Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1061943ybl;
        Wed, 4 Dec 2019 16:11:04 -0800 (PST)
X-Google-Smtp-Source: APXvYqx7JD72KSkMOzwijjpXWyf09NU6qjqeGwaehubx08KbeYA4BMxfupeI/Kh44ZXl351t0DHt
X-Received: by 2002:aca:de88:: with SMTP id v130mr5065474oig.108.1575504664621;
        Wed, 04 Dec 2019 16:11:04 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1575504664; cv=none;
        d=google.com; s=arc-20160816;
        b=U9Kw+DbI55cCtKhfPIdwW4tzdeJr+TqGsdTa11xltp4LamxVDNdcb+fP12OirjXmCz
         8Mmpdxso7PtuGuNXIMR77WL3kT+wO4GWikuYcpTGoN5NAhu2xtUsd26cVKZK6R1h0Z+m
         Y/oGUHMNmVmz+PBngIwJsFUBzc3x1VsiyP4AKoh87LJww/CTFYZPxy+kn+OtVnHP7zUw
         Y+ESlOcKoAXO97bc3gMUwvjAHv/bTa6ymRjRSXPoLLjxIcni3IWrTc/KI5FpdHGBJi6s
         Z0qIEK866GTvdPUResHl50Y8cBYJUuCRIcqvGszoZciDzpuE7OC+YHgR0IaAflJFl4FO
         hCbQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=sl9+RtgVbb7KwtMxDxQLj2F2VAZGCx1aAKzBbfOxt1g=;
        b=wE/FqIDuEHn26Fzl+sAPr/Pq/oH7PyX7t8dH/PrDZliB9kAoGmNLezJ2E7XfilkwVH
         OQSiOR27AqwW8oQJZkPjWPP588YXLgQKkTyec6Z4mLhChC5cb88X6YipTCW511yAVOb0
         uLz8wA2vhYH4WilJTD9hXo4Yjy30s+fI/PDcgPnkd7Ajrb7J/KXuYWpavtE5SUHxRPxa
         da6K9zOKIHgLfFsAe6L7b7xBIB1TSbb+VlD+uSfUeEXHNzcpG82ljy3M8uyWfRT7x/Wv
         lHw6Dmo33H9NMx338DWRV6YYdXXyfZj6uMBOS5HGTa8I1pObJtx6Yp4GxVeJWSWJFcpC
         MAMA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=ZJRP8vF3;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c1si3800202oto.91.2019.12.04.16.10.52;
        Wed, 04 Dec 2019 16:11:04 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=ZJRP8vF3;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728609AbfLEAKQ (ORCPT <rfc822;tluu11sec@gmail.com> + 99 others);
        Wed, 4 Dec 2019 19:10:16 -0500
Received: from mail-pj1-f67.google.com ([209.85.216.67]:44401 "EHLO
        mail-pj1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728576AbfLEAKP (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 4 Dec 2019 19:10:15 -0500
Received: by mail-pj1-f67.google.com with SMTP id w5so484167pjh.11
        for <linux-kernel@vger.kernel.org>; Wed, 04 Dec 2019 16:10:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=sl9+RtgVbb7KwtMxDxQLj2F2VAZGCx1aAKzBbfOxt1g=;
        b=ZJRP8vF30U0k7vaqJoBuANMFiYYfPxKnryHE+msf40PIzZ2XSlMmsYPF0mGufSJdUR
         4H2AxF8qdpgOFyXbO2LGTs5xyhXmVdZWKtNq5VikWN//N+UtZBGPCJGRg0Anl75AVr85
         uHT83t8RIonezj2yYKWA+eGP1srhqMzW/Z7Ys=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=sl9+RtgVbb7KwtMxDxQLj2F2VAZGCx1aAKzBbfOxt1g=;
        b=oXvlUMIXo2vmzKLMprLKuUzspTrYmNIUiqweULUG0N+wCokV+6+W3I4mFLjUPIqMp3
         UrOsGA6gfAPD1GibiJrw0BKkgdBpVH223NLc5HNR7Gr7LSTcW3Avuj1IThUi4IJL/6iO
         RO0SlBHBSJJ7J8tbK37BCud6U0mBTpyFWeTwrBabPf0lo/DfxWmSbqEJG5xXWPv738z/
         Gm2lE+LEUKRki29Btc1oqDuNejmmECTgKg2PGEiJ31ZmG1j2tdzn3P2vnlIYkEvaZK7+
         B8DlJgQqW2nLK7ARXSVOSm8PXj5jQEwpR7sq7YvgdBl0mIxHVLQE1qAXwe31Jl+K9OsB
         WlAA==
X-Gm-Message-State: APjAAAVfVssnP/5kNJtokNRADo4xV6LvMgtw1GQwq9PrF7bQqYGCz0Sx
        LHrw2+AG28GAK0lfffXueTQX7A==
X-Received: by 2002:a17:902:d881:: with SMTP id b1mr6107230plz.170.1575504615218;
        Wed, 04 Dec 2019 16:10:15 -0800 (PST)
Received: from thgarnie.kir.corp.google.com ([2620:0:1008:1100:d6ba:ac27:4f7b:28d7])
        by smtp.gmail.com with ESMTPSA id 73sm8422303pgc.13.2019.12.04.16.10.14
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 04 Dec 2019 16:10:14 -0800 (PST)
From:   Thomas Garnier <thgarnie@chromium.org>
To:     kernel-hardening@lists.openwall.com
Cc:     kristen@linux.intel.com, keescook@chromium.org,
        Thomas Garnier <thgarnie@chromium.org>,
        Andy Lutomirski <luto@kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>, x86@kernel.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH v10 04/11] x86/entry/64: Adapt assembly for PIE support
Date:   Wed,  4 Dec 2019 16:09:41 -0800
Message-Id: <20191205000957.112719-5-thgarnie@chromium.org>
X-Mailer: git-send-email 2.24.0.393.g34dc348eaf-goog
In-Reply-To: <20191205000957.112719-1-thgarnie@chromium.org>
References: <20191205000957.112719-1-thgarnie@chromium.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.

Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0xffffffff80000000.

Signed-off-by: Thomas Garnier <thgarnie@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
---
 arch/x86/entry/entry_64.S | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index 76942cbd95a1..f14363625f4b 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -1329,7 +1329,8 @@ SYM_CODE_START_LOCAL(error_entry)
 	movl	%ecx, %eax			/* zero extend */
 	cmpq	%rax, RIP+8(%rsp)
 	je	.Lbstep_iret
-	cmpq	$.Lgs_change, RIP+8(%rsp)
+	leaq	.Lgs_change(%rip), %rcx
+	cmpq	%rcx, RIP+8(%rsp)
 	jne	.Lerror_entry_done_lfence
 
 	/*
@@ -1529,10 +1530,10 @@ SYM_CODE_START(nmi)
 	 * resume the outer NMI.
 	 */
 
-	movq	$repeat_nmi, %rdx
+	leaq	repeat_nmi(%rip), %rdx
 	cmpq	8(%rsp), %rdx
 	ja	1f
-	movq	$end_repeat_nmi, %rdx
+	leaq	end_repeat_nmi(%rip), %rdx
 	cmpq	8(%rsp), %rdx
 	ja	nested_nmi_out
 1:
@@ -1586,7 +1587,8 @@ nested_nmi:
 	pushq	%rdx
 	pushfq
 	pushq	$__KERNEL_CS
-	pushq	$repeat_nmi
+	leaq	repeat_nmi(%rip), %rdx
+	pushq	%rdx
 
 	/* Put stack back */
 	addq	$(6*8), %rsp
@@ -1625,7 +1627,11 @@ first_nmi:
 	addq	$8, (%rsp)	/* Fix up RSP */
 	pushfq			/* RFLAGS */
 	pushq	$__KERNEL_CS	/* CS */
-	pushq	$1f		/* RIP */
+	pushq	$0		/* Future return address */
+	pushq	%rdx		/* Save RAX */
+	leaq	1f(%rip), %rdx	/* RIP */
+	movq    %rdx, 8(%rsp)   /* Put 1f on return address */
+	popq	%rdx		/* Restore RAX */
 	iretq			/* continues at repeat_nmi below */
 	UNWIND_HINT_IRET_REGS
 1:
-- 
2.24.0.393.g34dc348eaf-goog