x86: Add support for ZSTD compressed kernel

- Add support for zstd compressed kernel

- Define __DISABLE_EXPORTS in Makefile

- Remove __DISABLE_EXPORTS definition from kaslr.c

- Bump the heap size for zstd.

- Update the documentation.

Integrates the ZSTD decompression code to the x86 pre-boot code.

Zstandard requires slightly more memory during the kernel decompression
on x86 (192 KB vs 64 KB), and the memory usage is independent of the
window size.

__DISABLE_EXPORTS is now defined in the Makefile, which covers both
the existing use in kaslr.c, and the use needed by the zstd decompressor
in misc.c.

This patch has been boot tested with both a zstd and gzip compressed
kernel on i386 and x86_64 using buildroot and QEMU.

Additionally, this has been tested in production on x86_64 devices.
We saw a 2 second boot time reduction by switching kernel compression
from xz to zstd.

Signed-off-by: Nick Terrell <terrelln@fb.com>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20200730190841.2071656-7-nickrterrell@gmail.com
This commit is contained in:
Nick Terrell 2020-07-30 12:08:39 -07:00 committed by Ingo Molnar
parent 0fe4f4ef8c
commit fb46d057db
6 changed files with 22 additions and 13 deletions

View File

@ -782,9 +782,9 @@ Protocol: 2.08+
uncompressed data should be determined using the standard magic uncompressed data should be determined using the standard magic
numbers. The currently supported compression formats are gzip numbers. The currently supported compression formats are gzip
(magic numbers 1F 8B or 1F 9E), bzip2 (magic number 42 5A), LZMA (magic numbers 1F 8B or 1F 9E), bzip2 (magic number 42 5A), LZMA
(magic number 5D 00), XZ (magic number FD 37), and LZ4 (magic number (magic number 5D 00), XZ (magic number FD 37), LZ4 (magic number
02 21). The uncompressed payload is currently always ELF (magic 02 21) and ZSTD (magic number 28 B5). The uncompressed payload is
number 7F 45 4C 46). currently always ELF (magic number 7F 45 4C 46).
============ ============== ============ ==============
Field name: payload_length Field name: payload_length

View File

@ -188,6 +188,7 @@ config X86
select HAVE_KERNEL_LZMA select HAVE_KERNEL_LZMA
select HAVE_KERNEL_LZO select HAVE_KERNEL_LZO
select HAVE_KERNEL_XZ select HAVE_KERNEL_XZ
select HAVE_KERNEL_ZSTD
select HAVE_KPROBES select HAVE_KPROBES
select HAVE_KPROBES_ON_FTRACE select HAVE_KPROBES_ON_FTRACE
select HAVE_FUNCTION_ERROR_INJECTION select HAVE_FUNCTION_ERROR_INJECTION

View File

@ -26,7 +26,7 @@ OBJECT_FILES_NON_STANDARD := y
KCOV_INSTRUMENT := n KCOV_INSTRUMENT := n
targets := vmlinux vmlinux.bin vmlinux.bin.gz vmlinux.bin.bz2 vmlinux.bin.lzma \ targets := vmlinux vmlinux.bin vmlinux.bin.gz vmlinux.bin.bz2 vmlinux.bin.lzma \
vmlinux.bin.xz vmlinux.bin.lzo vmlinux.bin.lz4 vmlinux.bin.xz vmlinux.bin.lzo vmlinux.bin.lz4 vmlinux.bin.zst
KBUILD_CFLAGS := -m$(BITS) -O2 KBUILD_CFLAGS := -m$(BITS) -O2
KBUILD_CFLAGS += -fno-strict-aliasing $(call cc-option, -fPIE, -fPIC) KBUILD_CFLAGS += -fno-strict-aliasing $(call cc-option, -fPIE, -fPIC)
@ -42,6 +42,7 @@ KBUILD_CFLAGS += $(call cc-disable-warning, gnu)
KBUILD_CFLAGS += -Wno-pointer-sign KBUILD_CFLAGS += -Wno-pointer-sign
KBUILD_CFLAGS += $(call cc-option,-fmacro-prefix-map=$(srctree)/=) KBUILD_CFLAGS += $(call cc-option,-fmacro-prefix-map=$(srctree)/=)
KBUILD_CFLAGS += -fno-asynchronous-unwind-tables KBUILD_CFLAGS += -fno-asynchronous-unwind-tables
KBUILD_CFLAGS += -D__DISABLE_EXPORTS
KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__ASSEMBLY__ KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__ASSEMBLY__
GCOV_PROFILE := n GCOV_PROFILE := n
@ -145,6 +146,8 @@ $(obj)/vmlinux.bin.lzo: $(vmlinux.bin.all-y) FORCE
$(call if_changed,lzo) $(call if_changed,lzo)
$(obj)/vmlinux.bin.lz4: $(vmlinux.bin.all-y) FORCE $(obj)/vmlinux.bin.lz4: $(vmlinux.bin.all-y) FORCE
$(call if_changed,lz4) $(call if_changed,lz4)
$(obj)/vmlinux.bin.zst: $(vmlinux.bin.all-y) FORCE
$(call if_changed,zstd22)
suffix-$(CONFIG_KERNEL_GZIP) := gz suffix-$(CONFIG_KERNEL_GZIP) := gz
suffix-$(CONFIG_KERNEL_BZIP2) := bz2 suffix-$(CONFIG_KERNEL_BZIP2) := bz2
@ -152,6 +155,7 @@ suffix-$(CONFIG_KERNEL_LZMA) := lzma
suffix-$(CONFIG_KERNEL_XZ) := xz suffix-$(CONFIG_KERNEL_XZ) := xz
suffix-$(CONFIG_KERNEL_LZO) := lzo suffix-$(CONFIG_KERNEL_LZO) := lzo
suffix-$(CONFIG_KERNEL_LZ4) := lz4 suffix-$(CONFIG_KERNEL_LZ4) := lz4
suffix-$(CONFIG_KERNEL_ZSTD) := zst
quiet_cmd_mkpiggy = MKPIGGY $@ quiet_cmd_mkpiggy = MKPIGGY $@
cmd_mkpiggy = $(obj)/mkpiggy $< > $@ cmd_mkpiggy = $(obj)/mkpiggy $< > $@

View File

@ -19,13 +19,6 @@
*/ */
#define BOOT_CTYPE_H #define BOOT_CTYPE_H
/*
* _ctype[] in lib/ctype.c is needed by isspace() of linux/ctype.h.
* While both lib/ctype.c and lib/cmdline.c will bring EXPORT_SYMBOL
* which is meaningless and will cause compiling error in some cases.
*/
#define __DISABLE_EXPORTS
#include "misc.h" #include "misc.h"
#include "error.h" #include "error.h"
#include "../string.h" #include "../string.h"

View File

@ -77,6 +77,10 @@ static int lines, cols;
#ifdef CONFIG_KERNEL_LZ4 #ifdef CONFIG_KERNEL_LZ4
#include "../../../../lib/decompress_unlz4.c" #include "../../../../lib/decompress_unlz4.c"
#endif #endif
#ifdef CONFIG_KERNEL_ZSTD
#include "../../../../lib/decompress_unzstd.c"
#endif
/* /*
* NOTE: When adding a new decompressor, please update the analysis in * NOTE: When adding a new decompressor, please update the analysis in
* ../header.S. * ../header.S.

View File

@ -24,9 +24,16 @@
# error "Invalid value for CONFIG_PHYSICAL_ALIGN" # error "Invalid value for CONFIG_PHYSICAL_ALIGN"
#endif #endif
#ifdef CONFIG_KERNEL_BZIP2 #if defined(CONFIG_KERNEL_BZIP2)
# define BOOT_HEAP_SIZE 0x400000 # define BOOT_HEAP_SIZE 0x400000
#else /* !CONFIG_KERNEL_BZIP2 */ #elif defined(CONFIG_KERNEL_ZSTD)
/*
* Zstd needs to allocate the ZSTD_DCtx in order to decompress the kernel.
* The ZSTD_DCtx is ~160KB, so set the heap size to 192KB because it is a
* round number and to allow some slack.
*/
# define BOOT_HEAP_SIZE 0x30000
#else
# define BOOT_HEAP_SIZE 0x10000 # define BOOT_HEAP_SIZE 0x10000
#endif #endif