Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp7155562ybi; Mon, 8 Jul 2019 15:46:18 -0700 (PDT) X-Google-Smtp-Source: APXvYqyLa82sabrZyAyjO4zzIVfJtL5IPthvvPoSpoFIoynawtcbXhxZXXdToJI1YnwzBRqiB7iM X-Received: by 2002:a17:902:8d97:: with SMTP id v23mr27258652plo.157.1562625978394; Mon, 08 Jul 2019 15:46:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562625978; cv=none; d=google.com; s=arc-20160816; b=aEiHhQIIg4EfqcxP2VjT1FuBqoAXffAvVMHodeOqPi/NW1YyUJ7iROS7PoZV58BScv j7y2yc9/2+TJq1n+wgsJg+DGzdoWdvxtpgOTKqKy65WGeqn9yOa3aFKTH+zwm/ECgSNP vX9OkzYDa1DUs4i7Iz8CbLzVL49E1PTwmF68Vxya+wtD+374oExr2PFHWnpK8xreHm1j dZBz8vvsimCJ4TENL56B7cexsQSrcJYTFyfjGcM1jPpH2yDVrLnUG5zkckuY9XxIku8h Ot282IrY1SThQmBrytRhCDj85o8CuymPlk9TohuxqrRX7utqRI4UPCiOhYbf0HoXETTR i+Sw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LHzYtWmSFmeH9NbFwqWKy4UztiT2kxra8C1X8yUmUfM=; b=TGzOf6221tygsf2MSJ4loBMK+Raph8ySYQC/zDiGqFr6r2lO3tIiA4ZKpWouYnP6RB eBgYpBGlhIVcUFts09rSKw1XeSvRdDlaeq+hXFNbLKGYD0KdL2tyZX4oPsGXZWX1qo/3 Qc8pE2ElUeNcuQg+dWyjnoyeYK4fi0dzI0iIjuNPVng28qh6rbe5yoUax3x6CEH6ts1Z jYONziTJyrspWP/TgRuV1XDVVQz27WbgxBfy0zeCeqjmNBfKh/WP0x0TWfyWhE8k1diA uZ5gGmsHozN4CDKb9Wb8j2NUDUkPOPDZQ7KSgjGw5fP64wrxPXe0Wx+OOBv8afMf1uw0 sOTw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=kV0yLxy2; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h3si19400824pld.32.2019.07.08.15.46.03; Mon, 08 Jul 2019 15:46:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=kV0yLxy2; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390084AbfGHRtc (ORCPT + 99 others); Mon, 8 Jul 2019 13:49:32 -0400 Received: from mail-pg1-f196.google.com ([209.85.215.196]:39059 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387759AbfGHRta (ORCPT ); Mon, 8 Jul 2019 13:49:30 -0400 Received: by mail-pg1-f196.google.com with SMTP id u17so7571792pgi.6 for ; Mon, 08 Jul 2019 10:49:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=LHzYtWmSFmeH9NbFwqWKy4UztiT2kxra8C1X8yUmUfM=; b=kV0yLxy2kpMjOwguVfayi7phtFRYimSGCn/j1wuyKjll3J3KBdoeR84Ly2P7THz2O6 1/X14UpK0enZCuSRXpOX9dzeN2DoreXYkCymkk0qGXCxmW+9ryMXHuu+eJ6Spe4Nu+kY c02Lz1ShzpKhcdhhBTYM7FKjKh8qL2F0m1R9Y= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=LHzYtWmSFmeH9NbFwqWKy4UztiT2kxra8C1X8yUmUfM=; b=kYVhmwF+KcwXFmvIx5Otx6ak9YMnZ7mCas03dw6uyNjbGH/qKXd2T5sm17/xhRswEo X1Ou1sgerFF/uxDtiIWWliaGNcVeCS8VTVTfG/PY1TNKQE37/YB3hEs+cdzhFy2Uc8U+ zMjQijVsIEjHl1VqML+tg/MxRDrShfhshcpjpx5Yc/JWw8vY/RmvAP9YN22UhvOB6Ilj hQfXT6c4Rl6hDri4t5nl+evTWlczpAJgkhKERRL9CO9JGl05VfEdWNU+TWL8AHD3VWVo ZSgf6S+bVqOEprcd+VxFrIY8QZr3BbOyaUgbJz0E8BJCRt7kQHH8YIx9YQ8xlNcGEfzg Q9YQ== X-Gm-Message-State: APjAAAW1boQBQsnPVWNpqxSPM6sQdNVCZE9Nm5kBH97LBUE3YSqliOIV hgAIjNIO9hChNv6yq3PqWVvGBdkTdPg= X-Received: by 2002:a17:90a:b115:: with SMTP id z21mr27246758pjq.64.1562608170298; Mon, 08 Jul 2019 10:49:30 -0700 (PDT) Received: from skynet.sea.corp.google.com ([2620:0:1008:1100:c4b5:ec23:d87b:d6d3]) by smtp.gmail.com with ESMTPSA id j1sm20151686pfe.101.2019.07.08.10.49.29 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Mon, 08 Jul 2019 10:49:29 -0700 (PDT) From: Thomas Garnier To: kernel-hardening@lists.openwall.com Cc: kristen@linux.intel.com, keescook@chromium.org, Thomas Garnier , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , x86@kernel.org, Greg Kroah-Hartman , Allison Randal , linux-kernel@vger.kernel.org Subject: [PATCH v8 03/11] x86: relocate_kernel - Adapt assembly for PIE support Date: Mon, 8 Jul 2019 10:48:56 -0700 Message-Id: <20190708174913.123308-4-thgarnie@chromium.org> X-Mailer: git-send-email 2.22.0.410.gd8fdbe21b5-goog In-Reply-To: <20190708174913.123308-1-thgarnie@chromium.org> References: <20190708174913.123308-1-thgarnie@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Change the assembly code to use only absolute references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0xffffffff80000000. Signed-off-by: Thomas Garnier Reviewed-by: Kees Cook --- arch/x86/kernel/relocate_kernel_64.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S index c51ccff5cd01..c72889b09840 100644 --- a/arch/x86/kernel/relocate_kernel_64.S +++ b/arch/x86/kernel/relocate_kernel_64.S @@ -206,7 +206,7 @@ identity_mapped: movq %rax, %cr3 lea PAGE_SIZE(%r8), %rsp call swap_pages - movq $virtual_mapped, %rax + movabsq $virtual_mapped, %rax pushq %rax ret -- 2.22.0.410.gd8fdbe21b5-goog