Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp3300452rdg; Tue, 17 Oct 2023 10:11:03 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHI/NQz1pPOn3J/i7DjdbnUjcaAaloi8Zy2GEoEfBwMNNFj2ZPVj2JSsSF9/hzOpadoc8k6 X-Received: by 2002:a05:6358:9f85:b0:13c:eea2:d021 with SMTP id fy5-20020a0563589f8500b0013ceea2d021mr3107972rwb.9.1697562663286; Tue, 17 Oct 2023 10:11:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697562663; cv=none; d=google.com; s=arc-20160816; b=kuaP32kLIhv2f7eQCshSLO3bUlNJOEoBfp8W7u7PCD0LmiYMQVnCYEud7XfSAa2eCz khzd+ncuLc6NEDYkR63gkHxlP/mr5fhiN7gF099ofBroz5bDNPagGPDrVUXfrhHBbe8b Fwu/dth1EaFtCvppIvNNdT0MyDUyPIl/2lpWpswRMgZhTVsHTHa3JczofOA6iegvz6wS f5uu3Q3fLK869Gj43ceAj4IahGabGjYAjcKXm40ns5zTpZNgU37l5eYdEZ5fIX+DZgGM Oiuxd0vqcXBSwajTyRvf532UVH0ft+JeXkExLYf5BWpkVIm7kpNVy0p8yeiTzMg2a0uH aAFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:references:in-reply-to:user-agent:subject:cc:to:from :date:dkim-signature:dkim-filter; bh=/v3M2x69Cr/SCf4Q5j/CgswfLfSC36REEd2JtW8+rsY=; fh=xR/CU/XwtlKVAb4TLWTuw5BuelK5zVsiCsO3KTiaHb4=; b=HLt0zDVCnARFGZWx2cHa0INqiL9lPA7/t0RXjy4UxG8YvycujKKskTbuluC0R3PJAP OP7sYFEWoHyLwnbL2qEtVHgM64Ko4KwNlAZrkVDKHv8yvUEIDhbRm8Vochn1lGPTgSD/ SBQ8KjP+AUaD5vn6d42GFYQO+Q3190vSgKptsp8kxGBBcxKEo9yPJH97bc40d/Pt6GNf 7SDVJ4tSNsn6z48VZhygsnFZaVCw4vK12HM19zvzajxPTc0WimrEdzWZw2+JUzJl27CP 9Swa30AaV03R8XQ8V5rEnAV4DiIuoiLFB68oDC1A75GdIEevjM4R4C8VxX/bG3w8I1IT stOA== ARC-Authentication-Results: i=1; mx.google.com; dkim=temperror (no key for signature) header.i=@zytor.com header.s=2023101201 header.b=nt5K9f+n; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zytor.com Return-Path: Received: from pete.vger.email (pete.vger.email. [23.128.96.36]) by mx.google.com with ESMTPS id h184-20020a6383c1000000b00565f24af893si180974pge.22.2023.10.17.10.11.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Oct 2023 10:11:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) client-ip=23.128.96.36; Authentication-Results: mx.google.com; dkim=temperror (no key for signature) header.i=@zytor.com header.s=2023101201 header.b=nt5K9f+n; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zytor.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id 95DE48088540; Tue, 17 Oct 2023 10:10:39 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343881AbjJQRKb (ORCPT + 99 others); Tue, 17 Oct 2023 13:10:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38816 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235057AbjJQRKZ (ORCPT ); Tue, 17 Oct 2023 13:10:25 -0400 Received: from mail.zytor.com (unknown [IPv6:2607:7c80:54:3::138]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C659AB for ; Tue, 17 Oct 2023 10:10:21 -0700 (PDT) Received: from [IPv6:::1] ([172.58.89.53]) (authenticated bits=0) by mail.zytor.com (8.17.1/8.17.1) with ESMTPSA id 39HH9EBK4087569 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Tue, 17 Oct 2023 10:09:27 -0700 DKIM-Filter: OpenDKIM Filter v2.11.0 mail.zytor.com 39HH9EBK4087569 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zytor.com; s=2023101201; t=1697562573; bh=/v3M2x69Cr/SCf4Q5j/CgswfLfSC36REEd2JtW8+rsY=; h=Date:From:To:CC:Subject:In-Reply-To:References:From; b=nt5K9f+n2RZ0ct4/NQNT/SUbkrZivO2I9s8PW339u6rORZa3AcFBVibLlKA1p0OMv QVZSTJw+97unO5TyUc4Moj9PmvdIk8zKQucF/+mAsLHf6jVvxxCbY99qkWjyHB2VR0 dcHYB765eSFED01+Mndkw+ej8cEu2RHJNXdRorRt5AeeYMa62zDVTicP7ivEyUYYR5 DOKF1xH0snkGtJLWjdSA9+YaGdj7LToAJ4LIveoqbMqhuUs77TvlnqTvIxlPHTZfxZ lti/5Z6a2/abF6iCffEuuF7ozA4CkRXdY7MwwbxKiNY8Hl4UVhaAWx2tzxdnTS+62I Ys90ifzIVPJLA== Date: Tue, 17 Oct 2023 09:34:41 -0700 From: "H. Peter Anvin" To: Ingo Molnar , Hou Wenlong CC: linux-kernel@vger.kernel.org, Lai Jiangshan , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "maintainer:X86 ARCHITECTURE 32-BIT AND 64-BIT" , Josh Poimboeuf , Anshuman Khandual , Mike Rapoport , Pasha Tatashin Subject: =?US-ASCII?Q?Re=3A_=5BPATCH_RFC_1/7=5D_x86/head/64=3A_Mark_star?= =?US-ASCII?Q?tup=5Fgdt_and_startup=5Fgdt=5Fdescr_as_=5F=5Finitdata?= User-Agent: K-9 Mail for Android In-Reply-To: References: <20231017072311.GA46993@k08j02272.eu95sqa> Message-ID: <77B66FD0-ED28-4D3F-8D28-467AC4FCD00D@zytor.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Tue, 17 Oct 2023 10:10:39 -0700 (PDT) On October 17, 2023 6:02:27 AM PDT, Ingo Molnar wrote: > >* Hou Wenlong wrote: > >> Hi Ingo, >>=20 >> I have sent patch #6 separately for x86=2E Do you have any ideas about= =20 >> building the head code as PIE? Should I resend the patchset for the PIE= =20 >> feature? > >So I had a brief look, and despite reading 0/43 it was unclear to me what= =20 >the precise advantages of building as PIE are=2E > >Ie=2E could you please outline: > > - *Exactly* how much PIE based KASLR randomization would gain us in term= s=20 > of randomization granularity and effective number of randomization bit= s,=20 > compared to the current status quo? > > - How is code generation changed at the instruction level - how does=20 > kernel size change and what are the micro-advantages/disadvantages? > > - Are there any other advantages/motivation than improving KASLR? > >Ie=2E before asking us to apply ~50 patches and add a whole new build mod= e=20 >and the maintainance overhead to support it into infinity and beyond, cou= ld=20 >you please offer a better list of pros and cons? > >Thanks, > > Ingo If the goal is better KASLR, then what we really should spend time on was = Kristen Accardi's fgKASLR patches, which not only exponentially(!) increase= s the randomization entrophy but also *actually* avoids the "one leak and i= t's over" problem=2E However, she gave up on it because she got no interest, despite working co= de=2E