From: "H. Peter Anvin" Subject: Re: x86: PIE support and option to extend KASLR randomization Date: Sun, 27 Aug 2017 18:26:05 -0700 Message-ID: <728a9499-67e9-0828-bb7a-f9b441a220b5@zytor.com> References: <20170810172615.51965-1-thgarnie@google.com> <20170811124127.kkb5pnkljz4umxuj@gmail.com> <20170815075609.mmzbfwritjzvrpsn@gmail.com> <20170821143117.22sekggxizt3mhze@hirez.programming.kicks-ass.net> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Cc: Ingo Molnar , Herbert Xu , "David S . Miller" , Thomas Gleixner , Ingo Molnar , Josh Poimboeuf , Arnd Bergmann , Matthias Kaehlcke , Boris Ostrovsky , Juergen Gross , Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Joerg Roedel , Tom Lendacky , Andy Lutomirski , Borislav Petkov , Brian Gerst , "Kirill A . Shutemov" , "Rafael J . Wysocki" , Len Brown , Pavel Machek , Thomas Garnier Return-path: List-Post: List-Help: List-Unsubscribe: List-Subscribe: In-Reply-To: <20170821143117.22sekggxizt3mhze@hirez.programming.kicks-ass.net> Content-Language: en-US List-Id: linux-crypto.vger.kernel.org On 08/21/17 07:31, Peter Zijlstra wrote: > On Tue, Aug 15, 2017 at 07:20:38AM -0700, Thomas Garnier wrote: >> On Tue, Aug 15, 2017 at 12:56 AM, Ingo Molnar wrote: > >>> Have you considered a kernel with -mcmodel=small (or medium) instead of -fpie >>> -mcmodel=large? We can pick a random 2GB window in the (non-kernel) canonical >>> x86-64 address space to randomize the location of kernel text. The location of >>> modules can be further randomized within that 2GB window. >> >> -model=small/medium assume you are on the low 32-bit. It generates >> instructions where the virtual addresses have the high 32-bit to be >> zero. > > That's a compiler fail, right? Because the SDM states that for "CALL > rel32" the 32bit displacement is sign extended on x86_64. > No. It is about whether you can do something like: movl $variable, %eax /* rax = &variable; */ or addl %ecx,variable(,%rsi,4) /* variable[rsi] += ecx */