Linux kernel compile spigging compressed instructions in the <_start>

41 views
Skip to first unread message

vithurson subasharan

unread,
Jul 10, 2022, 5:49:21 AM7/10/22
to RISC-V SW Dev
Hi all, I compiled latest linux kernel version with 64I option with F and C turned off, but i notice that there are still appearing in the binary. Is there a way to turn them off?

thanks in advance,
Vithurson

vmlinux:     file format elf64-littleriscv


Disassembly of section .head.text:

0000000080000000 <_start>:
    80000000:    05c0006f              j    8000005c <_start_kernel>
    ...
    80000010:    ab78                    fsd    fa4,208(a4)
    80000012:    0095                    addi    ra,ra,5
    ...
    80000020:    0002                    c.slli    zero,0x0
    ...
    8000002e:    0000                    unimp
    80000030:    4952                    lw    s2,20(sp)
    80000032:    00564353              fadd.s    ft6,fa2,ft5,rmm
    80000036:    0000                    unimp
    80000038:    5352                    lw    t1,52(sp)
    8000003a:    00000543              fmadd.s    fa0,ft0,ft0,ft0,rne
    ...

Robert Lipe

unread,
Jul 10, 2022, 10:23:18 PM7/10/22
to RISC-V SW Dev, vith...@gmail.com
That's probably just junk in the binary. It's not like anything is going to run after that unconditional jump, right? 

This doesn't look like it was written by a compiler and emitted into a .s file. Besides, you have a couple of opcodes missing if that were to be intended as an executable stream. There are bytes between 0 and 0x10.

You didn't say what you were building for and you didn't show the source for _start, so we're all kind of left to guess. Please try to fill in those things to help us help you.

Isn't there some system vendor that puts some kind of boot checksum, magic number, or other binary watermark/fingerprinting thing at offset 10? That seems like something that Allwinner would do.

I'm skeptical that the above was emitted by  a compiler.

Andreas Schwab

unread,
Jul 11, 2022, 4:12:31 AM7/11/22
to vithurson subasharan, RISC-V SW Dev
On Jul 10 2022, vithurson subasharan wrote:

> Hi all, I compiled latest linux kernel version with 64I option with F and C
> turned off, but i notice that there are still appearing in the binary. Is
> there a way to turn them off?

You can't, that's the image header.

/*
* Image header expected by Linux boot-loaders. The image header data
* structure is described in asm/image.h.
* Do not modify it without modifying the structure and all bootloaders
* that expects this header format!!
*/

--
Andreas Schwab, SUSE Labs, sch...@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."

Palmer Dabbelt

unread,
Jul 11, 2022, 4:26:23 PM7/11/22
to vith...@gmail.com, sch...@suse.de, sw-...@groups.riscv.org
On Mon, 11 Jul 2022 01:12:27 PDT (-0700), sch...@suse.de wrote:
> On Jul 10 2022, vithurson subasharan wrote:
>
>> Hi all, I compiled latest linux kernel version with 64I option with F and C
>> turned off, but i notice that there are still appearing in the binary. Is
>> there a way to turn them off?
>
> You can't, that's the image header.
>
> /*
> * Image header expected by Linux boot-loaders. The image header data
> * structure is described in asm/image.h.
> * Do not modify it without modifying the structure and all bootloaders
> * that expects this header format!!
> */

Just to elaborate a bit: these aren't actually executed as instructions,
they're part of some read-only data that's embedded into the binary
image very close to the start. It's pretty common for kernels to have
something like this, our format is very similar to what arm64 uses but
there's also stuff like multiboot on x86. Our PE header (for EFI) does
actually contain compressed instructions, but if you build without the C
extension you will end up with a kernel that never executes any C
instructions (unless there's some bug that nobody's found/fixed yet).

There's some more info in the documentation:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/riscv/boot-image-header.rst

vithurson subasharan

unread,
Jul 11, 2022, 6:10:46 PM7/11/22
to RISC-V SW Dev, pal...@dabbelt.com, sch...@suse.de, sw-...@groups.riscv.org, vithurson subasharan
Thanks All!
Reply all
Reply to author
Forward
0 new messages