_DLINK2_FLAGS = -Wl,--defsym=PECOFF_HEADER_SIZE=0x228 DEF(CLANGDWARF_DLINK2_FLAGS_COMMON)
>
next prev parent reply other threads:[~2023-04-05 17:11 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-03 14:29 [PATCH v4 0/6] UefiCpuPkg, OvmfPkg: Simplify CpuExceptionHandlerLib Ard Biesheuvel
2023-04-03 14:29 ` [PATCH v4 1/6] BaseTools/tools_def CLANGDWARF: Permit text relocations Ard Biesheuvel
2023-04-05 17:11 ` Rebecca Cran [this message]
2023-04-03 14:29 ` [PATCH v4 2/6] UefiCpuPkg/CpuExceptionHandlerLib: Use single SEC/PEI version Ard Biesheuvel
2023-04-06 5:54 ` Ni, Ray
2023-04-03 14:29 ` [PATCH v4 3/6] UefiCpuPkg/PeiCpuExceptionHandlerLib: Use SEC/PEI specific asm component Ard Biesheuvel
2023-04-06 6:00 ` Ni, Ray
2023-04-03 14:29 ` [PATCH v4 4/6] UefiCpuPkg/CpuExceptionHandlerLib: Make runtime fixups XCODE-only Ard Biesheuvel
2023-04-03 14:29 ` [PATCH v4 5/6] OvmfPkg: Drop special Xcode5 version of exception handler library Ard Biesheuvel
2023-04-03 14:29 ` [PATCH v4 6/6] UefiCpuPkg/CpuExceptionHandlerLib: Drop special XCODE5 version Ard Biesheuvel
2023-04-03 22:18 ` [edk2-devel] [PATCH v4 0/6] UefiCpuPkg, OvmfPkg: Simplify CpuExceptionHandlerLib Lendacky, Thomas
2023-04-04 7:57 ` Marvin Häuser
2023-04-04 9:46 ` [edk2-devel] " Ard Biesheuvel
2023-04-05 17:11 ` Rebecca Cran
2023-04-06 6:55 ` Ni, Ray
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=09b29d31-2522-1674-d365-76561bd1b2e1@bsdio.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox