[RFC,0/2] arm64: use PIE code generation for KASLR kernel

Message ID	20220427171241.2426592-1-ardb@kernel.org (mailing list archive)
Headers	show Return-Path: <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org> From: Ard Biesheuvel <ardb@kernel.org> To: linux-arm-kernel@lists.infradead.org Cc: clang-built-linux@googlegroups.com, will@kernel.org, catalin.marinas@arm.com, keescook@chromium.org, mark.rutland@arm.com, nathan@kernel.org, Ard Biesheuvel <ardb@kernel.org>, Sami Tolvanen <samitolvanen@google.com>, Nick Desaulniers <ndesaulniers@google.com> Subject: [RFC PATCH 0/2] arm64: use PIE code generation for KASLR kernel Date: Wed, 27 Apr 2022 19:12:39 +0200 Message-Id: <20220427171241.2426592-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org> Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
Series	arm64: use PIE code generation for KASLR kernel \| expand [RFC,0/2] arm64: use PIE code generation for KASLR kernel [RFC,1/2] arm64: jump_label: use more precise asm constraints [RFC,2/2] arm64: kernel: switch to PIE code generation for relocatable kernels

Message ID

20220427171241.2426592-1-ardb@kernel.org (mailing list archive)

Headers

From: Ard Biesheuvel <ardb@kernel.org>
To: linux-arm-kernel@lists.infradead.org
Cc: clang-built-linux@googlegroups.com, will@kernel.org,
 catalin.marinas@arm.com, keescook@chromium.org, mark.rutland@arm.com,
 nathan@kernel.org, Ard Biesheuvel <ardb@kernel.org>,
 Sami Tolvanen <samitolvanen@google.com>,
 Nick Desaulniers <ndesaulniers@google.com>
Subject: [RFC PATCH 0/2] arm64: use PIE code generation for KASLR kernel
Date: Wed, 27 Apr 2022 19:12:39 +0200
Message-Id: <20220427171241.2426592-1-ardb@kernel.org>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Series

arm64: use PIE code generation for KASLR kernel | expand

Message

Ard Biesheuvel April 27, 2022, 5:12 p.m. UTC

Building the KASLR kernel without -fpie but linking it with -pie works
in practice, but it is not something that is explicitly supported by the
toolchains - it happens to work because the default 'small' code model
used by both GCC and Clang relies mostly on ADRP+ADD/LDR to generate
symbol references.

Code generation with -fpie used to result in unnecessary overhead, as
all references to symbols with external visibility use emitted via
entries in the GOT, resulting in an additional load from memory for each
global variable access.

However, we can now manage this my using 'hidden' visibility (which is
already used in places such as the decompressor or the EFI stub), so we
can enable -fpie code generation without the overhead.

This series is RFC given that, beyond switching to a better supported
combination of compiler and linker options, I am not aware of any
advantages or disadvantages of making this change.

Cc: Sami Tolvanen <samitolvanen@google.com>
Cc: Nick Desaulniers <ndesaulniers@google.com>

Ard Biesheuvel (2):
  arm64: jump_label: use more precise asm constraints
  arm64: kernel: switch to PIE code generation for relocatable kernels

 arch/arm64/Makefile                 | 4 ++++
 arch/arm64/include/asm/jump_label.h | 8 ++++----
 arch/arm64/kernel/vmlinux.lds.S     | 9 ++++-----
 3 files changed, 12 insertions(+), 9 deletions(-)