From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web12.161.1591637670639967750
 for <devel@edk2.groups.io>;
 Mon, 08 Jun 2020 10:34:30 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ard.biesheuvel@arm.com)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5FBD81042;
	Mon,  8 Jun 2020 10:34:30 -0700 (PDT)
Received: from localhost.localdomain (unknown [10.37.8.184])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 6F1DD3F73D;
	Mon,  8 Jun 2020 10:34:28 -0700 (PDT)
From: "Ard Biesheuvel" <ard.biesheuvel@arm.com>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>,
	Bob Feng <bob.c.feng@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Leif Lindholm <leif@nuviainc.com>,
	Ilias Apalodimas <ilias.apalodimas@linaro.org>,
	Julien Grall <julien@xen.org>,
	Jiewen Yao <jiewen.yao@intel.com>
Subject: [PATCH 3/4] ArmVirtPkg/PrePi: use standard PeCoff routines for self-relocation
Date: Mon,  8 Jun 2020 19:34:12 +0200
Message-Id: <20200608173413.1100679-4-ard.biesheuvel@arm.com>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20200608173413.1100679-1-ard.biesheuvel@arm.com>
References: <20200608173413.1100679-1-ard.biesheuvel@arm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Instead of having a GCC specific routine to perform self-relocation
based on ELF metadata, use the PE/COFF metadata and the existing
PeCoff library routines. This reduces the amount of bespoke assembler
code that is a burden to maintain, and is not portable across the set
of toolchains we support.

This does require some special care, as we have no control over how
the C code references global symbols, so we need to emit these
references from the calling assembler code. Otherwise, they may be
emitted as absolute references, in which case they need to be fixed
up themselves, leading to a circular dependency.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
---
 ArmVirtPkg/ArmVirtQemuKernel.dsc                    | 10 ++--
 ArmVirtPkg/ArmVirtXen.dsc                           | 10 ++--
 ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf |  4 +-
 ArmVirtPkg/PrePi/PrePi.c                            | 21 +++++++++
 ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S         | 49 +++++------------=
---
 ArmVirtPkg/PrePi/Arm/ModuleEntryPoint.S             | 47 +++++------------=
--
 6 files changed, 54 insertions(+), 87 deletions(-)

diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKerne=
l.dsc
index 2a6fd6bc06be..9449a01d6e40 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -83,14 +83,12 @@ [LibraryClasses.common.DXE_DRIVER]
 [LibraryClasses.common.UEFI_DRIVER]=0D
   UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf=0D
 =0D
-[BuildOptions.common.EDKII.SEC, BuildOptions.common.EDKII.BASE]=0D
+[BuildOptions]=0D
   #=0D
-  # CLANG38 with LTO support enabled uses the GNU GOLD linker, which insis=
ts=0D
-  # on emitting GOT based symbol references when running in shared mode, u=
nless=0D
-  # we override visibility to 'hidden' in all modules that make up the Pre=
Pi=0D
-  # build.=0D
+  # We need to avoid jump tables in SEC modules, so that the PE/COFF=0D
+  # self-relocation code itself is guaranteed to be position independent.=
=0D
   #=0D
-  GCC:*_CLANG38_*_CC_FLAGS =3D -include $(WORKSPACE)/ArmVirtPkg/Include/Pl=
atform/Hidden.h=0D
+  GCC:*_*_*_CC_FLAGS =3D -fno-jump-tables=0D
 =0D
 ##########################################################################=
######=0D
 #=0D
diff --git a/ArmVirtPkg/ArmVirtXen.dsc b/ArmVirtPkg/ArmVirtXen.dsc
index 8a489b253684..278f5d3828ce 100644
--- a/ArmVirtPkg/ArmVirtXen.dsc
+++ b/ArmVirtPkg/ArmVirtXen.dsc
@@ -52,14 +52,12 @@ [LibraryClasses]
 [LibraryClasses.common.UEFI_DRIVER]=0D
   UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf=0D
 =0D
-[BuildOptions.common.EDKII.SEC, BuildOptions.common.EDKII.BASE]=0D
+[BuildOptions]=0D
   #=0D
-  # CLANG38 with LTO support enabled uses the GNU GOLD linker, which insis=
ts=0D
-  # on emitting GOT based symbol references when running in shared mode, u=
nless=0D
-  # we override visibility to 'hidden' in all modules that make up the Pre=
Pi=0D
-  # build.=0D
+  # We need to avoid jump tables in SEC modules, so that the PE/COFF=0D
+  # self-relocation code itself is guaranteed to be position independent.=
=0D
   #=0D
-  GCC:*_CLANG38_*_CC_FLAGS =3D -include $(WORKSPACE)/ArmVirtPkg/Include/Pl=
atform/Hidden.h=0D
+  GCC:*_*_*_CC_FLAGS =3D -fno-jump-tables=0D
 =0D
 ##########################################################################=
######=0D
 #=0D
diff --git a/ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf b/ArmVirtP=
kg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf
index 9e58e56fce09..7edf5018089d 100755
--- a/ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf
+++ b/ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf
@@ -46,6 +46,7 @@ [LibraryClasses]
   SerialPortLib=0D
   ExtractGuidedSectionLib=0D
   LzmaDecompressLib=0D
+  PeCoffLib=0D
   PrePiLib=0D
   MemoryAllocationLib=0D
   HobLib=0D
@@ -95,6 +96,3 @@ [Pcd]
   gArmVirtTokenSpaceGuid.PcdDeviceTreeInitialBaseAddress=0D
   gArmTokenSpaceGuid.PcdFdBaseAddress=0D
   gArmTokenSpaceGuid.PcdFvBaseAddress=0D
-=0D
-[BuildOptions]=0D
-  GCC:*_*_*_DLINK_FLAGS =3D -Wl,-Bsymbolic,-pie,-T,$(MODULE_DIR)/Scripts/P=
rePi-PIE.lds=0D
diff --git a/ArmVirtPkg/PrePi/PrePi.c b/ArmVirtPkg/PrePi/PrePi.c
index 72e35028c5bb..0cb064419759 100755
--- a/ArmVirtPkg/PrePi/PrePi.c
+++ b/ArmVirtPkg/PrePi/PrePi.c
@@ -9,6 +9,7 @@
 #include <PiPei.h>=0D
 #include <Pi/PiBootMode.h>=0D
 =0D
+#include <Library/PeCoffLib.h>=0D
 #include <Library/PrePiLib.h>=0D
 #include <Library/PrintLib.h>=0D
 #include <Library/PrePiHobListPointerLib.h>=0D
@@ -128,3 +129,23 @@ CEntryPoint (
   // DXE Core should always load and never return=0D
   ASSERT (FALSE);=0D
 }=0D
+=0D
+VOID=0D
+RelocatePeCoffImage (=0D
+  IN  UINTN                     ImageBase,=0D
+  IN  PE_COFF_LOADER_READ_FILE  ImageRead=0D
+  )=0D
+{=0D
+  PE_COFF_LOADER_IMAGE_CONTEXT  ImageContext;=0D
+=0D
+  ZeroMem (&ImageContext, sizeof ImageContext);=0D
+=0D
+  ImageContext.Handle       =3D (EFI_HANDLE)ImageBase;=0D
+  ImageContext.ImageRead    =3D ImageRead;=0D
+  PeCoffLoaderGetImageInfo (&ImageContext);=0D
+=0D
+  if (ImageContext.ImageAddress !=3D ImageBase) {=0D
+    ImageContext.ImageAddress =3D ImageBase;=0D
+    PeCoffLoaderRelocateImage (&ImageContext);=0D
+  }=0D
+}=0D
diff --git a/ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S b/ArmVirtPkg/PrePi=
/AArch64/ModuleEntryPoint.S
index 34d6abecb0ac..7c5592b11a46 100644
--- a/ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S
+++ b/ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S
@@ -9,40 +9,6 @@
 #include <AsmMacroIoLibV8.h>=0D
 =0D
 ASM_FUNC(_ModuleEntryPoint)=0D
-  //=0D
-  // We are built as a ET_DYN PIE executable, so we need to process all=0D
-  // relative relocations regardless of whether or not we are executing fr=
om=0D
-  // the same offset we were linked at. This is only possible if we are=0D
-  // running from RAM.=0D
-  //=0D
-  adr   x8, __reloc_base=0D
-  adr   x9, __reloc_start=0D
-  adr   x10, __reloc_end=0D
-=0D
-.Lreloc_loop:=0D
-  cmp   x9, x10=0D
-  bhs   .Lreloc_done=0D
-=0D
-  //=0D
-  // AArch64 uses the ELF64 RELA format, which means each entry in the=0D
-  // relocation table consists of=0D
-  //=0D
-  //   UINT64 offset          : the relative offset of the value that need=
s to=0D
-  //                            be relocated=0D
-  //   UINT64 info            : relocation type and symbol index (the latt=
er is=0D
-  //                            not used for R_AARCH64_RELATIVE relocation=
s)=0D
-  //   UINT64 addend          : value to be added to the value being reloc=
ated=0D
-  //=0D
-  ldp   x11, x12, [x9], #24   // read offset into x11 and info into x12=0D
-  cmp   x12, #0x403           // check info =3D=3D R_AARCH64_RELATIVE?=0D
-  bne   .Lreloc_loop          // not a relative relocation? then skip=0D
-=0D
-  ldr   x12, [x9, #-8]        // read addend into x12=0D
-  add   x12, x12, x8          // add reloc base to addend to get relocated=
 value=0D
-  str   x12, [x11, x8]        // write relocated value at offset=0D
-  b     .Lreloc_loop=0D
-.Lreloc_done:=0D
-=0D
   bl    ASM_PFX(DiscoverDramFromDt)=0D
 =0D
   // Get ID of this CPU in Multicore system=0D
@@ -170,15 +136,24 @@ ASM_PFX(DiscoverDramFromDt):
   str   x1, [x8]=0D
   str   x7, [x9]=0D
 =0D
+  //=0D
+  // The runtime address may be different from the link time address so fi=
x=0D
+  // up the PE/COFF relocations. Since we are calling a C function, use th=
e=0D
+  // window at the beginning of the FD image as a temp stack.=0D
+  //=0D
+  adr   x0, ElfImageBase=0D
+  adr   x1, PeCoffLoaderImageReadFromMemory=0D
+  mov   sp, x7=0D
+  bl    RelocatePeCoffImage=0D
+=0D
   //=0D
   // Discover the memory size and offset from the DTB, and record in the=0D
   // respective PCDs. This will also return false if a corrupt DTB is=0D
-  // encountered. Since we are calling a C function, use the window at the=
=0D
-  // beginning of the FD image as a temp stack.=0D
+  // encountered.=0D
   //=0D
+  mov   x0, x28=0D
   adr   x1, PcdGet64 (PcdSystemMemoryBase)=0D
   adr   x2, PcdGet64 (PcdSystemMemorySize)=0D
-  mov   sp, x7=0D
   bl    FindMemnode=0D
   cbz   x0, .Lout=0D
 =0D
diff --git a/ArmVirtPkg/PrePi/Arm/ModuleEntryPoint.S b/ArmVirtPkg/PrePi/Arm=
/ModuleEntryPoint.S
index 72d756fdb571..bf39de86e7d0 100644
--- a/ArmVirtPkg/PrePi/Arm/ModuleEntryPoint.S
+++ b/ArmVirtPkg/PrePi/Arm/ModuleEntryPoint.S
@@ -9,38 +9,6 @@
 #include <AsmMacroIoLib.h>=0D
 =0D
 ASM_FUNC(_ModuleEntryPoint)=0D
-  //=0D
-  // We are built as a ET_DYN PIE executable, so we need to process all=0D
-  // relative relocations if we are executing from a different offset than=
 we=0D
-  // were linked at. This is only possible if we are running from RAM.=0D
-  //=0D
-  ADRL  (r4, __reloc_base)=0D
-  ADRL  (r5, __reloc_start)=0D
-  ADRL  (r6, __reloc_end)=0D
-=0D
-.Lreloc_loop:=0D
-  cmp   r5, r6=0D
-  bhs   .Lreloc_done=0D
-=0D
-  //=0D
-  // AArch32 uses the ELF32 REL format, which means each entry in the=0D
-  // relocation table consists of=0D
-  //=0D
-  //   UINT32 offset          : the relative offset of the value that need=
s to=0D
-  //                            be relocated=0D
-  //   UINT32 info            : relocation type and symbol index (the latt=
er is=0D
-  //                            not used for R_ARM_RELATIVE relocations)=0D
-  //=0D
-  ldrd  r8, r9, [r5], #8      // read offset into r8 and info into r9=0D
-  cmp   r9, #23               // check info =3D=3D R_ARM_RELATIVE?=0D
-  bne   .Lreloc_loop          // not a relative relocation? then skip=0D
-=0D
-  ldr   r9, [r8, r4]          // read addend into r9=0D
-  add   r9, r9, r1            // add image base to addend to get relocated=
 value=0D
-  str   r9, [r8, r4]          // write relocated value at offset=0D
-  b     .Lreloc_loop=0D
-.Lreloc_done:=0D
-=0D
   // Do early platform specific actions=0D
   bl    ASM_PFX(ArmPlatformPeiBootAction)=0D
 =0D
@@ -172,15 +140,24 @@ ASM_PFX(ArmPlatformPeiBootAction):
   str   r1, [r8]=0D
   str   r5, [r7]=0D
 =0D
+  //=0D
+  // The runtime address may be different from the link time address so fi=
x=0D
+  // up the PE/COFF relocations. Since we are calling a C function, use th=
e=0D
+  // window at the beginning of the FD image as a temp stack.=0D
+  //=0D
+  ADRL  (r0, ElfImageBase)=0D
+  ADRL  (r1, PeCoffLoaderImageReadFromMemory)=0D
+  mov   sp, r5=0D
+  bl    RelocatePeCoffImage=0D
+=0D
   //=0D
   // Discover the memory size and offset from the DTB, and record in the=0D
   // respective PCDs. This will also return false if a corrupt DTB is=0D
-  // encountered. Since we are calling a C function, use the window at the=
=0D
-  // beginning of the FD image as a temp stack.=0D
+  // encountered.=0D
   //=0D
+  mov   r0, r10=0D
   ADRL  (r1, PcdGet64 (PcdSystemMemoryBase))=0D
   ADRL  (r2, PcdGet64 (PcdSystemMemorySize))=0D
-  mov   sp, r5=0D
   bl    FindMemnode=0D
   teq   r0, #0=0D
   beq   .Lout=0D
--=20
2.26.2