From patchwork Tue Jul 18 22:33:19 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Garnier X-Patchwork-Id: 9850063 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 392A760392 for ; Tue, 18 Jul 2017 22:37:12 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 24BB5285CB for ; Tue, 18 Jul 2017 22:37:12 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 19200285D8; Tue, 18 Jul 2017 22:37:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, RCVD_IN_DNSWL_MED, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id B2ACA285CB for ; Tue, 18 Jul 2017 22:37:11 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dXb4U-0000W7-PW; Tue, 18 Jul 2017 22:34:26 +0000 Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dXb4T-0000UR-Lw for xen-devel@lists.xenproject.org; Tue, 18 Jul 2017 22:34:25 +0000 Received: from [193.109.254.147] by server-6.bemta-6.messagelabs.com id 48/75-03937-1FC8E695; Tue, 18 Jul 2017 22:34:25 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrMIsWRWlGSWpSXmKPExsXiVRusp/uhJy/ S4MQDXovvWyYzOTB6HP5whSWAMYo1My8pvyKBNWPdihOsBT3CFScb2lkaGM/wdzFycQgJTGeU mNf3lwXEYRF4xSJxZuNZNhBHQqCfVeLn6qtMXYycQE6cRNumJywQdqXEthVzWUFsIQElia0bl jJD2P8YJbrWZYPYbAJaEnsa5jOBDBIRmM0hsbjrDNgKAYGPbBI3thxmBnGYBVqYJJ782wa2Ql jAUWL77YVgK1gEVCXWf/0BFucVsJR43rQAqIEDaLWxxN8v+iAmp4CVxPL7PBCLLSV6extYJjA KLmBkWMWoUZxaVJZapGtspJdUlJmeUZKbmJmja2hgppebWlycmJ6ak5hUrJecn7uJERh0DECw g/H0usBDjJIcTEqivFuV8yKF+JLyUyozEosz4otKc1KLDzHKcHAoSfAe6gbKCRalpqdWpGXmA MMfJi3BwaMkwusDkuYtLkjMLc5Mh0idYjTmmHRg+xcmjlcT/n9jEmLJy89LlRLnXQBSKgBSml GaBzcIFpeXGGWlhHkZgU4T4ilILcrNLEGVf8UozsGoJMzbDzKFJzOvBG7fK6BTmIBOEfbNATm lJBEhJdXAWHv+1J/Jr3Y5HvWe7/toyvYFU710TVPjVK7d7s+ceLhey2eW6N+Nc08U7+3fz/Zr xrrzxdoH577ln6Q754rWA2m1vtmV0xQu/dsSPfGOy6XjlhFn3nlt/xHYMNfiqurshw7/3F/sa bpwdFfONveLHLe/vD+cWK+2+2FJouQEyydV3S/z/VX6hFuVWIozEg21mIuKEwE/GdFCxgIAAA == X-Env-Sender: thgarnie@google.com X-Msg-Ref: server-10.tower-27.messagelabs.com!1500417263!84565420!1 X-Originating-IP: [74.125.83.46] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 9.4.25; banners=-,-,- X-VirusChecked: Checked Received: (qmail 17678 invoked from network); 18 Jul 2017 22:34:24 -0000 Received: from mail-pg0-f46.google.com (HELO mail-pg0-f46.google.com) (74.125.83.46) by server-10.tower-27.messagelabs.com with AES128-GCM-SHA256 encrypted SMTP; 18 Jul 2017 22:34:24 -0000 Received: by mail-pg0-f46.google.com with SMTP id u5so19918924pgq.3 for ; Tue, 18 Jul 2017 15:34:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=UpMEsq8AofDPyhtX1fiCHZciKW2pc/cVSIecBulyr4E=; b=tpGdBZj3ljXYWl34a0u6CUYSUCfU+WY62K0NvYIm0R7zpG1AOKm5mwUUd/QU2kxQ8L xVMdCL/VLBLcLv+9Oqj44M1/6iF78xj5KFL+k+PeDAFTYRnzLY8wKVG05z1XpADsH8rF bR+j4KeNjB7z5pysXesrm8W9NiykCW02TCiQlkjoW/H3k3kwi2KA2+J4JUn9ss66kPmW mrzLnCOFKqjUiOY6FoGSu7ey/6hdfpV9GVPqtc60B13oOcMmvd28OXPboGKRs27aA0Iq DanVrKGN4Z2b983gWB3jpX8mcFFI+2/8jurPtoCsNaY2d5gJy3w9LKC2CmwPLLEDkPOb pixA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=UpMEsq8AofDPyhtX1fiCHZciKW2pc/cVSIecBulyr4E=; b=R5fuLoUmYS7jpziJQg4K8NOP4/6IzT290e97BG1JCSwpwoAKy/Ec9eGcLRH5XpGoHR 4+p9iwmv/Z6dDKzAz606JcHEHpfOOHRN0Dd5apjHJ0zc2HFm+Q9QG3+I193r6wJhFCUd jukNn+4WSJzc+zG7p73OJXSnyLV6TcJhmS2ZVSrfxlffpN+p9F6aMkFXa4o85gHY+Rdn h6/l2AaXRKtm79fSVJlamTNtdW17Atge65ECZ2ZUlu8/1v4nO/Sk5wsY4K6IdxPPl1vA DDTqIIgNnS7R/oh95x5nAe3jCEt6ARrvUrYjIulrlgHg8zXAjKFLEBQIYM1LK2l6bELk nmwA== X-Gm-Message-State: AIVw111yKEFkjn0HF+z2h8r2AxBwDPetm3Kda5RNRapzMfDpWw4ZSRXD OD78TpYS0ju6Lstg X-Received: by 10.98.198.87 with SMTP id m84mr3970271pfg.122.1500417262244; Tue, 18 Jul 2017 15:34:22 -0700 (PDT) Received: from skynet.sea.corp.google.com ([100.100.206.164]) by smtp.gmail.com with ESMTPSA id b6sm6444242pgn.67.2017.07.18.15.34.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 18 Jul 2017 15:34:21 -0700 (PDT) From: Thomas Garnier To: Herbert Xu , "David S . Miller" , Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Thomas Garnier , Arnd Bergmann , Matthias Kaehlcke , Boris Ostrovsky , Juergen Gross , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Andy Lutomirski , Borislav Petkov , "Kirill A . Shutemov" , Brian Gerst , Borislav Petkov , Christian Borntraeger , "Rafael J . Wysocki" , Len Brown , Pavel Machek , Tejun Heo , Christoph Lameter , Kees Cook , Paul Gortmaker , Chris Metcalf , "Paul E . McKenney" , Andrew Morton , Christopher Li , Dou Liyang , Masahiro Yamada , Daniel Borkmann , Markus Trippelsdorf , Peter Foley , Steven Rostedt , Tim Chen , Ard Biesheuvel , Catalin Marinas , Matthew Wilcox , Michal Hocko , Rob Landley , Jiri Kosina , "H . J . Lu" , Paul Bolle , Baoquan He , Daniel Micay Date: Tue, 18 Jul 2017 15:33:19 -0700 Message-Id: <20170718223333.110371-9-thgarnie@google.com> X-Mailer: git-send-email 2.13.2.932.g7449e964c-goog In-Reply-To: <20170718223333.110371-1-thgarnie@google.com> References: <20170718223333.110371-1-thgarnie@google.com> Cc: linux-arch@vger.kernel.org, kvm@vger.kernel.org, linux-pm@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, linux-sparse@vger.kernel.org, linux-crypto@vger.kernel.org, kernel-hardening@lists.openwall.com, xen-devel@lists.xenproject.org Subject: [Xen-devel] [RFC 08/22] x86/entry/64: Adapt assembly for PIE support X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extended the KASLR randomization range below the -2G memory limit. Signed-off-by: Thomas Garnier --- arch/x86/entry/entry_64.S | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index a9a8027a6c0e..691c4755269b 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -195,12 +195,15 @@ entry_SYSCALL_64_fastpath: ja 1f /* return -ENOSYS (already in pt_regs->ax) */ movq %r10, %rcx + /* Ensures the call is position independent */ + leaq sys_call_table(%rip), %r11 + /* * This call instruction is handled specially in stub_ptregs_64. * It might end up jumping to the slow path. If it jumps, RAX * and all argument registers are clobbered. */ - call *sys_call_table(, %rax, 8) + call *(%r11, %rax, 8) .Lentry_SYSCALL_64_after_fastpath_call: movq %rax, RAX(%rsp) @@ -333,7 +336,8 @@ ENTRY(stub_ptregs_64) * RAX stores a pointer to the C function implementing the syscall. * IRQs are on. */ - cmpq $.Lentry_SYSCALL_64_after_fastpath_call, (%rsp) + leaq .Lentry_SYSCALL_64_after_fastpath_call(%rip), %r11 + cmpq %r11, (%rsp) jne 1f /* @@ -1109,7 +1113,8 @@ ENTRY(error_entry) movl %ecx, %eax /* zero extend */ cmpq %rax, RIP+8(%rsp) je .Lbstep_iret - cmpq $.Lgs_change, RIP+8(%rsp) + leaq .Lgs_change(%rip), %rcx + cmpq %rcx, RIP+8(%rsp) jne .Lerror_entry_done /* @@ -1324,10 +1329,10 @@ ENTRY(nmi) * resume the outer NMI. */ - movq $repeat_nmi, %rdx + leaq repeat_nmi(%rip), %rdx cmpq 8(%rsp), %rdx ja 1f - movq $end_repeat_nmi, %rdx + leaq end_repeat_nmi(%rip), %rdx cmpq 8(%rsp), %rdx ja nested_nmi_out 1: @@ -1381,7 +1386,8 @@ nested_nmi: pushq %rdx pushfq pushq $__KERNEL_CS - pushq $repeat_nmi + leaq repeat_nmi(%rip), %rdx + pushq %rdx /* Put stack back */ addq $(6*8), %rsp @@ -1419,7 +1425,9 @@ first_nmi: addq $8, (%rsp) /* Fix up RSP */ pushfq /* RFLAGS */ pushq $__KERNEL_CS /* CS */ - pushq $1f /* RIP */ + pushq %rax /* Support Position Independent Code */ + leaq 1f(%rip), %rax /* RIP */ + xchgq %rax, (%rsp) /* Restore RAX, put 1f */ INTERRUPT_RETURN /* continues at repeat_nmi below */ 1: #endif