Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1062155ybl; Wed, 4 Dec 2019 16:11:20 -0800 (PST) X-Google-Smtp-Source: APXvYqw3bAWVp46jjaA9JV35ygZlsoT6j9mE0hkU59q5X48oqOrCqsC4vBlvJHpsPpRBzP9BRWmD X-Received: by 2002:aca:4183:: with SMTP id o125mr4721314oia.125.1575504680845; Wed, 04 Dec 2019 16:11:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575504680; cv=none; d=google.com; s=arc-20160816; b=Rhcp/rW8YZLnPDjN23D2zmYoLaufG3Cc2LGtpw+GcLuG8VQd93LqVZEtvZqi1pO0DG 7Qu5RcRJWvDgQXuR8ctvk1moChGoplzMjDj6ucppPbDBmuOpxjuzZDsJdlDtMR7lQ3iV 8XAHYfybu5rLtq8UaeV5riqxAE7wkJ3EYWQhkHTKJlbLAsZ4rp8/BNLkD8FwnxeVXqjI tionuWLhtQLgHExf8kmGptb/d8dgAwDCFOJUdpzIxqosW1ekxoZB/U00ZGGIYItJglDl w/51gOLuS7C38mNbi1lR/c9oJpRiKhO+wM55wPKDjhLY6tim0vav/SbbWpwndPAOJ/7C drgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Bvtp7PhLfJQZeHXECkSv3FhI1NErWyMTeUAZ1On118k=; b=L1BGS2bhaWvypKuEoNehG55YIccoYWgwyXkOv7Ci+hF1zH9L0+Gzh8R4DtJZ7UdvbX NlGuMzSkNRr50IqqlPaiYH2+cfLvA0zuL+6XlIplhSy1JxZ2oscQ+kO7XNzB5fOv24HW ZbBJg9kv0FbQYvo+zUHxtHqRsH91uQcZqGnBCV8mVIp9XHG5MOSJmmU5dGob/MA5WJGo mqcXH9lMkL/e9G1rjLyf74j4lhHntKIszpguKdQ4DsD65BEkQryO5EChrGrU03Qtictt ZMUkU6NhaIqEvpU4uXN6lVNJHKyeiC9jbqaf0J7N0+Ex3Ro5D66Q/GP4ZjrhKBrLbbf4 QmBw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=bEkm8Gxi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e10si3801682oti.61.2019.12.04.16.11.09; Wed, 04 Dec 2019 16:11:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=bEkm8Gxi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728688AbfLEAK3 (ORCPT + 99 others); Wed, 4 Dec 2019 19:10:29 -0500 Received: from mail-pf1-f194.google.com ([209.85.210.194]:43354 "EHLO mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728644AbfLEAKX (ORCPT ); Wed, 4 Dec 2019 19:10:23 -0500 Received: by mail-pf1-f194.google.com with SMTP id h14so655496pfe.10 for ; Wed, 04 Dec 2019 16:10:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Bvtp7PhLfJQZeHXECkSv3FhI1NErWyMTeUAZ1On118k=; b=bEkm8Gxis3TcLMrQK/O3kffjb1WvsBNakAbPX0QbwZ1pwClz/FKwdldVkZ8SoGnhuq Gu09c92s2HUmTipHCa6Qomcdu6FUNz+30JcUXlMMe8UgQDsNboOQc5uCn1QnbC/a9JwJ gkncFq9vbXJAS0ui3YNCs92RDjLvMC0X5jdpI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Bvtp7PhLfJQZeHXECkSv3FhI1NErWyMTeUAZ1On118k=; b=MEPR/a4w+TABhcj25t/3fcF+tWG9+uV24UMrJ+AD307Jy14mdytqMvJNKuIBfDlkFW rRoBB9JJn9Hro9SvkYhuFUu+Wu28d/94yvCh37JlSasLS5do0Z2PTDS08CAj+OK1Q4VO VbbBlcMyz39hI41yVsjjvan8gFT9MK3YxIZL76VGBZOIFQIsZ/IW2yILc4w7sB10W7d8 mM8/tG09d8izaT1ZMfjJavyJYZDsyU5X6QuOCRbwOir73s+L5zTi3bxy9vRtLu+njDFm gEqNYYHT1Pnskq5Fqpg8hdNMmTXAOoNRjB2F+D98DwD87q9XjAcou7FW+6do73Vm23Dl a+WQ== X-Gm-Message-State: APjAAAWaSNMT02jb+/XoMyfnacYAurwhigVnm0UHeFg/0FFaa6dqnfl0 /KdmsErgvx+GKaqvls55B3feew== X-Received: by 2002:aa7:8146:: with SMTP id d6mr5975089pfn.171.1575504622966; Wed, 04 Dec 2019 16:10:22 -0800 (PST) Received: from thgarnie.kir.corp.google.com ([2620:0:1008:1100:d6ba:ac27:4f7b:28d7]) by smtp.gmail.com with ESMTPSA id 73sm8422303pgc.13.2019.12.04.16.10.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 04 Dec 2019 16:10:22 -0800 (PST) From: Thomas Garnier To: kernel-hardening@lists.openwall.com Cc: kristen@linux.intel.com, keescook@chromium.org, Thomas Garnier , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , x86@kernel.org, Jiri Slaby , Juergen Gross , Peter Zijlstra , linux-kernel@vger.kernel.org Subject: [PATCH v10 08/11] x86/boot/64: Adapt assembly for PIE support Date: Wed, 4 Dec 2019 16:09:45 -0800 Message-Id: <20191205000957.112719-9-thgarnie@chromium.org> X-Mailer: git-send-email 2.24.0.393.g34dc348eaf-goog In-Reply-To: <20191205000957.112719-1-thgarnie@chromium.org> References: <20191205000957.112719-1-thgarnie@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Change the assembly code to use absolute reference for transition between address spaces and relative references when referencing global variables in the same address space. Ensure the kernel built with PIE references the correct addresses based on context. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0xffffffff80000000. Signed-off-by: Thomas Garnier Reviewed-by: Kees Cook --- arch/x86/kernel/head_64.S | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index 4bbc770af632..40a467f8e116 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -87,7 +87,8 @@ SYM_CODE_START_NOALIGN(startup_64) popq %rsi /* Form the CR3 value being sure to include the CR3 modifier */ - addq $(early_top_pgt - __START_KERNEL_map), %rax + movabs $(early_top_pgt - __START_KERNEL_map), %rcx + addq %rcx, %rax jmp 1f SYM_CODE_END(startup_64) @@ -119,7 +120,8 @@ SYM_CODE_START(secondary_startup_64) popq %rsi /* Form the CR3 value being sure to include the CR3 modifier */ - addq $(init_top_pgt - __START_KERNEL_map), %rax + movabs $(init_top_pgt - __START_KERNEL_map), %rcx + addq %rcx, %rax 1: /* Enable PAE mode, PGE and LA57 */ @@ -137,7 +139,7 @@ SYM_CODE_START(secondary_startup_64) movq %rax, %cr3 /* Ensure I am executing from virtual addresses */ - movq $1f, %rax + movabs $1f, %rax ANNOTATE_RETPOLINE_SAFE jmp *%rax 1: @@ -234,11 +236,12 @@ SYM_CODE_START(secondary_startup_64) * REX.W + FF /5 JMP m16:64 Jump far, absolute indirect, * address given in m16:64. */ - pushq $.Lafter_lret # put return address on stack for unwinder + movabs $.Lafter_lret, %rax + pushq %rax # put return address on stack for unwinder xorl %ebp, %ebp # clear frame pointer - movq initial_code(%rip), %rax + leaq initial_code(%rip), %rax pushq $__KERNEL_CS # set correct cs - pushq %rax # target address in negative space + pushq (%rax) # target address in negative space lretq .Lafter_lret: SYM_CODE_END(secondary_startup_64) -- 2.24.0.393.g34dc348eaf-goog