From patchwork Wed May 23 19:53:59 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Garnier <thgarnie@google.com>
X-Patchwork-Id: 10422261
Return-Path: 
 <kernel-hardening-return-13352-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	644016032A for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed, 23 May 2018 19:57:14 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 52DFE291D5
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed, 23 May 2018 19:57:14 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 46377291D8; Wed, 23 May 2018 19:57:14 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-12.8 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id 6D270291D5
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed, 23 May 2018 19:57:13 +0000 (UTC)
Received: (qmail 22325 invoked by uid 550); 23 May 2018 19:55:24 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 22207 invoked from network); 23 May 2018 19:55:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=3s79Pjt4HfIJ1fbjI8evoqRmv0PzIMVUnt0qvWHsoW0=;
	b=LF/aPYmp3Krk0q65fOMUWtBWelAopfY/dnvXGztrN7A4ZoBo1vxUTc3gpMARIkllwU
	7ja5cEfyPZESke0Y9tWfovf70PH7MnjN0O4p5U+Bysd/ZuxIdSVh0/QDcrluwUpqViAf
	pt39x6RLMsigk5yPg/t+23Co+L+4SjwJ9lArPmbElw+Ui7T6qVdrIqCyGz5VRi0qhGWB
	vJpeSqT4ticOxgvBk/WvU3yEV8GCswHJwEEytccCzn6eGBAWH4tPYpoztZSJpsp56L+d
	iVRlGEktvCr1IdSM3K9hGLutQuvBh1oV4uQu3KVUm7u106KQWo4PDoISDZKoc5/ALfeF
	tTAg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=3s79Pjt4HfIJ1fbjI8evoqRmv0PzIMVUnt0qvWHsoW0=;
	b=lntYVvOkRg9SKjEwIUS8WwcouKNCnjEdiXLzK2JDY1YOAiGjjl7nBukGso0hpuW0Ml
	Xv2TQz44QMFwVhyRkNj8ZgVGQ0bJZHDJiOCYe5gXdXR+6vRvzfab3Oue7TJ4HTdoRgnG
	vaUM8hdu2LxDsQ1DiBTS22ky5Vkk/eZBna+WWFHeMRHHfG+VqwA/7KJhjBxmM0AVZVYU
	cLyh/bgci6sE1LuH49gYto4FiA9qtyO47NfhMEzOSmt1ym8EvVW+4UN3+UR/cvHX7kNS
	5g5qWeqS/5o30ayJIgDSunDJOV2jEe7lt/p7ropHfs7I3J2IdZtt8tKmmf0D44Jhb7Ih
	BEXA==
X-Gm-Message-State: ALKqPwcF6OTeYk0+kB/p0H1rkA8Uyvng/T32PV6/rtHDCaBClIXhtWX+
	W1vQB/zLIa+kHrUpTE1zvGcCCQ==
X-Google-Smtp-Source: 
 AB8JxZrpbja8+B/1XlZ6TMyskpr2WulBDdXriAkSljtM0H//5XI2YEbvfA5hXWEbTEicKf3TGWtgKg==
X-Received: by 2002:a62:449c:: with SMTP id
	m28-v6mr4150851pfi.145.1527105308816;
	Wed, 23 May 2018 12:55:08 -0700 (PDT)
From: Thomas Garnier <thgarnie@google.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
	"David S . Miller" <davem@davemloft.net>,
	Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H . Peter Anvin" <hpa@zytor.com>, Peter Zijlstra <peterz@infradead.org>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Thomas Garnier <thgarnie@google.com>,
	Philippe Ombredanne <pombredanne@nexb.com>,
	Kate Stewart <kstewart@linuxfoundation.org>,
	Arnaldo Carvalho de Melo <acme@redhat.com>, Yonghong Song <yhs@fb.com>,
	Andrey Ryabinin <aryabinin@virtuozzo.com>,
	Kees Cook <keescook@chromium.org>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Andy Lutomirski <luto@kernel.org>,
	Dominik Brodowski <linux@dominikbrodowski.net>,
	Borislav Petkov <bp@alien8.de>, Borislav Petkov <bp@suse.de>,
	"Rafael J . Wysocki" <rjw@rjwysocki.net>,
	Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>,
	Juergen Gross <jgross@suse.com>, Alok Kataria <akataria@vmware.com>,
	Steven Rostedt <rostedt@goodmis.org>,
	Jan Kiszka <jan.kiszka@siemens.com>, Tejun Heo <tj@kernel.org>,
	Christoph Lameter <cl@linux.com>, Dennis Zhou <dennisszhou@gmail.com>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	Alexey Dobriyan <adobriyan@gmail.com>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	Cao jin <caoj.fnst@cn.fujitsu.com>,
	Francis Deslauriers <francis.deslauriers@efficios.com>,
	"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
	Nicolas Pitre <nicolas.pitre@linaro.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Randy Dunlap <rdunlap@infradead.org>,
	"Luis R . Rodriguez" <mcgrof@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
	Christopher Li <sparse@chrisli.org>, Jason Baron <jbaron@akamai.com>,
	Mika Westerberg <mika.westerberg@linux.intel.com>,
	Lukas Wunner <lukas@wunner.de>, Dou Liyang <douly.fnst@cn.fujitsu.com>,
	Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>,
	Petr Mladek <pmladek@suse.com>,
	Masahiro Yamada <yamada.masahiro@socionext.com>,
	Ingo Molnar <mingo@kernel.org>, Nicholas Piggin <npiggin@gmail.com>,
	"H . J . Lu" <hjl.tools@gmail.com>, Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Joerg Roedel <joro@8bytes.org>, David Woodhouse <dwmw@amazon.co.uk>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Rik van Riel <riel@redhat.com>, Jia Zhang <qianyue.zj@alibaba-inc.com>,
	Ricardo Neri <ricardo.neri-calderon@linux.intel.com>,
	Jonathan Corbet <corbet@lwn.net>, Jan Beulich <JBeulich@suse.com>,
	Matthias Kaehlcke <mka@chromium.org>, Baoquan He <bhe@redhat.com>,
	=?UTF-8?q?Jan=20H=20=2E=20Sch=C3=B6nherr?= <jschoenh@amazon.de>,
	Daniel Micay <danielmicay@gmail.com>
Cc: x86@kernel.org, linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org,
	virtualization@lists.linux-foundation.org,
	xen-devel@lists.xenproject.org, linux-arch@vger.kernel.org,
	linux-sparse@vger.kernel.org, kvm@vger.kernel.org,
	linux-doc@vger.kernel.org, kernel-hardening@lists.openwall.com
Subject: [PATCH v3 05/27] x86: relocate_kernel - Adapt assembly for PIE
	support
Date: Wed, 23 May 2018 12:53:59 -0700
Message-Id: <20180523195421.180248-6-thgarnie@google.com>
X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog
In-Reply-To: <20180523195421.180248-1-thgarnie@google.com>
References: <20180523195421.180248-1-thgarnie@google.com>
X-Virus-Scanned: ClamAV using ClamSMTP

Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.

Position Independent Executable (PIE) support will allow to extended the
KASLR randomization range below the -2G memory limit.

Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
 arch/x86/kernel/relocate_kernel_64.S | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S
index 11eda21eb697..a7227dfe1a2b 100644
--- a/arch/x86/kernel/relocate_kernel_64.S
+++ b/arch/x86/kernel/relocate_kernel_64.S
@@ -208,9 +208,11 @@ identity_mapped:
 	movq	%rax, %cr3
 	lea	PAGE_SIZE(%r8), %rsp
 	call	swap_pages
-	movq	$virtual_mapped, %rax
-	pushq	%rax
-	ret
+	jmp	*virtual_mapped_addr(%rip)
+
+	/* Absolute value for PIE support */
+virtual_mapped_addr:
+	.quad virtual_mapped
 
 virtual_mapped:
 	movq	RSP(%r8), %rsp