On Sat, May 23, 2020 at 02:00:18PM +0200, Ard Biesheuvel wrote: > Building position independent code using GCC by default results in references > to symbols with external linkage to be resolved via GOT entries, which > carry the absolute addresses of the symbols, and thus need to be corrected > if the load time address of the executable != the link time address. > > For fully linked binaries, such GOT indirected references are completely > useless, and actually make the startup code more complicated than necessary, > since these corrections may need to be applied more than once. In fact, we > have been very careful to avoid such references in the EFI stub code, since > it would require yet another [earlier] pass of GOT fixups which we currently > don't implement. > > Older GCCs were quirky when it came to overriding this behavior using symbol > visibility, but now that we have increased the minimum GCC version to 4.6, > we can actually start setting the symbol visibility to 'hidden' globally for > all symbol references in the decompressor, getting rid of the GOT entirely. > This means we can get rid of the GOT fixup code right away, and we can start > using ordinary external symbol references in the EFI stub without running the > risk of boot regressions. (v2 note: we have already started doing this) > > CC'ing Linus and Maarten, who were involved in diagnosing an issue related > to GOT entries emitted from the EFI stub ~5 years ago. [0] [1] > > Many thanks to Arvind for the suggestions and the help in testing these > changes. Tested on GCC 4.6 + binutils 2.24 (Ubuntu 14.04), and GCC 8 + > binutils 2.31 (Debian Buster) > > Changes since v1 [2]: > Rebase only - recent EFI changes have moved all the C code into > drivers/firmware/efi/libstub/, which is also built with hidden > visibility, and contains an additional objdump pass to detect (and > reject) absolute symbol references. > > Unless anyone objects, I'd like to incorporate these changes into my > late EFI PR for v5.8, which will go out in a day or two. > > Cc: Maarten Lankhorst <maarten.lankhorst@xxxxxxxxxxxxxxx> > Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> > Cc: Arvind Sankar <nivedita@xxxxxxxxxxxx> > > [0] https://lore.kernel.org/lkml/5405E186.2080406@xxxxxxxxxxxxx/ > [1] https://lore.kernel.org/lkml/CA+55aFxW9PmtjOf9nUQwpU8swsFqJOz8whZXcONo+XFmkSwezg@xxxxxxxxxxxxxx/ > [2] https://lore.kernel.org/linux-efi/20200108102304.25800-1-ardb@xxxxxxxxxx/ > Haha, I was actually doing exactly the same thing as part of getting the compressed kernel linkable with LLD. Acked-by: Arvind Sankar <nivedita@xxxxxxxxxxxx>
