[PATCH v2 058/113] pbl: introduce CONFIG_PBL_FULLY_PIC

Ahmad Fatoum a.fatoum at pengutronix.de
Mon Mar 4 10:59:43 PST 2024 

In the quest for making barebox PBL code W^X mappable, we have now taken
care to make the ARM64 assembly routines not emit code relocations,
so let's do the same for the C code as well.

We do this by setting pragma GCC visibility push(hidden) globally. This
option is stronger than -fvisibility=hidden and ensures we are
completely position-independent. See kernel commit e544ea57ac07
("x86/boot/compressed: Force hidden visibility for all symbol references")
for more information.

Signed-off-by: Ahmad Fatoum <a.fatoum at pengutronix.de>
---
 include/linux/export.h |  2 +-
 include/linux/hidden.h | 19 +++++++++++++++++++
 pbl/Kconfig            |  7 +++++++
 scripts/Makefile.lib   |  5 +++++
 scripts/Makefile.pic   | 22 ++++++++++++++++++++++
 5 files changed, 54 insertions(+), 1 deletion(-)
 create mode 100644 include/linux/hidden.h
 create mode 100644 scripts/Makefile.pic

diff --git a/include/linux/export.h b/include/linux/export.h
index 8f47742bea99..a136d727d128 100644
--- a/include/linux/export.h
+++ b/include/linux/export.h
@@ -6,7 +6,7 @@
 
 #define THIS_MODULE	0
 
-#ifdef CONFIG_MODULES
+#if defined(CONFIG_MODULES) && !defined(__DISABLE_EXPORTS)
 
 struct kernel_symbol
 {
diff --git a/include/linux/hidden.h b/include/linux/hidden.h
new file mode 100644
index 000000000000..49a17b6b5962
--- /dev/null
+++ b/include/linux/hidden.h
@@ -0,0 +1,19 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * When building position independent code with GCC using the -fPIC option,
+ * (or even the -fPIE one on older versions), it will assume that we are
+ * building a dynamic object (either a shared library or an executable) that
+ * may have symbol references that can only be resolved at load time. For a
+ * variety of reasons (ELF symbol preemption, the CoW footprint of the section
+ * that is modified by the loader), this results in all references to symbols
+ * with external linkage to go via entries in the Global Offset Table (GOT),
+ * which carries absolute addresses which need to be fixed up when the
+ * executable image is loaded at an offset which is different from its link
+ * time offset.
+ *
+ * Fortunately, there is a way to inform the compiler that such symbol
+ * references will be satisfied at link time rather than at load time, by
+ * giving them 'hidden' visibility.
+ */
+
+#pragma GCC visibility push(hidden)
diff --git a/pbl/Kconfig b/pbl/Kconfig
index 223bf0640e1b..669a49a530a2 100644
--- a/pbl/Kconfig
+++ b/pbl/Kconfig
@@ -46,6 +46,13 @@ config PBL_RELOCATABLE
 	  This option only influences the PBL image. See RELOCATABLE to also make
 	  the real image relocatable.
 
+config PBL_FULLY_PIC
+	bool "fully position-independent pbl image"
+	depends on PBL_RELOCATABLE && ARM
+	help
+	  Compared to CONFIG_PBL_RELOCATABLE, this image has no relocations in
+	  the code sections.
+
 config PBL_VERIFY_PIGGY
 	depends on ARM
 	bool "Verify barebox proper hash before decompression" if COMPILE_TEST
diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
index f205e08afc13..6b1f0ccbc003 100644
--- a/scripts/Makefile.lib
+++ b/scripts/Makefile.lib
@@ -170,6 +170,11 @@ _stackp_flags_pbl-$(CONFIG_PBL_STACKPROTECTOR_ALL)     := -fstack-protector-all
 
 _c_flags += $(if $(part-of-pbl),$(_stackp_flags_pbl-y),$(_stackp_flags-y))
 
+ifeq ($(CONFIG_PBL_FULLY_PIC),y)
+include scripts/Makefile.pic
+PBL_CPPFLAGS	+= $(picflags-y)
+endif
+
 # If building barebox in a separate objtree expand all occurrences
 # of -Idir to -I$(srctree)/dir except for absolute paths (starting with '/').
 
diff --git a/scripts/Makefile.pic b/scripts/Makefile.pic
new file mode 100644
index 000000000000..c30894ba98d9
--- /dev/null
+++ b/scripts/Makefile.pic
@@ -0,0 +1,22 @@
+# SPDX-License-Identifier: GPL-2.0
+#
+# The stub may be linked into the kernel proper or into a separate boot binary,
+# but in either case, it executes before the kernel does (with MMU disabled) so
+# things like ftrace and stack-protector are likely to cause trouble if left
+# enabled, even if doing so doesn't break the build.
+#
+picflags-$(CONFIG_X86_64)	:= -mcmodel=small
+picflags-$(CONFIG_X86)		+= -fPIC -fno-asynchronous-unwind-tables
+
+ifeq ($(CONFIG_ARM),y)
+picflags-$(CONFIG_CPU_32)	:= -fpic -mno-single-pic-base
+picflags-$(CONFIG_CPU_64)	:= -fpie
+endif
+
+picflags-y			+= -include $(srctree)/include/linux/hidden.h \
+				   -D__fully_pic__ \
+				   -D__NO_FORTIFY \
+				   -ffreestanding \
+				   -fno-stack-protector \
+				   $(call cc-option,-fno-addrsig) \
+				   -D__DISABLE_EXPORTS
-- 
2.39.2

More information about the barebox mailing list