Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 29 May 2018 16:08:24 -0700
From: Thomas Garnier <thgarnie@...gle.com>
To: Christoph Lameter <cl@...ux.com>
Cc: Kernel Hardening <kernel-hardening@...ts.openwall.com>, 
	Dave Hansen <dave.hansen@...ux.intel.com>, Vitaly Kuznetsov <vkuznets@...hat.com>, 
	Tom Lendacky <thomas.lendacky@....com>, 
	Skip Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, 
	Skip Frederic Weisbecker <frederic@...nel.org>, Nicholas Piggin <npiggin@...il.com>, 
	Kees Cook <keescook@...omium.org>, Thomas Gleixner <tglx@...utronix.de>, 
	Ingo Molnar <mingo@...hat.com>, "H . Peter Anvin" <hpa@...or.com>, 
	"the arch/x86 maintainers" <x86@...nel.org>, Tejun Heo <tj@...nel.org>, Dennis Zhou <dennisszhou@...il.com>, 
	Boris Ostrovsky <boris.ostrovsky@...cle.com>, Juergen Gross <jgross@...e.com>, 
	Dominik Brodowski <linux@...inikbrodowski.net>, Borislav Petkov <bp@...e.de>, 
	Josh Poimboeuf <jpoimboe@...hat.com>, Andy Lutomirski <luto@...nel.org>, 
	Peter Zijlstra <peterz@...radead.org>, 
	"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>, Andrew Morton <akpm@...ux-foundation.org>, 
	Philippe Ombredanne <pombredanne@...b.com>, Greg KH <gregkh@...uxfoundation.org>, 
	Alexey Dobriyan <adobriyan@...il.com>, 
	Francis Deslauriers <francis.deslauriers@...icios.com>, 
	Masahiro Yamada <yamada.masahiro@...ionext.com>, Cao jin <caoj.fnst@...fujitsu.com>, 
	Masami Hiramatsu <mhiramat@...nel.org>, "Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>, 
	Nicolas Pitre <nicolas.pitre@...aro.org>, Randy Dunlap <rdunlap@...radead.org>, 
	LKML <linux-kernel@...r.kernel.org>, xen-devel <xen-devel@...ts.xenproject.org>
Subject: Re: [PATCH v4 14/27] x86/percpu: Adapt percpu for PIE support

On Tue, May 29, 2018 at 3:46 PM Christopher Lameter <cl@...ux.com> wrote:

> On Tue, 29 May 2018, Thomas Garnier wrote:

> > Perpcu uses a clever design where the .percu ELF section has a virtual
> > address of zero and the relocation code avoid relocating specific
> > symbols. It makes the code simple and easily adaptable with or without
> > SMP support.
> >
> > This design is incompatible with PIE because generated code always try
to
> > access the zero virtual address relative to the default mapping address.

> We always access relative to the "segment register".

> You can already change the segment register to relocate the per cpu
> sections arbitrarily since all per cpu "addresses" are offsets relative to
> the segment register. I am not sure what exactly you are trying to
> accomplish here?

When building with PIE, the compiler wants the code to be relocatable
anywhere in the 64-bit VA space. Instead of taking the segment register as
an immediate value, it takes it as VA that need to be relocated relative to
where the kernel is mapped. The per-cpu section VA is zero to create the
proper offset to the different variable. The kernel could be at the top of
the 64-bit VA space. PIE will try to create the delta between any VA and
zero and fail because segment register based operations do not have full
64-bit VA range. Does it make sense?

For PIE only, this change will remove the per-cpu section VA of zero. Now
the distance between the per-cpu symbol and the kernel base VA can fit in
the generated instructions.


> Maybe you need to explain it better?

I will try do explain it better on the next patch set.




-- 
Thomas

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.