From patchwork Wed Oct  4 21:19:46 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Garnier <thgarnie@google.com>
X-Patchwork-Id: 9985569
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	E870160586 for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed,  4 Oct 2017 21:23:35 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D95A628C2C
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed,  4 Oct 2017 21:23:35 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id CD41C28C2F; Wed,  4 Oct 2017 21:23:35 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.6 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, RCVD_IN_DNSWL_MED, RCVD_IN_SORBS_SPAM,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 692B228C2C
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed,  4 Oct 2017 21:23:35 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1dzr6O-0002ut-18; Wed, 04 Oct 2017 21:21:12 +0000
Received: from mail6.bemta3.messagelabs.com ([195.245.230.39])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <thgarnie@google.com>) id 1dzr6M-0002rp-BZ
	for xen-devel@lists.xenproject.org; Wed, 04 Oct 2017 21:21:10 +0000
Received: from [85.158.137.68] by server-2.bemta-3.messagelabs.com id
	B8/9E-02041-5C055D95; Wed, 04 Oct 2017 21:21:09 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrCIsWRWlGSWpSXmKPExsXiVRusp3sw4Gq
	kwf9nqhbft0xmcmD0OPzhCksAYxRrZl5SfkUCa0b3jg7mgtViFXOvTGFvYDwo1MXIxSEkMINR
	YufTDawgDovAKxaJ38cnMYE4EgL9rBIb5xxj72LkBHKyJA7dPMECYadJNP2ayAhhV0ms61vAB
	mILCShJbN2wlBli7F9GifbJy8Aa2AS0JPY0zAebKiIwS0Ti1useNhCHWeAMk8TxvpNAyzk4hA
	WcJQ7O1QBpYBFQlZj/YRsTiM0rYCmxbPomVohtJhIPj1wDszmB4kdOvGGG2Gwh0XrmPtMERsE
	FjAyrGDWKU4vKUot0DQ30kooy0zNKchMzc4A8Y73c1OLixPTUnMSkYr3k/NxNjMCwq2dgYNzB
	uK3L+RCjJAeTkijvJt+rkUJ8SfkplRmJxRnxRaU5qcWHGGU4OJQkeB/6A+UEi1LTUyvSMnOAE
	QCTluDgURLh5QdGgRBvcUFibnFmOkTqFKMxx749t/4wcXTcvPuHSYglLz8vVUqcdzPIJAGQ0o
	zSPLhBsMi8xCgrJczLyMDAIMRTkFqUm1mCKv+KUZyDUUmYVxZkIU9mXgncvldApzABnTKn6Qr
	IKSWJCCmpBsZjUWdclLfsU1in6bZmyowfPEJLsl6qiNgnPf8SaVd2h19FRV8i1+ODuLDyT8vi
	TwXtvy9di9oV3pETNX0v/5qb5x7e3qhyModrufyrGYrvLVaKGQoYOkhU89+RreR1CfBUXrrtw
	alrv97Nyb+wl/GxZvr2op/yV3YvdrnTsvR3VPyM5SVuTwWVWIozEg21mIuKEwGqMzVdxwIAAA
	==
X-Env-Sender: thgarnie@google.com
X-Msg-Ref: server-6.tower-31.messagelabs.com!1507152064!79405968!1
X-Originating-IP: [74.125.83.46]
X-SpamReason: No, hits=0.0 required=7.0 tests=
X-StarScan-Received: 
X-StarScan-Version: 9.4.45; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 57581 invoked from network); 4 Oct 2017 21:21:05 -0000
Received: from mail-pg0-f46.google.com (HELO mail-pg0-f46.google.com)
	(74.125.83.46)
	by server-6.tower-31.messagelabs.com with AES128-GCM-SHA256 encrypted
	SMTP; 4 Oct 2017 21:21:05 -0000
Received: by mail-pg0-f46.google.com with SMTP id b11so7159738pgn.12
	for <xen-devel@lists.xenproject.org>;
	Wed, 04 Oct 2017 14:21:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=FZn2BTTeAA7a+eAtuF7mg0mBm8diQ6NMr/yKYolawbw=;
	b=PcBoWG/Kt1iUfj8SRhQPJ1t4CJJnAtOWFvHJYcNjI5OjPHqdWtFCFZcf3FPHn6x7QY
	7DzLSa94ugLwaIv3lFX4bSGdfDMT7bAPzZ1Q0zyjyE+FXhTVvJkUCEHcHEDT6s2XTOHZ
	xZGo1wvfTL9uX9k9k9bT8handeNraitxDrEi9+yVQsMhhhsA4O7WPIlzadOeHGBiTejY
	ntyjMx8LOwEjV14z33ompITrP8jSZdvRFZZzSmv+6TZOGOWGyKpEzyDBv9jAj2njPxQy
	a3KZJd2hfPr4/i8bjgQLQyZ6T45+yoCaaMGieCB455zCfgalwJgHUTBr0K7boKjgZFaG
	f36g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=FZn2BTTeAA7a+eAtuF7mg0mBm8diQ6NMr/yKYolawbw=;
	b=NQ2q5U7tkXuBtYQln5thVH4vtHVjYmgjN/RfHWutHs9HX+Oj1LZ2tJYqph/7l755AA
	RHueBDPboJhGQWCgFyOxBwCS7AQ2sIG9Xoh99nspyTp35uw770KfQB6nHn1y71sjB28d
	SSnIHJPXxeYrQv6QrIncEv10e6nPvgxId/MhOx6Gq30ptfbglQYTqXEExO3UKSqhu0Qw
	RNma/1Au3onQqfKgn9efjYuQF+e9GuJz9IznovHyz0s5ElzgPG0kXxpMq8rUswQytJXm
	sEgbcftPfYS4cuIYqEpMBXDetuxkWVHO+z6iMpG/draFNG5UFzOz7ebZcxY4P9YfejLJ
	im3Q==
X-Gm-Message-State: AHPjjUjDwm8joVBT9jxljLLah5SLjtJuHVhZEJ77GdxNfJRU6FJ6Sq32
	8ydVhEx1njG4fBuUW7yYW1tmPw==
X-Google-Smtp-Source: 
 AOwi7QD0CJPXEo9jc3CuWd8aOkjiVIgOLGVJx6ZJ8OO06ZYBhHG0SaAuQIeoS1nNkHiEfyX7ulDkeg==
X-Received: by 10.84.240.196 with SMTP id l4mr20874504plt.399.1507152063367;
	Wed, 04 Oct 2017 14:21:03 -0700 (PDT)
Received: from skynet.sea.corp.google.com ([172.31.92.33])
	by smtp.gmail.com with ESMTPSA id
	s68sm30204019pfd.72.2017.10.04.14.21.01
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Wed, 04 Oct 2017 14:21:02 -0700 (PDT)
From: Thomas Garnier <thgarnie@google.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
	"David S . Miller" <davem@davemloft.net>,
	Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H . Peter Anvin" <hpa@zytor.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Thomas Garnier <thgarnie@google.com>,
	Arnd Bergmann <arnd@arndb.de>, Kees Cook <keescook@chromium.org>,
	Matthias Kaehlcke <mka@chromium.org>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Andy Lutomirski <luto@kernel.org>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Borislav Petkov <bp@suse.de>, "Rafael J . Wysocki" <rjw@rjwysocki.net>,
	Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>,
	Juergen Gross <jgross@suse.com>, Chris Wright <chrisw@sous-sol.org>,
	Alok Kataria <akataria@vmware.com>,
	Rusty Russell <rusty@rustcorp.com.au>,
	Tejun Heo <tj@kernel.org>, Christoph Lameter <cl@linux.com>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	Alexey Dobriyan <adobriyan@gmail.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Paul Gortmaker <paul.gortmaker@windriver.com>,
	Chris Metcalf <cmetcalf@mellanox.com>,
	"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
	Nicolas Pitre <nicolas.pitre@linaro.org>,
	Borislav Petkov <bp@alien8.de>,
	"Luis R . Rodriguez" <mcgrof@kernel.org>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Christopher Li <sparse@chrisli.org>,
	Steven Rostedt <rostedt@goodmis.org>, Jason Baron <jbaron@akamai.com>,
	Dou Liyang <douly.fnst@cn.fujitsu.com>,
	"Rafael J . Wysocki" <rafael.j.wysocki@intel.com>,
	Mika Westerberg <mika.westerberg@linux.intel.com>,
	Lukas Wunner <lukas@wunner.de>,
	Masahiro Yamada <yamada.masahiro@socionext.com>,
	Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Markus Trippelsdorf <markus@trippelsdorf.de>,
	Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Joerg Roedel <joro@8bytes.org>, Rik van Riel <riel@redhat.com>,
	David Howells <dhowells@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Waiman Long <longman@redhat.com>, Kyle Huey <me@kylehuey.com>,
	Andrey Ryabinin <aryabinin@virtuozzo.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Matthew Wilcox <mawilcox@microsoft.com>,
	Michal Hocko <mhocko@suse.com>, Peter Foley <pefoley2@pefoley.com>,
	Paul Bolle <pebolle@tiscali.nl>, Jiri Kosina <jkosina@suse.cz>,
	Rob Landley <rob@landley.net>, "H . J . Lu" <hjl.tools@gmail.com>,
	Baoquan He <bhe@redhat.com>,
	=?UTF-8?q?Jan=20H=20=2E=20Sch=C3=B6nherr?= <jschoenh@amazon.de>,
	Daniel Micay <danielmicay@gmail.com>
Date: Wed,  4 Oct 2017 14:19:46 -0700
Message-Id: <20171004212003.28296-11-thgarnie@google.com>
X-Mailer: git-send-email 2.14.2.920.gcf0c67979c-goog
In-Reply-To: <20171004212003.28296-1-thgarnie@google.com>
References: <20171004212003.28296-1-thgarnie@google.com>
Cc: linux-arch@vger.kernel.org, kvm@vger.kernel.org, linux-pm@vger.kernel.org,
	x86@kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
	virtualization@lists.linux-foundation.org, linux-sparse@vger.kernel.org,
	linux-crypto@vger.kernel.org, kernel-hardening@lists.openwall.com,
	xen-devel@lists.xenproject.org
Subject: [Xen-devel] [RFC v3 10/27] x86/boot/64: Adapt assembly for PIE
	support
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.

Early at boot, the kernel is mapped at a temporary address while preparing
the page table. To know the changes needed for the page table with KASLR,
the boot code calculate the difference between the expected address of the
kernel and the one chosen by KASLR. It does not work with PIE because all
symbols in code are relatives. Instead of getting the future relocated
virtual address, you will get the current temporary mapping. The solution
is using global variables that will be relocated as expected.

Position Independent Executable (PIE) support will allow to extended the
KASLR randomization range below the -2G memory limit.

Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
 arch/x86/kernel/head_64.S | 26 ++++++++++++++++++++------
 1 file changed, 20 insertions(+), 6 deletions(-)

diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
index 42e32c2e51bb..32d1899f48df 100644
--- a/arch/x86/kernel/head_64.S
+++ b/arch/x86/kernel/head_64.S
@@ -86,8 +86,21 @@ startup_64:
 	popq	%rsi
 
 	/* Form the CR3 value being sure to include the CR3 modifier */
-	addq	$(early_top_pgt - __START_KERNEL_map), %rax
+	addq    _early_top_pgt_offset(%rip), %rax
 	jmp 1f
+
+	/*
+	 * Position Independent Code takes only relative references in code
+	 * meaning a global variable address is relative to RIP and not its
+	 * future virtual address. Global variables can be used instead as they
+	 * are still relocated on the expected kernel mapping address.
+	 */
+	.align 8
+_early_top_pgt_offset:
+	.quad early_top_pgt - __START_KERNEL_map
+_init_top_offset:
+	.quad init_top_pgt - __START_KERNEL_map
+
 ENTRY(secondary_startup_64)
 	UNWIND_HINT_EMPTY
 	/*
@@ -116,7 +129,7 @@ ENTRY(secondary_startup_64)
 	popq	%rsi
 
 	/* Form the CR3 value being sure to include the CR3 modifier */
-	addq	$(init_top_pgt - __START_KERNEL_map), %rax
+	addq    _init_top_offset(%rip), %rax
 1:
 
 	/* Enable PAE mode, PGE and LA57 */
@@ -131,7 +144,7 @@ ENTRY(secondary_startup_64)
 	movq	%rax, %cr3
 
 	/* Ensure I am executing from virtual addresses */
-	movq	$1f, %rax
+	movabs  $1f, %rax
 	jmp	*%rax
 1:
 	UNWIND_HINT_EMPTY
@@ -230,11 +243,12 @@ ENTRY(secondary_startup_64)
 	 *	REX.W + FF /5 JMP m16:64 Jump far, absolute indirect,
 	 *		address given in m16:64.
 	 */
-	pushq	$.Lafter_lret	# put return address on stack for unwinder
+	leaq	.Lafter_lret(%rip), %rax
+	pushq	%rax		# put return address on stack for unwinder
 	xorq	%rbp, %rbp	# clear frame pointer
-	movq	initial_code(%rip), %rax
+	leaq	initial_code(%rip), %rax
 	pushq	$__KERNEL_CS	# set correct cs
-	pushq	%rax		# target address in negative space
+	pushq	(%rax)		# target address in negative space
 	lretq
 .Lafter_lret:
 END(secondary_startup_64)