From patchwork Thu Feb 16 21:54:35 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Garnier <thgarnie@google.com>
X-Patchwork-Id: 9578415
Return-Path: 
 <kernel-hardening-return-6725-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	26F6260209 for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu, 16 Feb 2017 21:55:03 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1777028679
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu, 16 Feb 2017 21:55:03 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 0A1AD2867B; Thu, 16 Feb 2017 21:55:03 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id 28A9428679
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu, 16 Feb 2017 21:55:01 +0000 (UTC)
Received: (qmail 32651 invoked by uid 550); 16 Feb 2017 21:54:59 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 32632 invoked from network); 16 Feb 2017 21:54:58 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=3sEceGQjx3IFnSKh/szfDx6OR1DmRzTxg2M3DHm7lJE=;
	b=arZEHHaD4sv7le9El2Zt/ZRPbRV+wxy0SzcTCzjFiYOOqDohA2gcCwWFEJ4aXofsHI
	o+4yHBRSl2FSvdpcIMn2VZ/Mo6JlC02dnvih4316DkR7YCGcv3nCWQz9DNNj5vYcu/+i
	SOBIuJolld5vwD/dMIhxPbiPkoTu2EB4WXj/dRrh3pXJnxnPqjmoxJw0XAb/US4ZDV92
	T5kpxMpC1SovEhZYvdZUjAxxDp8xOEx36tpU+fuaPcgA2AgXu7aUyaTJ5kEysLgcQlB8
	Hxqsf1ysLhpHVZrKIFBbVRmvNS/XVgn+swFNKI05djBSsTGHJI2G7c/WhcGdFtQmL9zk
	V2Dg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=3sEceGQjx3IFnSKh/szfDx6OR1DmRzTxg2M3DHm7lJE=;
	b=Se3gHCvFQ9h3BJ/zOUMj2SMImDDgEj5Z4L6acemj5WizQbMCgCYAsj7NIfjU2Ha0Wm
	3uEUAnjZ4zNgUidYb5YYiu2PI4MGX8VzTDLTYXzhANKY4PSXmJNmWKH68aW6DDOsHwQ+
	RmNVDo7W7qe67zocJL7f8fkLIxSoMNCfx3E+VstGn18IR6tJML53U+XivvpjegIm69Nz
	3x8ymGSoqH7pwPj+W1+w+xKrkdJLGIVZZfxAxCOOpUn1ULMBFh6lC1gHKq45NYaWLqTf
	+bBZM/h1Fsz1iz2Y9enlKaGoqVv1zuto3cMQcO7Qx/Lt7+LP8Ut2lr15Lv1O8mmzDwME
	TNGg==
X-Gm-Message-State: 
 AMke39m98JgquOVFTM2WJvtVVKi/HRYSIX+wvu5/mL/fQHRPbrjNFJa00IUqbVFtaJmoA8NU
X-Received: by 10.99.171.75 with SMTP id k11mr5625225pgp.16.1487282085617;
	Thu, 16 Feb 2017 13:54:45 -0800 (PST)
From: Thomas Garnier <thgarnie@google.com>
To: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H . Peter Anvin" <hpa@zytor.com>, Jonathan Corbet <corbet@lwn.net>,
	Thomas Garnier <thgarnie@google.com>, Kees Cook <keescook@chromium.org>,
	Lorenzo Stoakes <lstoakes@gmail.com>, Juergen Gross <jgross@suse.com>,
	Andy Lutomirski <luto@amacapital.net>,
	"Rafael J . Wysocki" <rjw@rjwysocki.net>,
	Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>,
	Jiri Kosina <jikos@kernel.org>, Matt Fleming <matt@codeblueprint.co.uk>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	Rusty Russell <rusty@rustcorp.com.au>, Borislav Petkov <bp@suse.de>,
	Christian Borntraeger <borntraeger@de.ibm.com>,
	Brian Gerst <brgerst@gmail.com>, He Chen <he.chen@linux.intel.com>,
	"Luis R . Rodriguez" <mcgrof@kernel.org>,
	Stanislaw Gruszka <sgruszka@redhat.com>, Arnd Bergmann <arnd@arndb.de>,
	Peter Zijlstra <peterz@infradead.org>,
	Dave Hansen <dave.hansen@intel.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Paul Gortmaker <paul.gortmaker@windriver.com>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Tim Chen <tim.c.chen@linux.intel.com>, Andi Kleen <ak@linux.intel.com>,
	Jiri Olsa <jolsa@redhat.com>, Michael Ellerman <mpe@ellerman.id.au>,
	Joerg Roedel <joro@8bytes.org>, Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Andy Lutomirski <luto@kernel.org>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
	linux-pm@vger.kernel.org, linux-efi@vger.kernel.org,
	xen-devel@lists.xenproject.org, lguest@lists.ozlabs.org,
	kvm@vger.kernel.org, kernel-hardening@lists.openwall.com
Date: Thu, 16 Feb 2017 13:54:35 -0800
Message-Id: <20170216215438.126111-1-thgarnie@google.com>
X-Mailer: git-send-email 2.11.0.483.g087da7b7c-goog
Subject: [kernel-hardening] [PATCH v4 1/4] x86/mm: Adapt MODULES_END based
	on Fixmap section size
X-Virus-Scanned: ClamAV using ClamSMTP

This patch aligns MODULES_END to the beginning of the Fixmap section.
It optimizes the space available for both sections. The address is
pre-computed based on the number of pages required by the Fixmap
section.

It will allow GDT remapping in the Fixmap section. The current
MODULES_END static address does not provide enough space for the kernel
to support a large number of processors.

Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
Based on next-20170213
---
 Documentation/x86/x86_64/mm.txt         | 5 ++++-
 arch/x86/include/asm/pgtable_64_types.h | 3 ++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/Documentation/x86/x86_64/mm.txt b/Documentation/x86/x86_64/mm.txt
index 5724092db811..ee3f9c30957c 100644
--- a/Documentation/x86/x86_64/mm.txt
+++ b/Documentation/x86/x86_64/mm.txt
@@ -19,7 +19,7 @@ ffffff0000000000 - ffffff7fffffffff (=39 bits) %esp fixup stacks
 ffffffef00000000 - fffffffeffffffff (=64 GB) EFI region mapping space
 ... unused hole ...
 ffffffff80000000 - ffffffff9fffffff (=512 MB)  kernel text mapping, from phys 0
-ffffffffa0000000 - ffffffffff5fffff (=1526 MB) module mapping space
+ffffffffa0000000 - ffffffffff5fffff (=1526 MB) module mapping space (variable)
 ffffffffff600000 - ffffffffffdfffff (=8 MB) vsyscalls
 ffffffffffe00000 - ffffffffffffffff (=2 MB) unused hole
 
@@ -39,6 +39,9 @@ memory window (this size is arbitrary, it can be raised later if needed).
 The mappings are not part of any other kernel PGD and are only available
 during EFI runtime calls.
 
+The module mapping space size changes based on the CONFIG requirements for the
+following fixmap section.
+
 Note that if CONFIG_RANDOMIZE_MEMORY is enabled, the direct mapping of all
 physical memory, vmalloc/ioremap space and virtual memory map are randomized.
 Their order is preserved but their base will be offset early at boot time.
diff --git a/arch/x86/include/asm/pgtable_64_types.h b/arch/x86/include/asm/pgtable_64_types.h
index 3a264200c62f..bb05e21cf3c7 100644
--- a/arch/x86/include/asm/pgtable_64_types.h
+++ b/arch/x86/include/asm/pgtable_64_types.h
@@ -67,7 +67,8 @@ typedef struct { pteval_t pte; } pte_t;
 #endif /* CONFIG_RANDOMIZE_MEMORY */
 #define VMALLOC_END	(VMALLOC_START + _AC((VMALLOC_SIZE_TB << 40) - 1, UL))
 #define MODULES_VADDR    (__START_KERNEL_map + KERNEL_IMAGE_SIZE)
-#define MODULES_END      _AC(0xffffffffff000000, UL)
+/* The module sections ends with the start of the fixmap */
+#define MODULES_END   __fix_to_virt(__end_of_fixed_addresses + 1)
 #define MODULES_LEN   (MODULES_END - MODULES_VADDR)
 #define ESPFIX_PGD_ENTRY _AC(-2, UL)
 #define ESPFIX_BASE_ADDR (ESPFIX_PGD_ENTRY << PGDIR_SHIFT)