From patchwork Thu Aug 10 17:26:00 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Garnier <thgarnie@google.com>
X-Patchwork-Id: 9894343
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	E98DA60236 for <patchwork-xen-devel@patchwork.kernel.org>;
	Thu, 10 Aug 2017 17:29:23 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D09A927C05
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Thu, 10 Aug 2017 17:29:23 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id C4C92285F0; Thu, 10 Aug 2017 17:29:23 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.6 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, RCVD_IN_DNSWL_MED, RCVD_IN_SORBS_SPAM,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3C03C1FF61
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Thu, 10 Aug 2017 17:29:23 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1dfrEZ-0007eg-Ao; Thu, 10 Aug 2017 17:26:59 +0000
Received: from mail6.bemta6.messagelabs.com ([193.109.254.103])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <thgarnie@google.com>) id 1dfrEY-0007d4-Ff
	for xen-devel@lists.xenproject.org; Thu, 10 Aug 2017 17:26:58 +0000
Received: from [193.109.254.147] by server-10.bemta-6.messagelabs.com id
	DD/40-03582-1679C895; Thu, 10 Aug 2017 17:26:57 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrBIsWRWlGSWpSXmKPExsXiVRtsqpswvSf
	S4Otea4vvWyYzOTB6HP5whSWAMYo1My8pvyKBNeP/hnbGgrnCFW/61jM1MN7h72Lk4hASmM4o
	8eHJRFYQh0XgFYvE/OM7mEEcCYF+Von5568CZTiBnDiJpx/nMEPYFRLnnu5iA7GFBJQktm5Yy
	gwx6h+jxIaJH8Ea2AS0JPY0zGcCSYgILBWUONl6jRHEYRZoYZJ48m8bE0iVsICLxJ5zTWAdLA
	KqEks/PGUBsXkFLCTWTn/KCLHOROJJ6yQwm1PAUmLaspnMEKstJKb+Wsk0gVFgASPDKkb14tS
	istQiXUu9pKLM9IyS3MTMHF1DAzO93NTi4sT01JzEpGK95PzcTYzA8GIAgh2MdzcFHGKU5GBS
	EuUt/tQdKcSXlJ9SmZFYnBFfVJqTWnyIUYaDQ0mCd/LUnkghwaLU9NSKtMwcYKDDpCU4eJREe
	LeCpHmLCxJzizPTIVKnGI05Jh3Y/oWJ49WE/9+YhFjy8vNSpcR5racBlQqAlGaU5sENgkXgJU
	ZZKWFeRqDThHgKUotyM0tQ5V8xinMwKgnzXgRZyJOZVwK37xXQKUxAp0T4doKcUpKIkJJqYCx
	xkI92Z1Ho7coq4l5stIp95ka93TNT/gjsCu/5FHf84pnTFobrizZ6NV7eMFXsrJl2ZFfHN2Xe
	As66Oxp5yxMTHl180nno+hM/71s84rELZ2yffn/S89AJitd+TeNZVSVwVN7evE3he9ojo5+26
	s9s2D/Nf8IReXnePavgFzzxRa63ni5dbKvEUpyRaKjFXFScCABmO4rNuwIAAA==
X-Env-Sender: thgarnie@google.com
X-Msg-Ref: server-13.tower-27.messagelabs.com!1502386015!101741141!1
X-Originating-IP: [74.125.83.53]
X-SpamReason: No, hits=0.0 required=7.0 tests=
X-StarScan-Received: 
X-StarScan-Version: 9.4.45; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 56073 invoked from network); 10 Aug 2017 17:26:56 -0000
Received: from mail-pg0-f53.google.com (HELO mail-pg0-f53.google.com)
	(74.125.83.53)
	by server-13.tower-27.messagelabs.com with AES128-GCM-SHA256
	encrypted SMTP; 10 Aug 2017 17:26:56 -0000
Received: by mail-pg0-f53.google.com with SMTP id v77so5494841pgb.3
	for <xen-devel@lists.xenproject.org>;
	Thu, 10 Aug 2017 10:26:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=deOUMY917awVbA/TuXM7vRmExUIlv5iGqjZLEltPoBI=;
	b=ufASSMnAgPHbRvRdUJaYBm/Gwsfj5NmPe1WJW1n1G+gWDPwWdwxAUrPVayYnoNiYLN
	S3otWcAGbgyetqzkVy/cc/2AVdB2sYvOPIcT6XlOB0c+Yw/LhhPUJILNzD27/Tk9Cp34
	AJ7ChT1+Nb07imiLVQwHKtBQSSDzVS6ssn7uQ59gT+PmXZttPRhOJZZqqfTIOYfHQfEq
	nBvgsi3C2BkrSh9uIW/37/M9L+cknINHHUE/YtAVDA2sOzG4V4fEFvkidkCfHS5m2Mxt
	u6wFt9JjQZqsiqYa6bffMr2vnTYBDln/QIlWKqVfACjgeovTpGgdLKS9+zCuvGh8P58W
	Wssw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=deOUMY917awVbA/TuXM7vRmExUIlv5iGqjZLEltPoBI=;
	b=Ds5pgfDXWEWeuU1Hsjfy9LfLuBvflazxNKr7HcHaVdiOFG0HDIF7RrkFESMfLPo8X1
	MyX9mQGt26YSdey5a9tqULJ0G8XFyusXbwkMxjajuEw2D+LAQBW96B8LjA97Re6b4RT/
	WgQBRO5XLpZDY1mLEg9jh/TCTMHufVuIoy0MPBEBqEXYYuK+u0XBASnv3SwAmFmHevOG
	+wb7k6vmnTqap0NCMQSgJmWlX943RYhfqNO4bCqxV+BJg7dGgtE198HnMEW0Q4ykhilt
	n3EZiihMZ2aWVdronR1LqvWdBRGzXrYNwDwDyQijhW3HAdN11DMriF3BcMK8TzaSGKrP
	pdGw==
X-Gm-Message-State: AHYfb5jaxllP4y7DKV8nU6jPkbxdLR6u8mVLXKHHdZeiP++yb7oh5eAP
	OYcS/r9MDKVreEak
X-Received: by 10.98.205.8 with SMTP id o8mr12975048pfg.241.1502386015057;
	Thu, 10 Aug 2017 10:26:55 -0700 (PDT)
Received: from skynet.sea.corp.google.com ([172.31.92.33])
	by smtp.gmail.com with ESMTPSA id
	p77sm11894925pfi.153.2017.08.10.10.26.53
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Thu, 10 Aug 2017 10:26:54 -0700 (PDT)
From: Thomas Garnier <thgarnie@google.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
	"David S . Miller" <davem@davemloft.net>,
	Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H . Peter Anvin" <hpa@zytor.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Josh Poimboeuf <jpoimboe@redhat.com>, Arnd Bergmann <arnd@arndb.de>,
	Thomas Garnier <thgarnie@google.com>,
	Matthias Kaehlcke <mka@chromium.org>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	Juergen Gross <jgross@suse.com>, Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Joerg Roedel <joro@8bytes.org>, Tom Lendacky <thomas.lendacky@amd.com>,
	Andy Lutomirski <luto@kernel.org>, Borislav Petkov <bp@suse.de>,
	Brian Gerst <brgerst@gmail.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	"Rafael J . Wysocki" <rjw@rjwysocki.net>,
	Len Brown <len.brown@intel.com>,
	Pavel Machek <pavel@ucw.cz>, Tejun Heo <tj@kernel.org>,
	Christoph Lameter <cl@linux.com>,
	Paul Gortmaker <paul.gortmaker@windriver.com>,
	Chris Metcalf <cmetcalf@mellanox.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
	Nicolas Pitre <nicolas.pitre@linaro.org>,
	Christopher Li <sparse@chrisli.org>,
	"Rafael J . Wysocki" <rafael.j.wysocki@intel.com>,
	Lukas Wunner <lukas@wunner.de>,
	Mika Westerberg <mika.westerberg@linux.intel.com>,
	Dou Liyang <douly.fnst@cn.fujitsu.com>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Alexei Starovoitov <ast@kernel.org>,
	Masahiro Yamada <yamada.masahiro@socionext.com>,
	Markus Trippelsdorf <markus@trippelsdorf.de>,
	Steven Rostedt <rostedt@goodmis.org>, Kees Cook <keescook@chromium.org>,
	Rik van Riel <riel@redhat.com>, David Howells <dhowells@redhat.com>,
	Waiman Long <longman@redhat.com>, Kyle Huey <me@kylehuey.com>,
	Peter Foley <pefoley2@pefoley.com>,
	Tim Chen <tim.c.chen@linux.intel.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michal Hocko <mhocko@suse.com>, Matthew Wilcox <mawilcox@microsoft.com>,
	"H . J . Lu" <hjl.tools@gmail.com>, Paul Bolle <pebolle@tiscali.nl>,
	Rob Landley <rob@landley.net>, Baoquan He <bhe@redhat.com>,
	Daniel Micay <danielmicay@gmail.com>
Date: Thu, 10 Aug 2017 10:26:00 -0700
Message-Id: <20170810172615.51965-9-thgarnie@google.com>
X-Mailer: git-send-email 2.14.0.434.g98096fd7a8-goog
In-Reply-To: <20170810172615.51965-1-thgarnie@google.com>
References: <20170810172615.51965-1-thgarnie@google.com>
Cc: linux-arch@vger.kernel.org, kvm@vger.kernel.org, linux-pm@vger.kernel.org,
	x86@kernel.org, linux-kernel@vger.kernel.org,
	linux-sparse@vger.kernel.org,
	linux-crypto@vger.kernel.org, kernel-hardening@lists.openwall.com,
	xen-devel@lists.xenproject.org
Subject: [Xen-devel] [RFC v2 08/23] x86/entry/64: Adapt assembly for PIE
	support
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.

Position Independent Executable (PIE) support will allow to extended the
KASLR randomization range below the -2G memory limit.

Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
 arch/x86/entry/entry_64.S | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index daf8936d0628..a3967a2af6ec 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -199,12 +199,15 @@ entry_SYSCALL_64_fastpath:
 	ja	1f				/* return -ENOSYS (already in pt_regs->ax) */
 	movq	%r10, %rcx
 
+	/* Ensures the call is position independent */
+	leaq	sys_call_table(%rip), %r11
+
 	/*
 	 * This call instruction is handled specially in stub_ptregs_64.
 	 * It might end up jumping to the slow path.  If it jumps, RAX
 	 * and all argument registers are clobbered.
 	 */
-	call	*sys_call_table(, %rax, 8)
+	call	*(%r11, %rax, 8)
 .Lentry_SYSCALL_64_after_fastpath_call:
 
 	movq	%rax, RAX(%rsp)
@@ -339,7 +342,8 @@ ENTRY(stub_ptregs_64)
 	 * RAX stores a pointer to the C function implementing the syscall.
 	 * IRQs are on.
 	 */
-	cmpq	$.Lentry_SYSCALL_64_after_fastpath_call, (%rsp)
+	leaq	.Lentry_SYSCALL_64_after_fastpath_call(%rip), %r11
+	cmpq	%r11, (%rsp)
 	jne	1f
 
 	/*
@@ -1210,7 +1214,8 @@ ENTRY(error_entry)
 	movl	%ecx, %eax			/* zero extend */
 	cmpq	%rax, RIP+8(%rsp)
 	je	.Lbstep_iret
-	cmpq	$.Lgs_change, RIP+8(%rsp)
+	leaq	.Lgs_change(%rip), %rcx
+	cmpq	%rcx, RIP+8(%rsp)
 	jne	.Lerror_entry_done
 
 	/*
@@ -1430,10 +1435,10 @@ ENTRY(nmi)
 	 * resume the outer NMI.
 	 */
 
-	movq	$repeat_nmi, %rdx
+	leaq	repeat_nmi(%rip), %rdx
 	cmpq	8(%rsp), %rdx
 	ja	1f
-	movq	$end_repeat_nmi, %rdx
+	leaq	end_repeat_nmi(%rip), %rdx
 	cmpq	8(%rsp), %rdx
 	ja	nested_nmi_out
 1:
@@ -1487,7 +1492,8 @@ nested_nmi:
 	pushq	%rdx
 	pushfq
 	pushq	$__KERNEL_CS
-	pushq	$repeat_nmi
+	leaq	repeat_nmi(%rip), %rdx
+	pushq	%rdx
 
 	/* Put stack back */
 	addq	$(6*8), %rsp
@@ -1526,7 +1532,9 @@ first_nmi:
 	addq	$8, (%rsp)	/* Fix up RSP */
 	pushfq			/* RFLAGS */
 	pushq	$__KERNEL_CS	/* CS */
-	pushq	$1f		/* RIP */
+	pushq	%rax		/* Support Position Independent Code */
+	leaq	1f(%rip), %rax	/* RIP */
+	xchgq	%rax, (%rsp)	/* Restore RAX, put 1f */
 	INTERRUPT_RETURN	/* continues at repeat_nmi below */
 	UNWIND_HINT_IRET_REGS
 1: