Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 23 May 2018 12:54:07 -0700
From: Thomas Garnier <thgarnie@...gle.com>
To: Herbert Xu <herbert@...dor.apana.org.au>,
	"David S . Miller" <davem@...emloft.net>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H . Peter Anvin" <hpa@...or.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Josh Poimboeuf <jpoimboe@...hat.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Thomas Garnier <thgarnie@...gle.com>,
	Philippe Ombredanne <pombredanne@...b.com>,
	Kate Stewart <kstewart@...uxfoundation.org>,
	Arnaldo Carvalho de Melo <acme@...hat.com>,
	Yonghong Song <yhs@...com>,
	Andrey Ryabinin <aryabinin@...tuozzo.com>,
	Kees Cook <keescook@...omium.org>,
	Tom Lendacky <thomas.lendacky@....com>,
	"Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>,
	Andy Lutomirski <luto@...nel.org>,
	Dominik Brodowski <linux@...inikbrodowski.net>,
	Borislav Petkov <bp@...en8.de>,
	Borislav Petkov <bp@...e.de>,
	"Rafael J . Wysocki" <rjw@...ysocki.net>,
	Len Brown <len.brown@...el.com>,
	Pavel Machek <pavel@....cz>,
	Juergen Gross <jgross@...e.com>,
	Alok Kataria <akataria@...are.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Jan Kiszka <jan.kiszka@...mens.com>,
	Tejun Heo <tj@...nel.org>,
	Christoph Lameter <cl@...ux.com>,
	Dennis Zhou <dennisszhou@...il.com>,
	Boris Ostrovsky <boris.ostrovsky@...cle.com>,
	Alexey Dobriyan <adobriyan@...il.com>,
	Masami Hiramatsu <mhiramat@...nel.org>,
	Cao jin <caoj.fnst@...fujitsu.com>,
	Francis Deslauriers <francis.deslauriers@...icios.com>,
	"Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>,
	Nicolas Pitre <nicolas.pitre@...aro.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Randy Dunlap <rdunlap@...radead.org>,
	"Luis R . Rodriguez" <mcgrof@...nel.org>,
	Arnd Bergmann <arnd@...db.de>,
	Christopher Li <sparse@...isli.org>,
	Jason Baron <jbaron@...mai.com>,
	Mika Westerberg <mika.westerberg@...ux.intel.com>,
	Lukas Wunner <lukas@...ner.de>,
	Dou Liyang <douly.fnst@...fujitsu.com>,
	Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
	Petr Mladek <pmladek@...e.com>,
	Masahiro Yamada <yamada.masahiro@...ionext.com>,
	Ingo Molnar <mingo@...nel.org>,
	Nicholas Piggin <npiggin@...il.com>,
	"H . J . Lu" <hjl.tools@...il.com>,
	Paolo Bonzini <pbonzini@...hat.com>,
	Radim Krčmář <rkrcmar@...hat.com>,
	Joerg Roedel <joro@...tes.org>,
	David Woodhouse <dwmw@...zon.co.uk>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	Rik van Riel <riel@...hat.com>,
	Jia Zhang <qianyue.zj@...baba-inc.com>,
	Ricardo Neri <ricardo.neri-calderon@...ux.intel.com>,
	Jonathan Corbet <corbet@....net>,
	Jan Beulich <JBeulich@...e.com>,
	Matthias Kaehlcke <mka@...omium.org>,
	Baoquan He <bhe@...hat.com>,
	Jan H . Schönherr <jschoenh@...zon.de>,
	Daniel Micay <danielmicay@...il.com>
Cc: x86@...nel.org,
	linux-crypto@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	linux-pm@...r.kernel.org,
	virtualization@...ts.linux-foundation.org,
	xen-devel@...ts.xenproject.org,
	linux-arch@...r.kernel.org,
	linux-sparse@...r.kernel.org,
	kvm@...r.kernel.org,
	linux-doc@...r.kernel.org,
	kernel-hardening@...ts.openwall.com
Subject: [PATCH v3 13/27] x86/boot/64: Build head64.c as mcmodel large when PIE is enabled

The __startup_64 function assumes all symbols have relocated addresses
instead of the current boot virtual address. PIE generated code favor
relative addresses making all virtual and physical address math incorrect.
If PIE is enabled, build head64.c as mcmodel large instead to ensure absolute
references on all memory access. Add a global __force_order variable required
when using a large model with read_cr* functions.

To build head64.c as mcmodel=large, disable the retpoline gcc flags.
This code is used at early boot and removed later, it doesn't need
retpoline mitigation.

Position Independent Executable (PIE) support will allow to extended the
KASLR randomization range below the -2G memory limit.

Signed-off-by: Thomas Garnier <thgarnie@...gle.com>
---
 arch/x86/kernel/Makefile | 6 ++++++
 arch/x86/kernel/head64.c | 3 +++
 2 files changed, 9 insertions(+)

diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 02d6f5cf4e70..0f6da4b216e0 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -22,6 +22,12 @@ CFLAGS_REMOVE_early_printk.o = -pg
 CFLAGS_REMOVE_head64.o = -pg
 endif
 
+ifdef CONFIG_X86_PIE
+# Remove PIE and retpoline flags that are incompatible with mcmodel=large
+CFLAGS_REMOVE_head64.o += -fPIE -mindirect-branch=thunk-extern -mindirect-branch-register
+CFLAGS_head64.o = -mcmodel=large
+endif
+
 KASAN_SANITIZE_head$(BITS).o				:= n
 KASAN_SANITIZE_dumpstack.o				:= n
 KASAN_SANITIZE_dumpstack_$(BITS).o			:= n
diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c
index 2d29e47c056e..fa661fb97127 100644
--- a/arch/x86/kernel/head64.c
+++ b/arch/x86/kernel/head64.c
@@ -64,6 +64,9 @@ EXPORT_SYMBOL(vmemmap_base);
 
 #define __head	__section(.head.text)
 
+/* Required for read_cr3 when building as PIE */
+unsigned long __force_order;
+
 static void __head *fixup_pointer(void *ptr, unsigned long physaddr)
 {
 	return ptr - (void *)_text + (void *)physaddr;
-- 
2.17.0.441.gb46fe60e1d-goog

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.