Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp289857ybm; Mon, 20 May 2019 16:25:26 -0700 (PDT) X-Google-Smtp-Source: APXvYqz/4/aeltIlvSGIJnaeAdk0i56ykF4FTl8r6FaARMo2P35I4z/wYMP1cX9TkRe8EUuqgaaA X-Received: by 2002:a63:9d83:: with SMTP id i125mr72449408pgd.229.1558394726835; Mon, 20 May 2019 16:25:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558394726; cv=none; d=google.com; s=arc-20160816; b=uZDM0H9IwLZg+tudGXcQn0E4XDpugVq267ojnXp8oNyYMpUJqkBwvL8TgzQMviY7LZ 8tprXtTWvEiZHkUjLCsTcCIBEXjZ0nQuU5FW2L5nSVZQVQ18PYvio/y6pwY/TeJy5Mv5 yR80JXaYZjWiSM+v8OZtABdsMTBDpexfA/kLdhxkNBV+AS49v6GtkogJmLmWQ/+tcO1O wXbhjGYeym4P3mOmV9dC1xyQm2aS8SGRyRYQIXeQhdM3reblLoKXkg1XM+po5SNmnYzX FuBk5YnDGETrMvjjO8J+kskGCfhBsjl/6N5YWrYMGix91lvB7CkoxNtBFKDcROCoqhoV q57w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=XFHn2CqQ9gIGiCfwRIFED96/AC2yUgVp/k9gB9+r5g4=; b=TAIdoD9KzWeLIk7pTtn2p6tFkvJGHSFNynUrTxF/I3+Y9pFmYZYR1LWjOaZt1Xz+Xw pvFEi/Fzlo8xVyM3SkvDDuxqk7WcJ5cvsZnUqxeVhmOQ4QdJMO1u8aZDp1orJL+hrNAD rdCNGMp0zcoXWtl+sMytXdoH5hme+LRxe2mPf/BBIhE+Ddjm+s4q+SERIsK21V6SWlA5 sH6N2sq2zygKkykht+EHCf3IYCnoEh70m9j08Kmoj9QOrmeSPw806AVya8RUvHuA0RTe 6DRe7uAVMUODyUn31p5wFOEk6SKTIefOTTX/AKdMCJBzQrlPYcLVTrX57QXy6YpNk6Zu GBfw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=OFj3iaOZ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u5si19265489pgc.472.2019.05.20.16.25.12; Mon, 20 May 2019 16:25:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=OFj3iaOZ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726703AbfETXYK (ORCPT + 99 others); Mon, 20 May 2019 19:24:10 -0400 Received: from mail-it1-f195.google.com ([209.85.166.195]:50275 "EHLO mail-it1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725941AbfETXYK (ORCPT ); Mon, 20 May 2019 19:24:10 -0400 Received: by mail-it1-f195.google.com with SMTP id i10so1909437ite.0 for ; Mon, 20 May 2019 16:24:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=XFHn2CqQ9gIGiCfwRIFED96/AC2yUgVp/k9gB9+r5g4=; b=OFj3iaOZ5a55OcwXkN+86bx61mb+3FqV2wabBSAGzwE20pCc5qkwj979pSL5Gslifl +iC/scKSpjmt8kaeRFV4EJ9dYJKeqD81EfLeDod9dCRscurIAo70YjYptk7/+jOJeyHl fB+eF4eIDyqqsvSOdHhKqOOVUWMHZqTcKvpGq5Iw2Ghf8Pg3bPuGyFN1RB9seQJYAdnw lD5mV5SHQLVWxTPf/DCac7OXGY7ABb9CrzZXn+BuLM7MomEYpmXXQeIfOaF0LMbZQVXR cbLj/EqbOIg7DERQzsAUYhdBCfME8nhFD/gBBsFSTQOP0zYbj2p2a8ewhPtI/TEEjeze hgwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=XFHn2CqQ9gIGiCfwRIFED96/AC2yUgVp/k9gB9+r5g4=; b=eL1HZhlXsZW0MU6PjbXqZwocVNQNcdNyNMR96nyhCY0jLg9z7gGHc1JwEF3uDmy2Sv GGHw39trrcSJQT4oeZd2h3C/8aAtOsKlHoSh+L97C3LkJEQxpRlsPW9aM4uSzjM5vFeE OmOCgQlaofb3bHvTfNo6/u8Iz6+LuHV6kyroXWszJLaPcNRD/uIfufezlLj3ZOa8tSIA NN1dSpwKMS1cTaWoGY9e3y1OL0O22YtBOi0PW74A4KocZI1bctRxDWmH9TVef20ff0fM XBzzXh4Aox9aCB6vvxy7x8KR2ZaE6CDzF2ub7EcLhEFJF3+blkKYxLss6Hz7q9ijD1ru vXrg== X-Gm-Message-State: APjAAAWkM8Q5B5kK+rJrrH/du0XfdSattQGLH1nHPs9kXuX6CYMp1qfF 0Qg8wOpFFoWkI5m/4HU7Bjpci2nMzT4GlG0rucWY0A== X-Received: by 2002:a02:ad09:: with SMTP id s9mr11578169jan.17.1558394649513; Mon, 20 May 2019 16:24:09 -0700 (PDT) MIME-Version: 1.0 References: <20190520231948.49693-1-thgarnie@chromium.org> <20190520231948.49693-3-thgarnie@chromium.org> In-Reply-To: <20190520231948.49693-3-thgarnie@chromium.org> From: Thomas Garnier Date: Mon, 20 May 2019 16:23:58 -0700 Message-ID: Subject: Re: [PATCH v7 02/12] x86: Use symbol name in jump table for PIE support To: Kernel Hardening Cc: Kristen Carlson Accardi , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , "the arch/x86 maintainers" , "Peter Zijlstra (Intel)" , Nadav Amit , Michael Ellerman , Masahiro Yamada , Ard Biesheuvel , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 20, 2019 at 4:20 PM Thomas Garnier wrote: > > From: Thomas Garnier > > Replace the %c constraint with %P. The %c is incompatible with PIE > because it implies an immediate value whereas %P reference a symbol. > Change the _ASM_PTR reference to .long for expected relocation size and > add a long padding to ensure entry alignment. > > Position Independent Executable (PIE) support will allow to extend the > KASLR randomization range below 0xffffffff80000000. > > Signed-off-by: Thomas Garnier > --- > arch/x86/include/asm/jump_label.h | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/include/asm/jump_label.h b/arch/x86/include/asm/jump_label.h > index 65191ce8e1cf..e47fad8ee632 100644 > --- a/arch/x86/include/asm/jump_label.h > +++ b/arch/x86/include/asm/jump_label.h > @@ -25,9 +25,9 @@ static __always_inline bool arch_static_branch(struct static_key *key, bool bran > ".pushsection __jump_table, \"aw\" \n\t" > _ASM_ALIGN "\n\t" > ".long 1b - ., %l[l_yes] - . \n\t" > - _ASM_PTR "%c0 + %c1 - .\n\t" > + _ASM_PTR "%P0 - .\n\t" > ".popsection \n\t" > - : : "i" (key), "i" (branch) : : l_yes); > + : : "X" (&((char *)key)[branch]) : : l_yes); > > return false; > l_yes: > @@ -42,9 +42,9 @@ static __always_inline bool arch_static_branch_jump(struct static_key *key, bool > ".pushsection __jump_table, \"aw\" \n\t" > _ASM_ALIGN "\n\t" > ".long 1b - ., %l[l_yes] - . \n\t" > - _ASM_PTR "%c0 + %c1 - .\n\t" > + _ASM_PTR "%P0 - .\n\t" > ".popsection \n\t" > - : : "i" (key), "i" (branch) : : l_yes); > + : : "X" (&((char *)key)[branch]) : : l_yes); > > return false; > l_yes: > -- > 2.21.0.1020.gf2820cf01a-goog > Realized I forgot to address a feedback from the previous iteration on this specific patch. Ignore it I will work to check if it can be remove on the next iteration. -- Thomas