On 2022-10-19 10:01, Ard Biesheuvel wrote:
On Tue, 6 Sept 2022 at 12:41, Evgeniy Baskov <baskov@xxxxxxxxx> wrote:
To protect sections on page table level each section
needs to be aligned on page size (4KB).
Set sections alignment in linker script.
Signed-off-by: Evgeniy Baskov <baskov@xxxxxxxxx>
---
arch/x86/boot/compressed/vmlinux.lds.S | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/arch/x86/boot/compressed/vmlinux.lds.S
b/arch/x86/boot/compressed/vmlinux.lds.S
index 112b2375d021..6be90f1a1198 100644
--- a/arch/x86/boot/compressed/vmlinux.lds.S
+++ b/arch/x86/boot/compressed/vmlinux.lds.S
@@ -27,21 +27,27 @@ SECTIONS
HEAD_TEXT
_ehead = . ;
}
+ . = ALIGN(PAGE_SIZE);
.rodata..compressed : {
+ _compressed = .;
Why are you adding these?
It is used for address compressed kernel blob during memory protection
setup.
Although it can be addressed via different symbols, I though that
addressing
sections data in a common way (through linker generated symbols) would
be better.
I can remove or mention the change in commit message (for now I will do
the latter).
*(.rodata..compressed)
+ _ecompressed = .;
}
+ . = ALIGN(PAGE_SIZE);
On other EFI architectures, we only distinguish between R-X and RW-
regions, and alignment between .rodata and .text is unnecessary. Do we
really need to deviate from that here?
I though that leaving a huge compressed kernel blob executable is
undesirable, so I decided to split it out. I can make it either RW- or
R-X
if it would be more acceptable.
.text : {
_text = .; /* Text */
*(.text)
*(.text.*)
_etext = . ;
}
+ . = ALIGN(PAGE_SIZE);
.rodata : {
_rodata = . ;
*(.rodata) /* read-only data */
*(.rodata.*)
_erodata = . ;
}
+ . = ALIGN(PAGE_SIZE);
.data : {
_data = . ;
*(.data)
--
2.35.1
