| Message ID | 20171011203027.11248-25-thgarnie@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show
Return-Path: <xen-devel-bounces@lists.xen.org> Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 6B2676037F for <patchwork-xen-devel@patchwork.kernel.org>; Wed, 11 Oct 2017 20:33:22 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6009528B37 for <patchwork-xen-devel@patchwork.kernel.org>; Wed, 11 Oct 2017 20:33:22 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5438E28B6A; Wed, 11 Oct 2017 20:33:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.6 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, RCVD_IN_DNSWL_MED, RCVD_IN_SORBS_SPAM, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 01BDF28B37 for <patchwork-xen-devel@patchwork.kernel.org>; Wed, 11 Oct 2017 20:33:22 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from <xen-devel-bounces@lists.xen.org>) id 1e2NfR-00017X-8h; Wed, 11 Oct 2017 20:31:49 +0000 Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from <thgarnie@google.com>) id 1e2NfP-00012r-QH for xen-devel@lists.xenproject.org; Wed, 11 Oct 2017 20:31:47 +0000 Received: from [193.109.254.147] by server-8.bemta-6.messagelabs.com id F2/A4-13910-3BF7ED95; Wed, 11 Oct 2017 20:31:47 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrBIsWRWlGSWpSXmKPExsVyMfTASt2N9fc iDTbsN7X4vmUykwOjx+EPV1gCGKNYM/OS8isSWDNmHZnHVjCXs6LxS2AD40b2LkYuDiGBGYwS Z87fYwVxWAResUgsn3EULCMh0M8qceHCe5YuRg4gJ0viwgbfLkZOIDNNovHRYiYIu1zi9v82d hBbSEBJYuuGpcwQU/8xSjx8fp8RJMEmoCWxp2E+E0hCROCEsMSmD78ZQRxmgTNMEsf7TrKCVA kL2Eg87J3OBLKNRUBVYuJcV5Awr4ClROvTpywQ2ywkjh07DGZzAsW/bzzEDLHZQmLlrPOsExg FFzAyrGLUKE4tKkst0jU01EsqykzPKMlNzMzRNTQw08tNLS5OTE/NSUwq1kvOz93ECAw5BiDY wfhpWcAhRkkOJiVR3ocx9yKF+JLyUyozEosz4otKc1KLDzHKcHAoSfBOrwPKCRalpqdWpGXmA IMfJi3BwaMkwtsEkuYtLkjMLc5Mh0idYrTkuHDn0h8mjgN7bgHJjpt3/zAJseTl56VKifOWgj QIgDRklObBjYNF6CVGWSlhXkagA4V4ClKLcjNLUOVfMYpzMCoJ8x4GmcKTmVcCt/UV0EFMQAe Jpt0BOagkESEl1cDo/cCXr0DJXoaHXYmzhzenukaG5VTxfPvyw9veT9vy+1m8hkLpnTc5v3/r lj8r/pOqcalYKT52rqpR3RWX+LTma8Vc3B6rHYy9We5/WnyLn/1ShfnvWQ8/XTnZfLNo075yt sUyUScPsBbY9y09vmnt3aBvkWemdX8pXc3gLSzWzGzSLXvhY6gSS3FGoqEWc1FxIgBGhaT0yw IAAA== X-Env-Sender: thgarnie@google.com X-Msg-Ref: server-12.tower-27.messagelabs.com!1507753904!109782258!1 X-Originating-IP: [209.85.192.169] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 9.4.45; banners=-,-,- X-VirusChecked: Checked Received: (qmail 50736 invoked from network); 11 Oct 2017 20:31:45 -0000 Received: from mail-pf0-f169.google.com (HELO mail-pf0-f169.google.com) (209.85.192.169) by server-12.tower-27.messagelabs.com with AES128-GCM-SHA256 encrypted SMTP; 11 Oct 2017 20:31:45 -0000 Received: by mail-pf0-f169.google.com with SMTP id b79so1952632pfk.5 for <xen-devel@lists.xenproject.org>; Wed, 11 Oct 2017 13:31:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ORejggQw3Wlwy4oK6MB/ZyUK6opE9gp/HnKwzidxVUI=; b=ieYDWGn0qH/zGw/CqqZd3fl9o3Z9s8pTqGeVIJy4jCaRCGbtX4x7M2CHmpdH49SSXt a7182nV3oAVsRkHPbZaLv2FiK6XqMVSUBSrL/58YFia0BAgun659x1cs1BHfhCFk0U0a GB1iOa2h40ncrGV3B8j8l9MhVEfHUathrlGUoorOwgxjEGSf1VBQ9HB+3bMz68pOrXrS eCyEWfLzDFNAqfyh4FnrC1jLGxxMndlScn+cffev74MZHku7nJnDB61u50Q4t5y8Jf7r qxHUvUBdjqHhxfSyqpcq6tvrlceSnxSyxGdqjEXW+llT0k7WgqaEGG57mL/gEumWffmY Vznw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ORejggQw3Wlwy4oK6MB/ZyUK6opE9gp/HnKwzidxVUI=; b=AZc0QGNON/EpNfn3f4fR+XQxHnu5eFgBQdfOOERz28kfLRVGBNO39G/J8mLWsBCRVY 5KHgdh09IP7nbY6VkvN3s7RuPtWhN4w/TrTUKjkwAYyfcWb39XJXBOxiUr2kj7Ynx6Td 4Qtua1cBIhDxIfWdOsjHMgdDz85WKAE3ZNBturHO+1czh/KYc7xf54U5GPKQyE4T6y04 Sjg3CmbLsJHe9Fqi48Psh6CaV2lQxfxxokS2VhdajpzmXvV0fVBDoYObI73KdeW3R5CR RmvpJd1VOzXigBML6EAArn17V/WODKiWKE9vfGiEZZql+8CKI0SQgGWRYQUQvpVvEmEb WVEw== X-Gm-Message-State: AMCzsaUIWjnehQ0Kkjk/Hlo0NB8mk6/VUnf65fJEOVzGtncgXaHFoUlR ovZDcr1sA6xwV6ycKbLikipyPA== X-Google-Smtp-Source: AOwi7QAHkXKO36woid4crVnsZdwD6NtiNVuUhw/Lc+0GKUP2Zo6fMS59diLwW/DJuaPjFCz8fuFejQ== X-Received: by 10.159.218.7 with SMTP id v7mr190315plp.322.1507753903640; Wed, 11 Oct 2017 13:31:43 -0700 (PDT) Received: from skynet.sea.corp.google.com ([172.31.92.33]) by smtp.gmail.com with ESMTPSA id n12sm20691913pfb.149.2017.10.11.13.31.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 11 Oct 2017 13:31:42 -0700 (PDT) From: Thomas Garnier <thgarnie@google.com> To: Herbert Xu <herbert@gondor.apana.org.au>, "David S . Miller" <davem@davemloft.net>, Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, "H . Peter Anvin" <hpa@zytor.com>, Peter Zijlstra <peterz@infradead.org>, Josh Poimboeuf <jpoimboe@redhat.com>, Arnd Bergmann <arnd@arndb.de>, Thomas Garnier <thgarnie@google.com>, Kees Cook <keescook@chromium.org>, Andrey Ryabinin <aryabinin@virtuozzo.com>, Matthias Kaehlcke <mka@chromium.org>, Tom Lendacky <thomas.lendacky@amd.com>, Andy Lutomirski <luto@kernel.org>, "Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>, Borislav Petkov <bp@suse.de>, "Rafael J . Wysocki" <rjw@rjwysocki.net>, Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>, Juergen Gross <jgross@suse.com>, Chris Wright <chrisw@sous-sol.org>, Alok Kataria <akataria@vmware.com>, Rusty Russell <rusty@rustcorp.com.au>, Tejun Heo <tj@kernel.org>, Christoph Lameter <cl@linux.com>, Boris Ostrovsky <boris.ostrovsky@oracle.com>, Paul Gortmaker <paul.gortmaker@windriver.com>, Andrew Morton <akpm@linux-foundation.org>, Alexey Dobriyan <adobriyan@gmail.com>, "Paul E . McKenney" <paulmck@linux.vnet.ibm.com>, Nicolas Pitre <nicolas.pitre@linaro.org>, Borislav Petkov <bp@alien8.de>, "Luis R . Rodriguez" <mcgrof@kernel.org>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Christopher Li <sparse@chrisli.org>, Steven Rostedt <rostedt@goodmis.org>, Jason Baron <jbaron@akamai.com>, Mika Westerberg <mika.westerberg@linux.intel.com>, Dou Liyang <douly.fnst@cn.fujitsu.com>, "Rafael J . Wysocki" <rafael.j.wysocki@intel.com>, Lukas Wunner <lukas@wunner.de>, Masahiro Yamada <yamada.masahiro@socionext.com>, Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Markus Trippelsdorf <markus@trippelsdorf.de>, Paolo Bonzini <pbonzini@redhat.com>, =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>, Joerg Roedel <joro@8bytes.org>, Rik van Riel <riel@redhat.com>, David Howells <dhowells@redhat.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>, Waiman Long <longman@redhat.com>, Kyle Huey <me@kylehuey.com>, Jonathan Corbet <corbet@lwn.net>, Michal Hocko <mhocko@suse.com>, Peter Foley <pefoley2@pefoley.com>, Paul Bolle <pebolle@tiscali.nl>, Jiri Kosina <jkosina@suse.cz>, "H . J . Lu" <hjl.tools@gmail.com>, Rob Landley <rob@landley.net>, Baoquan He <bhe@redhat.com>, =?UTF-8?q?Jan=20H=20=2E=20Sch=C3=B6nherr?= <jschoenh@amazon.de>, Daniel Micay <danielmicay@gmail.com> Date: Wed, 11 Oct 2017 13:30:24 -0700 Message-Id: <20171011203027.11248-25-thgarnie@google.com> X-Mailer: git-send-email 2.15.0.rc0.271.g36b669edcc-goog In-Reply-To: <20171011203027.11248-1-thgarnie@google.com> References: <20171011203027.11248-1-thgarnie@google.com> Cc: linux-arch@vger.kernel.org, kvm@vger.kernel.org, linux-pm@vger.kernel.org, x86@kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, virtualization@lists.linux-foundation.org, linux-sparse@vger.kernel.org, linux-crypto@vger.kernel.org, kernel-hardening@lists.openwall.com, xen-devel@lists.xenproject.org Subject: [Xen-devel] [PATCH v1 24/27] x86/mm: Make the x86 GOT read-only X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion <xen-devel.lists.xen.org> List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>, <mailto:xen-devel-request@lists.xen.org?subject=unsubscribe> List-Post: <mailto:xen-devel@lists.xen.org> List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help> List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xen.org?subject=subscribe> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org> X-Virus-Scanned: ClamAV using ClamSMTP |
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index e549bff87c5b..a2301c292e26 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -279,6 +279,17 @@ VMLINUX_SYMBOL(__end_ro_after_init) = .; #endif +#ifdef CONFIG_X86_PIE +#define RO_GOT_X86 \ + .got : AT(ADDR(.got) - LOAD_OFFSET) { \ + VMLINUX_SYMBOL(__start_got) = .; \ + *(.got); \ + VMLINUX_SYMBOL(__end_got) = .; \ + } +#else +#define RO_GOT_X86 +#endif + /* * Read only Data */ @@ -335,6 +346,7 @@ VMLINUX_SYMBOL(__end_builtin_fw) = .; \ } \ \ + RO_GOT_X86 \ TRACEDATA \ \ /* Kernel symbol table: Normal symbols */ \
The GOT is changed during early boot when relocations are applied. Make it read-only directly. This table exists only for PIE binary. Position Independent Executable (PIE) support will allow to extended the KASLR randomization range below the -2G memory limit. Signed-off-by: Thomas Garnier <thgarnie@google.com> --- include/asm-generic/vmlinux.lds.h | 12 ++++++++++++ 1 file changed, 12 insertions(+)