[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/4] x86/hvmloader: Don't build as PIC/PIE

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Fri, 24 Mar 2023 11:18:03 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eTYUTsF7h7NQetqYIJLBcg9xA1tpAfVus1HkfzXeFSY=; b=Km5KWNANeR/suCsu+j3p8fmyeUtKxuzRZ916gEv8+F80P6hWtihpLR/BzI4SXU3yThX1wnLVNj74J0Slpy4MITUjNiT40aLzZDnLrsorDXGnI9gfJZn47oNeUdmSWRggJGtYH8+I52CMMdMun07X9tj+BvDxUBiI5BVrZmCiLunfvS65aDZQ7dci9TyYjlhyLB5RCq+SWmYEYTpS7gYBs9l784ngjthi+/9eYIg0eooZuCjYJidO49EGPa3i6LaYqbEMCAiFzoPE6llgr/N05+A8JQQPgOJrGcdU6ulN8iFsYQwmlt52MQi1e5T7SwSVHva51/5GF/wulUQxOyt+DA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nA59q8qJAOSQnHzFFZZg2sz+o78+7OupRP8JOVM4rolrZL3mJzq+8SKiQIBqf8/uYVPEszW4aJA88NktBajLR1mFWL/ffUCUdc4oC90Uuuq2tFf9BTQf0/zC+Pb/pb2fvfKZBLR70JDigFdnhEplNqWZxdWtSJbkBCubGknaYE3Avubt7e6fnMJbAeQlHxQ9y9khlNKx0ezcvpQ9j+9Q1gBdUwhZTXlLF+TtaJMqAtaw6/X/QMixjoMC3nWMLeVARUK8Ysb/pEiRzG8PWIF0llAIp1XqvUx6Dvrsv1xd671uew13BH1xLyKM/Dtt3c3GyuGYGt+S8sk6UR03pJSDtA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 24 Mar 2023 11:18:27 +0000
  • Ironport-data: A9a23:HFNFLK3YtUtZNCu54vbD5f5wkn2cJEfYwER7XKvMYLTBsI5bpz0Oy GYZW2yCOPaKN2f2Lth1Poyw/E8PsMOBytNhQVRspC1hF35El5HIVI+TRqvS04F+DeWYFR46s J9OAjXkBJppJpMJjk71atANlVEliefTAOK6ULWeUsxIbVcMYD87jh5+kPIOjIdtgNyoayuAo tq3qMDEULOf82cc3lk8tuTS+HuDgNyo4GlD5gdkOagS1LPjvyJ94Kw3dPnZw0TQGuG4LsbiL 87fwbew+H/u/htFIrtJRZ6iLyXm6paLVeS/oiI+t5qK23CulQRrukoPD9IOaF8/ttm8t4sZJ OOhF3CHYVxB0qXkwIzxWvTDes10FfUuFLTveRBTvSEPpqFvnrSFL/hGVSkL0YMkFulfBzlU/ +UTMCo0cRGsg7+E35u5bOYrr5F2RCXrFNt3VnBI6xj8VKxjbbWdBqLA6JlfwSs6gd1IEbDGf c0FZDFzbRPGJRpSJlMQD5F4l+Ct7pX9W2QA9BTJ+uxqsi6Kk1QZPLvFabI5fvSjQ8lPk1nej WXB52njWTkRNcCFyCrD+XWp7gPKtXqjBN9CS+PhqJaGhnXMyUI1IjQwFmHq++GTgF6FBe59C RMbr39GQa8asRbDosPGdx+yrWOAvxUcc8FNCOB84waIooLL5y6JC25CSSROAPQ2uclzSTE02 1uhm9LyGScpoLCTUWia9LqfsXW1Iyd9EIMZTSoNTA9A79y9pog210jLVow6T/bzicDpEzbtx TzMtDI5m7gYkc8M0eO84EzDhDWv4JPOS2bZ+znqY45s1SshDKbNWmBiwQOzASpoRGpBcmS8g Q==
  • Ironport-hdrordr: A9a23:gE13Mqr0wjfHge/DrGFppdAaV5oveYIsimQD101hICG9E/bo8f xG+c5w6faaskd3ZJheo7G90cW7MBbhHOdOjbX5Xo3NYOCFggSVxehZhOOO/9SHIVycygc078 xdmsNFeb/N5DZB/KLHCMXRKbYd/OU=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 25/08/2022 8:20 am, Jan Beulich wrote:
> On 24.08.2022 12:59, Andrew Cooper wrote:
>> HVMLoader is not relocatable in memory, and 32bit PIC code has a large
>> overhead.  Build it as non-relocatable.
>>
>> Bloat-o-meter reports a net:
>>   add/remove: 0/0 grow/shrink: 3/107 up/down: 14/-3370 (-3356)
>>
>> No functional change.
>>
>> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> ---
>> CC: Jan Beulich <JBeulich@xxxxxxxx>
>> CC: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>> CC: Wei Liu <wl@xxxxxxx>
>> ---
>>  tools/firmware/hvmloader/Makefile | 3 ++-
>>  1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/tools/firmware/hvmloader/Makefile
>> b/tools/firmware/hvmloader/Makefile
>> index 4f31c881613c..eb757819274b 100644
>> --- a/tools/firmware/hvmloader/Makefile
>> +++ b/tools/firmware/hvmloader/Makefile
>> @@ -23,7 +23,8 @@ include $(XEN_ROOT)/tools/firmware/Rules.mk
>>  # SMBIOS spec requires format mm/dd/yyyy
>>  SMBIOS_REL_DATE ?= $(shell date +%m/%d/%Y)
>>  
>> -CFLAGS += $(CFLAGS_xeninclude)
>> +CFLAGS += $(CFLAGS_xeninclude) -fno-pic
>> +$(call cc-option-add,CFLAGS,-no-pie)
>
> This is supposed to be coming from EMBEDDED_EXTRA_CFLAGS, if only
> it was spelled correctly there. See the patch just sent. This line
> (see that other patch) is meaningless anyway, as we don't use
> $(CFLAGS) for linking here. So with it dropped
> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
>
> I do think though that the description could do with some expanding,
> as I don't think -fpic or -fPIC is the default normally. I suppose
> it's only specific distros which make this the default.

Yeah, for ASLR reasons, but that covers ~all of our downstream users.

I'll tweak the commit message and drop the PIE part.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.