[PATCH 1/1] riscv: separate .data and .text sections of EFI binaries

25 Jan 2024

EFI binaries should not contain sections that are both writable and
executable. Separate the RX .text section from the RW .data section
Adjust the section alignment to 4096 bytes.
Fix conflicting SPDX license information in linker scripts introduced by
commit 7215787c4ea4 ("SPDX: Convert single license tags to Linux Kernel
style").
Fixes: 7215787c4ea4 ("SPDX: Convert single license tags to Linux Kernel style")
Signed-off-by: Heinrich Schuchardt heinrich.schuchardt@canonical.com
---
 arch/riscv/lib/crt0_riscv_efi.S    | 39 ++++++++++++++++++++++--------
 arch/riscv/lib/elf_riscv32_efi.lds | 26 ++++++++++++--------
 arch/riscv/lib/elf_riscv64_efi.lds | 26 ++++++++++++--------
 3 files changed, 61 insertions(+), 30 deletions(-)

diff --git a/arch/riscv/lib/crt0_riscv_efi.S b/arch/riscv/lib/crt0_riscv_efi.S
index 793eefdd883..46b08552371 100644
--- a/arch/riscv/lib/crt0_riscv_efi.S
+++ b/arch/riscv/lib/crt0_riscv_efi.S
@@ -53,7 +53,7 @@ pe_header:
    .long	IMAGE_NT_SIGNATURE		/* 'PE' */
 coff_header:
    .short	PE_MACHINE			/* RISC-V 64/32-bit */
-	.short	2				/* nr_sections */
+	.short	3				/* nr_sections */
    .long	0				/* TimeDateStamp */
    .long	0				/* PointerToSymbolTable */
    .long	0				/* NumberOfSymbols */
@@ -144,18 +144,37 @@ section_table:
    .byte	0
    .byte	0
    .byte	0			/* end of 0 padding of section name */
-	.long	_edata - _start		/* VirtualSize */
+	.long	_etext - _start		/* VirtualSize */
    .long	_start - ImageBase	/* VirtualAddress */
-	.long	_edata - _start		/* SizeOfRawData */
+	.long	_etext - _start		/* SizeOfRawData */
    .long	_start - ImageBase	/* PointerToRawData */
+	.long	0			/* PointerToRelocations (0 for executables) */
+	.long	0			/* PointerToLineNumbers (0 for executables) */
+	.short	0			/* NumberOfRelocations  (0 for executables) */
+	.short	0			/* NumberOfLineNumbers  (0 for executables) */
+	/* Characteristics (section flags) */
+	.long	(IMAGE_SCN_MEM_READ | \
+		 IMAGE_SCN_MEM_EXECUTE | \
+		 IMAGE_SCN_CNT_CODE)
+
+	.ascii	".data"
+	.byte	0
+	.byte	0
+	.byte	0			/* end of 0 padding of section name */
+	.long	_edata - _data		/* VirtualSize */
+	.long	_data - ImageBase	/* VirtualAddress */
+	.long	_edata - _data		/* SizeOfRawData */
+	.long	_data - ImageBase	/* PointerToRawData */
+	.long	0			/* PointerToRelocations */
+	.long	0			/* PointerToLineNumbers */
+	.short	0			/* NumberOfRelocations */
+	.short	0			/* NumberOfLineNumbers */
+	/* Characteristics (section flags) */
+	.long	(IMAGE_SCN_MEM_WRITE | \
+		 IMAGE_SCN_MEM_READ | \
+		 IMAGE_SCN_CNT_INITIALIZED_DATA)
-	.long	0		/* PointerToRelocations (0 for executables) */
-	.long	0		/* PointerToLineNumbers (0 for executables) */
-	.short	0		/* NumberOfRelocations  (0 for executables) */
-	.short	0		/* NumberOfLineNumbers  (0 for executables) */
-	.long	0xe0500020	/* Characteristics (section flags) */
-
-	.align	9
+	.align		12
 _start:
    addi		sp, sp, -(SIZE_LONG * 3)
    SAVE_LONG(a0, 0)
diff --git a/arch/riscv/lib/elf_riscv32_efi.lds b/arch/riscv/lib/elf_riscv32_efi.lds
index c3e0d20d577..7b9bd7b7f15 100644
--- a/arch/riscv/lib/elf_riscv32_efi.lds
+++ b/arch/riscv/lib/elf_riscv32_efi.lds
@@ -1,14 +1,18 @@
-/* SPDX-License-Identifier: GPL-2.0+ */
+/* SPDX-License-Identifier: BSD-2-Clause */
 /*
  * U-Boot riscv32 EFI linker script
  *
- * SPDX-License-Identifier:	BSD-2-Clause
- *
  * Modified from arch/arm/lib/elf_aarch64_efi.lds
  */
OUTPUT_FORMAT("elf32-littleriscv", "elf32-littleriscv", "elf32-littleriscv")
 OUTPUT_ARCH(riscv)
+
+PHDRS
+{
+	data PT_LOAD FLAGS(3); /* SHF_WRITE | SHF_ALLOC */
+}
+
 ENTRY(_start)
 SECTIONS
 {
@@ -20,11 +24,17 @@ SECTIONS
    	*(.gnu.linkonce.t.*)
    	*(.srodata)
    	*(.rodata*)
+		. = ALIGN(16);
+		*(.dynamic);
    	. = ALIGN(512);
    }
+	.rela.dyn : { *(.rela.dyn) }
+	.rela.plt : { *(.rela.plt) }
+	.rela.got : { *(.rela.got) }
+	.rela.data : { *(.rela.data) *(.rela.data*) }
    _etext = .;
    _text_size = . - _text;
-	.dynamic  : { *(.dynamic) }
+	. = ALIGN(4096);
    .data : {
    	_data = .;
    	*(.sdata)
@@ -49,12 +59,8 @@ SECTIONS
    	. = ALIGN(512);
    	_bss_end = .;
    	_edata = .;
-	}
-	.rela.dyn : { *(.rela.dyn) }
-	.rela.plt : { *(.rela.plt) }
-	.rela.got : { *(.rela.got) }
-	.rela.data : { *(.rela.data) *(.rela.data*) }
-	_data_size = . - _etext;
+	} :data
+	_data_size = _edata - _data;
. = ALIGN(4096);
    .dynsym   : { *(.dynsym) }
diff --git a/arch/riscv/lib/elf_riscv64_efi.lds b/arch/riscv/lib/elf_riscv64_efi.lds
index ecb91395486..d0b4f3d1d64 100644
--- a/arch/riscv/lib/elf_riscv64_efi.lds
+++ b/arch/riscv/lib/elf_riscv64_efi.lds
@@ -1,14 +1,18 @@
-/* SPDX-License-Identifier: GPL-2.0+ */
+/* SPDX-License-Identifier: BSD-2-Clause */
 /*
  * U-Boot riscv64 EFI linker script
  *
- * SPDX-License-Identifier:	BSD-2-Clause
- *
  * Modified from arch/arm/lib/elf_aarch64_efi.lds
  */
OUTPUT_FORMAT("elf64-littleriscv", "elf64-littleriscv", "elf64-littleriscv")
 OUTPUT_ARCH(riscv)
+
+PHDRS
+{
+	data PT_LOAD FLAGS(3); /* SHF_WRITE | SHF_ALLOC */
+}
+
 ENTRY(_start)
 SECTIONS
 {
@@ -20,11 +24,17 @@ SECTIONS
    	*(.gnu.linkonce.t.*)
    	*(.srodata)
    	*(.rodata*)
+		. = ALIGN(16);
+		*(.dynamic);
    	. = ALIGN(512);
    }
+	.rela.dyn : { *(.rela.dyn) }
+	.rela.plt : { *(.rela.plt) }
+	.rela.got : { *(.rela.got) }
+	.rela.data : { *(.rela.data) *(.rela.data*) }
    _etext = .;
    _text_size = . - _text;
-	.dynamic  : { *(.dynamic) }
+	. = ALIGN(4096);
    .data : {
    	_data = .;
    	*(.sdata)
@@ -49,12 +59,8 @@ SECTIONS
    	. = ALIGN(512);
    	_bss_end = .;
    	_edata = .;
-	}
-	.rela.dyn : { *(.rela.dyn) }
-	.rela.plt : { *(.rela.plt) }
-	.rela.got : { *(.rela.got) }
-	.rela.data : { *(.rela.data) *(.rela.data*) }
-	_data_size = . - _etext;
+	} :data
+	_data_size = _edata - _data;
. = ALIGN(4096);
    .dynsym   : { *(.dynsym) }
-- 
2.43.0


    

Heinrich Schuchardt

Tom Rini

tags (0)

participants (2)