From patchwork Tue Feb 14 19:42:56 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Garnier X-Patchwork-Id: 9572617 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id A171660573 for ; Tue, 14 Feb 2017 19:43:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9198328391 for ; Tue, 14 Feb 2017 19:43:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 85EF0283E1; Tue, 14 Feb 2017 19:43:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, RCVD_IN_DNSWL_MED, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 4D61A28391 for ; Tue, 14 Feb 2017 19:43:21 +0000 (UTC) Received: (qmail 14011 invoked by uid 550); 14 Feb 2017 19:43:18 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 13987 invoked from network); 14 Feb 2017 19:43:17 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=fkgdfxbO6Pf81+jqKZBzc48WryOmFj+SonreAcEy6NY=; b=DNz7Y7ayX/zpL8HgkXC3r8nNFILomu6pOmK8zR4igg5us/I+blRCzQ5S6MX8n66LD7 zW6wlCa0hOmQrly6fBWj4DOfBY6z2XCzOmWcuyB06YdBlAeWpBIXacxI3gJYCptAe9cq Ynk3a1RWrt3kh0mAAqj2hlu3Sy0WxsvdSOyTFlH9fhScbUvZETA3w/Yd/cQJiXsPbPeR QO3nORLMeMhkrqq+KgjGPpamk/BNq7wdK6d7wx4JlbWFq9fCEgFbkzicYkceQ1AAuaFM AJjn5THgnVNdlQkVLOPHsGKJLGKFsCZj6i4hdfjqy7Ibx5DhsuCHrSgDmiDCfds2060w e39A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=fkgdfxbO6Pf81+jqKZBzc48WryOmFj+SonreAcEy6NY=; b=VCCx20DjCOLp/JEDzspbQtd5op3IQuutagHydlWBO0qKtVGIYLV4PfZMT+a3gjUbPo e6NmFdxZ3q8ho/K6shmvRAux04BARvazciZ+9vYkCmmQkMY92DfjP1wGWKJHkXNSKAo1 v4XzUDHC4rNUTdlPWzwoaF16GzYgqjNrFelZaFti8hF5aB6IOP3mY0EHvp8JDY4Kiqcu LinrhsfQKpmo+eR/tqg3t41rRag/dxtRPkMgD77MtNrCiGjweyaQN+ClV1VmTI0oYjV/ LEJhGgsh55eDl5mSpCFJOlvlkUSj7VrmjpzyJY1iiUASSxKQRbe0FQU1NwJyxnbdRfyN shWw== X-Gm-Message-State: AMke39kbXiwOPkT4eSDU42mPwjb6IoJCq5cTWdxeNwK/pqM4H9E8YkoY6LCAF34TGxARYxHs X-Received: by 10.84.162.204 with SMTP id o12mr38640839plg.132.1487101385599; Tue, 14 Feb 2017 11:43:05 -0800 (PST) From: Thomas Garnier To: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Thomas Garnier , Kees Cook , Andy Lutomirski , Borislav Petkov , Paul Gortmaker , Andy Lutomirski , "Rafael J . Wysocki" , Len Brown , Pavel Machek , Jiri Kosina , Matt Fleming , Ard Biesheuvel , Boris Ostrovsky , Juergen Gross , Rusty Russell , Peter Zijlstra , Christian Borntraeger , "Luis R . Rodriguez" , He Chen , Brian Gerst , Stanislaw Gruszka , Arnd Bergmann , Adam Buchbinder , Dave Hansen , Vitaly Kuznetsov , Josh Poimboeuf , Tim Chen , Rik van Riel , Andi Kleen , Jiri Olsa , Michael Ellerman , Joerg Roedel , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-pm@vger.kernel.org, linux-efi@vger.kernel.org, xen-devel@lists.xenproject.org, lguest@lists.ozlabs.org, kvm@vger.kernel.org, kernel-hardening@lists.openwall.com Date: Tue, 14 Feb 2017 11:42:56 -0800 Message-Id: <20170214194259.75960-1-thgarnie@google.com> X-Mailer: git-send-email 2.11.0.483.g087da7b7c-goog Subject: [kernel-hardening] [PATCH v3 1/4] x86/mm: Adapt MODULES_END based on Fixmap section size X-Virus-Scanned: ClamAV using ClamSMTP This patch aligns MODULES_END to the beginning of the Fixmap section. It optimizes the space available for both sections. The address is pre-computed based on the number of pages required by the Fixmap section. It will allow GDT remapping in the Fixmap section. The current MODULES_END static address does not provide enough space for the kernel to support a large number of processors. Signed-off-by: Thomas Garnier --- Based on next-20170213 --- arch/x86/include/asm/fixmap.h | 8 ++++++++ arch/x86/include/asm/pgtable_64_types.h | 3 --- arch/x86/kernel/module.c | 1 + arch/x86/mm/dump_pagetables.c | 1 + arch/x86/mm/kasan_init_64.c | 1 + 5 files changed, 11 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/fixmap.h b/arch/x86/include/asm/fixmap.h index 8554f960e21b..20231189e0e3 100644 --- a/arch/x86/include/asm/fixmap.h +++ b/arch/x86/include/asm/fixmap.h @@ -132,6 +132,14 @@ enum fixed_addresses { extern void reserve_top_address(unsigned long reserve); +/* On 64-bit, the module sections ends with the start of the fixmap */ +#ifdef CONFIG_X86_64 +#define MODULES_VADDR (__START_KERNEL_map + KERNEL_IMAGE_SIZE) +#define MODULES_END __fix_to_virt(__end_of_fixed_addresses + 1) +#define MODULES_LEN (MODULES_END - MODULES_VADDR) +#endif /* CONFIG_X86_64 */ + + #define FIXADDR_SIZE (__end_of_permanent_fixed_addresses << PAGE_SHIFT) #define FIXADDR_START (FIXADDR_TOP - FIXADDR_SIZE) diff --git a/arch/x86/include/asm/pgtable_64_types.h b/arch/x86/include/asm/pgtable_64_types.h index 3a264200c62f..de8bace10200 100644 --- a/arch/x86/include/asm/pgtable_64_types.h +++ b/arch/x86/include/asm/pgtable_64_types.h @@ -66,9 +66,6 @@ typedef struct { pteval_t pte; } pte_t; #define VMEMMAP_START __VMEMMAP_BASE #endif /* CONFIG_RANDOMIZE_MEMORY */ #define VMALLOC_END (VMALLOC_START + _AC((VMALLOC_SIZE_TB << 40) - 1, UL)) -#define MODULES_VADDR (__START_KERNEL_map + KERNEL_IMAGE_SIZE) -#define MODULES_END _AC(0xffffffffff000000, UL) -#define MODULES_LEN (MODULES_END - MODULES_VADDR) #define ESPFIX_PGD_ENTRY _AC(-2, UL) #define ESPFIX_BASE_ADDR (ESPFIX_PGD_ENTRY << PGDIR_SHIFT) #define EFI_VA_START ( -4 * (_AC(1, UL) << 30)) diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c index 477ae806c2fa..fad61caac75e 100644 --- a/arch/x86/kernel/module.c +++ b/arch/x86/kernel/module.c @@ -35,6 +35,7 @@ #include #include #include +#include #if 0 #define DEBUGP(fmt, ...) \ diff --git a/arch/x86/mm/dump_pagetables.c b/arch/x86/mm/dump_pagetables.c index 8aa6bea1cd6c..90170415f08a 100644 --- a/arch/x86/mm/dump_pagetables.c +++ b/arch/x86/mm/dump_pagetables.c @@ -19,6 +19,7 @@ #include #include +#include /* * The dumper groups pagetable entries of the same type into one, and for diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c index 0493c17b8a51..34f167cf3316 100644 --- a/arch/x86/mm/kasan_init_64.c +++ b/arch/x86/mm/kasan_init_64.c @@ -8,6 +8,7 @@ #include #include +#include extern pgd_t early_level4_pgt[PTRS_PER_PGD]; extern struct range pfn_mapped[E820_X_MAX];