From: Daniel Micay Subject: Re: x86: PIE support and option to extend KASLR randomization Date: Wed, 16 Aug 2017 12:26:36 -0400 Message-ID: <1502900796.1302.52.camel@gmail.com> References: <20170810172615.51965-1-thgarnie@google.com> <20170811124127.kkb5pnkljz4umxuj@gmail.com> <20170815075609.mmzbfwritjzvrpsn@gmail.com> <20170816151235.oamkdva6cwpc4cex@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Cc: Herbert Xu , "David S . Miller" , Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Arnd Bergmann , Matthias Kaehlcke , Boris Ostrovsky , Juergen Gross , Paolo Bonzini , Radim =?UTF-8?Q?Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Tom Lendacky , Andy Lutomirski , Borislav Petkov , Brian Gerst , "Kirill A . Shutemov" , "Rafael J . Wysocki" , Len Brown , Pavel Machek , Tejun Heo , Christoph La To: Ingo Molnar , Thomas Garnier Return-path: List-Post: List-Help: List-Unsubscribe: List-Subscribe: In-Reply-To: <20170816151235.oamkdva6cwpc4cex@gmail.com> List-Id: linux-crypto.vger.kernel.org > How are these assumptions hardcoded by GCC? Most of the instructions > should be > relocatable straight away, as most call/jump/branch instructions are > RIP-relative. > > I.e. is there no GCC code generation mode where code can be placed > anywhere in the > canonical address space, yet call and jump distance is within 31 bits > so that the > generated code is fast? That's what PIE is meant to do. However, not disabling support for lazy linking (-fno-plt) / symbol interposition (-Bsymbolic) is going to cause it to add needless overhead. arm64 is using -pie -shared -Bsymbolic in arch/arm64/Makefile for their CONFIG_RELOCATABLE option. See 08cc55b2afd97a654f71b3bebf8bb0ec89fdc498.